Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6168
Views
0
Helpful
9
Replies

SRP527W SSH user/password?

AWilloughby
Level 1
Level 1

‎09-17-2010 07:11 AM

Hi all, im having trouble setting up site to site vpn from my 527w to my 877 series and thought it would be much easier to see whats going on the 527 if i could see command line

so ive ssh'd to the 527s ip address but none of the usernames/password combos work that let me in the web gui, what are the logins? does anybody know?

Thanks

Labels:
0 Helpful
9 Replies 9

riroe
Level 3
Level 3

‎09-20-2010 02:00 AM

To access the WEB GUI of this device there are 2 different logins

that you can use. You can use cisco, cisco as the username and password or

admin,admin as the username and password. I would reccommend logging in as admin,admin. You

will see more available options under admin.

THANKS

0 Helpful

AWilloughby
Level 1
Level 1
In response to riroe

‎09-20-2010 02:13 AM

hi yeah, i found those accounts and have logged in with those, but when i ssh to the ip address of the router i get login prompt but neither credentials work, and i cant find any ssh access info in the web gui logged in as an admin

is ssh enabled but no account can use it?

0 Helpful

jowan.mcruz
Level 1
Level 1
In response to AWilloughby

‎05-10-2011 09:44 PM

Hi, were u able to get resolution/answer for this, I'm experiencing the same thing.

0 Helpful

Andrew Hickman
Cisco Employee
Cisco Employee
In response to jowan.mcruz

‎05-11-2011 08:15 AM

Hi All,

The SSH interface is protected by a device  specific password that may only be accessed by Cisco engineering staff.   There is no command line interface hidden behind this password, so would  be of limited use to most users.

That said, you might find the following useful in setting up a VPN between the SRP and IOS device:

Consider the following network:

This is the IOS configuration:

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

lifetime 28800

crypto isakmp key SECRET-KEY address 192.168.200.162

!

!

crypto ipsec transform-set SETNAME esp-3des esp-sha-hmac

!

crypto map CISCO 1 ipsec-isakmp

set peer 192.168.200.162

set transform-set SETNAME

set pfs group2

match address 110

!

interface FastEthernet4

ip address 192.168.200.146

crypto map CISCO

!

interface Vlan1

ip address 192.168.9.1 255.255.255.0

!

access-list 110 permit

ip 192.168.9.0 0.0.0.255 192.168.15.0 0.0.0.255

The SRP IKE Policy is as follows:

...and the SRP500 IPSec policy is:

If both IP addresses are directly reachable, NAT-T is not  required:

VPN connection status and control is available from the SRP status page:

0 Helpful

jowan.mcruz
Level 1
Level 1
In response to Andrew Hickman

‎05-11-2011 09:26 PM

Thanks for that Andrew, will keep that for reference.


Though the reason I wanted SSH access was to test Port Mirroring bases from this post:
https://supportforums.cisco.com/thread/2075293

monitor session 1 source interface FaX/X

monitor session 1 destination interface FaX/X

I can't find seem to find to do this via the WEB GUI.
Thanks.

0 Helpful

Andrew Hickman
Cisco Employee
Cisco Employee
In response to jowan.mcruz

‎05-11-2011 09:37 PM

Ah - Those are commands for an IOS router.  The SRP500 is a Linux based device and does not have this functionality.

Andy

0 Helpful

jowan.mcruz
Level 1
Level 1
In response to Andrew Hickman

‎05-11-2011 09:40 PM

Oh ok, I didnt see port mirroring as feature in the datasheet, though when I saw that post, I thought its possible.

Thanks.

0 Helpful

elryan234
Level 1
Level 1
In response to Andrew Hickman

‎07-26-2011 09:58 PM

Thanks for those details!

So, that means no RSA certificates for authentication on these devices then...?

-- Lee

0 Helpful

Andrew Hickman
Cisco Employee
Cisco Employee
In response to elryan234

‎07-27-2011 12:47 AM

Hi Lee,

That's correct.  No certificates for IPSec, just shared secret.

Andy

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents