Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
26361
Views
20
Helpful
9
Replies

Cisco 2921 Router with the ip http access class command

saroj pradhan
Level 1
Level 1

‎11-22-2012 04:10 AM - edited ‎03-07-2019 10:12 AM

Hi,

the cisco 2921 Router has a default  ip hhtp  access class command  found  in it. Just  i  changed the default  IP to the new ip  i will use.

The Router is accessable  from the LAN only  but  not from the internet  configured the Public ip . I think this is due to the standard access list 23 .

Please advice  how will i access the Router from the Internet using the Public IP.

Thanks,

Saroj Pradhan

Labels:
0 Helpful
9 Replies 9

johnlloyd_13
Level 9
Level 9

‎11-22-2012 06:46 AM

hi saroj,

please post your 'show run' output.

Rahul Kukreja
Level 1
Level 1

‎11-22-2012 08:46 AM 

The ACL used with the following command is used to restrict the GUI Access to router (like CCP) 
Also this ACL is the standard ACL, so will only match the source ip address not the destination.

ip http access-class 23

http://www.cisco.com/en/US/docs/ios/12_1/configfun/command/reference/frd1005.html#wp1020068

Check if the same ACL is applied in the vty lines -

line vty 0 4

access-class 23 in

Remove this command and check or put "permit any" at the end of ACL and check.

- HTH

  Rahul

0 Helpful

saroj pradhan
Level 1
Level 1
In response to Rahul Kukreja

‎11-23-2012 05:42 PM

As  i am unable  to access the Router from the internet due the ip http  access class command  need help to remove the command  from the routeer. please advice.

Thanks,

Saroj

0 Helpful

Rahul Kukreja
Level 1
Level 1
In response to saroj pradhan

‎11-23-2012 11:51 PM

Please attach your running confugration and let us via what means you are accessing the Router from Internet and the ip address of router (example - telnet, ssh, CCP etc)

ip http access-class is used to restrict the GUI access access of the router and if you just want to go ahead and remove this without any further troubleshooting, here is the command -

Router#conf t

Router(config)#no ip http access-class 23

- HTH

Rahul

cadet alain
VIP Alumni
VIP Alumni
In response to saroj pradhan

‎11-24-2012 07:24 AM

Hi,

You don't have line vty access with ssh/telnet ?

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

joelgooding
Level 1
Level 1
In response to cadet alain

‎11-24-2012 11:16 AM

hello,

Just a tip here, if you are going to be making changes on a remote router that you are not sure will result in disconnecting your session, save the config and use the reload command to reboot the device if the session disconnects:

(config)# reload in

Joel

_______________________________
Please rate helpful posts and answered questions!

Joel _______________________________ Please rate helpful posts and answered questions!

Roman Vicent Magararu
Level 1
Level 1
In response to joelgooding

‎08-29-2013 11:25 PM

Hi,

if you are using internet, the first thing you must do is to ping the router

your router must have  default route to the internet

0 Helpful

Parvesh Paliwal
Level 3
Level 3
In response to joelgooding

‎08-29-2013 11:28 PM

@joelgooding

good tip....!!

0 Helpful

Ricardo Ochoa
Level 1
Level 1

‎09-25-2015 11:16 AM

Hello, please post the next commands:

 

sh run int "WAN Interface"

sh access-list

sh ip route

sh running-config | section line vty

 

0 Helpful
Top