11-10-2020 04:28 AM
Hi,
I have Cisco 9200 switchs in my data center and I have licensed these switches, even though these switches keep trying to access internet for licenses and firewall blocks it.
plus other logs for security keys and saving it.
I want to stop this un-needed logs abd process by the switches.
logs sample...
November 10th 2020, 14:03:25.142 SMART_LIC COMM_FAILED 3 Communications failure with the Cisco Smart Software Manager (CSSM) : Fail to send out Call Home HTTP message.
November 10th 2020, 14:03:24.155 CALL_HOME SL_MESSAGE_FAILED 5 Fail to send out Smart Licensing message to: https://tools.cisco.com/its/service/oddce/services/DDCEService (ERR 218 : Host name resolution failed)
November 10th 2020, 14:03:25.142 10.0.250.44 SMART_LIC COMM_FAILED 3 Communications failure with the Cisco Smart Software Manager (CSSM) : Fail to send out Call Home HTTP message.
November 10th 2020, 14:03:24.155 CALL_HOME SL_MESSAGE_FAILED 5 Fail to send out Smart Licensing message to: https://tools.cisco.com/its/service/oddce/services/DDCEService (ERR 218 : Host name resolution failed)
November 10th 2020, 14:04:04.833 CRYPTO_ENGINE KEY_ADDITION 5 A key named SLA-KeyPair2 has been generated or imported by crypto-engine
11-10-2020 04:42 AM
Smart License required port access to call Home access - you need to open http/https connection towards cisco site.
or ignore the errors.
but bare in mind as per i know, if they can not have communicaiton to smart License server, some feature may disable due to error connecting to cisco side (this was not tested but as per process).
11-10-2020 01:42 PM
What firmware is the stack running on?
11-10-2020 11:08 PM
Cisco IOS XE Software, Version 16.12.02
Cisco IOS Software [Gibraltar], Catalyst L3 Switch Software (CAT9K_LITE_IOSXE), Version 16.12.02, RELEASE SOFTWARE (fc1)
-
-
Smart Licensing Status: REGISTERED/AUTH EXPIRED
cisco C9200-48P (ARM64) processor with 649249K/3071K bytes of memory.
Processor board ID JAE24090FXT
2 Virtual Ethernet interfaces
104 Gigabit Ethernet interfaces
8 Ten Gigabit Ethernet interfaces
2048K bytes of non-volatile configuration memory.
4060240K bytes of physical memory.
819200K bytes of Crash Files at crashinfo:.
819200K bytes of Crash Files at crashinfo-2:.
1941504K bytes of Flash at flash:.
1941504K bytes of Flash at flash-2:.
0K bytes of WebUI ODM Files at webui:.
Base Ethernet MAC Address : cc:7f:76:da:76:80
Motherboard Assembly Number : 73-18791-04
Motherboard Serial Number : JAE24090FXT
Model Revision Number : C1
Motherboard Revision Number : B0
Model Number : C9200-48P
System Serial Number : JAE24090FXT
Switch Ports Model SW Version SW Image Mode
------ ----- ----- ---------- ---------- ----
* 1 56 C9200-48P 16.12.2 CAT9K_LITE_IOSXE INSTALL
2 56 C9200-48P 16.12.2 CAT9K_LITE_IOSXE INSTALL
11-10-2020 11:39 PM
Hello,
check if the bug below applies:
Smart License registration fails with "Fail to send out the Call Home HTTP message" with http-proxy
CSCvd38363
Description
Symptom:
Smart Licensing registration may fail. A message similar to the following may be found in syslogs:
Feb 22 17:33:53.487 PST: %SMART_LIC-3-COMM_FAILED: Communications failure with Cisco licensing cloud: Fail to send out Call Home HTTP message.
Conditions:
This symptom is observed when an HTTP proxy server is configured for call-home. The following example config would be found under the call-home profile:
call-home
http-proxy "1.2.3.4" port 80
The address of the proxy and the port do not have any bearing on the problem.
Workaround:
Smart Licensing registration will succeed if the HTTP proxy configuration is removed.
If the proxy is required for the device to reach tools.cisco.com over HTTP/HTTPS, then there is no workaround.
11-11-2020 12:36 AM
Thank you for the bug notification, but my switches have successfly registered but still keeping logging to internet trying to register.
I want to stop this traffic to internet because whenever i want to debug any service it keeps filling the screen with this events.
11-11-2020 01:42 AM
Upgrade the firmware first.
05-26-2021 08:29 AM
Did you find a way to solve this un-needed logs??
05-27-2021 05:11 AM
From my side I haven't stopped the logging but managed to allow them to reach call home once in a month.
Aldo, from the logs you can find policy that us active and try to call home and deactivate it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide