Solved

Configure Cisco Router 87x for SDM remote access

Posted on 2007-12-03
11
2,584 Views
Last Modified: 2012-06-21
Hello

Can someone put me in the right direction to allow a Cisco 877/878 router to be managed externally through the SDM utility. I want to set this up using the SDM utility rather than directly into the IOS.
For security purposes this will only be allowed for a specific IP address.

Thanks
0
Comment
Question by:nmxsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 3
11 Comments
 

Author Comment

by:nmxsupport
ID: 20395432
I have tried adding a NAT rule for 443 redirecting to the local IP address of the router but after the SDM login nothing gets any further. Just says "Loading Cisco SDM Please Wait".
0
 
LVL 3

Expert Comment

by:RouterDude
ID: 20408448
ip http server
ip http secure-server
ip http access-class 23
access-list 23 permit ip x.x.x.x

By default access is blocked to only the 10.10.10.x network, by either modifying ACL23 or removing the access-class statement altogether you will allow HTTPS from any interface. If you have applied an ACL on inbound connections make sure you specify access to the router IP itself for https, ssh, etc.

OTOH if you used the SDM to set it up initially, you will need to go through it line by line to figure out it it is blocking https access to the router.
0
 
LVL 15

Accepted Solution

by:
wingatesl earned 500 total points
ID: 20425489
In the SDM
Configure,
Additional Tasks,
Router Access,
Management Access,
Click "ADD"
put in your internal network first!!!!
then put in the remote ip address you would like to allow access from.
Test
Click Save
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 

Author Comment

by:nmxsupport
ID: 20433955
wingatesl> do I also need to setup a NAT rule which translates 443 to the router LAN address?
0
 
LVL 15

Expert Comment

by:wingatesl
ID: 20438806
Negative, the access is to the router which is assigned the address. NAT is not required
0
 
LVL 3

Expert Comment

by:RouterDude
ID: 20519703
heh you can tell I dont use the SDM. I can usually get these setup and working within 5 minutes of entering conf t. :)
0
 

Author Comment

by:nmxsupport
ID: 20521012
Yes all is fine now, one of the problems was trying to NAT 443 through to the internal interface of the router rather than managing it from the externl interface.
0
 
LVL 15

Expert Comment

by:wingatesl
ID: 20529202
I really don't use the SDM, but I have to support 10 techs in the field that do.
0
 
LVL 3

Expert Comment

by:RouterDude
ID: 20529301
When taking the tests for the CCSP it is a must know item using the SDM and ASDM, no more CLI sims in them. I still prefer CLI though over the ASDM/SDM except when it comes to modifying the ACLs.
0
 
LVL 15

Expert Comment

by:wingatesl
ID: 20529995
ACLs and the zone based firewall
0
 
LVL 3

Expert Comment

by:RouterDude
ID: 20530132
I havent had the pleasure of creating a ZBF yet, but in sims it is much easier in the SDM than CLI. Which now has me thinking I may try to get an ASA 5520 for our colo and utilize the ZBF and see if it can resolve a problem I encountered with addressing. Workarounds are OK, but nothing beats having it working correctly in the first place.
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
What is an ASP Table on a Cisco ASA? 3 51
NAT/PAT unable to config correctly 7 44
VPN Tunnel Stops Working Cisco RV130W 18 54
ASA NAT rule change 3 29
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question