Tercestisi
asked on
Cannot access Web GUI on Cisco Catalyst 2960 after IOS Upgrade
I recently upgraded the IOS on the 2960, used the web version of the IOS, but now I cannot access the web GUI; when I try to access the homepage I get a 404 not found error.
The web interface isn't hugely important, though it would be handy. What are all the options I have for accessing a CLI?
The web interface isn't hugely important, though it would be handy. What are all the options I have for accessing a CLI?
ASKER
I was curious about SSH or CNA... unlike ADSM or other like applications I don't see a CLI prompt in CNA.
SSH might be a possibility if you can issue the crypto command to generate the certificate keys used for secure communication. I like to allow only secure communication on my switches and routers where possible. If SSH is not possible then I use access-lists to reduce the number of hosts that are allowed to connect to the telnet service. I'm not sure what CNA is.
Can we see your config?
ASKER
Current configuration : 5679 bytes
!
! Last configuration change at 12:49:39 CST Sat May 2 2009
! NVRAM config last updated at 12:49:20 CST Sat May 2 2009
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname cfef-cs1
!
boot-start-marker
boot-end-marker
!
enable secret 5 xyz
!
no aaa new-model
clock timezone CST -6
system mtu routing 1500
vtp mode transparent
ip subnet-zero
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 400
name MGMT
!
vlan 401
name CORP-MAIN-O
!
vlan 402
name E-O
!
vlan 403
name P1-O
!
vlan 404
name P2-O
!
vlan 405
name P3-O
!
vlan 406
name P4-O
!
vlan 407
name S5-O
!
vlan 408
name L1-O
!
vlan 409
name L2-O
!
vlan 410
name S8-O
!
vlan 501
name MAIN-B
!
vlan 502
name E-B
!
vlan 503
name P1-B
!
vlan 504
name P2-B
!
vlan 505
name P3-B
!
vlan 506
name P4-B
!
vlan 507
name S5-B
!
vlan 508
name L1-B
!
vlan 509
name L2-B
!
vlan 510
name S8-B
!
!
!
interface GigabitEthernet0/1
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/2
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/3
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/4
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/5
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/6
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/7
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/8
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/9
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/10
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/11
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/12
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/13
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/14
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/15
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/16
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/17
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/18
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/19
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/20
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/21
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/22
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/23
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/24
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/25
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/26
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/27
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/28
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/29
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/30
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/31
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/32
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/33
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/34
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/35
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/36
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/37
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/38
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/39
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/40
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/41
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/42
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/43
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/44
switchport access vlan 401
switchport mode access
switchport voice vlan untagged
!
interface GigabitEthernet0/45
switchport access vlan 401
switchport mode access
!
interface GigabitEthernet0/46
description trunk uplink
switchport access vlan 401
switchport trunk allowed vlan 400-510
switchport mode trunk
!
interface GigabitEthernet0/47
description trunk downlink
switchport access vlan 401
switchport trunk allowed vlan 400-510
switchport mode trunk
!
interface GigabitEthernet0/48
description Management
switchport access vlan 400
switchport mode access
!
interface Vlan1
no ip address
no ip route-cache
!
interface Vlan400
ip address 192.168.1.216 255.255.255.0
no ip route-cache
!
interface Vlan401
no ip address
no ip route-cache
!
ip default-gateway 192.168.1.1
ip http server
ip http secure-server
!
control-plane
!
!
line con 0
line vty 0 4
login
line vty 5 15
login
!
end
Thanks, can you paste the output of:
sh ip int brief
sh ip int brief
ASKER
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM up down
Vlan400 192.168.1.216 YES manual up up
Vlan401 unassigned YES NVRAM up down
GigabitEthernet0/1 unassigned YES unset down down
GigabitEthernet0/2 unassigned YES unset down down
GigabitEthernet0/3 unassigned YES unset down down
GigabitEthernet0/4 unassigned YES unset down down
GigabitEthernet0/5 unassigned YES unset down down
GigabitEthernet0/6 unassigned YES unset down down
GigabitEthernet0/7 unassigned YES unset down down
GigabitEthernet0/8 unassigned YES unset down down
GigabitEthernet0/9 unassigned YES unset down down
GigabitEthernet0/10 unassigned YES unset down down
GigabitEthernet0/11 unassigned YES unset down down
GigabitEthernet0/12 unassigned YES unset down down
GigabitEthernet0/13 unassigned YES unset down down
GigabitEthernet0/14 unassigned YES unset down down
GigabitEthernet0/15 unassigned YES unset down down
GigabitEthernet0/16 unassigned YES unset down down
GigabitEthernet0/17 unassigned YES unset down down
GigabitEthernet0/18 unassigned YES unset down down
GigabitEthernet0/19 unassigned YES unset down down
GigabitEthernet0/20 unassigned YES unset down down
GigabitEthernet0/21 unassigned YES unset down down
GigabitEthernet0/22 unassigned YES unset down down
GigabitEthernet0/23 unassigned YES unset down down
GigabitEthernet0/24 unassigned YES unset down down
GigabitEthernet0/25 unassigned YES unset down down
GigabitEthernet0/26 unassigned YES unset down down
GigabitEthernet0/27 unassigned YES unset down down
GigabitEthernet0/28 unassigned YES unset down down
GigabitEthernet0/29 unassigned YES unset down down
GigabitEthernet0/30 unassigned YES unset down down
GigabitEthernet0/31 unassigned YES unset down down
GigabitEthernet0/32 unassigned YES unset down down
GigabitEthernet0/33 unassigned YES unset down down
GigabitEthernet0/34 unassigned YES unset down down
GigabitEthernet0/35 unassigned YES unset down down
GigabitEthernet0/36 unassigned YES unset down down
GigabitEthernet0/37 unassigned YES unset down down
GigabitEthernet0/38 unassigned YES unset down down
GigabitEthernet0/39 unassigned YES unset down down
GigabitEthernet0/40 unassigned YES unset down down
GigabitEthernet0/41 unassigned YES unset down down
GigabitEthernet0/42 unassigned YES unset down down
GigabitEthernet0/43 unassigned YES unset down down
GigabitEthernet0/44 unassigned YES unset down down
GigabitEthernet0/45 unassigned YES unset down down
GigabitEthernet0/46 unassigned YES unset down down
GigabitEthernet0/47 unassigned YES unset down down
GigabitEthernet0/48 unassigned YES unset up up
What is the ip address and subnet mask of the device you are using to try and access the http interface?
ASKER
192.168.1.145 255.255.2550
It's not too important I access it, was just curious. I'd rather use the command line if possible so SSH definitely appeals to me but even if I just use the console that's ok too. If I need a GUI I can just use the Cisco Network Assistant which is more prolific that the web GUI anyways.
It's not too important I access it, was just curious. I'd rather use the command line if possible so SSH definitely appeals to me but even if I just use the console that's ok too. If I need a GUI I can just use the Cisco Network Assistant which is more prolific that the web GUI anyways.
Yes, we have tracked all the necessary things, yours etup looks quite OK, the default gatewy of the device is on the same network as the active VLAN. You can get to it via telnet I imagine, unless the above is all coming via console?
As someone mentioned earlier, SSH needs a crypto key and a security IOS.
The only other possibility re lack of http access might be workstation firewall preventing it?
As someone mentioned earlier, SSH needs a crypto key and a security IOS.
The only other possibility re lack of http access might be workstation firewall preventing it?
ASKER
That's all from the console.
Security IOS... is that extra in terms of cost as I didn't see that in the download section at Cisco.
No firewall... I was able to access it before the IOS upgrade. IOS 12.2 was not on the flash root but was instead in a directory named after it's IOS version name; inside the directory was the .bin and an html folder and another folder.
I tftp'd the current IOS to the flash root, but when I ran system boot flash:IOSversion.bin it would never boot to the new IOS. Following the advice of another I deleted the entire folder that the old IOS version was in along with the html folder in that folder. I'm thinking this is what caused it... I find it strange though that the IOS 12.2 wasn't on the flash root and that the html folder wasn't as well.
So now I just have IOS 12.5 booting from the flash root, but no html folder present.
Security IOS... is that extra in terms of cost as I didn't see that in the download section at Cisco.
No firewall... I was able to access it before the IOS upgrade. IOS 12.2 was not on the flash root but was instead in a directory named after it's IOS version name; inside the directory was the .bin and an html folder and another folder.
I tftp'd the current IOS to the flash root, but when I ran system boot flash:IOSversion.bin it would never boot to the new IOS. Following the advice of another I deleted the entire folder that the old IOS version was in along with the html folder in that folder. I'm thinking this is what caused it... I find it strange though that the IOS 12.2 wasn't on the flash root and that the html folder wasn't as well.
So now I just have IOS 12.5 booting from the flash root, but no html folder present.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
telnet <ip_of_you_switch>
If you get a login prompt, then telnet is working.