Cisco 851

Posted on 2009-05-01
Last Modified: 2012-05-06
I have a new (03/30/2009) Cisco 851 router that does not work with SDM shipped with the router.  I have spent numerous hours with Cisco TAC and their response is that it does not have enough memory to work with their software and it is not upgradeable and I should buy a 'bigger' router.  (Not kidding)  So does anyone know how to make this router work with SDM as I cannot return it.  I'm not real keen on command line for VPNs.

Cisco IOS Software, C850 Software (C850-ADVSECURITYK9-M), Version 12.4(15)T7, RE
Cisco 851 (MPC8272) processor (revision 0x300) with 59392K/6144K bytes of memory
20480K bytes of processor board System flash (Intel Strataflash)
Cisco SDM v2.5
Question by:hancke
    LVL 26

    Accepted Solution

    It's been a long time, but from what I remember:

    When you run the SDM installation program, it should give you the option to install it to the PC but not the router.  If you do that, then I *think* you can just run SDM on the PC, connect to the router, SDM will access the router's configuration, you make changes in SDM, and SDM will then upload the revised configuration to the router.  There shouldn't be, as far as I know, any need to install the SDM software on the router itself.  (The reason you'd install the SDM software on the router is so that you can use SDM from a PC that doesn't itself have SDM installed, I believe.)

    In order to get the router to communicate with SDM on the PC, you first have to follow Cisco's instructions to prepare the router for SDM, as follows:

     Configuring router to run SDM

    Follow the instructions below to configure a router to run SDM.

    Step 1:

       1. Connect to your router using Telnet, SSH or via console.
       2. Enter the global configuration mode using the command:
          Router#conf terminal

    Step 2 :

    Enable the router's HTTP/HTTPS server, using the following Cisco IOS commands:  

    Router(config)# ip http server

    Router(config)# ip http secure-server

    Router(config)# ip http authentication local

    Note:- HTTPS is enabled only for crypto enabled IOS images.

    Step 3:

    Create a user with privilege level 15.

    Router(config)# username <username> privilege 15 password 0 <password>

    Note:- Replace <username> and <password> with the username and password that you want to configure.

    Step 4:

    Configure SSH and Telnet for local login and privilege level 15:

    Router(config)# line vty 0 4

    Router(config-line)# privilege level 15

    Router(config-line)# login local

    Router(config-line)# transport input telnet

    Router(config-line)# transport input telnet ssh

    Router(config-line)# exit

    Step 5: (Optional) Enable local logging to support the log monitoring function:  

    Router(config)# logging buffered 51200 warning

    LVL 3

    Author Comment

    I prefer to run SDM on the router as I need to manage it from many locations.  I guess my only options are to run an older IOS and/or SDM that will fit into flash.  
    LVL 23

    Expert Comment

    As far as I know, the SDM is really just a java applet that runs in your web browser.

    You could store a copy of the SDM on some other website and download the applet to run wherever you need it.

    Or  (i'm suspecting)  one could  possibly setup an Apache server on the LAN running reverse proxy.  So you try to put the SDM code on your web server, the outside web server serves the .jar file when requested.

    But sends other HTTP requests to the router.

    LVL 1

    Expert Comment

    Can you run sh flash on the router and post the output?
    LVL 3

    Author Closing Comment

    The 851 as of 5/1/09 will not run SDM on the router.  Have to run it on the PC or go command line.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    When posting a question about a Cisco ASA, Cisco Router or Cisco Switch, it can aid diagnosis if a suitably sanitised copy of the config is provided. It is much better to leave as much of the configuration as original as possible, as it could be tha…
    Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now