12-18-2018 09:48 AM
I have a couple of Catalyst 9300 Stacks licensed DNA/Network Essentials. One has managed to register and one is having difficulty logging the error "Fail to send out Call Home HTTP message"
When I configure a nameserver on this stack telnet resolves tools.cisco.com 443 to and IPv6 address however using the same nameserver ping yields the IPv4 address and finally telnet to the IP address resolved by ping indicates an open socket. We currently are not routing IPv6.
Is there a way to force this system to yield an IPv4 address or will I need to change the call home address to and IP? I'm worried that if I do this the IP will change one day and these switches will go unregistered with our Smartnet Account.
Cisco IOS Software [Fuji] (CAT9K_IOSXE), Version 16.9.2
SW#telnet tools.cisco.com 443 /source-interface vlan 44 Trying 2001:420:1201:5::A, 443 ... % Destination unreachable; gateway or host down
SW#ping tools.cisco.com source vlan 44
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 173.37.145.8, timeout is 2 seconds:
!!!!!
SW#telnet 173.37.145.8 443 /source-interface vlan 44
Trying 173.37.145.8, 443 ... Open
12-18-2018 10:06 AM
Well go figure it resolved itself. Even though my telnet to the url still fails. This may have had something to do with our Radius authentication and the fact that prior to this Smart Net call home program our management vlan was not allowed to speak to the internet. I'm sure we will have to come up with a better way of managing this either through a web proxy or SMTP.
SW#telnet tools.cisco.com 443 /source-interface vlan 44 Trying 2001:420:1201:5::A, 443 ... % Destination unreachable; gateway or host down
02-06-2019 04:27 AM
This is still very much a problem for us. We are running version 16.06.02 on our CSR1000 routers in AWS and call-home is trying to use ipv6 for smart licensing. The only way I have found to work around the issue is to hardcode the ip address in the call-home destination. Changing the default "destination address http http://tools.cisco.com/its/service/oddce/services/DDCEService" to use an IP that it resolves too.... "destination address http http://72.163.4.38/its/service/oddce/services/DDCEService" but we CANNOT stay running like that with a hardcoded ip.
The router resolves the URL fine and pinging the url works; however, telnet using the name fails. See below.
CSR-ROUTER#ping tools.cisco.com
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 72.163.4.38, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 46/46/47 ms
CSR-ROUTER#telnet tools.cisco.com
Trying 2001:420:1201:5::A ...
% Destination unreachable; gateway or host down
CSR-ROUTER#telnet 72.163.4.38 80
Trying 72.163.4.38, 80 ... Open
08-28-2019 01:43 PM
12-13-2019 04:05 PM
I randomly stumbled upon a solution on IOS XE Version 16.12.2r (Catalyst 9300)
%SMART_LIC-3-COMM_FAILED: Communications failure with the Cisco Smart Software Manager (CSSM) : Fail to send out Call Home HTTP message.
conf t
(config)# call-home
(cfg-call-home)# http resolve-hostname ipv4-first
%SMART_LIC-5-COMM_RESTORED: Communications with the Cisco Smart Software Manager (CSSM) restored
01-06-2020 12:27 PM
conf t
(config)# call-home
(cfg-call-home)# http resolve-hostname ipv4-first
This didn't resolve my problem .Any other ideas ?
11-13-2020 05:52 AM
solved the issue, Thanks!
02-10-2020 02:06 AM
Did not work for me as well.
I have to setup statically the IP address
(config)#ip host tools.cisco.com 173.37.145.8
12-22-2020 03:26 PM - edited 12-22-2020 03:27 PM
I have same issue. still have this issue even when using
http resolve-hostname ipv4-first
ip host tools.cisco.com 173.37.145.8
still get
#telnet tools.cisco.com 443 /source-interface vl 188
Trying 2001:420:1201:5::A, 443 ...
% Destination unreachable; gateway or host down
05-25-2021 05:26 AM
This is old, but I came across it when searching for something similar.
First, when doing telnet with a FQDN and the dns call resolves an IPv6 address it will try that. So if your network does not have IPv6 then use the /ipv4 flag to the command:
telnet tools.cisco.com 443 /ipv4
Second, what another user answered earlier you have to tell the call-home to do the same using the "http resolve-hostname ipv4-first" in the call-home config.
And thirdly, when call-home is set to use http, the http client on the box must be told what interface/vrf/whatever to use with the "http client source" global command. f.ex.:
http client source vlan 44
Remark that this is in addition to the source config you put in the call-home setup.
I hope this helps someone else looking for an answer.
Best regards,
Roger
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide