Have you ever wished your network was more proactive?
Say that while you're peacefully sleeping, your core 6500 experiences a module failure. What happens? Maybe nothing...right away. The ports on that switch may be down, but you (and your users) may not notice until 8:00 am the next day. In that case, you're playing catch-up. Wouldn't it be better if the device could automatically open a service request with TAC as soon as the module failure is detected? And attached to that service request would be all of the information necessary to troubleshoot the problem or RMA a replacement module.
Let's say a new field notice comes out for one of your 2951 network modules? How will you know? Do you scan the field notices every day, or do you receive emails for every field notice that is published? Wouldn't it be better if you could be notified when a new field notice comes out for your specific devices based on their specific configurations?
How do you know if the configuration on your 7609 is the best it can be? You could comb through config guides, tech tips, etc. looking for best practice recommendations. Wouldn't it be better to come to one place to see what best practice recommendations are available for your device based on its current configuration?
The good news all of these things are available now with Smart Call Home. Smart Call Home is a proactive service capability built into many Cisco devices. The services it provides are free to customers with SmartNET, SP Base, Unified Computing Support Service, or Mission Critical Support Service contracts. Smart Call Home will periodically send messages from your devices to Cisco.com. The Cisco.com backend processes these messages, checks for product advisories, diagnostic issues, critical problems, configuration sanity, etc. then prepares reports that can be run via a web-based portal. The backend will also periodically send email notifications when product advisories or critical device issues are found. Hardware failures can also trigger the creation of automatic TAC service requests.
I know what you may be thinking. If my devices are sending messages to Cisco (especially configuration details), how can I make sure the information is secure? To ensure that the data being sent by the devices is not intercepted, Smart Call Home makes use of SSL to connect to Cisco.com. You can also use email, but those messages will not be secured. Essentially, the flow looks like this:
This image shows that Smart Call Home can use secure HTTPS or insecure email to send its messages. If your devices do not have direct Internet access or access to an SMTP server, there is another option. The Smart Call Home Transport Gateway can be used to proxy Call Home messages from the devices to the Cisco.com backend. Transport Gateway is a free application for Linux, Solaris, and Windows.
So now you're interested? How do you get started? First, you need to make sure your devices support Smart Call Home. At this time, Smart Call Home is supported on Catalyst 4500s, Catalyst 4900s, Catalyst 6500s, Cisco 7200s, Cisco 7300s, Cisco 7600s, ASAs, ASR 1000s, ISRs, MDS 9000s, Nexus 5000s, Nexus 7000s, and UCS. Next, check the Smart Call Home homepage for the quick start guide for your platforms. As an example, we'll walk through enabling Smart Call Home on an IOS device (a Cisco 7606 in this case).
Configuring Smart Call Home can be very simple. If you want to use the secure HTTPS transport protocol, then all you need to do is specify a contact email address, load the SSL certificate, activate the built-in CiscoTAC-1 profile, and enable the Smart Call Home service. This example assumes the 7606 has a direct connection to Cisco.com. The quick start guides on the Smart Call Home homepage cover email and Transport Gateway examples in addition to HTTPS.
1. Configure the Smart Call Home contact email address
% Do you accept this certificate? [yes/no]: yes Trustpoint CA certificate accepted. % Certificate successfully imported
3. Set the transport protocol to HTTP and activate the built-in CiscoTAC-1 profile. Even though you set the transport method to "http" HTTPS will be used. You can confirm the URL is an HTTPS URL using the EXEC command show call-home profile CiscoTAC-1.
Shortly after the service is enabled, Smart Call Home should send its first message to Cisco.com. If you want to make sure this happens, you can force a message to be sent to trigger the registration process. Exit to EXEC mode and send an inventory message.
Sending inventory info call-home message ... Please wait. This may take some time ...
What happens next? Once the device sends its first message to the Smart Call Home backend, the registration process kicks off. Smart Call Home will send an email to the contact email address. There will be a link in this email that will complete the registration process. When you click on that link you will be prompted to login to Cisco.com. You must login with a Cisco.com ID that has a contract that covers the device to be registered. Once that happens the device will be associated with your Cisco.com ID.
Once the device is registered, it will continue to send updates to Cisco.com, and you can start using the Smart Call Home portal to manage your device. The portal will show you inventory details, configuration details (with feature analysis!), syslog events, environmental events, diagnostic events, and telemetry data (NOTE: some Smart Call Home features will not be available for all device types so be sure to check the user's guide for full details).
If you're looking to mass-deploy Smart Call Home to multiple devices in your network, consider using CiscoWorks LAN Management Solution's (LMS) Netconfig application to push out the changes. Netconfig can be found under Configuration > Tools > NetConfig > Deploy. Create a new Netconfig job and select the Smart Call Home task from the list of all tasks.
Already using Smart Call Home in your network? What do you think? Comment on this blog to let us know how we can make it better.
Hello all,Sometimes I lost connection to switch for 4 minutes.The ports are okay and the uptime is okay.In the logs I see only:1711656: *Dec 4 21:45:09: %PLATFORM-4-ELEMENT_WARNING:Switch 1 R0/0: smand: 1/RP/0: Used Memory value 95% exceeds warning level ...
Hi i use a Firepower to filter the traffic , so from the wan router is going the traffic to the switch with vlan 10 and then a portchannel with switchport access vlan 10 to the firepower and a second portchannel which send the traffic from Firepower to th...
Hi All, I am getting platform mismatch error when trying to stack up 9200 with 9200L series switches. Can you please let me know if this is possible or I cant stack 9200L with 9200 switches? Pratik Patel
Hello guys, I have the following VLANS and their corresponding SVIs on a switch. I need to deploy ACLs for SSH based on the following criteria Only 2 IPs can SSH the switch i.e. 192.168.1.1 & 192.168.1.2 (This I have no issue with)The switch...