I have 9500 series Switches which is facing the firewall and plays the DNS Proxy role for clients and everything is perfect. What is the problem I want to renew license with CSSM and therefore it needs to contact tools.cisco.com. I have tested and the switch has ip connectivity to internet, ping works. But the problem is when I try to telnet tools.cisco.com 443 I see that it tries to contact IPv6 address. I tested several other domain names and all are the same with IPv6. I have disabled IPv6 unicast-routing globally, but it does not help.
telnet tools.cisco.com 443
Trying 2001:420:1201:5::A, 443 ...
% Destination unreachable; gateway or host down
Any help is appreciated.
First try configuring this: "call-home/http resolve-hostname ipv4-first", clear your DNS cache and see if it works now; if still not, try rebooting; if still not, hardcode the IPv4 address in the call-home URL (instead of the name), get the job done and raise a TAC case.
That doesn't work!
Did anybody work out the answer to this?
Looks like there's an answer here: https://community.cisco.com/t5/switching/disable-aaaa-dns-lookups-on-non-ipv6-router/td-p/3413517
- Disable ipv6 on all interfaces.