Enable Web gui on Cisco 2901 ISR running IOS 15...

Similar Messages

• Jumbo Frame - Enabling on a VLAN of CAT 6500 running IOS

  Jumbo frames needs to be enabled on one of the vlan interface on Cisco 6500 IOS Switch.
  =================================================================
  •1) Once enabled the mtu 9216 on the required vlan interface do we need to reload the switch to take effect (I believe that in some low end swicthes it needs a reload)
  •2) If we enable only one Vlan interface, how about the other vlan interfaces(about 200 are on this switch)? Do we need to specify mtu1500 on other vlan interfaces?
  I have read information at the following two links, but I still wish to reconfirm by asking the questions in this forum. Someone who has already implemented this may have gained more experience while implementing it on CAT 6500 IOS Switch.
  https://supportforums.cisco.com/message/963341#963341
  http://www.cisco.com/en/US/products/hw/switches/ps700/products_configuration_example09186a008010edab.shtml
  http://www.cisco.com/en/US/products/hw/switches/ps700/products_configuration_example09186a008010edab.shtml#backinfo1
  Thanks.
  Alphonse

  You do not need to reboot your 6500 after you enable jumbo frames, but it is good idea to do it during an outage window. You only need to reboot smaller switches i.e. 3560, 3750, etc...after enabling jumbo frames. On these switches you can only enable it globally.  Only enable jumbo frames for the vlans you need.  You usually need jumbo frames for vlans connecting to the storage systems.
  Good Luck

• Web filtering on Cisco 867 VAE K9 router

  Hi,
  how do I enable web filtering on Cisco 867 VAE K9 router with 15.1(4)M4 release? i have a message on the router : Content Filter unvailable ....
  thanks.

  Anthony,
  Yes it does https inspection and the portal also block based on categories (Social Networking, Gamblin; to tell a few samples), IP address and domain name.
  Get in touch with your Cisco Account Team or Cisco Partner/Reseller and get an evalution.
  HTH
  Luis Silva
  "If you need PDI (Planning, Design, Implement) assistance feel free to reach us"
  http://www.cisco.com/web/partners/tools/pdihd.html

• Cisco 891FW Router - Web Gui

  Hey guys,
  Bare with me, as I am Cisco newbie and not too familiar with their setups.
  I essentially want to be able to use the web interface of the router to configure VPNs, port forwards, etc. and not use CLIs.
  Just got a Cisco 891FW Router for a client and want to pre-setup everything, but I couldn't seem to get into the web interface of the router. After finding out (correct me if I am wrong) that it is disabled by default, so you will have to use console to configure it.
  So with the cable console I was provided, I used putty and got into that interface (this is where I lack experience in use). Referring to this guide (http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf005.pdf), I tried to enable the Web GUI of the router. 
  So the commands I ran are:
  Router(config)# ip http server
  Router(config)# ip http authentication aaa
  Router(config)# aaa authentication login default local
  I connected a ethernet cable from one of the LAN ports to my laptop and it got an IP address (192.168.15.100). I opened my web browser and put in http://<router name>, and nothing; even tried 192.168.15.1 as I figured that would be the web interface since I got a .15 address.
  Did I miss a step or am I following the wrong guide? I am not too familiar with Cisco routers (beside you basic home/small business ones with the WebGUI enabled by default) so if you guys can show me a guide specific to my model, or give me a step-by-step on how to enable the web interface that would be appreciated.
  Thanks for any help

  Hi,
  I'm a little rusty as I always use the CLI and only ever disable the web interface :), but your config looks a little weird.
  Try this:
  (config)#ip http server
  (config)#ip http authentication local
  (config)#username jbenoza privilege 15 secret 0 cisco
  (config)#wri
  Enter the IP address of the router (which will be the default gateway of the DHCP address you were provided) in the web browser and this will allow you to connect.
  If you still experience issues, please post the output of a show run as there may be further configurations necessary.

• Unable to Login Cisco Prime Collaboation (10.5.1) Web GUI

  Hi all,
  I cound not login CPC web GUI with credentials which i have configured during installation. With same credentials i could login to CLI.
  I have used "cpc-provisioning-10.5.1-320-small.ova" to install CPC.
  Best Regards,
  Mesut

  Hi Mesut,
  What credentials u are using to login in CLI & GUI?
  Did u try logging through globaladmin?
  http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/collaboration/10-0/quick/start/guide/Cisco_Prime_Collaboration_Quick_Start_Guide_10.html
  User Accounts
  For Prime Collaboration, you will be required to specify various passwords at different instances. This section is designed to help you specify appropriate passwords in several scenarios that demand your login credentials (applicable for both converged application as well as standalone Prime Collaboration Assurance and Prime Collaboration Provisioning applications).
   globaladmin- is a superuser who can access both Prime Collaboration Assurance and Prime Collaboration Provisioning UI.
   globaladmin password- specify this password when you configure your virtual appliance for either standalone or converged application. See Configuring the Prime Collaboration Assurance Virtual Appliance and Configuring the Prime Collaboration Provisioning Virtual Appliance. You are also required to specify this password when you login to the UI (see the Password Rules for root user and globaladmin section)
  regds,
  aman

• Can't Web Browse to 6900 series phones running firmware 9.4.1.3 on cisco CME

  Hi
  I'm having issues with web browseing to cisco IP phones. 
  Historically we could web browse to a a basic settings/ dianostics page of the phone by simiply browseing to the phones IP address. 
  However after an upgrade to SCCP firmware 9.4.1.3 this is no longer possible? I have tested from the same lan/subnet but still it refuses connections. Did a telnet using port 80 and this is also refused. 
  Was this feature removed in the later firmware? I have always found this feature usful especially when doing degugging and remote testing. 
  If it is still possible to web to them does anyone know how this is enabled. I'm searching around but not found a solution yet. 
  Thanks
  Simon

  I think web access disabled by default started in 9.3(3) for these phone models:
  http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cuipph/6900_series/firmware/933/release_notes/P069_BK_R9A78776_00_rn-9_3_3-6900-series/P069_BK_R9A78776_00_rn-9_3_3-6900-series_chapter_00.html#P690_TP_WC33699B_00

• UWL: enabling the web GUI for html for work items

  Hi,
      We have configured UWL in portal. All the backend work items are appearing in the UWL iView in portal.
  But when we click on some of the work items SAP GUI opens instead of web GUI for html.
  Does any one have information what needs to be configured in UWL configuration xml file so as to enable the web GUI for html for rest of the work items?
  Regards
  Sk

  Hi,
      We have configured UWL in portal. All the backend work items are appearing in the UWL iView in portal.
  But when we click on some of the work items SAP GUI opens instead of web GUI for html.
  Does any one have information what needs to be configured in UWL configuration xml file so as to enable the web GUI for html for rest of the work items?
  Regards
  Sk

• Cisco 4400 WLC - Accessing web gui remotely

  I know how to access the GUI from the service port. However, I am not able to access from Port 0. IPs have all been properly set. We have a management VLAN in our enterprise. I have configured the WLC management interface for an ip on that subnet. Port 0 is connected to a 3560G switch. I have set the switch port to be an access port to the management vlan and I have tried to set the switch port as a trunk, with the native vlan set to the management vlan. I am not able to ping nor access the web GUI remotely via the management vlan. Is this by design?
  Jeff

  Hi Jeff,
  plz try to configure 0 as vlan on managment interface on WLC after configuring native vlan on the switch. if you havent tried it yet.
  command - config interface vlan management 0
  NOTe - you need to disabl all wlan that r mapped with management interface before doing any changes from CLI.
  hope it will solve your prob.
  Thanks

• 1142N unable to open Web GUI and CMD line options not available

  I am currently trying to configure two 1142N APs (AIR-LAP1142N-A-K9) to be stand alone APs. I have followed the PDFs
  http://www.cisco.com/en/US/customer/docs/wireless/access_point/12.3_8_JA/configuration/guide/s38frst.html#wp1103248
  and
  http://www.cisco.com/en/US/customer/docs/wireless/access_point/12.3_2_JA/configuration/guide/s32frst.html#wp1103310
  I set up the switch to provide DHCP and confirmed that each AP is indeed assigned an IP address. I can also ping each device. However when trying to browse to the GUI it fails to connect. So I tried to configure it via the CMD line. The enable mode does not give the option to configure interfaces as you would expect in enable mode nor does it give the option to enter global exec. example of the out put below.
  AP8843.e178.0ee0>
  AP8843.e178.0ee0>enable
  Password:
  AP8843.e178.0ee0#?
  Exec commands:
    cd               Change current directory
    clear            Reset functions
    clock            Manage the system clock
    crypto           Encryption related commands.
    debug            Debugging functions (see also 'undebug')
    delete           Delete a file
    dir              List files on a filesystem
    disable          Turn off privileged commands
    enable           Turn on privileged commands
    exit             Exit from the EXEC
    fsck             Fsck a filesystem
    help             Description of the interactive help system
    led              LED functions
    lock             Lock the terminal
    login            Log in as a particular user
    logout           Exit from the EXEC
    lwapp            lwapp exec commands
    mkdir            Create new directory
    monitor          Monitoring different system events
    more             Display the contents of a file
    name-connection  Name an existing network connection
    no               Disable debugging functions
    ping             Send echo messages
    pwd              Display current working directory
    release          Release a resource
    reload           Halt and perform a cold restart
    rename           Rename a file
    renew            Renew a resource
    rmdir            Remove existing directory
    send             Send a message to other tty lines
    set              Set system parameter (not config)
    show             Show running system information
    systat           Display information about terminal lines
    terminal         Set terminal line parameters
    test             Test subsystems, memory, and interfaces
    traceroute       Trace route to destination
    undebug          Disable debugging functions (see also 'debug')
    upgrade          Upgrade software
    verify           Verify a file
    where            List active connections
  It seems that the IOS on this device does not have the capability to configure the AP as stand alone or that it has been disabled. How do I get into the CMD line to configure the AP for deployment?
  Secondly since I could not configure it via the CMD line I attempted to connect to it via the GUI like I said above. This fails. I ran an NMAP to find out what is open and found that nothing but port 23 is open. What is the deal here? Is the web GUI shut off by default? Am I just totally missing something? I think I dies a little inside after this...help please?

  AP8843.e178.0ee0#sh ver
  Cisco IOS Software, C1140 Software (C1140-RCVK9W8-M), Version 12.4(18a)JA, RELEASE SOFTWARE (fc4)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2008 by Cisco Systems, Inc.
  Compiled Fri 21-Nov-08 01:28 by prod_rel_team
  ROM: Bootstrap program is C1140 boot loader
  BOOTLDR: C1140 Boot Loader (C1140-BOOT-M) Version 12.4(18a)JA3, RELEASE SOFTWARE (fc1)
  AP8843.e178.0ee0 uptime is 2 hours, 16 minutes
  System returned to ROM by power-on
  System image file is "flash:/c1140-rcvk9w8-mx/c1140-rcvk9w8-mx"
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  to comply with U.S. and local laws, return this product immediately.
  A summary of U.S. laws governing Cisco cryptographic products may be found at:
  http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
  If you require further assistance please contact us by sending email to
  [email protected].
  cisco AIR-LAP1142N-A-K9    (PowerPC405ex) processor (revision B0) with 98294K/32768K bytes of memory.
  Processor board ID
  PowerPC405ex CPU at 586Mhz, revision number 0x147E
  Last reset from power-on
  LWAPP image version 3.0.51.0
  1 Gigabit Ethernet interface
  32K bytes of flash-simulated non-volatile configuration memory.
  Base ethernet MAC Address:
  Part Number                          :
  PCA Assembly Number                  :
  PCA Revision Number                  : A0
  PCB Serial Number                    :
  Top Assembly Part Number             :
  Top Assembly Serial Number           :
  Top Revision Number                  : A0
  Product/Model Number                 : AIR-LAP1142N-A-K9
  Configuration register is 0xF

• ACS IS WORKING, BUT NOT THE WEB GUI

  I have an ACS ver 5.4.0.46.7 running on an applicance, ACS-1121-K9. After rebooting a Win2008-controller it stopped working and someone in my Department rebooted the ACS. It looks like the authentications are working now, but I can't Access the web gui. It responds to ping and ssh. I did a show acs-config-web-Interface and the view-Interface was disabled, I enabled it but still it isn't working:
  TBGACS02/admin# show acs-config-web-interface
  migration interface is disabled
  ucp interface is disabled
  view interface is enabled
  rest interface is disabled
  TBGACS02/admin# show application status acs
  ACS role: PRIMARY
  Process 'database'                  running
  Process 'management'                running (HTTP is nonresponsive)
  Process 'runtime'                   not monitored
  Process 'adclient'                  running
  Process 'ntpd'                      running
  Process 'view-database'             running
  Process 'view-jobmanager'           Execution failed
  Process 'view-alertmanager'         running
  Process 'view-collector'            running
  Process 'view-logprocessor'         running
  I could try to reboot again but I'd prefer not if possible..

  As a basic troubleshooting we can restart the services or server completely. However if that doesn't help, then we can also review the size of /opt to ensure accumulation of view database is not causing this issue. From the logging perspective we can look at management and ade/ADE logs. 
  In Majority of cases customer reset the application configuration and restore the last good backup. This always help them resolve the issue quickly without going through the troubleshooting process. 
  HTH
  -Jatin

• What's wrong? Verify and compare Cisco 2901 config after loading old config from Cisco 2801

  Hi Cisco Community / Friends,
  I am new to this site though I have cisco account for many years. I am a CCNA ,I  passed my certification on January 2013 I seldom use and utilized my skills on networking becuase of my type of work. I am Project Eng'r working in a System integrator company . Anyway, I would like to ask assistance on the configurations of my Cisco router for this gov't projects.. Here's the situation.
  We have a new project for the VSAT Comm'n of  Coast Watch Station ,  The VSAT was installed 7 years ago. The VSAT was only used for a year by this Gov't agency because of  subscription issue. Now, they wants to revive and use their VSAT facilities for the Coast watch monitoring. Now, some of this routers are working up to now and for some site  are already defective so I need to replace the old 2801 router with a new equivalent model which is Cisco 2901. My plan was just to load the old config into the new Cisco 2901 router. However, after loading it to the new router, I am a little worried because I've got some errors received. I load the old config by copying the old files, edit it in notepad, and load the config using Secure CRT (terminal emulator). When I copy the old config of cisco 2801 to new router cisco 2901 , below are the command not recognized on Cisco 2901. What's wrong ? What are these commands for? 
  Appreciate your comments and help on this matter.. Thank You very much
  Note: I Attached the original config from Cisco 2801 and the other file is the config after I load the config file to Cisco 2901.
  (Errors see below)
  CWS_4_Pandami(config-erm)#mmi polling-interval 60
                                                         ^
  % Invalid input detected at '^' marker.
  CWS_4_Pandami(config-erm)#no mmi auto-configure
                                                         ^
  % Invalid input detected at '^' marker.
  CWS_4_Pandami(config-erm)#no mmi pvc
                                                         ^
  % Invalid input detected at '^' marker.
  CWS_4_Pandami(config-erm)#mmi snmp-timeout 180
                                                          ^
  % Invalid input detected at '^' marker.
  CWS_4_Pandami(config-if)#interface GigabitEthernet0/1
  CWS_4_Pandami(config-if)# description ===CWS4 SAT Modem===
  CWS_4_Pandami(config-if)# bandwidth 256
  CWS_4_Pandami(config-if)# ip address 192.168.42.1 255.255.255.0
  CWS_4_Pandami(config-if)# duplex auto
  CWS_4_Pandami(config-if)# speed auto
  CWS_4_Pandami(config-if)# priority-group 1
                                                      ^
  % Invalid input detected at '^' marker.
  CWS_4_Pandami(config)#access-list 100 permit ip any any dscp cs5
  CWS_4_Pandami(config)#priority-list 1 protocol ip high list 100
                                                  ^
  % Invalid input detected at '^' marker.

  Hi
  From Cisco's website:
  The Modem Management Interface (MMI) is software that enables auto-provisioning for the Cisco 827 routers. The MMI uses a fixed PVC to communicate with the Proxy Element (PE) residing on the digital subscriber line access multiplexer (DSLAM). Using MMI, the Cisco 827 router updates the running image and downloads the prescribed configuration using a configuration file or configuration values in a provisioning information database.
  The customer premise equipment (CPE) can be automatically configured using the Cisco DSL CPE download, but it can be configured only with the image provisioning feature.
  So because this is your device, you don't want to use MMI anyways.
  And "priority-list" is QoS. Probably that QoS-command is old and removed, because now QoS is configured using class-maps and policy-maps.

• How to enable IP SLA on cisco switch

  Hi guys,
  I am trying to enable IP SLA on a Cisco 4948 switch (running 'cat4500-ipbasek9-mz.122-46.SG.bin') to test CiscoWorks IPM using this swtich as a source device. But I can't run the command "ip sla monitor" on this switch. It just has "ip sla responder". Does anyone can help me, please? Is it possible to configura IP SLA on this source switch? Or can I do it only on routers?
  Thanks,
  Regards.
  Flaviano.

  IPSLA is supported in Cisco 800, 1700,1800, 2600,2800, 3500, 3750, 3600,3700, 3800, 4500, 6500, 7200, 7500, 7600, 10000, and 12000, ASR-1K Series Routers. Future support includes CRS-1, ONS ML Card, and Cisco 7970 IP phones in 2005.
  IPSLA-VO (Video Operation) is supported on Cisco Catalyst 3560-X, 3750, 3750-E, 3750-X, 3650, and 3650-E Series switches & EtherSwitch Service Modules (SM-ES3G-16-P) which emulates a 3560 switch within the ISR's.  You can use the EtherSwitch Serv Mod in the ISR's as well and use IPSLA-VO.
  The 2900/3900 ISR's will support IPSLA-VO natively late this year.

• 2602e Reset to Defaults Except IP not Work over Web GUI

  Hello,
  1. Set a Static IP
  2. Apply & Save Configuration
  3. After Reboot the IP is correct.
  Then do Reset to Defaults Except IP in the WEB Gui.
  After Reboot the AP loos the static IP and get a DHCP Address.
  Reset to Defaults Except IP = Reset to Defaults !
  Whats Wrong ?

  OK, here is:
  Writing out the event log to flash:/event.log ...
  *Jan 22 17:44:56.675: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
  *Jan 22 17:44:57.547: %SYS-5-RELOAD: Reload requested by  on console. Reload Reason: Reload Command.
  Write of event.log done
  IOS Bootloader - Starting system.
  flash is writable
  FLASH CHIP:  Numonyx Mirrorbit (0089)
  Xmodem file system is available.
  flashfs[0]: 212 files, 7 directories
  flashfs[0]: 0 orphaned files, 0 orphaned directories
  flashfs[0]: Total bytes: 31997952
  flashfs[0]: Bytes used: 15058432
  flashfs[0]: Bytes available: 16939520
  flashfs[0]: flashfs fsck took 23 seconds.
  Reading cookie from SEEPROM
  Base Ethernet MAC address: 10:f3:11:c2:2e:3a
  Ethernet speed is 1000 Mb - FULL Duplex
  Loading "flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-mx.152-4.JB3a"...##########################
  File "flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-mx.152-4.JB3a" uncompressed and installed, entry point: 0x2003000
  executing...
  Secondary Bootloader - Starting system.
  Tide MB - 32MB of flash
  Xmodem file system is available.
  flashfs[0]: 212 files, 7 directories
  flashfs[0]: 0 orphaned files, 0 orphaned directories
  flashfs[0]: Total bytes: 31997952
  flashfs[0]: Bytes used: 15058432
  flashfs[0]: Bytes available: 16939520
  flashfs[0]: flashfs fsck took 14 seconds.
  Base Ethernet MAC address: 10:f3:11:c2:2e:3a
  Boot CMD: 'boot  flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-xx.152-4.JB3a;flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-mx.152-4.JB3a'
  Loading "flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-xx.152-4.JB3a"...#######################################
  File "flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-xx.152-4.JB3a" uncompressed and installed, entry point: 0x1003000
  executing...
                Restricted Rights Legend
  Use, duplication, or disclosure by the Government is
  subject to restrictions as set forth in subparagraph
  (c) of the Commercial Computer Software - Restricted
  Rights clause at FAR sec. 52.227-19 and subparagraph
  (c) (1) (ii) of the Rights in Technical Data and Computer
  Software clause at DFARS sec. 252.227-7013.
             cisco Systems, Inc.
             170 West Tasman Drive
             San Jose, California 95134-1706
  Cisco IOS Software, C3600 Software (AP3G2-K9W7-M), Version 15.2(4)JB3a, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2013 by Cisco Systems, Inc.
  Compiled Mon 23-Dec-13 08:11 by prod_rel_team
  Tide MB - 32MB of flash
  Initializing flashfs...
  flashfs[3]: 212 files, 7 directories
  flashfs[3]: 0 orphaned files, 0 orphaned directories
  flashfs[3]: Total bytes: 31739904
  flashfs[3]: Bytes used: 15058432
  flashfs[3]: Bytes available: 16681472
  flashfs[3]: flashfs fsck took 12 seconds.
  flashfs[3]: Initialization complete.
  flashfs[4]: 0 files, 1 directories
  flashfs[4]: 0 orphaned files, 0 orphaned directories
  flashfs[4]: Total bytes: 11999232
  flashfs[4]: Bytes used: 1024
  flashfs[4]: Bytes available: 11998208
  flashfs[4]: flashfs fsck took 0 seconds.
  flashfs[4]: Initialization complete.
  Copying radio files from flash: to ram:
  Copy in progress...CCCCC
  Copy in progress...CCC
  Copy in progress...CCCC
  Copy in progress...CCCC
  Copy in progress...CC
  Copy in progress...CCC
  Copy in progress...CC
  Copy in progress...CCCCC
  Uncompressing radio files...
  ...done Initializing flashfs.
  Radio0  present 8764 8000 0 A8000000 A8010000 0
  Rate table has 650 entries (20 legacy/224 11n/406 11ac)
  POWER TABLE FILENAME = ram:/B2.bin
  Radio1  present 8764 8000 0 88000000 88010000 4
  POWER TABLE FILENAME = ram:/B5.bin
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  to comply with U.S. and local laws, return this product immediately.
  A summary of U.S. laws governing Cisco cryptographic products may be found at:
  http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
  If you require further assistance please contact us by sending email to
  [email protected].
  cisco AIR-SAP2602E-E-K9 (PowerPC) processor (revision A0) with 204790K/57344K bytes of memory.
  Processor board ID FGL1711Z6K6
  PowerPC CPU at 800Mhz, revision number 0x2151
  Last reset from power-on
  1 Gigabit Ethernet interface
  2 802.11 Radios
  32K bytes of flash-simulated non-volatile configuration memory.
  Base ethernet MAC Address: 10:F3:11:C2:2E:3A
  Part Number                          : 73-14511-02
  PCA Assembly Number                  : 800-37898-01
  PCA Revision Number                  : A0
  PCB Serial Number                    : FOC17093TXF
  Top Assembly Part Number             : 800-38357-01
  Top Assembly Serial Number           : FGL1711Z6K6
  Top Revision Number                  : A0
  Product/Model Number                 : AIR-SAP2602E-E-K9  
  Press RETURN to get started!
  *Mar  1 00:00:16.035: %IFMGR-7-NO_IFINDEX_FILE: Unable to open nvram:/ifIndex-table No such file or directory
  *Mar  1 00:00:16.151: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed (11)APAVC:  WlanPAKs 18174 RadioPaks  17566
  *Mar  1 00:00:23.131: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0 (4)
  *Mar  1 00:00:29.443: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1 (4)
  *Mar  1 00:00:29.503: initializing dot11 onplus
  *Mar  1 00:00:29.667: not a autoconfig enabled device!!!
  *Mar  1 00:00:31.671: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
  *Mar  1 00:00:32.671: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down
  *Mar  1 00:01:18.015: Starting Ethernet promiscuous mode
  *Jan 22 17:44:57.000: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
  *Jan 22 17:44:57.000: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
  *Jan 22 17:44:57.007: %CDP_PD-4-POWER_OK: Full power - HIGH_POWER inline power source
  *Jan 22 17:44:57.015: %SYS-5-RESTART: System restarted --
  Cisco IOS Software, C3600 Software (AP3G2-K9W7-M), Version 15.2(4)JB3a, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2013 by Cisco Systems, Inc.
  Compiled Mon 23-Dec-13 08:11 by prod_rel_team
  *Jan 22 17:44:57.015: %SNMP-5-COLDSTART: SNMP agent on host ap is undergoing a cold start
  *Jan 22 17:44:57.999: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
  *Jan 22 17:44:57.999: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
  *Jan 22 17:44:57.999: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to downERROR: Failed to configure ethernet promiscuous mode. Interface Descriptor mismatch
  *Jan 22 17:45:01.667: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed (0-0)
  *Jan 22 17:45:01.667: DPAA Initialization Complete
  *Jan 22 17:45:01.667: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
  *Jan 22 17:45:02.667: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
  *Jan 22 17:45:06.863: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.16.33.216, mask 255.255.254.0, hostname ap

• Cisco 881 ISR IPSec VPN Tunnel does not pass traffic from the vlan.

  I have a cisco 881 ISR Router with a site-to-site IPsec vpn tunnel to a mikrotik device on the other end (I inherited this from my client). The tunnel is constructed properly and is up, however traffic does not pass or get routed to the FA4 interface. I see in my packet captures that it hits the vlan1 interface (vlans are required on the L2 ports) and does not pass to the tunnel.
  This is my configuration:
  141Kerioth#sh config
  Using 3763 out of 262136 bytes
  ! Last configuration change at 01:02:41 UTC Mon May 26 2014 by admin
  version 15.2
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname 141Kerioth
  boot-start-marker
  boot-end-marker
  logging buffered 51200 warnings
  aaa new-model
  141Kerioth#do wr mem
                ^
  % Invalid input detected at '^' marker.
  141Kerioth#wr mem
  Building configuration...
  [OK]
  141Kerioth#sh run
  Building configuration...
  Current configuration : 5053 bytes
  ! Last configuration change at 01:38:06 UTC Mon May 26 2014 by admin
  version 15.2
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname 141Kerioth
  boot-start-marker
  boot-end-marker
  logging buffered 51200 warnings
  aaa new-model
  aaa authentication login default local
  aaa authentication ppp default local
  aaa session-id common
  memory-size iomem 10
  crypto pki trustpoint TP-self-signed-580381394
   enrollment selfsigned
   subject-name cn=IOS-Self-Signed-Certificate-580381394
   revocation-check none
   rsakeypair TP-self-signed-580381394
  crypto pki certificate chain TP-self-signed-580381394
   certificate self-signed 01
    30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
    30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 35383033 38313339 34301E17 0D313430 35323231 38323333
    365A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
    532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3538 30333831
    33393430 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
    B001A012 2CA6970C 0648798B 2A786704 84F2D989 83974B19 9B4287F2 4503D2C9
    173F23C4 FF34D160 202A7565 4A1CE08B 60B3ADAE 6E19EE6E 9CD39E72 71F9650E
    930F22FE C4441F9C 2D7DD420 71F75DFC 3CCAC94E BA304685 E0E62658 A3E8D01C
    D01D7D6A 5AF0B0E6 3CF6AF3A B7E51F83 9BF6D38E 65254E1F 71369718 ADADD691
    02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D
    23041830 168014D6 24878F12 1FFADF2F 537A438E 6DD7FB6B D79E4130 1D060355
    1D0E0416 0414D624 878F121F FADF2F53 7A438E6D D7FB6BD7 9E41300D 06092A86
    4886F70D 01010505 00038181 00771667 FCA66002 8AB9E5FB F210012F C50B586F
    9A9640BB 45B4CEFD 030A38C0 E610AAC8 B41EF3C4 E55810F9 B2C727CF C1DEFCF1
    0846E7BC 1D95420E 5DADB5F8 EFE7EB37 B5433B80 4FF787D4 B1F2A527 06F065A4
    00522E97 A9D2335C E83C4AE1 E68D7A41 9D0046A7 ADCC282B 7527F84D E71CC567
    14EF37EA 15E57AD0 3C5D01F3 EF
          quit
  ip dhcp excluded-address 10.0.16.1
  ip dhcp pool ccp-pool
   import all
   network 10.0.16.0 255.255.255.0
   default-router 10.0.16.1
   dns-server 8.8.8.8
   lease 0 2
  ip domain name kerioth.com
  ip host hostname.domain z.z.z.z
  ip name-server 8.8.8.8
  ip name-server 4.2.2.2
  ip cef
  no ipv6 cef
  license udi pid CISCO881-K9 sn FTX180483DD
  username admin privilege 15 secret 4 CmmfIy.RPySmo4Q2gEIZ2jlr3J.bTBAszoe5Bry0z4c
  username meadowbrook privilege 0 password 0 $8UBr#Ux
  username meadowbrook autocommand exit
  policy-map type inspect outbound-policy
  crypto isakmp policy 1
   encr 3des
   authentication pre-share
   group 5
  crypto isakmp key 141Township address z.z.z.z
  crypto isakmp keepalive 10
  crypto ipsec transform-set TS esp-3des esp-sha-hmac
   mode tunnel
  crypto map mymap 10 ipsec-isakmp
   set peer z.z.z.z
   set transform-set TS
   match address 115
  interface Loopback0
   no ip address
  interface Tunnel1
   no ip address
  interface FastEthernet0
   no ip address
  interface FastEthernet1
   no ip address
  interface FastEthernet2
   no ip address
  interface FastEthernet3
   no ip address
  interface FastEthernet4
   description $FW_OUTSIDE_WAN$
   ip address 50.y.y.y 255.255.255.240
   ip nat outside
   ip virtual-reassembly in
   duplex auto
   speed auto
   crypto map mymap
  interface Vlan1
   description $ETH_LAN$
   ip address 10.0.16.1 255.255.255.0
   ip nat inside
   ip virtual-reassembly in
   ip tcp adjust-mss 1452
  ip forward-protocol nd
  ip http server
  ip http access-class 23
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip nat inside source list 115 interface Vlan1 overload
  ip nat inside source list 199 interface FastEthernet4 overload
  ip nat inside source route-map nonat interface FastEthernet4 overload
  ip route 0.0.0.0 0.0.0.0 50.x.x.x
  access-list 110 deny   ip 10.0.16.0 0.0.0.255 10.0.1.0 0.0.0.255
  access-list 110 permit ip 10.0.16.0 0.0.0.255 any
  access-list 115 permit ip 10.0.16.0 0.0.0.255 10.0.1.0 0.0.0.255
  access-list 144 permit icmp host c.c.c.c host 10.0.1.50
  access-list 144 permit icmp host p.p.p.p host 10.0.16.105
  access-list 199 permit ip a.a.a.a 0.0.0.255 any
  no cdp run
  route-map nonat permit 10
   match ip address 100
  line con 0
   no modem enable
  line aux 0
  line vty 0 4
   access-class 1 in
   exec-timeout 30 0
   privilege level 15
   transport preferred ssh
   transport input ssh
  line vty 5 15
   access-class 23 in
   privilege level 15
   transport input telnet ssh
  cns trusted-server all-agents x.x.x.x
  cns trusted-server all-agents hostname
  cns trusted-server all-agents hostname.domain
  cns id hardware-serial
  cns id hardware-serial event
  cns id hardware-serial image
  cns event hostname.domain 11011
  cns config initial hostname.domain 80
  cns config partial hostname.domain 80
  cns exec 80
  end

  Why do you have following command on the PIX?
  crypto map outside_map 40 set transform-set 165.228.x.x
  Also you have this transform set on the PIX:
  crypto ipsec transform-set 10.112.60.0 esp-aes-256 esp-sha-hmac
  This does not match the transfor set on the router:
  crypto ipsec transform-set tritest esp-3des esp-md5-hmac
  Where are you using the access-list/route-map
  101 ?

• SRW2048 Web GUI

  My work just bought this switch last week. The switch was brand new when I opended the box.
  The web GUI on the switch never fully opens so that it's functional. On each browser that I try the page only loads halfway... It seems the iframe content never loads but the graphics always do.
  I've tried IE 6.0, Firefox 3.6.12, and Chrome 5.0. I've set the security to low, and also set the address to trusted in IE. no change.
  I also flashed the switch with the latest from cisco.com...'SRW2048_FW_v122d_gesm-12220' Issue still remains....
  I found other threads with people with the same issue lat year... the answer at the time was to flash to the latest firmware.. Well that's the 3rd thing I did....
  Screenshots should give you a better idea of what I'm seeing.
  Any suggestions?

  What a JOKE of a solution.... You really are asking customers to do this? WOW!
  I find this to be rather ridiculous to ask customers to do this. I should be able to pull up a fully functional GUI with IE or FF without installing additional plugins. I can do this with OTHER switches, routers and other devices no prob. I've never had an issue like this with a cisco/linksys product till now. Why is support and development lacking with this product?
  The 'solution' is rather a bandaid to the issue. So everyones browser is fubar, while the switch is operating like normal? I don't think so...
  I've set activeX to prompt or ask admin when it wants to run... I close the browser, reopen.. and guess what? THE SAME THING HAPPENS...
  IE tabs in FF? Are you really serious asking customers to install IE tabs on FF. This uses the IE engine instead of FF... So why even try FF if you're not going to use it? What if its a dev machine and I DO NOT want extra software on it... Or FF is not even installed?  What if I have no internet on the machine?
  There must be another workaround, or a solution as the one suggested is NOT working.
  So CISCO, Are you going to leave your customers out in the rain, or are you going to support the product and fix the issue instead of having customers apply bandaid to an issue on you're product?
  Please don't force me to return this switch and buy something else.
  Thanks.
  P.S, I right click and get a menu to insert an image, or align or insert a table.. Uhh, remove that 'feature'... You have these options above, why remove the ability to check spelling on the fly with a right click? Ugh.