11-25-2020 03:19 AM - edited 07-05-2021 12:49 PM
I have an 1850 access point running Mobility Express. It is working fine as an access point and I can SSH into it no problem, however, I cannot access the web interface using any browser. Tried Safari or Chrome.
When I connect using Chrome using https://ip, it shows me this message:
Your connection is not private Attackers might be trying to steal your information from <REDACTED>.150 (for example, passwords, messages or credit cards). Learn more NET::ERR_CERT_INVALID Help improve security on the web for everyone by sending URLs of some pages that you visit, limited system information, and some page content to Google. Privacy policy <REDACTED>.150 normally uses encryption to protect your information. When Google Chrome tried to connect to <REDACTED>.150 this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be <REDACTED>.150, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged. You cannot visit <REDACTED>.150 at the moment because the website sent scrambled credentials that Google Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.
When I connect using http, it prompts me for the username and password and then returns:
This page isn’t working x.x.x.150 didn’t send any data. ERR_EMPTY_RESPONSE
Would anyone see anything wrong with my config here? I am trying to use the defaults and connecting over http is fine for my case as this is at home.
(Cisco Controller) > (Cisco Controller) >show sysinfo Manufacturer's Name.............................. Cisco Systems Inc. Product Name..................................... Cisco Controller Product Version.................................. 8.10.130.0 OUI File Last Update Time........................ N/A System Name...................................... 1850 Controller System Location.................................. System Contact................................... System ObjectID.................................. 1.3.6.1.4.1.9.1.2250 IP Address....................................... <REDACTED>.150 Last Reset....................................... 1: reload command System Up Time................................... 0 days 0 hrs 46 mins 42 secs System Timezone Location......................... (GMT) London, Lisbon, Dublin, Edinburgh System Stats Realtime Interval................... 5 System Stats Normal Interval..................... 180 Configured Country............................... IE - Ireland State of 802.11b Network......................... Enabled State of 802.11a Network......................... Enabled --More-- or (q)uit Number of WLANs.................................. 2 Number of Active Clients......................... 16 OUI Classification Failure Count................. 69 Memory Current Usage............................. 69 Memory Average Usage............................. 69 CPU Current Usage................................ 4 CPU Average Usage................................ 5 Flash Type....................................... Compact Flash Card Flash Size....................................... 1073741824 Burned-in MAC Address............................ <REDACTED>:C0 Maximum number of APs supported.................. 50 System Nas-Id.................................... WLC MIC Certificate Types........................ SHA1/SHA2 (Cisco Controller) > (Cisco Controller (Cisco Controller) > (Cisco Controller) >show network summary RF-Network Name............................. 1850 Controller DNS Server IP1.............................. <REDACTED>.1 DNS Server IP2.............................. 208.67.222.222 DNS Server IP3.............................. 208.67.220.220 Web Mode.................................... Enable Secure Web Mode............................. Enable Secure Web Mode Cipher-Option High.......... Enable Secure Web Mode SSL Protocol................ Disable OCSP........................................ Disabled OCSP responder URL.......................... Network 2-factor-authentcation.............. Disable 2FA Username field ..................... Common Name Secure Shell (ssh).......................... Enable Secure Shell (ssh) Cipher-Option High....... Enable Telnet...................................... Disable Ethernet Multicast Forwarding............... Disable Ethernet Broadcast Forwarding............... Disable IPv4 AP Multicast/Broadcast Mode............ Multicast Address : 0.0.0.0 IPv6 AP Multicast/Broadcast Mode............ Multicast Address : :: IGMP snooping............................... Disabled IGMP timeout................................ 60 seconds --More-- or (q)uit IGMP Query Interval......................... 20 seconds MLD snooping................................ Disabled MLD timeout................................. 60 seconds MLD query interval.......................... 20 seconds User Idle Timeout........................... 300 seconds ARP Idle Timeout............................ 300 seconds Cisco AP Default Master..................... Disable AP Join Priority............................ Disable Mgmt Via Wireless Interface................. Disable Mgmt Via Dynamic Interface.................. Disable Bridge MAC filter Config.................... Enable Bridge Security Mode........................ EAP Mesh Full Sector DFS........................ Enable Mesh Backhaul RRM........................... Disable AP Fallback ................................ Enable AP EasyAdmin ............................... Disable AP Virtual IP .............................. 10.1.0.6 Web Auth CMCC Support ...................... Disabled Web Auth Redirect Ports .................... 80 Web Auth Proxy Redirect ................... Disable Web Auth Captive-Bypass .................. Disable Web Auth Secure Web ....................... Enable Web Auth Secure Web Cipher Option ......... Disable --More-- or (q)uit Web Auth Secure Web Sslv3 ................. Disable Web Auth Secure Redirection ............... Enable Web Auth AP Ethernet MAC in Redirection .... Disable Fast SSID Change ........................... Enabled Max WLAN Supported ......................... 512 IP/MAC Addr Binding Check .................. Enabled Link Local Bridging Status ................. Disabled CCX-lite status ............................ Disable oeap-600 dual-rlan-ports ................... Disable oeap local-network ......................... Enable oeap-600 Split Tunneling (Printers)......... Disable mDNS snooping............................... Disabled mDNS Query Interval......................... 15 minutes Web Color Theme............................. Default Capwap Prefer Mode.......................... IPv4 Network Profile............................. Disabled Client ip conflict detection (DHCP) ........ Disabled Mesh BH RRM ................................ Disable Mesh Aggressive DCA......................... Disable Mesh Auto RF................................ Disable HTTP Profiling Port......................... 80 HTTP-Proxy Ip Address....................... 0.0.0.0 HTTP-Proxy Port............................. 80 --More-- or (q)uit WGB Client Forced L2 Roam................... Disabled DHCP Timeout (seconds)...................... 120
11-25-2020 06:04 AM
- It seems to be using an invalid certificate for https. Try to look into that further, perhaps the searching powers of the net may lead you further in the right direction.
M.
10-17-2023 06:56 AM
try config network mgmt-via-wireless enable
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide