01-31-2023 09:05 AM
Hello,
I'm currently trying to access the Web UI of my Catalyst 9300L switches. I can access the switches via SSH but not via web.
It simply won't load the site. Looks like port 80/443 is not open... Do I need to set some other settings to get it running?
There is currently only the management interface configured. No VLAN.
I enabled the Web UI via:
# ip http server
# ip http authentication local
# ip http secure-server
Output of show ip http server status shows:
cisco#show ip http server status
HTTP server status: Enabled
HTTP server port: 80
HTTP server active supplementary listener ports: 21111
HTTP server authentication method: local
HTTP server auth-retry 0 time-window 0
HTTP server digest algorithm: md5
HTTP server access class: 0
HTTP server IPv4 access class: None
HTTP server IPv6 access class: None
HTTP server base path:
HTTP File Upload status: Disabled
HTTP server upload path:
HTTP server help root:
Maximum number of concurrent server connections allowed: 300
Maximum number of secondary server connections allowed: 50
Server idle time-out: 180 seconds
Server life time-out: 180 seconds
Server session idle time-out: 600 seconds
Maximum number of requests allowed on a connection: 25
Server linger time : 60 seconds
HTTP server active session modules: ALL
HTTP secure server capability: Present
HTTP secure server status: Disabled
HTTP secure server port: 443
HTTP secure server ciphersuite: rsa-aes-cbc-sha2 rsa-aes-gcm-sha2
dhe-aes-cbc-sha2 dhe-aes-gcm-sha2 ecdhe-rsa-aes-cbc-sha2
ecdhe-rsa-aes-gcm-sha2 ecdhe-ecdsa-aes-gcm-sha2
HTTP secure server TLS version: TLSv1.2 TLSv1.1
HTTP secure server client authentication: Disabled
HTTP secure server PIV authentication: Disabled
HTTP secure server PIV authorization only: Disabled
HTTP secure server trustpoint: TP-self-signed-225260382
HTTP secure server peer validation trustpoint:
HTTP secure server ECDHE curve: secp256r1
HTTP secure server active session modules: ALL
Any tips to get this working?
Regards
Seb
Solved! Go to Solution.
02-01-2023 02:38 AM
as I mention before , the issue is subnet, but the not clear how ping work!! that wired.
any way
for configuration tab
do
username mhm password mhm
username mhm privilege 15 <<--
01-31-2023 09:24 AM
connect the PC to management port and first try ping
01-31-2023 12:05 PM
I can ping the switch and even connet via SSH, as already mentioned. The network itself is working.
01-31-2023 12:13 PM
in any browser enter
http
not
https
as I see the https is disable even if you enter ip http secure-server
01-31-2023 12:27 PM
01-31-2023 12:29 PM
ip http secure-server <<- remove this command
and
check again with http only
01-31-2023 11:40 PM
Tried this one too. No luck. I don't get it...
01-31-2023 09:29 AM
Hi,
Try a different browser.
HTH
01-31-2023 12:07 PM - edited 01-31-2023 12:08 PM
I tried Edge, Chrome and Firefox. Also wget on Linux shell. It looks more like the switch is not offering HTTP/HTTPS. I get a network timeout. It's not a certificate or browser compatibility problem.
As I said: I can ping it and also connect to it via SSH.
02-01-2023 12:28 AM
Got it working. I put my computer into the same network like the management port.
So it looks like there is some sort of network filtering active. How can I disable/configure this?
The next thing I noticed is that there are menues missing like "Configuration" in the Web UI. Can this be a permission thing?
02-01-2023 01:07 AM
what kind of missing, can you post exmaple :
as long as user have priv 15 you should be good.
02-01-2023 02:38 AM
as I mention before , the issue is subnet, but the not clear how ping work!! that wired.
any way
for configuration tab
do
username mhm password mhm
username mhm privilege 15 <<--
02-01-2023 02:45 AM
I gave the user priv 15. Now I can access all menu entries. Thanks for the hint!
Any tips for the limit that I can only connect to the Web UI if I'm on the same network like the management port?
Haven't found any settings to change...
02-01-2023 02:49 AM
read this, it about the management port config and it limitation.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: