1850 Controller cannot connect to web interface

Finbarr Brady · ‎11-25-2020

I have an 1850 access point running Mobility Express. It is working fine as an access point and I can SSH into it no problem, however, I cannot access the web interface using any browser. Tried Safari or Chrome.

When I connect using Chrome using https://ip, it shows me this message:

Your connection is not private
Attackers might be trying to steal your information from <REDACTED>.150 (for example, passwords, messages or credit cards). Learn more
NET::ERR_CERT_INVALID

Help improve security on the web for everyone by sending URLs of some pages that you visit, limited system information, and some page content to Google. Privacy policy
<REDACTED>.150 normally uses encryption to protect your information. When Google Chrome tried to connect to <REDACTED>.150 this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be <REDACTED>.150, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.

You cannot visit <REDACTED>.150 at the moment because the website sent scrambled credentials that Google Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.

When I connect using http, it prompts me for the username and password and then returns:

This page isn’t working x.x.x.150 didn’t send any data.
ERR_EMPTY_RESPONSE

Would anyone see anything wrong with my config here? I am trying to use the defaults and connecting over http is fine for my case as this is at home.

(Cisco Controller) >
(Cisco Controller) >show sysinfo

Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 8.10.130.0
OUI File Last Update Time........................ N/A

System Name...................................... 1850 Controller
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.2250
IP Address....................................... <REDACTED>.150
Last Reset....................................... 1: reload command

System Up Time................................... 0 days 0 hrs 46 mins 42 secs
System Timezone Location......................... (GMT) London, Lisbon, Dublin, Edinburgh
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180

Configured Country............................... IE  - Ireland

State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled

--More-- or (q)uit
Number of WLANs.................................. 2
Number of Active Clients......................... 16

OUI Classification Failure Count................. 69

Memory Current Usage............................. 69
Memory Average Usage............................. 69
CPU Current Usage................................ 4
CPU Average Usage................................ 5

Flash Type....................................... Compact Flash Card
Flash Size....................................... 1073741824

Burned-in MAC Address............................ <REDACTED>:C0
Maximum number of APs supported.................. 50
System Nas-Id....................................
WLC MIC Certificate Types........................ SHA1/SHA2

(Cisco Controller) >
(Cisco Controller


(Cisco Controller) >
(Cisco Controller) >show network summary

RF-Network Name............................. 1850 Controller
DNS Server IP1.............................. <REDACTED>.1
DNS Server IP2.............................. 208.67.222.222
DNS Server IP3.............................. 208.67.220.220
Web Mode.................................... Enable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Enable
Secure Web Mode SSL Protocol................ Disable
OCSP........................................ Disabled
OCSP responder URL..........................
Network 2-factor-authentcation.............. Disable
    2FA Username field ..................... Common Name
Secure Shell (ssh).......................... Enable
Secure Shell (ssh) Cipher-Option High....... Enable
Telnet...................................... Disable
Ethernet Multicast Forwarding............... Disable
Ethernet Broadcast Forwarding............... Disable
IPv4 AP Multicast/Broadcast Mode............ Multicast   Address : 0.0.0.0
IPv6 AP Multicast/Broadcast Mode............ Multicast   Address : ::
IGMP snooping............................... Disabled
IGMP timeout................................ 60 seconds

--More-- or (q)uit
IGMP Query Interval......................... 20 seconds
MLD snooping................................ Disabled
MLD timeout................................. 60 seconds
MLD query interval.......................... 20 seconds
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds
Cisco AP Default Master..................... Disable
AP Join Priority............................ Disable
Mgmt Via Wireless Interface................. Disable
Mgmt Via Dynamic Interface.................. Disable
Bridge MAC filter Config.................... Enable
Bridge Security Mode........................ EAP
Mesh Full Sector DFS........................ Enable
Mesh Backhaul RRM........................... Disable
AP Fallback ................................ Enable
AP EasyAdmin ............................... Disable
AP Virtual IP .............................. 10.1.0.6
Web Auth CMCC Support ...................... Disabled
Web Auth Redirect Ports .................... 80
Web Auth Proxy Redirect  ................... Disable
Web Auth Captive-Bypass   .................. Disable
Web Auth Secure Web  ....................... Enable
Web Auth Secure Web Cipher Option  ......... Disable

--More-- or (q)uit
Web Auth Secure Web Sslv3  ................. Disable
Web Auth Secure Redirection  ............... Enable
Web Auth AP Ethernet MAC in Redirection .... Disable
Fast SSID Change ........................... Enabled
Max WLAN Supported ......................... 512
IP/MAC Addr Binding Check .................. Enabled
Link Local Bridging Status ................. Disabled
CCX-lite status ............................ Disable
oeap-600 dual-rlan-ports ................... Disable
oeap local-network ......................... Enable
oeap-600 Split Tunneling (Printers)......... Disable
mDNS snooping............................... Disabled
mDNS Query Interval......................... 15 minutes
Web Color Theme............................. Default
Capwap Prefer Mode.......................... IPv4
Network Profile............................. Disabled
Client ip conflict detection (DHCP) ........ Disabled
Mesh BH RRM ................................ Disable
Mesh Aggressive DCA......................... Disable
Mesh Auto RF................................ Disable
HTTP Profiling Port......................... 80
HTTP-Proxy Ip Address....................... 0.0.0.0
HTTP-Proxy Port............................. 80

--More-- or (q)uit
WGB Client Forced L2 Roam................... Disabled
DHCP Timeout (seconds)...................... 120

marce1000 · ‎11-25-2020

- It seems to be using an invalid certificate for https. Try to look into that further, perhaps the searching powers of the net may lead you further in the right direction.

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

ash.upadhyay · ‎10-17-2023

try config network mgmt-via-wireless enable