Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2704
Views
0
Helpful
2
Replies

Enable IOX on an IR829

Go to solution
pasudhee
Cisco Employee
Cisco Employee

‎06-12-2019 08:52 AM - edited ‎06-12-2019 08:58 AM

Hi, I want to be able to install apps on the IR829 but i'm unable to reach the IoX local manager at https://192.168.2.2:8443 which is the Vlan1 interface.. I'm connected to the router via my laptop for initial testing to prove i can access the IoX console.

 

Here's my current config:

 

IR800#show run
Building configuration...




Current configuration : 5008 bytes
!
! Last configuration change at 16:15:55 UTC Wed Jun 12 2019
!
version 15.8
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname IR800
!
boot-start-marker
boot-end-marker
!
!
!
aaa new-model
!
!
aaa authentication login default local
!
!
!
!
!
aaa session-id common
service-module wlan-ap 0 bootimage autonomous
!
ignition off-timer 900
!
ignition undervoltage threshold 11
!
no ignition enable
!
!
!
!
!
!
!
!
!
!
!


!
ip dhcp excluded-address 192.168.1.1 192.168.1.5
!
ip dhcp pool gospool
 network 192.168.1.0 255.255.255.0
 dns-server 64.104.123.144
 default-router 192.168.1.1
!
!
!
ip domain name cisco.com
ip name-server 8.8.8.8
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
chat-script lte "" "AT!CALL" TIMEOUT 20 "OK"
!
crypto pki trustpoint TP-self-signed-422713650
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-422713650
 revocation-check none
 rsakeypair TP-self-signed-422713650
!
!
crypto pki certificate chain TP-self-signed-422713650
 certificate self-signed 01
  30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 34323237 31333635 30301E17 0D313930 36313231 31313332
  355A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3432 32373133
  36353030 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  D015FA7B 66C97D36 8235893E 0BC55840 28BA2652 7B2D966C 1E521301 EB105477
  69FCFD73 52692D6F 67CA1088 A16524DE 92D16D7C AAB11361 DB597512 4697CCFD
  18C09A09 119BB5B1 041F3897 C1FA2720 B659EE2B 8291F547 A0537FFB CCC0CD12
  13D13B51 42122BE1 9D549906 46F2B160 956EF57D FFFF2B7A 7F978074 79373C79
  02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D
  23041830 1680149D 7ABE7F04 A6BD3835 23276B51 26C6A194 EAD8FC30 1D060355
  1D0E0416 04149D7A BE7F04A6 BD383523 276B5126 C6A194EA D8FC300D 06092A86
  4886F70D 01010505 00038181 000847BE 562A0F75 B33444EE CB4D4445 F4CD4B9E
  2CB1DA21 AC691560 A6E6E488 41801026 2016559C A6C6B9C0 820E6774 0B4CAEC9
  4348655C 08044DB2 5E47F770 07330947 63946EF3 2E0DF252 6E927593 FCE78531
  0BF2D0FF 85659F58 A11A1D7C 18D96DCF F7099E9C F91123C0 2725B99F C150043E
  08674928 5220972D 1A216E13 53
  	quit
license udi pid xxx sn xxx
!
!
vtp domain local-1-ir829
vtp mode transparent
username admin privilege 15 password 0 xxx
!
redundancy

!
!
!
!
!
controller Cellular 0
 lte failovertimer 5
 lte modem link-recovery disable
!
vlan 2-3,10,555
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0
 no ip address
 shutdown
!
interface GigabitEthernet1
 no ip address
!
interface GigabitEthernet2
 no ip address
!
interface GigabitEthernet3
 no ip address
!
interface GigabitEthernet4
 no ip address
!
interface Wlan-GigabitEthernet0
 no ip address
!
interface GigabitEthernet5
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
 ipv6 enable
!
interface Cellular0
 ip address negotiated
 encapsulation slip
 dialer in-band
 dialer idle-timeout 0
 dialer string lte
 dialer-group 1
 ipv6 address autoconfig
!
interface Cellular1
 no ip address
 encapsulation slip
!
interface wlan-ap0
 no ip address
!
interface Vlan1
 ip address dhcp
!
interface Async0
 no ip address
 encapsulation scada
!
interface Async1
 no ip address
 encapsulation scada
!
!
ip forward-protocol nd
!
ip http server
ip http secure-server
!
ip nat inside source static tcp 192.168.1.6 8443 interface Vlan1 8443
ip nat inside source list 1 interface Vlan1 overload
ip nat inside source list NAT_ACL interface Vlan1 overload
ip nat inside source static tcp 192.168.1.6 22 interface Vlan1 2222
ip route 0.0.0.0 0.0.0.0 192.168.0.1
ip ssh rsa keypair-name SSH
ip ssh version 2
!
ip access-list standard NAT_ACL
 permit 192.168.0.0 0.0.255.255
!
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipv6 permit
ipv6 ioam timestamp
!
!
access-list 1 permit any
access-list 100 permit ip any any
!
!
!
control-plane
!
!
!
 vstack
!
line con 0
 stopbits 1
line 1 2
 stopbits 1
line 3
 script dialer lte
 no exec
 transport preferred lat pad telnet rlogin lapb-ta mop udptn v120 ssh
 transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
line 4
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
line 8
 no exec
 transport preferred lat pad telnet rlogin lapb-ta mop udptn v120 ssh
 transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
line 1/3 1/6
 transport preferred none
 transport output none
 stopbits 1
line vty 0 4
 exec-timeout 0 0
 privilege level 15
 password abc123
 transport input telnet ssh
!
no scheduler max-task-time
no iox hdm-enable
iox client enable interface GigabitEthernet5
no iox recovery-enable
!
!
!
!
!
!
!
end

And here's the NAT rules and interface details:

 

IR800#show ip nat translations
Pro Inside global         Inside local          Outside local         Outside global
tcp 192.168.2.2:2222      192.168.1.6:22        ---                   ---
tcp 192.168.2.2:8443      192.168.1.6:8443      ---                   ---
IR800#show ip int br
Interface                  IP-Address      OK? Method Status                Protocol
GigabitEthernet0           unassigned      YES NVRAM  administratively down down
GigabitEthernet1           unassigned      YES unset  up                    up
GigabitEthernet2           unassigned      YES unset  down                  down
GigabitEthernet3           unassigned      YES unset  down                  down
GigabitEthernet4           unassigned      YES unset  down                  down
Wlan-GigabitEthernet0      unassigned      YES unset  up                    up
Async0                     unassigned      YES unset  up                    down
Async1                     unassigned      YES unset  up                    down
GigabitEthernet5           192.168.1.1     YES NVRAM  up                    up
Cellular0                  unassigned      YES NVRAM  up                    up
Cellular1                  unassigned      YES NVRAM  down                  down
NVI0                       192.168.1.1     YES unset  up                    up
Vlan1                      192.168.2.2     YES DHCP   up                    up
wlan-ap0                   unassigned      YES NVRAM  up                    up

IOX host list detail:

 

IR800#show iox host list detail

IOX Server is running. Process ID: 332
Count of hosts registered: 1

Host registered:
===============
    IOX Server Address: FE80::E20E:DAFF:FE8B:FFCC; Port: 22222

    Link Local Address of Host: FE80::1FF:FE90:8B05
    IPV4 Address of Host:       192.168.1.6
    IPV6 Address of Host:       fe80::1ff:fe90:8b05
    Client Version:             0.4
    Session ID:                 1
    OS Nodename:                IR800-GOS-1
    Host Hardware Vendor:       Cisco Systems, Inc.
    Host Hardware Version:      1.0
    Host Card Type:             not implemented
    Host OS Version:            1.7.3.1
    OS status:                  RUNNING

    Interface Hardware Vendor:  None
    Interface Hardware Version: None
    Interface Card Type:        None


Services:
===============
   Service Name:                 Secure Storage Service
   Service Status:               RUNNING
   Session ID:                   2

   Service Name:                 Host Device Management Service
   Service Status:               DISABLED
   Session ID:                   0

 

Any idea what i'm doing wrong?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎06-13-2019 04:30 AM - edited ‎06-13-2019 04:31 AM

Hi wheres the IP NAT outside in the running config?

 

Looks like a good doc to follow

https://community.cisco.com/t5/cisco-iox-documents/iox-configuration-on-ir829/ta-p/3619134

 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎06-13-2019 04:30 AM - edited ‎06-13-2019 04:31 AM

Hi wheres the IP NAT outside in the running config?

 

Looks like a good doc to follow

https://community.cisco.com/t5/cisco-iox-documents/iox-configuration-on-ir829/ta-p/3619134

 

0 Helpful

Go to solution
pasudhee
Cisco Employee
Cisco Employee
In response to Mark Malone

‎06-13-2019 11:53 AM

Thanks Mark, that was the only thing missing.

 

Much appreciated!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents