07-27-2022 09:18 AM
Hi
Just deployed a new vFMC 7.x and am unable to register with snart license any idea wher I might start looking to resolve.??
Thanks
Solved! Go to Solution.
07-27-2022 10:27 AM
First make sure you have patched to 7.0.1 or higher. That fixes a certificate issue.
Then check your connectivity as follows from the FMC cli:
> expert
admin@fmc7-2:~$ sudo su -
Password:
root@fmc7-2:~# curl -vvk https://tools.cisco.com
* Rebuilt URL to: https://tools.cisco.com/
* Trying 173.37.145.8...
* TCP_NODELAY set
* Trying 2001:420:1201:5::a...
* TCP_NODELAY set
* Immediate connect fail for 2001:420:1201:5::a: Network is unreachable
* Connected to tools.cisco.com (173.37.145.8) port 443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=tools.cisco.com; O=Cisco Systems Inc.; L=San Jose; ST=California; C=US
* start date: Jan 19 22:03:08 2022 GMT
* expire date: Jan 19 22:03:07 2023 GMT
* issuer: C=US; O=IdenTrust; OU=HydrantID Trusted Certificate Service; CN=HydrantID Server CA O1
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: tools.cisco.com
> User-Agent: curl/7.61.0
> Accept: */*
>
< HTTP/1.1 302 Found
< Cache-Control: no-cache
< Content-length: 0
< Location: https://tools.cisco.com/healthcheck
< Connection: close
<
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):
root@fmc7-2:~#
07-27-2022 10:27 AM
First make sure you have patched to 7.0.1 or higher. That fixes a certificate issue.
Then check your connectivity as follows from the FMC cli:
> expert
admin@fmc7-2:~$ sudo su -
Password:
root@fmc7-2:~# curl -vvk https://tools.cisco.com
* Rebuilt URL to: https://tools.cisco.com/
* Trying 173.37.145.8...
* TCP_NODELAY set
* Trying 2001:420:1201:5::a...
* TCP_NODELAY set
* Immediate connect fail for 2001:420:1201:5::a: Network is unreachable
* Connected to tools.cisco.com (173.37.145.8) port 443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=tools.cisco.com; O=Cisco Systems Inc.; L=San Jose; ST=California; C=US
* start date: Jan 19 22:03:08 2022 GMT
* expire date: Jan 19 22:03:07 2023 GMT
* issuer: C=US; O=IdenTrust; OU=HydrantID Trusted Certificate Service; CN=HydrantID Server CA O1
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: tools.cisco.com
> User-Agent: curl/7.61.0
> Accept: */*
>
< HTTP/1.1 302 Found
< Cache-Control: no-cache
< Content-length: 0
< Location: https://tools.cisco.com/healthcheck
< Connection: close
<
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):
root@fmc7-2:~#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide