cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2576
Views
0
Helpful
10
Replies

Web Gui issues with C1121-4P router

Hiten Thakkar
Level 1
Level 1

I set up a C1121-4P router for a friend with int gig0/0/0 facing the ISP with ip address dhcp. int gig0/0/1 192.168.1.1/24. See attached sh run. Vanilla Configuration not much security or complexity. After a power reload the GUI "https://192.168.1.1/webui nor http://192.168.1.1/webui"  stopped working and can't get it to run. The browser Firefox as well as Chrome reports not compatible TLS and incorrect ssl (don't remember exact message) . I believe the Cisco IOS is using TLS v1.1 and the browsers are using TLS v1.2. The friend is not CLI savvy and want to use the GUI, so he can determine the ip nat translation statistic as well as the log. I have enable ip authentication http local not in sh run. Any help is appreciated.

10 Replies 10

balaji.bandi
Hall of Fame
Hall of Fame

we did not find any  show run attached, command try setup only TLS1.2 

use the below document for reference to setup TLS 1.2 for the GUI

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/https/configuration/xe-16-5/https-xe-16-5-book/nm-nginx-http-web-security.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Thanks for your help.  Sorry for the oversight I have attached the sh run. I enabled TLSv1.2 too does it need to be power reset. set the ip authentication http local I still have issues loading the gui.

i do not see your config http config at all ?

config to tls 1.2 does not required router to reboot. but is your router running SSH v2 ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Turns out I needed to have configured user with privilege 15 to user the WebGUI for all menu items

Hello
Is http server enabled on the rtr ( it should be by default)
Define a static default route other then the received default from dhcp?

dir flash:
show http server status

conf t
ip https server
ip http authentication aaa
ip http max connections 2
ip http path flash:
ip route 0.0.0.0 0.0.0.0 gig0.0.0 dhcp


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

burtG
Level 1
Level 1

I had a problem similar to this one on a C1101-4P. The only option that worked was to change the SW baseline from 17.3.x to 17.6.x and then WebGUI would show the proper pages and allow configuration. I don't know if you are able to update your SW, but that is what worked for me.

It worked fine. I reset the router to factory default and it worked, but
thanks for the update.

mohsinsangani
Level 1
Level 1

Hey there! It sounds like you're facing a bit of a hiccup with your friend's router setup. From what you've described, it seems like there might be a compatibility issue between the router's TLS version and the browsers your friend is using.

Since your friend prefers using the GUI and isn't too familiar with the command line, we might need to explore a few options. One approach could be to see if there's a firmware update available for the router that supports a newer version of TLS. Alternatively, you could try accessing the GUI from a different browser or even a different device to see if that helps.

If those options don't work, we might need to delve into the CLI a bit to troubleshoot further. Let me know if you're up for that, and I can guide you through some steps to check the router's TLS settings and potentially adjust them if needed.


@Hiten Thakkar wrote:

I set up a C1121-4P router for a friend with int gig0/0/0 facing the ISP with ip address dhcp. int gig0/0/1 192.168.1.1/24. See attached sh run. Vanilla Configuration not much security or complexity. After a power reload the GUI "https://192.168.1.1/webui nor https://pennmedicalgroup.com/"  stopped working and can't get it to run. The browser Firefox as well as Chrome reports not compatible TLS and incorrect ssl (don't remember exact message) . I believe the Cisco IOS is using TLS v1.1 and the browsers are using TLS v1.2. The friend is not CLI savvy and want to use the GUI, so he can determine the ip nat translation statistic as well as the log. I have enable ip authentication http local not in sh run. Any help is appreciated.


 

Mildre Gongora
Level 1
Level 1

 

  • Clear Browser Cache: Clear your browser’s cache and cookies to eliminate  any corrupted data affecting the GUI.
  • Use a Different Browser: Switch to another browser or use incognito mode to see if the issue persists.
  • Update Router Firmware: Check for firmware updates  and apply them to fix any known GUI bugs.
  • Restart the Router: Reboot the router to refresh its system and potentially resolve wootingdoublemovement the issue.
  • Check Network Configuration: Ensure your router’s IP address is correctly configured and not conflicting with other devices.
  • Consult Documentation: Refer to the router's user manual or support site for specific troubleshooting related to the Web GU

 

kandisskallita
Level 1
Level 1

It turns out I needed to configure the user with privilege level 15 to access all menu items in the WebGUI.

https://ggsaloncorvallis.com/lash-services/

Review Cisco Networking for a $25 gift card