01-14-2019 06:17 PM - edited 03-08-2019 05:01 PM
Can't login web interface but can login SSH and telnet of cisco 3560
after got problem i can login and monitor performance and see log after that logoff and try login again it show user password not correct
- i try change browser firefox, ie, chrome can access web but can't login.
- i try login ssh :OK!
- i try login telnet :OK!
- i try create new user can login ssh ,telnet but can't login web.
Please help me how to check this problem.
Solved! Go to Solution.
01-17-2019 07:25 PM
Thank you for all and i solving problems already
command : no ip http secure-server
and put command again: ip http secure-server
01-14-2019 06:43 PM
I hope this link can help you:
Regards
01-14-2019 08:54 PM
Using the GUI , you have must have permission of privilege level 15 access try below option :
create a user
Step 1
username admintemp privilege 15 privilege 15 secret admintemp
then runn the http services
Step 2
ip http server
ip http secure-server
ip http authentication login local
Step 3
management ip
it will ask you username and pass
make sure you have right java version.
01-14-2019 10:42 PM
01-15-2019 08:12 AM
The question in the original post was about failure in login for the web interface but success in login for telnet and ssh. The partial config posted shows that the web interface should authenticate using the locally configured user ID and password. So the users cisco and Admin should be able to login to the web interface. Are you telling us that these IDs do work or do not work for the web interface?
We have no information about authentication for telnet and ssh and so can not yet address differences in login success or failure. Can you post more of the config (most especially all of the aaa config and the config of the vty lines - complete config would be nice).
HTH
Rick
01-17-2019 08:21 AM
can you see my config
interface Vlan700
ip address 10.1.12.253 255.255.255.0
!
ip default-gateway 10.1.8.77
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data
permit tcp any any eq 22
permit tcp any any eq 465
permit tcp any any eq 143
permit tcp any any eq 993
permit tcp any any eq 995
permit tcp any any eq 1914
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any any eq smtp
permit tcp any any eq pop3
ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf
permit udp any any range 16384 32767
permit tcp any any range 50000 59999
ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger
permit tcp any any range 2300 2400
permit udp any any range 2300 2400
permit tcp any any range 6881 6999
permit tcp any any range 28800 29100
permit tcp any any eq 1214
permit udp any any eq 1214
permit tcp any any eq 3689
permit udp any any eq 3689
permit tcp any any eq 11999
ip access-list extended AutoQos-4.0-wlan-Acl-Signaling
permit tcp any any range 2000 2002
permit tcp any any range 5060 5061
permit udp any any range 5060 5061
ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data
permit tcp any any eq 443
permit tcp any any eq 1521
permit udp any any eq 1521
permit tcp any any eq 1526
permit udp any any eq 1526
permit tcp any any eq 1575
permit udp any any eq 1575
permit tcp any any eq 1630
permit udp any any eq 1630
permit tcp any any eq 1527
permit tcp any any eq 6200
permit tcp any any eq 3389
permit tcp any any eq 5985
permit tcp any any eq 8080
!
ip sla enable reaction-alerts
access-list 100 permit ip any any
access-list 100 deny ip 192.168.1.0 0.0.0.255 10.1.0.0 0.0.255.255
access-list 100 deny ip 192.168.1.0 0.0.0.255 172.20.1.0 0.0.0.255
!
snmp-server community public RO
snmp-server community private RW
!
control-plane
service-policy input system-cpp-policy
!
!
no vstack
!
line con 0
password asdfghjkl;'
login local
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password asdfghjkl;'
login local
line vty 5 15
password asdfghjkl;'
login
!
!
wsma agent exec
!
wsma agent config
!
wsma agent filesys
!
wsma agent notify
!
!
ap dot11 airtime-fairness policy-name Default 0
ap group default-group
ap hyperlocation ble-beacon 0
ap hyperlocation ble-beacon 1
ap hyperlocation ble-beacon 2
ap hyperlocation ble-beacon 3
ap hyperlocation ble-beacon 4
end
01-17-2019 08:31 AM
Hello,
this sounds more like a browser problem than a problem with the 3560. Are you trying this from a Windows machine ? If so, try and disable the firewall...
01-17-2019 08:40 AM
Thanks for posting some additional configuration. It is helpful to see the configuration of the vty lines. Would you post the output of this command
show run | include aaa
HTH
Rick
10-12-2020 09:48 PM
I was facing this problem on all my devices with the GUI files installed and the HTTP(s) service enabled. Except for AP. The AP running config doesn't have the ip http authentication local line and the GUI works as intended. That's different.
Balaji, your hint was helpful. I wish, you are making much less typo for now
01-17-2019 07:25 PM
Thank you for all and i solving problems already
command : no ip http secure-server
and put command again: ip http secure-server
01-18-2019 07:05 AM
Thanks for the update telling us that you solved the problem by removing and re-adding the command. It is good to know this.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide