cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11134
Views
0
Helpful
17
Replies

Connection to the device could not be established. Either the device is not reachable or the HTTP/HTTPS service is not enabled on the device.

jason
Level 1
Level 1

This Cisco 800 series has been "handed" to me to get configured...

I am having issues ussing CCP to connect to the device, I am getting"Connection to the device could not be established. Either the device is not reachable or the HTTP/HTTPS service is not enabled on the device."

I know I saved some wrong configuration but having a tough time figuring out where.  Can someone point out to a cisco newb where I am going wrong?

I have checked off the following troubleshooting and can't find where I made my mistake.

Connection to the device could not be 
established. Either the device is not reachable 
or the HTTP service is not enabled on the 
device.

This error message is displayed in one of the following conditions:

The internet connection is down.

The IP address of the device is wrong or the device is not reachable.

The CLI "ip route <x.x.x.x> <x.x.x.x> <x.x.x.x>" is missing in the configuration.

The wrong HTTP port is provided to Cisco CP to connect to the device.

The CLI "ip http server" is missing in the configuration for non-secure connection.

The CLI "ip http secure-server" is missing in the configuration for secure connection.

To configure the device as an HTTP or HTTPS server, enter the following commands:

Router> config terminal
Router(config)# ip http server
Router(config)# ip http secure-server

Any help with the proper commands would be greatly appreciated!

881W#show config

Using 5319 out of 262136 bytes

!

! No configuration change since last restart

! NVRAM config last updated at 14:54:38 PCTime Sat Dec 17 2011

!

version 15.1

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname 881W

!

boot-start-marker

boot system flash c880data-universalk9-mz.151-3.T2.bin

boot-end-marker

!

!

logging buffered 51200 warnings

enable secret 5 $1$0IZb$gTe9qzmC2khcz4q7t1H1r0

!

no aaa new-model

memory-size iomem 10

--More--                           clock timezone PCTime -5 0

clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-542214224

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-542214224

revocation-check none

!

!

crypto pki certificate chain TP-self-signed-542214224

certificate self-signed 01 nvram:IOS-Self-Sig#1.cer

ip source-route

!

!

!

ip dhcp excluded-address 10.10.10.1

!

ip dhcp pool ccp-pool

   import all

   network 10.10.10.0 255.255.255.248

   default-router 10.10.10.1

   lease 0 2

--More--                           !

!

ip cef

no ip domain lookup

ip domain name Masternet

no ipv6 cef

!

!

license udi pid CISCO881W-GN-A-K9 sn FTX152401DC

!

!

username ***** privilege 15 secret 5 $1$FJ5H$buqflzYdL8pf9wOuZE8wm/

!

!

!

!

!

class-map type inspect match-any ccp-cls-insp-traffic

match protocol dns

match protocol ftp

match protocol h323

match protocol https

match protocol icmp

--More--                            match protocol imap

match protocol pop3

match protocol netshow

match protocol shell

match protocol realmedia

match protocol rtsp

match protocol smtp

match protocol sql-net

match protocol streamworks

match protocol tftp

match protocol vdolive

match protocol tcp

match protocol udp

class-map type inspect match-all ccp-insp-traffic

match class-map ccp-cls-insp-traffic

class-map type inspect match-any ccp-cls-icmp-access

match protocol icmp

match protocol tcp

match protocol udp

class-map type inspect match-all ccp-invalid-src

match access-group 100

class-map type inspect match-all ccp-icmp-access

match class-map ccp-cls-icmp-access

--More--                           class-map type inspect match-all ccp-protocol-http

match protocol http

!

!

policy-map type inspect ccp-permit-icmpreply

class type inspect ccp-icmp-access

  inspect

class class-default

  pass

policy-map type inspect ccp-inspect

class type inspect ccp-invalid-src

  drop log

class type inspect ccp-protocol-http

  inspect

class type inspect ccp-insp-traffic

  inspect

class class-default

  drop

policy-map type inspect ccp-permit

class class-default

  drop

!

zone security out-zone

--More--                           zone security in-zone

zone-pair security ccp-zp-self-out source self destination out-zone

service-policy type inspect ccp-permit-icmpreply

zone-pair security ccp-zp-in-out source in-zone destination out-zone

service-policy type inspect ccp-inspect

zone-pair security ccp-zp-out-self source out-zone destination self

service-policy type inspect ccp-permit

!

!

!

!

!

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

--More--                            description $ES_WAN$

no ip address

duplex auto

speed auto

pppoe-client dial-pool-number 1

!

interface wlan-ap0

description Service module interface to manage the embedded AP

ip unnumbered Vlan1

arp timeout 0

!

interface Wlan-GigabitEthernet0

description Internal switch interface connecting to the embedded AP

!

interface Vlan1

description Bellsouth WAN$FW_INSIDE$$ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$

ip address 10.10.10.1 255.255.255.248

ip nat outside

ip virtual-reassembly in

zone-member security out-zone

ip tcp adjust-mss 1412

!

interface Dialer0

--More--                            description $FW_OUTSIDE$

ip address negotiated

ip mtu 1452

zone-member security out-zone

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname *******

ppp chap password 0 ********

ppp pap sent-username ******** password 0 ********

no cdp enable

!

ip forward-protocol nd

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip flow-top-talkers

top 10

--by bytes

cache-timeout 3000000

--More--                           !

ip route 0.0.0.0 0.0.0.0 FastEthernet4

!

logging esm config

access-list 23 permit 10.10.10.0 0.0.0.7

access-list 91 permit any

access-list 100 remark CCP_ACL Category=128

access-list 100 permit ip host 255.255.255.255 any

access-list 100 permit ip 127.0.0.0 0.255.255.255 any

access-list 101 permit ip any any

access-list 110 permit icmp any any echo

access-list 110 permit icmp any any echo-reply

access-list 110 permit icmp any any source-quench

access-list 110 permit icmp any any packet-too-big

access-list 110 permit icmp any any time-exceeded

dialer-list 1 protocol ip permit

no cdp run

!

!

!

!

banner login ^CYou are using a network that logs all users activities.  If you are not authorized disconnect now.^C

--More--                           !

line con 0

login local

no modem enable

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

line vty 0 4

access-class 23 in

privilege level 15

login local

transport input telnet ssh

!

scheduler max-task-time 5000

ntp update-calendar

ntp server 24.56.178.140 source Wlan-GigabitEthernet0

ntp server 64.90.182.55 prefer source Wlan-GigabitEthernet0

end

17 Replies 17

Thanks so much!

Richard:

I will answer your last question first, I do get a response from CCP, I am running version 2.6.  When I launch it, it works fine.  Then once I do a discovery of the 800 it doesn't connect.  The tracert is the most telling it looks like.  I have to admit I haven't given much thought to why I am getting the results.  I did in the past try a telnet to port 22 and it won't connect either.

Windows IP Configuration


Ethernet adapter Masternet:

   Connection-specific DNS Suffix  . :
   IPv4 Address. . . . . . . . . . . : 192.168.1.122
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.254

Ethernet adapter Cisco:

   Connection-specific DNS Suffix  . :
   IPv4 Address. . . . . . . . . . . : 10.10.10.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.248
   Default Gateway . . . . . . . . . : 10.10.10.1

Here is the tracert results:

C:\Users\Jason>tracert 10.10.10.1

Tracing route to 10.10.10.1 over a maximum of 30 hops

  1     *        *        *     Request timed out.
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.
  4     *        *        *     Request timed out.
  5     *        *        *     Request timed out.
  6     *        *        *     Request timed out.
  7     *        *        *     Request timed out.
  8     *        *     ^C

Hi,

take a look at my previous post , this is a ZBF config problem.

Regards.

Alain

Don't forget to rate helpful posts.
Review Cisco Networking for a $25 gift card