Guest

Preview Tool

Cisco Bug: CSCvu48074 - CER SLM Connection Fails When Using Proxy

Last Modified

Aug 26, 2020

Products (1)

  • Cisco Emergency Responder

Known Affected Releases

12.5(1.21900.35)

Description (partial)

Symptom:
Smart License Manager (SLM) communication starts failing with Cisco Smart Software Manager (CSSM) if Cisco Emergency Responder (CER) node restarts. The restart of CER will imply an SLM service restart as well, and which in turn making proxy settings to default. Once it changes to default since there are no proxy details it will fail to communicate via proxy.

#### CER licensed with no issues when the proxy settings are configured for the first time:

admin:show license tech support
Smart Licensing Status
=======================
Smart Licensing is ENABLED

Registration:
  Status: REGISTERED
  Smart Account: TAC Cisco Systems, Inc.
  Virtual Account: UC TAC
  Initial Registration: SUCCEEDED 
  Last Renewal Attempt: SUCCEEDED 

License Authorization:
  Status: No licenses in use
  Last Communication Attempt: SUCCEEDED
Transport:
  Type: CALLHOME  

From the SLM logs in CER:

#### Connection successful. CER (20.20.20.1) with Proxy (10.10.10.1), and Proxy with CSSM (tools.cisco.com):
 
Line 4306: 25 May 2020 22:42:15,553 2634110 [Thread-4] DEBUG org.apache.http.impl.execchain.MainClientExec  - Opening connection {tls}-> http://10.10.10.1:3128->https://tools.cisco.com:443
Line 4308: 25 May 2020 22:42:15,622 2634179 [Thread-4] DEBUG org.apache.http.impl.conn.DefaultHttpClientConnectionOperator  - Connection established 20.20.20.1:58278<->10.10.10.1:3128

#### After rebooting the CER server, CER ignores the Proxy config and tries to connect directly to tools.cisco.com.

25 May 2020 21:58:47,885 26442 [Thread-4] DEBUG org.apache.http.impl.execchain.MainClientExec  - Opening connection {s}-> https://tools.cisco.com:443
25 May 2020 21:58:47,900 26457 [Thread-4] DEBUG org.apache.http.impl.execchain.MainClientExec  - Connection discarded
25 May 2020 21:58:47,900 26457 [Thread-4] DEBUG org.apache.http.impl.conn.PoolingHttpClientConnectionManager  - Connection released: [id: 0][route: {s}-> https://tools.cisco.com:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
25 May 2020 21:58:47,909 26466 [Thread-4] DEBUG org.apache.http.impl.execchain.MainClientExec  - Cancelling request execution
25 May 2020 21:58:47,909 26466 [Thread-4] DEBUG org.apache.http.impl.conn.PoolingHttpClientConnectionManager  - Connection manager is shutting down
25 May 2020 21:58:47,909 26466 [Thread-4] DEBUG org.apache.http.impl.conn.PoolingHttpClientConnectionManager  - Connection manager shut down
25 May 2020 21:58:47,912 26469 [Thread-4] DEBUG com.cisco.nesla.plugin.EmbeddedGCHCommunication  - chSendClientMsg exception message: Cannot send out SL Message.tools.cisco.com: Name or service not known

### Then the authorization fails with the reason: "Communication send error"

25 May 2020 21:58:47,913 26470 [Thread-4] ERROR com.cisco.nesla.agent.impl.AsyncRequestProcessor  - failed to send request / process response: SmartAgentMessageAUTH
25 May 2020 21:58:47,913 26470 [Thread-4] ERROR com.cisco.nesla.agent.impl.AsyncRequestProcessor  - Reason: Communication send error.
25 May 2020 21:58:47,914 26471 [Thread-4] DEBUG com.cisco.nesla.agent.impl.manager.ScheduledJobManager  - calculateNextAuthRenewTime: current state: AUTHORIZED

#### Notification of the failure

25 May 2020 21:58:47,959 26516 [Thread-4] INFO  com.cisco.slmgr.slmserver.SLMManager  -       notification type: NotifyAuthRenewFailure
25 May 2020 21:58:47,959 26516 [Thread-4] INFO  com.cisco.slmgr.slmserver.SLMManager  - Global Notification: : GlobalNotification [failReasonCode=ErrorCommSend, failMessage=Communication send error., enforceMode=NotApplicable, allowRestricted=false, notificationType=NotifyAuthRenewFailure, agentID=null, tenantContextId=null]

#### Error Communication Failure

25 May 2020 21:58:49,763 28320 [Thread-4] INFO  com.cisco.slmgr.dal.DbSlmStatus  - Update of slmstatus to database return code :1
25 May 2020 21:58:49,767 28324 [Thread-3] DEBUG com.cisco.nesla.agent.impl.manager.EventLogManager  - take from logQueue: 2020-05-25 21:58:49.767 CDT SAEVT_AUTH_RENEW_STATUS retrySeconds="82800" error="Communication send error." msgStatus="COMMUNICATION_FAILURE"

#### Same error is shown in the CLI:

Smart Licensing Status
=======================
Smart Licensing is ENABLED

Registration:
  Status: REGISTERED
  Smart Account: TAC Cisco Systems, Inc.
  Virtual Account: UC TAC
  Initial Registration: SUCCEEDED 
  Last Renewal Attempt: SUCCEEDED 

License Authorization:
  Status: No licenses in use
  Last Communication Attempt: FAILED on May 25 21:58:45 2020 CDT
    Failure Reason: Communication send error. <----------------------------------------

Transport:
  Type: CALLHOME
Evaluation Period:
  Evaluation Mode: Not In Use
  Evaluation Period Remaining: 90 days, 0 hr, 0 min, 0 sec

License Usage
=============
Handle: 1
  Version: 12.0
  Status: Waiting <--------------------------------------

Conditions:
Cisco Emergency Responder (CER) 12.5.1.21900-35.
When using HTTP/HTTPS Proxy in the Licensing Smart Call Home Transport settings.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.