Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1058
Views
0
Helpful
6
Replies

Cisco 892FSP router cant log into CCP Express

Taan
Level 1
Level 1

‎08-24-2021 03:11 PM

Hi Guys, Im trying to learn cisco IOS. I have followed the guide step by step https://www.cisco.com/c/en/us/td/docs/routers/access/800/829/software/cisco_configuration_professional_express/v3_4/guides/adminguide/CCP_admin_guide/installing_ccp_express_adminview.html

 

But whatever I do I always get this error. I have tried to login by all different users that I created. The login prompts and I log in it seems to work then this happens

 

Capture.PNG

 

Here is my running config.

 

Current configuration : 5407 bytes
!
! Last configuration change at 21:33:42 UTC Tue Aug 24 2021 by tan
!
version 15.9
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname cisco
!
boot-start-marker
boot-end-marker
!
!
enable secret 4 Jbo0a0Xyna9NA9JtwVNWpIK75HUWZ0q6biiEI5mDGMM
enable password PASSWORD
!
aaa new-model
!
!
aaa authentication login default local
!
!
!
!
!
!
aaa session-id common
!
crypto pki trustpoint TP-self-signed-3439012977
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3439012977
 revocation-check none
 rsakeypair TP-self-signed-3439012977
!
!
crypto pki certificate chain TP-self-signed-3439012977
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33343339 30313239 3737301E 170D3231 30373234 32303432
  33315A17 0D333030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 34333930
  31323937 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100C2EB 9F4B2EA9 B8DCC895 55086ECE 2B039D5A 20FAC31B 5D4CDD62 A877F330
  36F3BE2E 3AF13FB1 BB3A8F5D F3474C42 67ABF0CD 01F149FE 35E4FA16 E7DDADF4
  4176FD6E 1E4FA6C9 62DD50A0 A9D1EBAC 05C8C9C9 9FBBF239 5ED2DADF 1DCEC3A7
  3715C049 9CF05110 A97AA724 7D78FDA7 825FE99E CCF7EC68 30A1ACCF 6C3041A4
  319F0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 14A36CEF 6E31632B B738CF1B 6F769A08 1C642950 3E301D06
  03551D0E 04160414 A36CEF6E 31632BB7 38CF1B6F 769A081C 6429503E 300D0609
  2A864886 F70D0101 05050003 8181006A 354E6DE8 AE09B061 957A6533 A20F6853
  CF3EC80D 4FC20B36 7BA4CCD5 0E88D464 1A6EB3B4 FF236D27 0ACFDE1F 550F4CFC
  6F5EE5A0 4F7FA014 1751E639 90990A05 0AEC6BA8 5C1646FB CF1F6926 9ED299AE
  E7616A60 18191979 02C92A61 E587A799 16FC1637 8824DA86 6F26C152 8021D4DE
  70992B5B ED0182CB 85456EBA 95D1A9
        quit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
ip dhcp excluded-address 10.10.1.1
!
ip dhcp pool INSIDE
 network 10.10.1.0 255.255.255.0
 default-router 10.10.1.1
 dns-server 10.10.1.1
!
ip dhcp pool EXI-STATIC
 host 10.10.1.120 255.255.255.0
 client-identifier 0164.5106.d89d.59
!
!
!
ip domain name home.local
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
license udi pid C892FSP-K9 sn FFFFFFFFFF
!
!
username tan privilege 15 secret 9 $9$0x.JeAznWRH5UC$jULjx4Sy.YNk9E/xUEG/WFb5ESLFIrhvAJnb7DLzz1o
username admin privilege 15 secret 9 $9$6/6vDhNHhyUhVn$CwkRfUrEsQHAp4cXv5bi5jkxoQ8Oc8o6K7NwgKIOUcc
username ccp privilege 15 secret 9 $9$U7cPxvjkGYQhD1$x.WjoTH/gDmtZf9s0DB0fSxQwVhak.6LoLOAkzTkpCk
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet1
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet2
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet3
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet4
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet5
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet6
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet7
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet8
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface GigabitEthernet9
 ip address dhcp
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface Vlan1
 no ip address
!
interface Vlan100
 ip address 10.10.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip http path flash:
!
!
ip dns server
ip nat inside source list 50 interface GigabitEthernet9 overload
!
logging host 10.10.1.100
ipv6 ioam timestamp
!
access-list 50 permit 10.10.1.0 0.0.0.255
!
!
!
control-plane
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
line con 0
 logging synchronous
 login authentication local
 no modem enable
line aux 0
line vty 0 4
 privilege level 15
 password PASSWORD
 transport input telnet ssh
line vty 5 15
 privilege level 15
 transport input telnet ssh
!
scheduler allocate 20000 1000
!
!
!
!
!
!
!
end

Please help

Labels:
0 Helpful
6 Replies 6

Richard Burts
Hall of Fame
Hall of Fame

‎08-24-2021 09:57 PM

The behavior you describe is surprising. I have these comments:

- the error message mentions clearing the stored credentials. Have you tried clearing history (or whatever in the OS of your device) to remove all stored information?

- I am wondering about this line in the config

ip http path flash:

try removing this and let us know if the behavior changes.

- how are you accessing CCP Express? Can you be sure to specify https rather than http?

HTH

Rick
0 Helpful

Taan
Level 1
Level 1
In response to Richard Burts

‎08-25-2021 12:00 AM

Hi after removing:

 

ip http path flash:

I get this instead. And yes im using https and login with both chrome and edge from privatemode.

 

Capture.PNG 

running config

Current configuration : 5288 bytes
!
! Last configuration change at 06:26:18 UTC Wed Aug 25 2021 by tan
!
version 15.9
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname cisco
!
boot-start-marker
boot-end-marker
!
!
enable secret 4 Jbo0a0Xyna9NA9JtwVNWpIK75HUWZ0q6biiEI5mDGMM
enable password PASSWORD
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-3439012977
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3439012977
 revocation-check none
 rsakeypair TP-self-signed-3439012977
!
!
crypto pki certificate chain TP-self-signed-3439012977
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33343339 30313239 3737301E 170D3231 30373234 32303432
  33315A17 0D333030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 34333930
  31323937 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100C2EB 9F4B2EA9 B8DCC895 55086ECE 2B039D5A 20FAC31B 5D4CDD62 A877F330
  36F3BE2E 3AF13FB1 BB3A8F5D F3474C42 67ABF0CD 01F149FE 35E4FA16 E7DDADF4
  4176FD6E 1E4FA6C9 62DD50A0 A9D1EBAC 05C8C9C9 9FBBF239 5ED2DADF 1DCEC3A7
  3715C049 9CF05110 A97AA724 7D78FDA7 825FE99E CCF7EC68 30A1ACCF 6C3041A4
  319F0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 14A36CEF 6E31632B B738CF1B 6F769A08 1C642950 3E301D06
  03551D0E 04160414 A36CEF6E 31632BB7 38CF1B6F 769A081C 6429503E 300D0609
  2A864886 F70D0101 05050003 8181006A 354E6DE8 AE09B061 957A6533 A20F6853
  CF3EC80D 4FC20B36 7BA4CCD5 0E88D464 1A6EB3B4 FF236D27 0ACFDE1F 550F4CFC
  6F5EE5A0 4F7FA014 1751E639 90990A05 0AEC6BA8 5C1646FB CF1F6926 9ED299AE
  E7616A60 18191979 02C92A61 E587A799 16FC1637 8824DA86 6F26C152 8021D4DE
  70992B5B ED0182CB 85456EBA 95D1A9
        quit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
ip dhcp excluded-address 10.10.1.1
!
ip dhcp pool INSIDE
 network 10.10.1.0 255.255.255.0
 default-router 10.10.1.1
 dns-server 10.10.1.1
!
ip dhcp pool NAS-STATIC
 host 10.10.1.100 255.255.255.0
 client-identifier 0100.1132.2ca7.85
!
ip dhcp pool DREAMBOX-STATIC
 host 10.10.1.110 255.255.255.0
 client-identifier 0100.0934.4274.8e
!
ip dhcp pool EXI-STATIC
 host 10.10.1.120 255.255.255.0
 client-identifier 0164.5106.d89d.59
!
ip dhcp pool LINUX-STATIC
 host 10.10.1.130 255.255.255.0
 client-identifier ff9f.6e85.2400.0200.00ab.115f.8a8a.6637.2ace.04
!
ip dhcp pool AD-STATIC
 host 10.10.1.140 255.255.255.0
 client-identifier 0100.0c29.cccc.b3
!
ip dhcp pool BACKUP-STATIC
 host 10.10.1.150 255.255.255.0
 client-identifier 0100.0c29.8c76.5f
!
!
!
ip domain name home.local
ip host esxi 10.10.1.120
ip host backup 10.10.1.150
ip host ad 10.10.1.140
ip host linux 10.10.1.130
ip host dreambox 10.10.1.110
ip host nas 10.10.1.100
ip name-server 213.80.98.2
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
license udi pid C892FSP-K9 sn FCZ1949C027
!
!
username tan privilege 15 secret 9 $9$0x.JeAznWRH5UC$jULjx4Sy.YNk9E/xUEG/WFb5ESLFIrhvAJnb7DLzz1o
username admin privilege 15 secret 9 $9$6/6vDhNHhyUhVn$CwkRfUrEsQHAp4cXv5bi5jkxoQ8Oc8o6K7NwgKIOUcc
username ccp privilege 15 secret 9 $9$U7cPxvjkGYQhD1$x.WjoTH/gDmtZf9s0DB0fSxQwVhak.6LoLOAkzTkpCk
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet1
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet2
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet3
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet4
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet5
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet6
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet7
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet8
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface GigabitEthernet9
 ip address dhcp
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface Vlan1
 no ip address
!
interface Vlan100
 ip address 10.10.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip dns server
ip nat inside source list 50 interface GigabitEthernet9 overload
!
logging host 10.10.1.100
ipv6 ioam timestamp
!
access-list 50 permit 10.10.1.0 0.0.0.255
!
control-plane
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
line con 0
 logging synchronous
 no modem enable
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
line vty 5 15
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler allocate 20000 1000
!
!
!
!
!
!
!
end
0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Taan

‎08-25-2021 11:51 AM

Thanks for trying my suggestion about ip http path flash:. I am surprised that the result was a error 404. I do not see that line the most recent config that you posted. Are you still getting the error 404 when you attempt access CCP?

While the suggested changes to vty may be good changes, I do not see how they would relate to problems accessing CCP. The vty are for remote access using telnet or SSH. I do not see how they would relate to CCP.

I am not expert in CCP, and if someone who is expert would jump into the discussion that would be good. But I think I may see the issue. Reading through the documentation for CCP that you posted it looks like they intend for CCP to be used in the initial configuration of the router. And they show creating new user ID and passwords in CCP. I am guessing that you did the initial configuration manually and that you manually configured the user IDs and passwords. And that you are attempting to use CCP well after that initial configuration. My guess is that CCP is complaining that the user who is attempting to login to CCP was not created in CCP. I wonder if you configure a new user as username1 with password as password1 and privilege level 15 is CCP might accept that.

HTH

Rick
0 Helpful

Taan
Level 1
Level 1
In response to Richard Burts

‎08-25-2021 12:09 PM

Maybe you are right. I will try to reset my router and install the CCP. Lets see if that gonna work. Thanks for help guys.

 

 

0 Helpful

Georg Pauwen
VIP
VIP
In response to Taan

‎08-25-2021 03:01 PM

Hello,

 

one other thing you could try is clear the cached login credentials in Chrome:

 

https://support.docusign.com/en/articles/Troubleshooting-cached-login-credentials-in-Google-Chrome

0 Helpful

Georg Pauwen
VIP
VIP

‎08-24-2021 11:07 PM

Hello,

 

in addition to Richard's remarks, try to make the changes below to your VTY lines:

 

line con 0
logging synchronous
login authentication local
no modem enable
line aux 0
line vty 0 4
privilege level 15
--> no password PASSWORD
--> login local
transport input telnet ssh
line vty 5 15
privilege level 15
--> login local
transport input telnet ssh

0 Helpful
Customers Also Viewed These Support Documents