Solved: Cisco 1900 Series

mwendwakiema · ‎10-04-2021

I have a cisco 1900 series router and I was not able to login using web interface. I used the administrator password which I normally use when using telnet or ssh

When I enter the user name and password it loads then goes back to the login pop up. Please help on how I can access Cisco 1900 series router through web browser.

Georg Pauwen · ‎10-08-2021

Hello,

you have:

--> ip http access-class 23

configured, but there is no corresponding access list 23. Remove that line and check if you can login (or configure access list 23 to allow access from the IP addresses you want to authorize)...

View solution in original post

Georg Pauwen · ‎10-04-2021

Hello,

post the full running configuration (sh run) of your 1900 router...

mwendwakiema · ‎10-05-2021

Hello Below is the configurations

Building configuration...

Current configuration : 8472 bytes
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Home_SABAKI
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$23Ao$.qj3X.uJcLkNXJxD6BiH11
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
clock timezone EAT -3 0
clock summer-time EDT recurring
!
!
!
!
!
!
!
!
!
!
!
!
ip dhcp pool Home_LAN
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 41.203.208.18 41.203.208.19
lease 0 2
!
!
!
ip domain name Home_SABAKI
ip name-server 41.203.208.19
ip name-server 41.203.208.18
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
vpdn enable
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-3912473377
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3912473377
revocation-check none
rsakeypair TP-self-signed-3912473377
!
!
crypto pki certificate chain TP-self-signed-3912473377
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33393132 34373333 3737301E 170D3136 31323031 31343439
34315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 39313234
37333337 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100AAEA 0284E930 770A5D41 9298E29F 33E9BE4D 772E7EB1 3CED9598 83EC3F98
D7BE380F 591C12E5 F49F6500 3E783BAB EC73F8CF 97CD22B0 82DF7680 121CCD1C
90A0F62F F8804712 CBBC1B50 61367133 D3ADF3A0 33A18277 5FCD0DB4 A5533BEB
519FB0EC 1E61235F 3DDE45A0 A1724BF2 B5041146 33624EE8 B2E5A93C EA039223
234F0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14854515 CA1F41C5 49FD70C1 F8864C01 5B9D3743 BF301D06
03551D0E 04160414 854515CA 1F41C549 FD70C1F8 864C015B 9D3743BF 300D0609
2A864886 F70D0101 05050003 8181008B 2C1F1C87 214C3CF7 4DC4AF2C F6CA38B1
904E964D D852C998 A3E5DA96 3CBF154A 9BA296D6 249FDB98 557F0617 8584C153
48DB7269 ED2D0AC9 543F7E8F 2D1F6ED0 5F0EE003 B40D0D41 A7714562 150A3BD1
233ED6F4 34EFD54E 86177936 5AF82F93 9B7EDD14 D906E0EF 504612FE 986AC2AE
01032DBF C32BA873 5A547E5C 7E9E62
quit
license udi pid CISCO1921/K9 sn FGL204923KH
!
!
archive
log config
logging enable
notify syslog contenttype plaintext
username x password 0 x
username muiruri privilege 15 secret 9 $9$GAN291CwhRkgCU$f7WP4elHCgni5rCq388AD9/ILtHyM1AsO6DVPtfFqiw
!
redundancy
!
!
!
class-map match-any url-block-class
match protocol http host "*youtube*"
class-map match-any ADUL-URL
match protocol http url "*youtube*"
match protocol http url "*youtube"
match protocol http host "youtube"
!
policy-map FILTER-ADULT
class ADUL-URL
drop
policy-map url-block-policy
class url-block-class
drop
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description WAN_Port
ip address 197.x.x.x x.x.x.x
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description LAN_Port
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list LAN1 interface GigabitEthernet0/0 overload
ip nat inside source static tcp 192.x.x.x 3389 197.x.x.x 38199 extendable
ip route 0.0.0.0 0.0.0.0 197.x.x.x
!
ip access-list extended LAN1
permit ip 192.168.1.0 0.0.0.255 any
!
!
!
snmp-server community S@far!com2 RO
snmp-server community public RO
snmp-server community private RW
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps transceiver all
snmp-server enable traps ds1
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps eigrp
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change nssa-trans-change
snmp-server enable traps ospf cisco-specific state-change shamlink interface
snmp-server enable traps ospf cisco-specific state-change shamlink neighbor
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps license
snmp-server enable traps envmon
snmp-server enable traps auth-framework sec-violation auth-fail
snmp-server enable traps c3g
snmp-server enable traps adslline
snmp-server enable traps vdsl2line
snmp-server enable traps icsudsu
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps isdn chan-not-avail
snmp-server enable traps isdn ietf
snmp-server enable traps ds0-busyout
snmp-server enable traps ds1-loopback
snmp-server enable traps energywise
snmp-server enable traps vstack
snmp-server enable traps mac-notification
snmp-server enable traps trustsec-sxp conn-srcaddr-err msg-parse-err conn-config-err binding-err conn-up conn-down binding-expn-fail oper-nodeid-change binding-conflict
snmp-server enable traps bgp cbgp2
snmp-server enable traps isis
snmp-server enable traps ospfv3 state-change
snmp-server enable traps ospfv3 errors
snmp-server enable traps aaa_server
snmp-server enable traps atm subif
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps memory bufferpeak
snmp-server enable traps cnpd
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps entity-ext
snmp-server enable traps entity
snmp-server enable traps fru-ctrl
snmp-server enable traps resource-policy
snmp-server enable traps event-manager
snmp-server enable traps frame-relay multilink bundle-mismatch
snmp-server enable traps frame-relay
snmp-server enable traps frame-relay subif
snmp-server enable traps hsrp
snmp-server enable traps ipmulticast
snmp-server enable traps mempool
snmp-server enable traps msdp
snmp-server enable traps mvpn
snmp-server enable traps nhrp nhs
snmp-server enable traps nhrp nhc
snmp-server enable traps nhrp nhp
snmp-server enable traps nhrp quota-exceeded
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps pppoe
snmp-server enable traps cpu threshold
snmp-server enable traps rsvp
snmp-server enable traps syslog
snmp-server enable traps l2tun session
snmp-server enable traps l2tun pseudowire status
snmp-server enable traps vtp
snmp-server enable traps waas
snmp-server enable traps rf
snmp-server enable traps bulkstat collection transfer
snmp-server enable traps vrfmib vrf-up vrf-down vnet-trunk-up vnet-trunk-down
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
privilege level 15
transport input telnet ssh
line vty 5 15
privilege level 15
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end

Georg Pauwen · ‎10-08-2021

Hello,

you have:

--> ip http access-class 23

configured, but there is no corresponding access list 23. Remove that line and check if you can login (or configure access list 23 to allow access from the IP addresses you want to authorize)...

mwendwakiema · ‎10-11-2021

Okay let me do so

mwendwakiema · ‎10-12-2021

On the above configuration I tried to block youtube and facebook and applied as the laid procedure but it was not effective. Users can still access the sites and APP. I searched online why that was happening and the solution I received was I cant block them because they are using https. Is there a way I can totally block youtube and facebook for sometime then allow later?

marce1000 · ‎10-04-2021

>.... it loads then goes back to the login pop up

Do you then (also) get an authorization-failing message ?

M.

-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

mwendwakiema · ‎10-05-2021

No it doesn't show any failing message

paul driver · ‎10-04-2021

Hello

Just enabling the rtr for http/https isn’t enough the rtr needs to have its html files in the flash for it to work if not you need to download them from cisco

dir flash:

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

mwendwakiema · ‎10-05-2021

Can you share the link to the download site.

balaji.bandi · ‎10-05-2021

Can you post show version and dir output ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

mwendwakiema · ‎10-08-2021

HOME_SABAKI#show version
Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.4(3)M3, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Fri 05-Jun-15 12:31 by prod_rel_team

ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)

HOME_SABAKI uptime is 1 day, 3 hours, 53 minutes
System returned to ROM by power-on
System image file is "usbflash0:c1900-universalk9-mz.SPA.154-3.M3.bin"
Last reload type: Normal Reload
Last reload reason: power-on

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco CISCO1921/K9 (revision 1.0) with 491520K/32768K bytes of memory.
Processor board ID FGL204923KH
2 Gigabit Ethernet interfaces
1 terminal line
DRAM configuration is 64 bits wide with parity disabled.
255K bytes of non-volatile configuration memory.
245744K bytes of USB Flash usbflash0 (Read/Write)

License Info:

License UDI:

-------------------------------------------------
Device# PID SN
-------------------------------------------------
*1 CISCO1921/K9 FGL204923KH

Technology Package License Information for Module:'c1900'

------------------------------------------------------------------------
Technology Technology-package Technology-package
Current Type Next reboot
------------------------------------------------------------------------
ipbase ipbasek9 Permanent ipbasek9
security None None None
data None None None
NtwkEss None None None

Configuration register is 0x2102

mwendwakiema · ‎10-08-2021

HOME_SABAKI#dir
Directory of usbflash0:/

1 -rw- 75608148 Dec 1 2016 11:28:44 -03:00 c1900-universalk9-mz.SPA.154-3.M3.bin
2 -rw- 3066 Dec 1 2016 11:38:56 -03:00 cpconfig-19xx.cfg
3 drw- 0 Dec 1 2016 11:39:16 -03:00 ccpexp
373 -rw- 22737 Dec 1 2016 11:42:04 -03:00 home.html
374 -rw- 227397 Dec 15 2020 17:29:08 -03:00 crashinfo_20201215-202907-UTC

251371520 bytes total (163766272 bytes free)