Dear all,

CSSM SLP supports Smart/Callhome type and SL supports Callhome type only so currently two CSSM servers are functioning.
However I think the following condition, "telnet tools.cisco.com 443 /ipv4" shows "Bad IP address" and it takes more than
10 minutes. I appreciate if you can let me know how to stop the telnet session to this site.
(It is all right if this is just Cat9K's specification!!)

Condition - Internet Access directly from Catalyst9200.
IP address is received via DHCP Server.

Expected Topology - Cat9K === FW(deny 443) === Internet === CSSM

STEP1. Connect with console port

STEP2. Configure the following configuration.

C9200-24P-STACK(config)#access-list 100 deny ip any any
C9200-24P-STACK(config)#
C9200-24P-STACK(config)#int vlan 1
C9200-24P-STACK(config-if)#ip access-group 100 out
C9200-24P-STACK(config-if)#ip access-group 100 in

STEP3. Execute the following command.

C9200-24P-STACK#telnet smartreceiver.cisco.com 443 /ipv4
Trying smartreceiver.cisco.com ("Global IP", 443)...
% Connection timed out; remote host not responding

--> It is stop by connection timed out within a couple of minutes so it's not so long.

STEP4. Execute the following command.

C9200-24P-STACK#telnet tools.cisco.com 443 /ipv4
% Bad IP address or host name

--> It takes about 10 minutes to stop.
--> It is stacking and can not stop with Ctrl+shift+6

STEP5. If it does not configure ACL, telnet is OK and it shows the IP address.

C9200-24P-STACK(config-if)#no ip access-group 100 in
C9200-24P-STACK(config-if)#no ip access-group 100 out

C9200-24P-STACK#telnet tools.cisco.com 443 /ipv4
Trying tools.cisco.com ("Global IP", 443)... Open

Best Regards,

Masanobu Hiyoshi