02-08-2010 10:52 AM
Hi:
I recently adquired an AP541N Version AP541N-K9-1.7(2) and found that it has telnet and ssh ports open and cannot find a way to block access through this ports.
SSH and TELNET console are linux, it looks like a customized linux distro. I dont like anybody begin to play with that. How can i block that?
Also the default user name is cisco, is not possible to change that? I tried through web console but the device never accept other username than cisco for login.
Regards.
Leo
06-30-2011 03:35 AM
Hello Leo!
There's a possibility to change the name of the admin-user "cisco" to another by editing the saved configuration xml-file:
1) Save the configuration into the config.xml
2) Open the saved configuration file config.xml in a texteditor
3) Search for
4) Change it to
5) Save the config.xml
6) Upload the config-file to your AP541N and reboot
7) Login with the new Username
At the moment I didn't find where and how the password is stored. I also didnt't try out what happens, when the firmare is updated. Perhaps the custom admin-name is overwriten.
Regarding your request for blocking telnet and ssh:
1) Login to your AP541N
2) Enter this command on the CLI: set ssh status down
3) Enter this command on the CLI: set telnet status down
4) Enter this command on the CLI: save-running
Now telnet and ssh should be disabled.
Regards,
Woger
regards,
Woger
07-23-2011 08:48 PM
Hi Woger, thanks for your tip re the admin username, works a treat.
I am now trying to change the password, cant see a spot for that in the XML and the "change admin password" built into the GUI doesnt work.
Tried rebooting the AP, but no joy there either, gear is an AP541N and fw 2.0(0)
Any tips greatly appreciated
07-25-2011 05:01 AM
Hello aalogin2009!
I think the password can not be changed after editing the XML-config. I think there is a bug in the firmware, because the name of the admin is also not changeable via the WEB-GUI because the name is hardcoded in the XML. So when you change the name of the admin in the XML-Config, the WEB-GUI "can't find" the user whose password should be changed.
Try to rename the admin-name to default, change the password via WEB-GUI and change it back to your custom name. This is an awfull workaround but as long as the name of the admin-name can't be changed via WEB-GUI, I think this is the only way.
If you've got a Service-Contract on your AP541N make a service-call an request this "feature". If cisco got many of this requests, perhaps they will fix this issue in an upcomming release.
BR,
Woger
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide