SGCAdmin
asked on
Accessing Cisco 1921 Router through Web Interface
Hello All,
Trying to access our Cisco router via web interface via IP address and when it asks for username and password for level_15 or view_access, it does not accept it. Telnet works just fine.
I setup the password with everything the same one except for the enable secret password, but, so Im not sure why its not accepting it. I would like the web interface to work because it is easier to make ACL changes to the firewall on the router via web interface.
Below are the last few lines of the running config regarding passwords:
enable secret 5 xxxxxxxx
enable password 15 xxxxxxx
!
username admin password 0 xxxxxxx
!
privilege exec level 15 show ip route
privilege exec level 15 show ip
privilege exec level 15 show
!
line con 0
password xxxxxxx
login
line aux 0
line vty 0 4
password xxxxxx
login
line vty 5 1370
password xxxxxxxx
login
!
scheduler allocate 20000 1000
end
Thanks!
Trying to access our Cisco router via web interface via IP address and when it asks for username and password for level_15 or view_access, it does not accept it. Telnet works just fine.
I setup the password with everything the same one except for the enable secret password, but, so Im not sure why its not accepting it. I would like the web interface to work because it is easier to make ACL changes to the firewall on the router via web interface.
Below are the last few lines of the running config regarding passwords:
enable secret 5 xxxxxxxx
enable password 15 xxxxxxx
!
username admin password 0 xxxxxxx
!
privilege exec level 15 show ip route
privilege exec level 15 show ip
privilege exec level 15 show
!
line con 0
password xxxxxxx
login
line aux 0
line vty 0 4
password xxxxxx
login
line vty 5 1370
password xxxxxxxx
login
!
scheduler allocate 20000 1000
end
Thanks!
Is HTTP server enabled?
Try just using a password when the browser prompts for credentials.
If that doesn't work try this...
...and use the enable secret to login.
If that doesn't work try this...
conf t
ip http authentication enable
end
...and use the enable secret to login.
ASKER
Thanks for the quick response: Here is what the running config shows:
ip http server
ip http access-class 1
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
So Craig, it looks like the http authenitication is enabled, but perhaps I'm not typing the enable secret password correctly. How do I reset that?
Thanks!
ip http server
ip http access-class 1
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
So Craig, it looks like the http authenitication is enabled, but perhaps I'm not typing the enable secret password correctly. How do I reset that?
Thanks!
ASKER
Also, when the browser asks for "level_15 or view_access" I tried username blank, and with the password I believe it is, and it still doesnt work.
Thanks
Thanks
Your config looks good!
Can you post the complete config (removing sensitive stuff such as usernames and public IP addresses)?
Can you post the complete config (removing sensitive stuff such as usernames and public IP addresses)?
ASKER
Before I send the complete config, because it will be a pain removing all the sensitive lines, could you tell me how to reset the enable secret password? That could be the problem.
Thanks
Thanks
Your configuration isn't using the enable password for http authentication.
However...
Conf t
Enable secret <password>
end
However...
Conf t
Enable secret <password>
end
ASKER
Ok, I figured out what I'm looking for. Our old router, a Cisco 1841 router had SDM(Cisco Router and Security Device Manager) installed on it. From what I'm reading, I need to upload the SDM to the flash of the Cisco router. Does this sound right and if anyone has any step by step to do this, would be much appreciated.
Thanks!
Thanks!
The 1900 should already have SDM on it. Can you do a show flash: and post the output?
ASKER
show flash:
-#- --length-- -----date/time------ path
1 45801276 Mar 03 2011 06:08:58 c1900-universalk9-mz.SPA.1 50-1.M4.bi n
210784256 bytes available (45801472 bytes used)
-#- --length-- -----date/time------ path
1 45801276 Mar 03 2011 06:08:58 c1900-universalk9-mz.SPA.1
210784256 bytes available (45801472 bytes used)
My bad... the SDM is included in Cisco Router Security bundles only!
Here is the link to install SDM. (The doc was written in 2005 but the SDM is supported by the 1900 and is installed in the same way)...
http://www.cisco.com/en/US/products/sw/secursw/ps5318/prod_installation_guide09186a00803e4727.html
Here is the link to install SDM. (The doc was written in 2005 but the SDM is supported by the 1900 and is installed in the same way)...
http://www.cisco.com/en/US/products/sw/secursw/ps5318/prod_installation_guide09186a00803e4727.html
ASKER
Received error message in the install "This router model is unsupported by SDM. Please enter IP address of a router supported by SDM"
That link you sent, I didnt see Cisco 1921 in there. If it doesnt support SDM, is there something new that does the same thing because its quite a valuable tool.
Thanks
That link you sent, I didnt see Cisco 1921 in there. If it doesnt support SDM, is there something new that does the same thing because its quite a valuable tool.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your help Craig, you helped me narrow it down to what product I needed. Cisco Config Professional works perfectly with the router.
Thanks!
Thanks!
Ah yes, I don't know why I didn't say that in the first place!
SDM is end-of-life and is being replaced by CCP on all compatible devices.
SDM is end-of-life and is being replaced by CCP on all compatible devices.