- 最終編集日: 、編集者:
CiscoJapanModer
Access Through An HTTPS Proxy
Smart Call Home Transport Gateway (Free VM Download) or off-the-shelf Proxy (such as Apache). To download, install and setup the Transport Gateway, please refer to http:/ / www.cisco.com/ c/ dam/ en/ us/ td/ docs/ switches/ lan/ smart_call_home/ user_guides/ SCH_ ...
If using the Smart Call Home Transport Gateway, modify the URL in the CiscoTAC-1 to the URL provided during the VM installation:
When using the Transport Gateway HTTP Proxy the IP address needs to be changed from tools.cisco.com to the Proxy like the following (step 7 in guide):
Transport Gateway Configuration Guide: https://www.cisco.com/c/dam/en/us/td/docs/switches/lan/smart_call_home/user_guides/SCH_Ch4.pdf
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
TO
destination address http https://<TransportGW-IP_Address>:<port_number>/TransportGateway/services/DeviceRequestHandler
The required IP is pulled from Transport Gateway HTTP settings under "https Device Service URL" like shown below:
NOTE - URL is case sensitive and needs to be an exact match!
If using an existing proxy such as Apache, simply add proxy configuration under call-home configuration:
switch(config)#call-home
switch(cfg-call-home)#http-proxy <url / ip> port <port #>
switch(config)#ip http client proxy-server <proxy-name> proxy-port <port-number>
NOTE -
If using 3rd party proxy server such as Apache, Bluecoat, etc. they can be configured Nto intercept SSL connection certifcates and replace with their own.
This interception can cause the device to fail to register because server identity check failure as the expected cert is from CSSM.
To workaround this, you can disable SSL interception.
crypto pki trustpoint SLA-TrustPoint
-snip-
revocation-check none
検索バーにキーワード、フレーズ、または質問を入力し、お探しのものを見つけましょう
シスコ コミュニティをいち早く使いこなしていただけるよう役立つリンクをまとめました。みなさんのジャーニーがより良いものとなるようお手伝いします
