Solved: Re: SG300-52MP : how to access config page

eijorgeqwrer7244r5r · ‎02-03-2020

Hello,

I know this is a stupid question but I've been searching for a lot of time... I can't access the admin page of my Cisco switch and I do not know why.

I can ping it, I'm connect to it but access to the admin page is filtered :

$ nmap -Pn -p 80,443 10.1.0.11
Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-03 12:03 EST
Nmap scan report for 10.1.0.11
Host is up.

PORT    STATE    SERVICE
80/tcp  filtered http
443/tcp filtered https

Nmap done: 1 IP address (1 host up) scanned in 3.16 seconds

Can someone tell me why, or indicate me how to access it? Thanks!

Regards,

marce1000 · ‎02-04-2020

- Do you have any sort of fire-walling solution between the cli-client (so to speak) and the switch ? If not sure then use a cli-client which is on the same subnet and or Vlan as the switch to start with.

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

View solution in original post

marce1000 · ‎02-03-2020

- Assign an IP address to the switch management interface, then you should be able to access it through that IP and or the corresponding chosen DNS name.

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

eijorgeqwrer7244r5r · ‎02-04-2020

Hello marce1000,

Thank you for your reply but I do not understand. I already have an IP assigned to the switch :

10.1.0.11

My issue is that, for unknown reason, the ports are filtered.

Is there any other port that I'm not aware of regarding the management interface, or should I use a special browser per exemple?

Thanks!

marce1000 · ‎02-04-2020

- Can you post the output of show ip http and show ip https ?

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

eijorgeqwrer7244r5r · ‎02-04-2020

Hello,

Thanks again for the reply, but still, I do not understand your answer. How could I get these outputs from the switch if I'm unable to connect to the switch? That is my main problem : how to connect to the switch as these port are filtered?

Thanks !

marce1000 · ‎02-04-2020

- Try to access the device through the CLI in order to provide these outputs ; check the document below for guidance :

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-300-series-managed-switches/smb4982-access-an-smb-switch-cli-using-ssh-or-telnet.html

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

eijorgeqwrer7244r5r · ‎02-04-2020

Hello,

Thanks but I cannot go further :(

$ nmap -Pn  -p 22 10.1.0.11
Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-04 11:55 EST
Nmap scan report for 10.1.0.11
Host is up.

PORT   STATE    SERVICE
22/tcp filtered ssh

Nmap done: 1 IP address (1 host up) scanned in 2.12 seconds

$ ssh cisco@10.1.0.11

ssh: connect to host 10.1.0.11 port 22: Operation timed out

marce1000 · ‎02-04-2020

- Do you have any sort of fire-walling solution between the cli-client (so to speak) and the switch ? If not sure then use a cli-client which is on the same subnet and or Vlan as the switch to start with.

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

eijorgeqwrer7244r5r · ‎02-06-2020

Yep! You were right!

After investigation, it appears that a policy was missing in the firewall to allow the https traffic between my computer and the switch.

Thanks!