Is it possible to access the http web interface over the fa1 management interface?
Hello All,
I am remotely connected into a Cat 4500 + Supervisor V module via console cable and point to point connection from laptop to fa1 management interface on SupV. SupV module is running IOS 15.0(2)SG8.
I am not able to physically change the patch cable from fa1 management interface to gi2/3 or any other switch port for a couple days and would like to see if it is possible to access the http server through this fa1 port since I am working remotely. I can ping the laptop from fa1 and tftp ok but cannot access the http/https server. Is this even possible without connecting the laptop into a regular switch port like gi 2/3 gi 2/4 etc..? The reason I ask is I would like to use Cisco Networking Assistant gui for some things but need access to https server first over the fa1 link.
Any suggestions would be much appreciated.
Thanks!
-S
Here is the ACL list. I have not made any entries into this list and all of these are default at this time. Do I need to make an explicit allow ACL for http?
Thanks!
-S
#show access-list
Extended IP access list system-cpp-all-routers-on-subnet
10 permit ip any host 224.0.0.2
Extended IP access list system-cpp-all-systems-on-subnet
10 permit ip any host 224.0.0.1
Extended IP access list system-cpp-dhcp-cs
10 permit udp any eq bootpc any eq bootps
Extended IP access list system-cpp-dhcp-sc
10 permit udp any eq bootps any eq bootpc
Extended IP access list system-cpp-dhcp-ss
10 permit udp any eq bootps any eq bootps
Extended IP access list system-cpp-energywise-disc
10 permit udp any eq any eq 0
Extended IP access list system-cpp-hsrpv2
10 permit udp any host 224.0.0.102
Extended IP access list system-cpp-igmp
10 permit igmp any 224.0.0.0 31.255.255.255
Extended IP access list system-cpp-ip-mcast-linklocal
10 permit ip any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-ospf
10 permit ospf any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-pim
10 permit pim any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-ripv2
10 permit ip any host 224.0.0.9
Extended MAC access list system-cpp-bpdu-range
permit any 0180.c200.0000 0000.0000.000c
Extended MAC access list system-cpp-cdp
permit any host 0100.0ccc.cccc
Extended MAC access list system-cpp-cgmp
permit any host 0100.0cdd.dddd
Extended MAC access list system-cpp-dot1x
permit any host 0180.c200.0003
Extended MAC access list system-cpp-lldp
permit any host 0180.c200.000e
Extended MAC access list system-cpp-mcast-cfm
permit any 0180.c200.0030 0000.0000.000f
Extended MAC access list system-cpp-pppoe-disc
permit any any protocol-family pppoe-disc
Extended MAC access list system-cpp-sstp
permit any host 0100.0ccc.cccd
Extended MAC access list system-cpp-ucast-cfm
permit any host 000d.6558.d5fd
Similar Messages
-
Accessing a local server web service over the internet
Hello,
This is not the first time i will configure over the internet access to a local server but this particular one is giving me a major headache and i thought to share the config with anyone who can help ppoint where the problem may be. While my NAT transalations seem to be working, when i attempt to browse the public IP, i am supposed to be routed to the local server, but this doesnt happen and i just get a blank page on my web browser. Please see config below:
J#sh run
Building configuration...
Current configuration : 5368 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname J
boot-start-marker
boot-end-marker
enable secret 5 $1$aNyD$j4lIgFXI84Xp9RR5dzwVk0
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
clock timezone PCTime 1
crypto pki trustpoint TP-self-signed-1366127775
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1366127775
revocation-check none
rsakeypair TP-self-signed-1366127775
crypto pki certificate chain TP-self-signed-1366127775
certificate self-signed 01
30820255 308201BE A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31333636 31323737 3735301E 170D3032 30333031 30303533
35315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33363631
32373737 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100CCDC 58E9E078 C978DBC5 CD0D97A0 6B506E2B 4843F38C 578721BF 285EC7BF
F3700E9C FAD9233C A4CC95F6 F29FE5CD 4664F85F 862FB879 1255F21B 725A2773
E1E4BEC0 632A7FFD C383F08E D5FAA4FC 4558BE6B 1B383D7E 19A871F6 3BAB9BAE
B7CB84BB 510A09A3 FA260893 B0BD5AB1 027C97C6 2B2D2B6C AE2683FC AC3015B6
CE8F0203 010001A3 7D307B30 0F060355 1D130101 FF040530 030101FF 30280603
551D1104 21301F82 1D4C494E 45545241 4C455F41 424A2E6C 696E6574 72616C65
2E6C6F63 616C301F 0603551D 23041830 16801434 DD7F3F33 59A951AA 1BBBF414
59302323 10248530 1D060355 1D0E0416 041434DD 7F3F3359 A951AA1B BBF41459
30232310 2485300D 06092A86 4886F70D 01010405 00038181 00A9C9DF 5D2F2042
0AA151FF 72F7D52A 8244C102 4AEDDB6E C7FBA201 A283D693 5F5E9376 0D15E7FE
EBB804A5 C08F6CA1 A416118F D5A06864 EF242404 091F2FFE 3F85B0DE 98E1F747
AC5FBBDE 1E27AE14 64D71B5F A1A48EC7 90882BD2 C3617E7C 8D6426A0 EDA23AB1
32350B15 5E2489F6 018A76A0 3E1595DA 6797723E 563D268A 66
quit
dot11 syslog
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.111 192.168.1.254
ip dhcp pool J
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.254
domain-name linetrale.local
dns-server 192.168.1.254
no ip bootp server
ip domain name linetrale.local
crypto ipsec transform-set 3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set AES-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set 3DES-SHA-compression esp-3des esp-sha-hmac comp-lzs
crypto ipsec transform-set AES-SHA-compression esp-aes esp-sha-hmac comp-lzs
crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac
archive
log config
hidekeys
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
interface FastEthernet0
switchport access vlan 101
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description WAN_FW_OUTSIDE$ETH-WAN$
ip address x.x.x.x 255.255.255.192
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1400
ip nat outside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1380
duplex auto
speed auto
interface Vlan1
no ip address
interface Vlan101
description LAN_FW_INSIDE
ip address 192.168.1.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting output-packets
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 y.y.y.y
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source static tcp 192.168.1.243 80 x.x.x.x 80 extendable
! x.x.x.x is the public IP
access-list 1 remark INSIDE_IF=VLAN101
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
control-plane
line con 0
no modem enable
transport output telnet
speed 115200
line aux 0
modem InOut
transport output telnet
stopbits 1
speed 115200
flowcontrol hardware
line vty 0 4
privilege level 15
terminal-type moni
transport input telnet ssh
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
webvpn context Default_context
ssl authenticate verify all
no inservice
end
Any help will be really appreciated.
Regards,
FemiHi Alain,
Browsing the public IP from a remote location to the site, so its over the internet.
Not sure I understand what you refer to as SVI, could this be the VLAN? If it is, then I can say it is up because I can ping the server which is on this VLAN from within the router when I log into it. Also, when I am within the LAN, I am able to browse to the local IP on the server.
I suspect some firewall or access list issue may be preventing something...
Regards,
Femi -
Webservice + secured jms (Web Service over the JMS trans).
Apologize since this post is in the webservice forum as well but since it is related to jms as well i put it here as well.
I have a web service that is using JMS (@WLJmsTransport Web Service over the JMS transport)
and everything seems to be ok BUt i do not know how to use this if the JMS is secured .
By Adding security on JMS queue what other things i need to do in order for the webservice to access the queue ?
(where i specify the credentials ?)
@WebService(serviceName = "ASyncService", targetNamespace = "http://axyz.org/notification/v1", endpointInterface = "
axyz.notification.ASyncPort")
@WLJmsTransport(contextPath = "notify", serviceUri = "async_event", portName = "ASyncServicePort", queue = "events", connectionFactory = "cnfct_receiver")
Thank you !The annotation you gave is for accessing the webservice but in this case it seems the webservice has to access a secured jms
However having your response lead me to @RunAs which solved my problem.
Very hard to find this information.
Thank you very much for your answer !
Nice blog as well !
Edited by: user630775 on Jan 28, 2010 2:02 AM -
Hi,
When trying with Postman sending a REST call to Azure Storage Queues I get:
The MAC signature found in the HTTP request '***' is not the same as any computed signature. Server used following string to sign: 'POST.
The code I have for creating the Authorization Header:
var accountName = "my_account";
string key = ConfigurationManager.AppSettings["my_access_key"];
DateTime dt = DateTime.Now;
string formattedDate = String.Format("{0:r}", dt);
var canonicalizedHeaders = "x-ms-date:" + formattedDate + "\n" + "x-ms-version:2009-09-19" + "\n" ;
var canonicalizedResource = "/my_account/myqueue/messages";
var stringToSign = String.Format("POST,\n\n\n\n\n\n\n\n\n\n\n{0}{1}", canonicalizedHeaders, canonicalizedResource);
stringToSign = HttpUtility.UrlEncode(stringToSign);
HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));
var signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(stringToSign)));
var authorizationHeader = String.Format(CultureInfo.InvariantCulture, "SharedKey {0}:{1}", accountName, signature);
return authorizationHeader;
Anyone any idea what I'm missing/doing wrong?
Additional question: do i have to create for every message I want to send a new Authorization header? Or is there an option (as with Service Bus Topics) to create a header that can be used for a certain timeframe?
Thanks.One issue is with this line of code:
HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));
Please use the following:
HMACSHA256 hmac = new HMACSHA256(Convert.FromBase64String(key));
and that should take care of the problem.
Regarding your question, "do i have to create for every message I want to send a new Authorization header? Or is there an option (as with Service Bus Topics) to create a header that can be used for a certain timeframe?"
With your current approach, the answer is yes. What you can do is create a Shared Access Signature on the queue which will be valid for certain duration and then use that for posting messages to a queue using simple HttpWebRequest/HttpWebResponse.
Hope this helps. -
Parameter REPORT for the Report Web item in the Web template is empty or mi
Hello,
I tried to create a Web-Template (WAD). By executing the report, I get the selection screnn, but by confirming the selection I get the following message:
Web Item Report Error
Web template error in specifications for the Web item report
Parameter REPORT for the Report Web item in the Web template is empty or missing
Use the BEx Web Application Designer to add parameter REPORT to the report Web item in the Web template, and assign a report name to the parameter
Contact your system administrator. This error was recorded
What can I do to solve this error?
Thanks!
XmchXAs DP_1 Type Query_view_Data_provider, I have assinged a Query Designer Query wich works fine, if I execute it as QDR.
The entry Query_view_Data_provider makes sense for me, but what do I need to maintain for the type "Filter"?
Thanks!
XmchX -
i was doing the software update to my iphone 4s and my phone died. i pluged it in and when it turned on after the white apple the screen showes the blue itunes logo over the word itunes over an image of a charger. i tried reseting my phone. i cant figure out how to get past this point
See Here > http://support.apple.com/kb/HT1808
-
From what I can tell, when I select the movie and hit the airplay button to move it to the apple TV, my iPad is still doing all the work of streaming the movie. Why can't the apple TV take over the heavy work at this point? I'd like to be able to use my iPad as more of a remote with an awesome interface for the apple TV. The netflix app on iPad is great, and the easiest way to browse movies, and pushing them to the apple TV is fantastic, but once the movie starts, I want to use my iPad for other things!!! Can this be put on the "to do" list for devs?
the guy behind you wrote:
From what I can tell, when I select the movie and hit the airplay button to move it to the apple TV, my iPad is still doing all the work of streaming the movie. Why can't the apple TV take over the heavy work at this point? I'd like to be able to use my iPad as more of a remote with an awesome interface for the apple TV. The netflix app on iPad is great, and the easiest way to browse movies, and pushing them to the apple TV is fantastic, but once the movie starts, I want to use my iPad for other things!!! Can this be put on the "to do" list for devs?
Have you tried the Remote app on iPhone/iPad to control AppleTV, do searches etc? Should be easier than the remote alone and this does not involve Airplay.
Please note, only users read/comment here - your idea is quite sensible in my view (maybe have a 'Continue viewing on AppleTV' option or something. I doubt this would be high on Apple's roadmap but send them feedback here:
http://www.apple.com/feedback/appletv.html -
Any way to play two clips at the same time one over the other? (transprent)
Any way to play two clips at the same time one over the other? (transprent)
Yes.
See the information here for a variety of ways to do this:
http://discussions.apple.com/thread.jspa?threadID=933500&tstart=50
http://discussions.apple.com/thread.jspa?threadID=903151&tstart=0
http://karsten.schluter.googlepages.com/jackiechancredit
http://www.geethree.com/slick/V_04.html -
The Exchange Management Shell fails to connect in Exchange 2013 environment, this is a DAG environment and previously it indicates another error message, which is in my another thread. We fixed that error by delete the retired proxy entry in the server registry,
after that the error is gone but changed to below one, anyway the EMS still fails to connect to all servers:
VERBOSE: Connecting to NSWVIP999WTMBX.air.abc.au.
New-PSSession : [NSWVIP999WTMBX.air.abc.au] Connecting to remote server NSWVIP999WTMBX.air.abc.au failed with the
following error message : WinRM cannot complete the operation. Verify that the specified computer name is valid, that
the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows
access from this computer. By default, the WinRM firewall exception for public profiles limits access to remote
computers within the same local subnet. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gTransportException
+ FullyQualifiedErrorId : WinRMOperationTimeout,PSSessionOpenFailed
Failed to connect to an Exchange server in the current site.
Enter the server FQDN where you want to connect.:
Then it just show can't connect to all the exchange servers, from the wording it seems pointing to the Windows firewall settings for winRM, but when I look at the windows firewall found it's turned off. We use Sophos enterprise for the security, but all
other 3 exchange servers didn't have the same issue.Hi Lynn,
Thanks for your analyst and reply, I run the command as you suggested and checked accordingly to Task Manager, but seems none of them indicates a firewall or anti-virus.
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:808 0.0.0.0:0 LISTENING 2260
TCP 172.17.2.123:444 172.16.2.127:8050 ESTABLISHED 4
TCP 172.17.2.123:444 172.16.2.127:8069 ESTABLISHED 4
TCP 172.17.2.123:444 172.17.2.127:8053 ESTABLISHED 4
TCP 172.17.2.123:10952 172.16.2.68:80 ESTABLISHED 3296
TCP 172.17.2.123:11185 172.16.2.90:8080 SYN_SENT 468
TCP 172.17.2.123:11190 172.16.2.90:8080 SYN_SENT 15268
TCP 172.17.2.123:11330 172.16.2.90:8080 SYN_SENT 1296
TCP [::]:80 [::]:0 LISTENING
4
TCP [::]:808 [::]:0 LISTENING
2260
TCP [::1]:6001 [::1]:8028 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8029 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8030 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8031 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8032 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8033 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8034 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8035 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8036 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8037 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8040 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8041 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8048 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8049 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8059 ESTABLISHED 4764
TCP [::1]:6001 [::1]:8060 ESTABLISHED 4764
TCP [::1]:8028 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8029 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8030 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8031 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8032 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8033 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8034 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8035 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8036 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8037 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8040 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8041 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8048 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8049 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8059 [::1]:6001 ESTABLISHED 9980
TCP [::1]:8060 [::1]:6001 ESTABLISHED 9980
TCP [fe80::9054:e8f5:f885:8105%20]:808 [fe80::9054:e8f5:f885:8105%20]:9901
ESTABLISHED 2260
TCP [fe80::9054:e8f5:f885:8105%20]:9901 [fe80::9054:e8f5:f885:8105%20]:808
ESTABLISHED 4868
This is the full result, among them
4 -- System -- NT Kernel & System
468 -- There is no process associated with PID 468
1296 -- svchost.exe -- Host Process for Windows Service
2260 -- SMSvcHost.exe -- SMSvcHost.exe
3296 -- CcmExec.exe -- CCM Executive
4764 -- Microsoft.Exchange.RpcClientAccess.Service.exe -- Microsoft.Exchange.RpcClientAccess.Service.exe
4868 -- Microsoft.Exchange.ServiceHost.exe -- Microsoft.Exchange.ServiceHost.exe
9980 -- w3wp.exe -- IIS Worker Process
15268 -- ServerManager.exe -- Server Manager -
Can the Dock in Yosemite be made transparent? I would also like Safari to paint to the bottom of the screen with the dock icons floating over the window.
Do you have that problem when running in the Firefox SafeMode? <br />
[http://support.mozilla.com/en-US/kb/Safe+Mode] <br />
''Don't select anything right now, just use "Continue in SafeMode."''
If not, see this: <br />
[http://support.mozilla.com/en-US/kb/troubleshooting+extensions+and+themes] -
I have been opening up my photos from My Pictures folder and Elements 12 opens up but the photo doesn't appear in the image screen. Over the weekend it was working fine. I tried the other photo software I have and they open up in those but not in the elements 12.
Which operating system are you running on?
How are you trying to open the photos?
- from windows explorer? - double licking or right clicking and selecting Open with?
- by loading the editor and go to File -> Open?
Looking back at your other threads you seem to have had this problem before - what keeps changing?
Brian -
I play music from my iPhone via Bluetooth on the car radio. The phone also connects over the radio. Can I turn off Bluetooth for phone and leave it on for music?
I haven't tried it yet, but I believe this would disconnect Bluetooth for both the phone and music. I have a 2013 Hyundai Sonata if this will help.
-
when uploading my email account it also uploaded over 6,000 emails that are on the aol server from over the years, how can I delete all but recent ones?
Unfortunately, there is no easy way. Delete just as you would any other message that you don't want. It's probably just as well that there is no universal deletion capability. I can see many of us committing a major "oops."
-
I want to delete my Verizon email account but I don't want to lose all of the messages I saved over the years into various mailboxes that I created "On My Mac" in Apple Mail. Will they be erased / deleted when I delete the account?
Yes, it's a POP account. I kinda thought that the old messages would be safe in mailboxes "On My Mac," but since it's an irrevocable choice, I was reluctant to pull the trigger. However, the suggestion above from keg55 relieves my concerns on that score; I'll make a backup copy before I delete the account just to be on the safe side.
Thanks very much to both WZZZ and keg55, I really appreciate it! -
I have recently upgraded to an iphone 5. When trying to sync/ back up with my current i tunes settings. I get the message the it 1.6GB over the storage capacity. Although when syncing my i phone 4 (same size 16GB) i do not have any problems?' I am not sure what the problem may be?
iOS uses more memory on the iPhone 5 than the iPhone 4 because there are quite a few more to iPhone 5. Therefore there will be less memory available on the 5. Reluctantly iOS 7, coming this fall, uses a bit less memory than iOS 6 so if you can do without a few apps until then you should be gravy!
Maybe you are looking for
-
Web application with RAD tool inside for dynamic JSP building
I would realize a J2EE Web application based on JSP,Struts and eventually Spring for transaction management and iBatis for data access in my opinion very complex. The application presents search, list and detail pages, and the information visibility
-
After upgrade Calendar no longer has repeat function
I have great trouble with Calender and Contact list. Just upgraded to Maverik. Seems every upgrade is downer for me. Calender gets many duplicates, No longer has Repeat function which makes the calender almost useless for me. Cannot use Cloud as
-
Hi, I want to check if a member exists but I think I have an error in my script: m = member("titel." & group & "_" & pid) -- debugger says m = <void> if not(voidp(m)) then -- condition is true when m is <void>!? What am I doing wrong here? TIA
-
How can I create tables (data dictionary) on SAP Environment in BATCH mode?
I need a Help on Table Creation on SAP in Batch Mode. I don't want to use SE11 and manually enter all 2000 table definition in the Front END. Is there any way where I can create a tables on SAP in Batch MODE. I want to create around 2000 tables, wher
-
Program Opens Itself On Startup
Greetings All, A while ago, I was working in Photoshop CS when it unexpectedly crashed. Without thinking, I clicked to launch the program again from the dock before the dialog box appeared to ask about my next course of action. Promptly, I closed the