Enable Web gui on Cisco 2901 ISR running IOS 15...
I have recently purchased a Cisco 2901 Integrated Service Router that is running IOS 15... and need some help activating the WEB GUI Interface. I have read some documentation and have not had any luck. Some detailed instructions for the command line would be great if someone has the time to help.
Thanks
Hi,
It looks as though there is not a Web GUI available for the 2901. However, Cisco does provide a tool called Cisco Configuration Professional, which provides tools to configure routers. It provides options for configuring many different functions in Cisco routers. You can follow the steps laid out in this article: http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_configuration_professional/guides/CiscoCPqsg.html
This gives a great overview of how to install and start using Configuration Professional. I hope this helps, and please feel free to respond with any further questions. I will certainly do my best to answer them!
Garrett
Similar Messages
-
Jumbo Frame - Enabling on a VLAN of CAT 6500 running IOS
Jumbo frames needs to be enabled on one of the vlan interface on Cisco 6500 IOS Switch.
=================================================================
•1) Once enabled the mtu 9216 on the required vlan interface do we need to reload the switch to take effect (I believe that in some low end swicthes it needs a reload)
•2) If we enable only one Vlan interface, how about the other vlan interfaces(about 200 are on this switch)? Do we need to specify mtu1500 on other vlan interfaces?
I have read information at the following two links, but I still wish to reconfirm by asking the questions in this forum. Someone who has already implemented this may have gained more experience while implementing it on CAT 6500 IOS Switch.
https://supportforums.cisco.com/message/963341#963341
http://www.cisco.com/en/US/products/hw/switches/ps700/products_configuration_example09186a008010edab.shtml
http://www.cisco.com/en/US/products/hw/switches/ps700/products_configuration_example09186a008010edab.shtml#backinfo1
Thanks.
AlphonseYou do not need to reboot your 6500 after you enable jumbo frames, but it is good idea to do it during an outage window. You only need to reboot smaller switches i.e. 3560, 3750, etc...after enabling jumbo frames. On these switches you can only enable it globally. Only enable jumbo frames for the vlans you need. You usually need jumbo frames for vlans connecting to the storage systems.
Good Luck -
Web filtering on Cisco 867 VAE K9 router
Hi,
how do I enable web filtering on Cisco 867 VAE K9 router with 15.1(4)M4 release? i have a message on the router : Content Filter unvailable ....
thanks.Anthony,
Yes it does https inspection and the portal also block based on categories (Social Networking, Gamblin; to tell a few samples), IP address and domain name.
Get in touch with your Cisco Account Team or Cisco Partner/Reseller and get an evalution.
HTH
Luis Silva
"If you need PDI (Planning, Design, Implement) assistance feel free to reach us"
http://www.cisco.com/web/partners/tools/pdihd.html -
Hey guys,
Bare with me, as I am Cisco newbie and not too familiar with their setups.
I essentially want to be able to use the web interface of the router to configure VPNs, port forwards, etc. and not use CLIs.
Just got a Cisco 891FW Router for a client and want to pre-setup everything, but I couldn't seem to get into the web interface of the router. After finding out (correct me if I am wrong) that it is disabled by default, so you will have to use console to configure it.
So with the cable console I was provided, I used putty and got into that interface (this is where I lack experience in use). Referring to this guide (http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf005.pdf), I tried to enable the Web GUI of the router.
So the commands I ran are:
Router(config)# ip http server
Router(config)# ip http authentication aaa
Router(config)# aaa authentication login default local
I connected a ethernet cable from one of the LAN ports to my laptop and it got an IP address (192.168.15.100). I opened my web browser and put in http://<router name>, and nothing; even tried 192.168.15.1 as I figured that would be the web interface since I got a .15 address.
Did I miss a step or am I following the wrong guide? I am not too familiar with Cisco routers (beside you basic home/small business ones with the WebGUI enabled by default) so if you guys can show me a guide specific to my model, or give me a step-by-step on how to enable the web interface that would be appreciated.
Thanks for any helpHi,
I'm a little rusty as I always use the CLI and only ever disable the web interface :), but your config looks a little weird.
Try this:
(config)#ip http server
(config)#ip http authentication local
(config)#username jbenoza privilege 15 secret 0 cisco
(config)#wri
Enter the IP address of the router (which will be the default gateway of the DHCP address you were provided) in the web browser and this will allow you to connect.
If you still experience issues, please post the output of a show run as there may be further configurations necessary. -
Unable to Login Cisco Prime Collaboation (10.5.1) Web GUI
Hi all,
I cound not login CPC web GUI with credentials which i have configured during installation. With same credentials i could login to CLI.
I have used "cpc-provisioning-10.5.1-320-small.ova" to install CPC.
Best Regards,
MesutHi Mesut,
What credentials u are using to login in CLI & GUI?
Did u try logging through globaladmin?
http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/collaboration/10-0/quick/start/guide/Cisco_Prime_Collaboration_Quick_Start_Guide_10.html
User Accounts
For Prime Collaboration, you will be required to specify various passwords at different instances. This section is designed to help you specify appropriate passwords in several scenarios that demand your login credentials (applicable for both converged application as well as standalone Prime Collaboration Assurance and Prime Collaboration Provisioning applications).
globaladmin- is a superuser who can access both Prime Collaboration Assurance and Prime Collaboration Provisioning UI.
globaladmin password- specify this password when you configure your virtual appliance for either standalone or converged application. See Configuring the Prime Collaboration Assurance Virtual Appliance and Configuring the Prime Collaboration Provisioning Virtual Appliance. You are also required to specify this password when you login to the UI (see the Password Rules for root user and globaladmin section)
regds,
aman -
Can't Web Browse to 6900 series phones running firmware 9.4.1.3 on cisco CME
Hi
I'm having issues with web browseing to cisco IP phones.
Historically we could web browse to a a basic settings/ dianostics page of the phone by simiply browseing to the phones IP address.
However after an upgrade to SCCP firmware 9.4.1.3 this is no longer possible? I have tested from the same lan/subnet but still it refuses connections. Did a telnet using port 80 and this is also refused.
Was this feature removed in the later firmware? I have always found this feature usful especially when doing degugging and remote testing.
If it is still possible to web to them does anyone know how this is enabled. I'm searching around but not found a solution yet.
Thanks
SimonI think web access disabled by default started in 9.3(3) for these phone models:
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cuipph/6900_series/firmware/933/release_notes/P069_BK_R9A78776_00_rn-9_3_3-6900-series/P069_BK_R9A78776_00_rn-9_3_3-6900-series_chapter_00.html#P690_TP_WC33699B_00 -
UWL: enabling the web GUI for html for work items
Hi,
We have configured UWL in portal. All the backend work items are appearing in the UWL iView in portal.
But when we click on some of the work items SAP GUI opens instead of web GUI for html.
Does any one have information what needs to be configured in UWL configuration xml file so as to enable the web GUI for html for rest of the work items?
Regards
SkHi,
We have configured UWL in portal. All the backend work items are appearing in the UWL iView in portal.
But when we click on some of the work items SAP GUI opens instead of web GUI for html.
Does any one have information what needs to be configured in UWL configuration xml file so as to enable the web GUI for html for rest of the work items?
Regards
Sk -
Cisco 4400 WLC - Accessing web gui remotely
I know how to access the GUI from the service port. However, I am not able to access from Port 0. IPs have all been properly set. We have a management VLAN in our enterprise. I have configured the WLC management interface for an ip on that subnet. Port 0 is connected to a 3560G switch. I have set the switch port to be an access port to the management vlan and I have tried to set the switch port as a trunk, with the native vlan set to the management vlan. I am not able to ping nor access the web GUI remotely via the management vlan. Is this by design?
JeffHi Jeff,
plz try to configure 0 as vlan on managment interface on WLC after configuring native vlan on the switch. if you havent tried it yet.
command - config interface vlan management 0
NOTe - you need to disabl all wlan that r mapped with management interface before doing any changes from CLI.
hope it will solve your prob.
Thanks -
1142N unable to open Web GUI and CMD line options not available
I am currently trying to configure two 1142N APs (AIR-LAP1142N-A-K9) to be stand alone APs. I have followed the PDFs
http://www.cisco.com/en/US/customer/docs/wireless/access_point/12.3_8_JA/configuration/guide/s38frst.html#wp1103248
and
http://www.cisco.com/en/US/customer/docs/wireless/access_point/12.3_2_JA/configuration/guide/s32frst.html#wp1103310
I set up the switch to provide DHCP and confirmed that each AP is indeed assigned an IP address. I can also ping each device. However when trying to browse to the GUI it fails to connect. So I tried to configure it via the CMD line. The enable mode does not give the option to configure interfaces as you would expect in enable mode nor does it give the option to enter global exec. example of the out put below.
AP8843.e178.0ee0>
AP8843.e178.0ee0>enable
Password:
AP8843.e178.0ee0#?
Exec commands:
cd Change current directory
clear Reset functions
clock Manage the system clock
crypto Encryption related commands.
debug Debugging functions (see also 'undebug')
delete Delete a file
dir List files on a filesystem
disable Turn off privileged commands
enable Turn on privileged commands
exit Exit from the EXEC
fsck Fsck a filesystem
help Description of the interactive help system
led LED functions
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
lwapp lwapp exec commands
mkdir Create new directory
monitor Monitoring different system events
more Display the contents of a file
name-connection Name an existing network connection
no Disable debugging functions
ping Send echo messages
pwd Display current working directory
release Release a resource
reload Halt and perform a cold restart
rename Rename a file
renew Renew a resource
rmdir Remove existing directory
send Send a message to other tty lines
set Set system parameter (not config)
show Show running system information
systat Display information about terminal lines
terminal Set terminal line parameters
test Test subsystems, memory, and interfaces
traceroute Trace route to destination
undebug Disable debugging functions (see also 'debug')
upgrade Upgrade software
verify Verify a file
where List active connections
It seems that the IOS on this device does not have the capability to configure the AP as stand alone or that it has been disabled. How do I get into the CMD line to configure the AP for deployment?
Secondly since I could not configure it via the CMD line I attempted to connect to it via the GUI like I said above. This fails. I ran an NMAP to find out what is open and found that nothing but port 23 is open. What is the deal here? Is the web GUI shut off by default? Am I just totally missing something? I think I dies a little inside after this...help please?AP8843.e178.0ee0#sh ver
Cisco IOS Software, C1140 Software (C1140-RCVK9W8-M), Version 12.4(18a)JA, RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 21-Nov-08 01:28 by prod_rel_team
ROM: Bootstrap program is C1140 boot loader
BOOTLDR: C1140 Boot Loader (C1140-BOOT-M) Version 12.4(18a)JA3, RELEASE SOFTWARE (fc1)
AP8843.e178.0ee0 uptime is 2 hours, 16 minutes
System returned to ROM by power-on
System image file is "flash:/c1140-rcvk9w8-mx/c1140-rcvk9w8-mx"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-LAP1142N-A-K9 (PowerPC405ex) processor (revision B0) with 98294K/32768K bytes of memory.
Processor board ID
PowerPC405ex CPU at 586Mhz, revision number 0x147E
Last reset from power-on
LWAPP image version 3.0.51.0
1 Gigabit Ethernet interface
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address:
Part Number :
PCA Assembly Number :
PCA Revision Number : A0
PCB Serial Number :
Top Assembly Part Number :
Top Assembly Serial Number :
Top Revision Number : A0
Product/Model Number : AIR-LAP1142N-A-K9
Configuration register is 0xF -
ACS IS WORKING, BUT NOT THE WEB GUI
I have an ACS ver 5.4.0.46.7 running on an applicance, ACS-1121-K9. After rebooting a Win2008-controller it stopped working and someone in my Department rebooted the ACS. It looks like the authentications are working now, but I can't Access the web gui. It responds to ping and ssh. I did a show acs-config-web-Interface and the view-Interface was disabled, I enabled it but still it isn't working:
TBGACS02/admin# show acs-config-web-interface
migration interface is disabled
ucp interface is disabled
view interface is enabled
rest interface is disabled
TBGACS02/admin# show application status acs
ACS role: PRIMARY
Process 'database' running
Process 'management' running (HTTP is nonresponsive)
Process 'runtime' not monitored
Process 'adclient' running
Process 'ntpd' running
Process 'view-database' running
Process 'view-jobmanager' Execution failed
Process 'view-alertmanager' running
Process 'view-collector' running
Process 'view-logprocessor' running
I could try to reboot again but I'd prefer not if possible..As a basic troubleshooting we can restart the services or server completely. However if that doesn't help, then we can also review the size of /opt to ensure accumulation of view database is not causing this issue. From the logging perspective we can look at management and ade/ADE logs.
In Majority of cases customer reset the application configuration and restore the last good backup. This always help them resolve the issue quickly without going through the troubleshooting process.
HTH
-Jatin -
What's wrong? Verify and compare Cisco 2901 config after loading old config from Cisco 2801
Hi Cisco Community / Friends,
I am new to this site though I have cisco account for many years. I am a CCNA ,I passed my certification on January 2013 I seldom use and utilized my skills on networking becuase of my type of work. I am Project Eng'r working in a System integrator company . Anyway, I would like to ask assistance on the configurations of my Cisco router for this gov't projects.. Here's the situation.
We have a new project for the VSAT Comm'n of Coast Watch Station , The VSAT was installed 7 years ago. The VSAT was only used for a year by this Gov't agency because of subscription issue. Now, they wants to revive and use their VSAT facilities for the Coast watch monitoring. Now, some of this routers are working up to now and for some site are already defective so I need to replace the old 2801 router with a new equivalent model which is Cisco 2901. My plan was just to load the old config into the new Cisco 2901 router. However, after loading it to the new router, I am a little worried because I've got some errors received. I load the old config by copying the old files, edit it in notepad, and load the config using Secure CRT (terminal emulator). When I copy the old config of cisco 2801 to new router cisco 2901 , below are the command not recognized on Cisco 2901. What's wrong ? What are these commands for?
Appreciate your comments and help on this matter.. Thank You very much
Note: I Attached the original config from Cisco 2801 and the other file is the config after I load the config file to Cisco 2901.
(Errors see below)
CWS_4_Pandami(config-erm)#mmi polling-interval 60
^
% Invalid input detected at '^' marker.
CWS_4_Pandami(config-erm)#no mmi auto-configure
^
% Invalid input detected at '^' marker.
CWS_4_Pandami(config-erm)#no mmi pvc
^
% Invalid input detected at '^' marker.
CWS_4_Pandami(config-erm)#mmi snmp-timeout 180
^
% Invalid input detected at '^' marker.
CWS_4_Pandami(config-if)#interface GigabitEthernet0/1
CWS_4_Pandami(config-if)# description ===CWS4 SAT Modem===
CWS_4_Pandami(config-if)# bandwidth 256
CWS_4_Pandami(config-if)# ip address 192.168.42.1 255.255.255.0
CWS_4_Pandami(config-if)# duplex auto
CWS_4_Pandami(config-if)# speed auto
CWS_4_Pandami(config-if)# priority-group 1
^
% Invalid input detected at '^' marker.
CWS_4_Pandami(config)#access-list 100 permit ip any any dscp cs5
CWS_4_Pandami(config)#priority-list 1 protocol ip high list 100
^
% Invalid input detected at '^' marker.Hi
From Cisco's website:
The Modem Management Interface (MMI) is software that enables auto-provisioning for the Cisco 827 routers. The MMI uses a fixed PVC to communicate with the Proxy Element (PE) residing on the digital subscriber line access multiplexer (DSLAM). Using MMI, the Cisco 827 router updates the running image and downloads the prescribed configuration using a configuration file or configuration values in a provisioning information database.
The customer premise equipment (CPE) can be automatically configured using the Cisco DSL CPE download, but it can be configured only with the image provisioning feature.
So because this is your device, you don't want to use MMI anyways.
And "priority-list" is QoS. Probably that QoS-command is old and removed, because now QoS is configured using class-maps and policy-maps. -
How to enable IP SLA on cisco switch
Hi guys,
I am trying to enable IP SLA on a Cisco 4948 switch (running 'cat4500-ipbasek9-mz.122-46.SG.bin') to test CiscoWorks IPM using this swtich as a source device. But I can't run the command "ip sla monitor" on this switch. It just has "ip sla responder". Does anyone can help me, please? Is it possible to configura IP SLA on this source switch? Or can I do it only on routers?
Thanks,
Regards.
Flaviano.IPSLA is supported in Cisco 800, 1700,1800, 2600,2800, 3500, 3750, 3600,3700, 3800, 4500, 6500, 7200, 7500, 7600, 10000, and 12000, ASR-1K Series Routers. Future support includes CRS-1, ONS ML Card, and Cisco 7970 IP phones in 2005.
IPSLA-VO (Video Operation) is supported on Cisco Catalyst 3560-X, 3750, 3750-E, 3750-X, 3650, and 3650-E Series switches & EtherSwitch Service Modules (SM-ES3G-16-P) which emulates a 3560 switch within the ISR's. You can use the EtherSwitch Serv Mod in the ISR's as well and use IPSLA-VO.
The 2900/3900 ISR's will support IPSLA-VO natively late this year. -
2602e Reset to Defaults Except IP not Work over Web GUI
Hello,
1. Set a Static IP
2. Apply & Save Configuration
3. After Reboot the IP is correct.
Then do Reset to Defaults Except IP in the WEB Gui.
After Reboot the AP loos the static IP and get a DHCP Address.
Reset to Defaults Except IP = Reset to Defaults !
Whats Wrong ?OK, here is:
Writing out the event log to flash:/event.log ...
*Jan 22 17:44:56.675: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
*Jan 22 17:44:57.547: %SYS-5-RELOAD: Reload requested by on console. Reload Reason: Reload Command.
Write of event.log done
IOS Bootloader - Starting system.
flash is writable
FLASH CHIP: Numonyx Mirrorbit (0089)
Xmodem file system is available.
flashfs[0]: 212 files, 7 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 15058432
flashfs[0]: Bytes available: 16939520
flashfs[0]: flashfs fsck took 23 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 10:f3:11:c2:2e:3a
Ethernet speed is 1000 Mb - FULL Duplex
Loading "flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-mx.152-4.JB3a"...##########################
File "flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-mx.152-4.JB3a" uncompressed and installed, entry point: 0x2003000
executing...
Secondary Bootloader - Starting system.
Tide MB - 32MB of flash
Xmodem file system is available.
flashfs[0]: 212 files, 7 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 15058432
flashfs[0]: Bytes available: 16939520
flashfs[0]: flashfs fsck took 14 seconds.
Base Ethernet MAC address: 10:f3:11:c2:2e:3a
Boot CMD: 'boot flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-xx.152-4.JB3a;flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-mx.152-4.JB3a'
Loading "flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-xx.152-4.JB3a"...#######################################
File "flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-xx.152-4.JB3a" uncompressed and installed, entry point: 0x1003000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C3600 Software (AP3G2-K9W7-M), Version 15.2(4)JB3a, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Mon 23-Dec-13 08:11 by prod_rel_team
Tide MB - 32MB of flash
Initializing flashfs...
flashfs[3]: 212 files, 7 directories
flashfs[3]: 0 orphaned files, 0 orphaned directories
flashfs[3]: Total bytes: 31739904
flashfs[3]: Bytes used: 15058432
flashfs[3]: Bytes available: 16681472
flashfs[3]: flashfs fsck took 12 seconds.
flashfs[3]: Initialization complete.
flashfs[4]: 0 files, 1 directories
flashfs[4]: 0 orphaned files, 0 orphaned directories
flashfs[4]: Total bytes: 11999232
flashfs[4]: Bytes used: 1024
flashfs[4]: Bytes available: 11998208
flashfs[4]: flashfs fsck took 0 seconds.
flashfs[4]: Initialization complete.
Copying radio files from flash: to ram:
Copy in progress...CCCCC
Copy in progress...CCC
Copy in progress...CCCC
Copy in progress...CCCC
Copy in progress...CC
Copy in progress...CCC
Copy in progress...CC
Copy in progress...CCCCC
Uncompressing radio files...
...done Initializing flashfs.
Radio0 present 8764 8000 0 A8000000 A8010000 0
Rate table has 650 entries (20 legacy/224 11n/406 11ac)
POWER TABLE FILENAME = ram:/B2.bin
Radio1 present 8764 8000 0 88000000 88010000 4
POWER TABLE FILENAME = ram:/B5.bin
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-SAP2602E-E-K9 (PowerPC) processor (revision A0) with 204790K/57344K bytes of memory.
Processor board ID FGL1711Z6K6
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 10:F3:11:C2:2E:3A
Part Number : 73-14511-02
PCA Assembly Number : 800-37898-01
PCA Revision Number : A0
PCB Serial Number : FOC17093TXF
Top Assembly Part Number : 800-38357-01
Top Assembly Serial Number : FGL1711Z6K6
Top Revision Number : A0
Product/Model Number : AIR-SAP2602E-E-K9
Press RETURN to get started!
*Mar 1 00:00:16.035: %IFMGR-7-NO_IFINDEX_FILE: Unable to open nvram:/ifIndex-table No such file or directory
*Mar 1 00:00:16.151: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed (11)APAVC: WlanPAKs 18174 RadioPaks 17566
*Mar 1 00:00:23.131: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0 (4)
*Mar 1 00:00:29.443: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1 (4)
*Mar 1 00:00:29.503: initializing dot11 onplus
*Mar 1 00:00:29.667: not a autoconfig enabled device!!!
*Mar 1 00:00:31.671: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:32.671: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down
*Mar 1 00:01:18.015: Starting Ethernet promiscuous mode
*Jan 22 17:44:57.000: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Jan 22 17:44:57.000: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*Jan 22 17:44:57.007: %CDP_PD-4-POWER_OK: Full power - HIGH_POWER inline power source
*Jan 22 17:44:57.015: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C3600 Software (AP3G2-K9W7-M), Version 15.2(4)JB3a, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Mon 23-Dec-13 08:11 by prod_rel_team
*Jan 22 17:44:57.015: %SNMP-5-COLDSTART: SNMP agent on host ap is undergoing a cold start
*Jan 22 17:44:57.999: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Jan 22 17:44:57.999: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jan 22 17:44:57.999: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to downERROR: Failed to configure ethernet promiscuous mode. Interface Descriptor mismatch
*Jan 22 17:45:01.667: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed (0-0)
*Jan 22 17:45:01.667: DPAA Initialization Complete
*Jan 22 17:45:01.667: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
*Jan 22 17:45:02.667: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Jan 22 17:45:06.863: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.16.33.216, mask 255.255.254.0, hostname ap -
Cisco 881 ISR IPSec VPN Tunnel does not pass traffic from the vlan.
I have a cisco 881 ISR Router with a site-to-site IPsec vpn tunnel to a mikrotik device on the other end (I inherited this from my client). The tunnel is constructed properly and is up, however traffic does not pass or get routed to the FA4 interface. I see in my packet captures that it hits the vlan1 interface (vlans are required on the L2 ports) and does not pass to the tunnel.
This is my configuration:
141Kerioth#sh config
Using 3763 out of 262136 bytes
! Last configuration change at 01:02:41 UTC Mon May 26 2014 by admin
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname 141Kerioth
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
aaa new-model
141Kerioth#do wr mem
^
% Invalid input detected at '^' marker.
141Kerioth#wr mem
Building configuration...
[OK]
141Kerioth#sh run
Building configuration...
Current configuration : 5053 bytes
! Last configuration change at 01:38:06 UTC Mon May 26 2014 by admin
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname 141Kerioth
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
aaa new-model
aaa authentication login default local
aaa authentication ppp default local
aaa session-id common
memory-size iomem 10
crypto pki trustpoint TP-self-signed-580381394
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-580381394
revocation-check none
rsakeypair TP-self-signed-580381394
crypto pki certificate chain TP-self-signed-580381394
certificate self-signed 01
30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 35383033 38313339 34301E17 0D313430 35323231 38323333
365A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3538 30333831
33393430 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
B001A012 2CA6970C 0648798B 2A786704 84F2D989 83974B19 9B4287F2 4503D2C9
173F23C4 FF34D160 202A7565 4A1CE08B 60B3ADAE 6E19EE6E 9CD39E72 71F9650E
930F22FE C4441F9C 2D7DD420 71F75DFC 3CCAC94E BA304685 E0E62658 A3E8D01C
D01D7D6A 5AF0B0E6 3CF6AF3A B7E51F83 9BF6D38E 65254E1F 71369718 ADADD691
02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D
23041830 168014D6 24878F12 1FFADF2F 537A438E 6DD7FB6B D79E4130 1D060355
1D0E0416 0414D624 878F121F FADF2F53 7A438E6D D7FB6BD7 9E41300D 06092A86
4886F70D 01010505 00038181 00771667 FCA66002 8AB9E5FB F210012F C50B586F
9A9640BB 45B4CEFD 030A38C0 E610AAC8 B41EF3C4 E55810F9 B2C727CF C1DEFCF1
0846E7BC 1D95420E 5DADB5F8 EFE7EB37 B5433B80 4FF787D4 B1F2A527 06F065A4
00522E97 A9D2335C E83C4AE1 E68D7A41 9D0046A7 ADCC282B 7527F84D E71CC567
14EF37EA 15E57AD0 3C5D01F3 EF
quit
ip dhcp excluded-address 10.0.16.1
ip dhcp pool ccp-pool
import all
network 10.0.16.0 255.255.255.0
default-router 10.0.16.1
dns-server 8.8.8.8
lease 0 2
ip domain name kerioth.com
ip host hostname.domain z.z.z.z
ip name-server 8.8.8.8
ip name-server 4.2.2.2
ip cef
no ipv6 cef
license udi pid CISCO881-K9 sn FTX180483DD
username admin privilege 15 secret 4 CmmfIy.RPySmo4Q2gEIZ2jlr3J.bTBAszoe5Bry0z4c
username meadowbrook privilege 0 password 0 $8UBr#Ux
username meadowbrook autocommand exit
policy-map type inspect outbound-policy
crypto isakmp policy 1
encr 3des
authentication pre-share
group 5
crypto isakmp key 141Township address z.z.z.z
crypto isakmp keepalive 10
crypto ipsec transform-set TS esp-3des esp-sha-hmac
mode tunnel
crypto map mymap 10 ipsec-isakmp
set peer z.z.z.z
set transform-set TS
match address 115
interface Loopback0
no ip address
interface Tunnel1
no ip address
interface FastEthernet0
no ip address
interface FastEthernet1
no ip address
interface FastEthernet2
no ip address
interface FastEthernet3
no ip address
interface FastEthernet4
description $FW_OUTSIDE_WAN$
ip address 50.y.y.y 255.255.255.240
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
crypto map mymap
interface Vlan1
description $ETH_LAN$
ip address 10.0.16.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 115 interface Vlan1 overload
ip nat inside source list 199 interface FastEthernet4 overload
ip nat inside source route-map nonat interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 50.x.x.x
access-list 110 deny ip 10.0.16.0 0.0.0.255 10.0.1.0 0.0.0.255
access-list 110 permit ip 10.0.16.0 0.0.0.255 any
access-list 115 permit ip 10.0.16.0 0.0.0.255 10.0.1.0 0.0.0.255
access-list 144 permit icmp host c.c.c.c host 10.0.1.50
access-list 144 permit icmp host p.p.p.p host 10.0.16.105
access-list 199 permit ip a.a.a.a 0.0.0.255 any
no cdp run
route-map nonat permit 10
match ip address 100
line con 0
no modem enable
line aux 0
line vty 0 4
access-class 1 in
exec-timeout 30 0
privilege level 15
transport preferred ssh
transport input ssh
line vty 5 15
access-class 23 in
privilege level 15
transport input telnet ssh
cns trusted-server all-agents x.x.x.x
cns trusted-server all-agents hostname
cns trusted-server all-agents hostname.domain
cns id hardware-serial
cns id hardware-serial event
cns id hardware-serial image
cns event hostname.domain 11011
cns config initial hostname.domain 80
cns config partial hostname.domain 80
cns exec 80
endWhy do you have following command on the PIX?
crypto map outside_map 40 set transform-set 165.228.x.x
Also you have this transform set on the PIX:
crypto ipsec transform-set 10.112.60.0 esp-aes-256 esp-sha-hmac
This does not match the transfor set on the router:
crypto ipsec transform-set tritest esp-3des esp-md5-hmac
Where are you using the access-list/route-map
101 ? -
My work just bought this switch last week. The switch was brand new when I opended the box.
The web GUI on the switch never fully opens so that it's functional. On each browser that I try the page only loads halfway... It seems the iframe content never loads but the graphics always do.
I've tried IE 6.0, Firefox 3.6.12, and Chrome 5.0. I've set the security to low, and also set the address to trusted in IE. no change.
I also flashed the switch with the latest from cisco.com...'SRW2048_FW_v122d_gesm-12220' Issue still remains....
I found other threads with people with the same issue lat year... the answer at the time was to flash to the latest firmware.. Well that's the 3rd thing I did....
Screenshots should give you a better idea of what I'm seeing.
Any suggestions?What a JOKE of a solution.... You really are asking customers to do this? WOW!
I find this to be rather ridiculous to ask customers to do this. I should be able to pull up a fully functional GUI with IE or FF without installing additional plugins. I can do this with OTHER switches, routers and other devices no prob. I've never had an issue like this with a cisco/linksys product till now. Why is support and development lacking with this product?
The 'solution' is rather a bandaid to the issue. So everyones browser is fubar, while the switch is operating like normal? I don't think so...
I've set activeX to prompt or ask admin when it wants to run... I close the browser, reopen.. and guess what? THE SAME THING HAPPENS...
IE tabs in FF? Are you really serious asking customers to install IE tabs on FF. This uses the IE engine instead of FF... So why even try FF if you're not going to use it? What if its a dev machine and I DO NOT want extra software on it... Or FF is not even installed? What if I have no internet on the machine?
There must be another workaround, or a solution as the one suggested is NOT working.
So CISCO, Are you going to leave your customers out in the rain, or are you going to support the product and fix the issue instead of having customers apply bandaid to an issue on you're product?
Please don't force me to return this switch and buy something else.
Thanks.
P.S, I right click and get a menu to insert an image, or align or insert a table.. Uhh, remove that 'feature'... You have these options above, why remove the ability to check spelling on the fly with a right click? Ugh.
Maybe you are looking for
-
Service Request Tempaltes in Service Plan.
There are two related questions here: 1. Has Any one used Service Request Temaplates before ? There is no standard available, so I created my own of Template Type: D. Is there a standard template transaction type that should be used ? 2. After I
-
Problems converting images(gif,tif,bmp,jpg) to PDF
Hi,<br />I installed PDF Generator Elements 7.2.2 using the turnkey installation JBoss,MySql and the JDK 1.4.2_04 included) in Windows Server 2003 R2 Enterprise Edition with SP1 ENU (evaluation edition) with the same credentials with the one that ins
-
Contract release orders only allowed for sche.agreements with dep.condition
hi frnds, i got this error msg while i try to create a scheduling agreement with ref. to contracts help me out... thanks in advance....
-
Content disappears off iPod mini
I have an original iPod mini and it's always worked great. It has the latest software, and I have the latest version of iTunes. In the past week or so, I've had a lot of problems with syncing and getting iTunes to even recognize my iPod. I've had to
-
Add Planning Version in SDP94 header
Hi SCM Gurus, Is there any possibility to add the planning version information in to the planning book "header", I quote this is because I want the planning version to be shown as the place in attachment. ( through menu I can go to Setting-> Header I