877W - Lost SDM access

Unanswered Question
Mar 30th, 2007

My new 877W router was configured by a technitian using command line interface. As a consequence I have now lost the use of the SDM program that came with the router.

The error message says that http/https access must have been disabled.

Not being too familiar with IOS commands I am not even able to change the original username and password (which warries me greatly).

Can any advise how I can get the use of the SDM program back on this router? Will greatly appreciate any help

RP

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ahmet-saat Sat, 03/31/2007 - 08:50

hi,

Here what you can do,

1- Get a connection to router console

You can use following link how can you do this,

http://www.cisco.com/warp/public/63/terminal_settings.html

2- Router> ena

This will get you to privilidge mode. If it asks for a password enter password.

3- Router# conf t

This will get you to Configuration mode

4- Router(config)# ip http server

5- Router(config)# ip http secure-server

These commands will enable HTTP and HTTPS

6- Router(config)# end

7- Router# copy run start

You can find more information about SDM by clicking the following link

http://www.cisco.com/en/US/products/sw/secursw/ps5318/index.html

RatanPrakash Sat, 03/31/2007 - 16:04

Hi,

Thanks for your suggestion. It still doesn't work. It appears there are some discrepencies in ip settings in the configurstion.

Here is a copy of the config settings. For obvious reasons I have removed or blocked out the security info.

Any ideas what is wrong with this config?

Current configuration : 4847 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname yourname

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

!

no aaa new-model

!

resource policy

!

ip subnet-zero

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1

!

ip dhcp pool sdm-pool

import all

network 10.10.10.0 255.255.255.248

default-router 10.10.10.1

lease 0 2

!

!

no ip domain lookup

ip domain name yourdomain.com

!

!

crypto pki trustpoint

username cisco privilege 15 secret xxx

username <******> privilege 15 secret 5 <***********************>.

!

!

!

!

!

interface ATM0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.1 point-to-point

pvc 0/100

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Dot11Radio0

no ip address

shutdown

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0

54.0

station-role root

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$

ip address 10.55.210.254 255.255.255.0

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

!

interface Dialer1

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname <*******>

ppp chap password 0 <*******>

ppp pap sent-username <*******> password 0 <********>

!

ip classless

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source list 1 interface Dialer1 overload

ip nat inside source static tcp 10.55.210.10 443 interface Dialer1 443

ip nat inside source static tcp 10.55.210.10 25 interface Dialer1 25

ip nat inside source static tcp 10.55.210.10 80 interface Dialer1 80

!

access-list 1 permit 10.55.210.0 0.0.0.255

access-list 23 permit 10.10.10.0 0.0.0.7

no cdp run

!

control-plane

!

banner login ^C

-----------------------------------------------------------------------

Cisco Router and Security Device Manager (SDM) is installed on this device.

This feature requires the one-time use of the username "cisco"

with the password "cisco". The default username and password have a privilege le

vel of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI

Here are the Cisco IOS commands.

username privilege 15 secret 0

no username cisco

Replace and with the username and password you want to use

.

For more information about SDM please follow the instructions in the QUICK START

GUIDE for your router or go to http://www.cisco.com/go/sdm

-----------------------------------------------------------------------

^C

!

line con 0

login local

no modem enable

line aux 0

line vty 0 4

access-class 23 in

privilege level 15

password cisco

login

transport input telnet ssh

!

scheduler max-task-time 5000

end

Actions

This Discussion