Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

C5921 Smart licensing - Fail to send out Call Home HTTP message

rudimocnik
Level 1
Level 1

‎05-21-2019 03:53 AM

Hi

 

I have c5921 running 15.5(3)M code and I have issues with smart licensing. I created the token in the CSSM and issued the command: 

license smart register idtoken {tokenSTRING}

 

I get the following logs:

 

%PKI-4-NOCONFIGAUTOSAVE: Configuration was modified.  Issue "write memory" to save new IOS PKI configuration
%SMART_LIC-3-COMM_FAILED: Communications failure with Cisco licensing cloud: Fail to send out Call Home HTTP message.

 

 

The thing is I have vrfs configured on the interfaces and c5921 only has Internet access through vrf PUBLIC.

 

 

c5921_312_127128#ping vrf PUBLIC software.cisco.com
Translating "software.cisco.com"...domain server (193.2.1.66) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 104.108.74.32, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/42/45 ms
c5921_312_127128#

So the connectivity and dns resolution works. In addition I tried if firewall is in the way and the connection seems to be open.

 

c5921_312_127128#telnet software.cisco.com 80 /vrf PUBLIC
Translating "software.cisco.com"...domain server (255.255.255.255)

Translating "software.cisco.com"...domain server (193.2.1.66) [OK]
Trying e2757.dscb.akamaiedge.net (104.108.74.32, 80)... Open

and https ... 

c5921_312_127128#telnet software.cisco.com 443 /vrf PUBLIC
Translating "software.cisco.com"...domain server (255.255.255.255)

Translating "software.cisco.com"...domain server (193.2.1.66) [OK]
Trying e2757.dscb.akamaiedge.net (104.108.74.32, 443)... Open

I follow a guide from a bug report and configured call-home agent to use HTTP. Still no luck. Here is the call-home config:

call-home
 ! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
 ! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
 contact-email-addr sch-smart-licensing@cisco.com
 vrf PUBLIC
 profile "CiscoTAC-1"
  active
  destination transport-method http
  no destination transport-method email
  destination address http http://tools.cisco.com/its/service/oddce/services/DDCEService

 

It seems that c5921 cannot send messages using vrf. Any ideas?

 

 

 

8 people had this problem
Labels:
Who Me Too'd this topic