SG300-28P Web interface not working with hostname, only with IP, after latest firmware update - Page 2

LabMix · ‎10-31-2019

I just updated my SG300-28P to the latest firmware, 1.4.11.2, after previously running 1.4.10.6.

Previous to the update, I could access the Web interface with the hostname I'd specified in System Settings (as part of the FQDN I use for my LAN), i.e. https://switch1.domain.com (where switch1 is the hostname set in System Settings, and the rest is the search domain I use on my LAN).

Following the update, any attempt to access it by hostname results in a long pause whilst it is "waiting for switch1.domain.com", before finally going to a blank page with only the opening <html> tag of the page loading as content if I view the source. Nothing else loads. I can view certificate information so it is obviously getting a response, but grinding to a halt before it gets any further. If I access the Web interface using IP address, it connects fast and without any problem.

Worth mentioning, I can still ping / SSH to the switch using the hostname / FQDN, so I don't think it's a networking issue, just that the Web interface has stopped loading for hostname requests. I've also tried clearing the browser cache and using different browsers on different machines, but it's the same for all.

The switch's logs do not show any connection attempts at all when using hostname but do show successful connects when I use the IP.

Has anyone got any ideas? Thanks!

variable · ‎12-03-2019

Same issue here. SG300-10pp stopped working only on named host access, ip, ssh, etc are fine.
This happened after an update of the second most recent firmware ( 1.4.10.06 ) to
the most recent version ( 1.4.11.02 ).

Gary Buhrmaster · ‎12-07-2019

As the SG300 switches are now beyond the last software support date, I suspect there will never be an official fix (the 1.4.11.2 release was likely queued before the end of software support date, and got pushed out along with the other related fixes for the same bug at the same time which was technically after the end of software support). Looks like it is time to schedule the hardware refresh.

WitteDeWith · ‎12-12-2019

I can confirm this for SF302-08P 8-Port 10/100 PoE Managed Switch too.

tune_corpit · ‎12-20-2019

We also have this same issue on an SG300-10P.

using curl the web server clearly behaves differently

$ host ssw01.c.home
ssw01.c.home has address 10.0.1.6

$ curl http://ssw01.c.home
<html>

$ curl http://10.0.1.6
<html><head></head><body>
This document has moved to a new <a href="http://10.0.1.6/cs2cd811e/">location</a>.
Please update your documents to reflect the new location.
</body></html>

balaji.bandi · ‎12-20-2019

yes since it works with IP, not with domain name

check the bug and it shows fixed with the newer version

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvp23218

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

LabMix · ‎12-20-2019

@balaji.bandi- The most recent release (1.4.11.02, 16th October 2019) fixes CSCvp23218, but does not fix the 'domain vs IP' issue people are reporting here. The domain / IP issue was actually introduced with the most recent release.

JoelLinn · ‎12-21-2019

The amount of time I tried fixing this myself, thinking the flash somehow was broken I could have just bought another switch...

Also the remote exploit they fixed... I don't want to know how they did it if it is the cause of this bug.

https://twitter.com/RedTeamPT/status/1110843396657238016

rogueresearch · ‎01-06-2020

I can confirm this issue too. On both my SG300-52 and SG500-52P.

florian.brandl · ‎01-13-2020

Hi Guys,

We have the same issue with our SG500 Series-PoE-Switches and one SG300.

Acessing the Web-Management via IP is working but not via FQDN.

Even if EOS is announced and active, this issue should be fixed by Cisco.

BR

Florian

sdl · ‎01-31-2020

This issue appears to have been semi-fixed by the recent v1.4.11.4 firmware release. I say "semi-fixed" as now on navigating to the switch FQDN a HTTP 302 redirect is issued to the switch management IP address. So yes, it works again via FQDN, but your browser is redirected to the IP address.

WitteDeWith · ‎02-01-2020

Thank you for your update. For now this does not work for my nework
configuration. The router does allow this redirection.

florian.brandl · ‎02-03-2020

It's also working on our site (SG300-10pp and various SG500-xx(p)).
As you descripted, it's just a forward to the IP - but it works :-).

variable · ‎02-05-2020

Same here. It's just a redirect, but it works :)

timtrace314 · ‎03-23-2020

Same here, on four SG-300 series switches: 2x 10, 1x 10P, 1x 20, FW 1.4.11.4

If I browse to the switch using the FQDN, by http or https, my browser gets redirected to the IP address of the management interface.

I confirmed by downgrade that variable's finding is accurate: v1.4.10.06 26APR2019 does not have the issue.

For a switch that's out of software support, it sure would be nice if the latest (last?) FW didn't have the issue. Here in late March 2020, the newest version is 1.4.11.04 29JAN2020.

No way is this a justifiable reason in and of itself for a hardware refresh, but it's still really annoying.

franckehret · ‎04-19-2020

Same for me, I've noticed it with the very latest version (jumped from 1.4.10.6 to 1.4.11.4)

Pretty anoying for me as I generated SSL certificates for FQDNs only...

I hope this will (can) be fixed since the vulnerability ;-)