SDM 404 error

paul_dunlevy · ‎01-07-2008

Hi All,

I'm a bit stuck in my ways and generally prefer the CLI, but I've recently decided to explore the SDM. I was quite impressed with it until I managed to break it! I upgraded a router from 12.3 to 12.4 (both advsecurity feature sets) and the SDM is now giving me a 404 error (URL http://x.x.x.x:8080/archive/flash:home/html/home_aux.shtml)

I need to PAT a web server to the interface address, hence the "8080" port for SDM. I've changed that in the config with - "ip http port 8080"

I think the correct files are in flash

1 22971552 Dec 28 2007 15:34:48 +00:00 c2800nm-advsecurityk9-mz.124-18.bin

2 6389760 Jan 3 2008 23:55:54 +00:00 sdm.tar

3 1505280 Jan 4 2008 00:36:24 +00:00 common.tar

4 931840 Jan 4 2008 00:37:18 +00:00 es.tar

5 112640 Jan 4 2008 00:37:44 +00:00 home.tar

6 1038 Jan 4 2008 00:39:34 +00:00 home.shtml

7 793739 Jan 4 2008 00:42:36 +00:00 256MB.sdf

8 527849 Jan 4 2008 00:43:16 +00:00 128MB.sdf

9 2748 Jan 4 2008 00:43:52 +00:00 sdmconfig-2811.cfg

10 1697952 Jan 4 2008 00:45:30 +00:00 securedesktop-ios-3.1.1.45-k9.pkg

11 415956 Jan 4 2008 00:45:58 +00:00 sslclient-win-1.1.4.176.pkg

12 840 Dec 20 2007 19:35:46 +00:00 vlan.dat

I tried to upgrade SDM to 2.5 by tftp'ing the files across but it made no difference. Using the Windows installer doesn't work, it dies tring to RCP the files across.

Does anyone know how SDM works and what sort of things I should look at next?

Any help would be appreciated.

Thanks,

Paul.

paul_dunlevy · ‎01-07-2008

I found the problem but I'll leave this here for anyone else who has the same issue.

Installing the SDM locally on the PC and changing the IE advance options to "Allow active content to run

in files on my computer" works.

It still does not work when launched directly from a browser, but that may because I've changed the port number.

Regards,

Paul.

Hieu Cao · ‎01-09-2008

I've recently upgraded one of my test router 2811 to SDm 2.5 and it worked fine.

You don't actually copy the files over but run the setup.exe and follow the onscreen instruction to complete the upgrade process.

Can you post your router config.

paul_dunlevy · ‎01-10-2008

That's the first thing I tried and RCP is failing. To be honest I'm happy with the local install at this point. Thanks for the reply anyway.

dnoc43 · ‎01-14-2008

I am having the same problem. The setup.exe fails so I installed manually. Using the debug ip html pages command. I noticed

The router that is not working I get:

notice the tar file its trying to open??? home_aux.shtml.tar???

000065: *Jan 13 23:29:36.487 NewYork: HTML: Unable to open file flash:home/html/home_aux.shtml.tar (requesting html/home_aux.shtml).

000066: *Jan 13 23:29:36.491 NewYork: HTML: Unable to open file flash:home/html/home_aux.shtml.tar (requesting html/home_aux.shtml).

On a different router that is working I see that it is opening the correct .tar file. See below.

015491: *Jan 13 22:35:31.666 NewYork: HTML: open tar = flash:home.tar, file = html/home_aux.shtml

015492: *Jan 13 22:35:31.746 NewYork: HTML: open tar = flash:home.tar, file = html/home_aux.shtml

015493: *Jan 13 22:35:31.810 NewYork: HTML: open tar = flash:home.tar, file = html/home_aux.shtml

tfrentzCCNA · ‎12-20-2010

I am getting the same error now I can't figure it out.

4944: 004939: Dec 20 12:41:56.046 MDT: HTML: Unable to open file flash:home/html/home_aux.shtml.tar (requesting html/home_aux.shtml).

PackerNation#sh running-config
Building configuration...

Current configuration : 8375 bytes
!
! Last configuration change at 11:03:43 MDT Mon Dec 20 2010
! NVRAM config last updated at 12:43:49 MDT Sat Dec 18 2010
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname ***********

!
boot-start-marker
boot-end-marker
!
logging userinfo
logging buffered 51200
logging console critical

enable secret

!
no aaa new-model
clock timezone MDT -7
clock summer-time MDT date Apr 6 2003 2:00 Oct 26 2003 2:00
!
!
crypto removed
!
!
!
dot11 ssid
   vlan 2
   authentication open
   authentication key-management wpa
!
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address x.x.x.x
ip dhcp excluded-address x.x.x.x
ip dhcp excluded-address x.x.x.x

!
ip dhcp pool ccp-pool
   import all
   network x.x.x.x x.x.x.x
   default-router x.x.x.x

lease infinite
!
ip dhcp pool ccp-pool1
network x.x.x.x x.x.x.x

dns-server x.x.x.x x.x.x.x

default-router x.x.x.x
!
!
ip cef
no ip bootp server
no ip domain lookup
!
!
!

archive
log config
hidekeys
!
!
ip tcp synwait-time 10
!
bridge irb
!
!
interface Null0
no ip unreachables
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
switchport access vlan 2
!
interface FastEthernet4
description $ETH-WAN$$FW_OUTSIDE$
ip address dhcp client-id FastEthernet4
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface Dot11Radio0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
!
encryption vlan 2 mode ciphers aes-ccm
!
broadcast-key vlan 2 change 30
!
!
ssid
!
mbssid
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Dot11Radio0.2
encapsulation dot1Q 2 native
ip flow ingress
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
ip address x.x.x.x x.x.x.x

ip access-group 100 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Vlan2
no ip address
bridge-group 1
!
interface BVI1
description $FW_INSIDE$
ip address x.x.x.x x.x.x.x

ip access-group 102 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip flow-top-talkers
top 5
sort-by bytes
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 2
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source static udp x.x.x.x 5060 interface FastEthernet4 5060
ip nat inside source static tcp x.x.x.x 8088 interface FastEthernet4 8088
!
logging trap debugging
logging x.x.x.x
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 remark local
access-list 1 permit x.x.x.x 0.0.0.15
access-list 1 remark Wireless Lan
access-list 1 permit x.x.x.x.0 0.0.0.31
access-list 23 remark CCP_ACL Category=17
access-list 23 permit x.x.x.x
access-list 23 permit x.x.x.x
access-list 23 permit x.x.0.0 0.0.0.15
access-list 23 remark Wireless Lan
access-list 23 permit x.x.x.0 0.0.0.31
access-list 100 remark CCP_ACL Category=1
access-list 100 permit tcp x.x.x.0 0.0.0.15 host x.x.x.x eq telnet
access-list 100 permit tcp host x.x.x.x host x.x.x.x eq 22
access-list 100 permit tcp x.x.x.0 0.0.0.15 host x.x.x.x eq 22
access-list 100 permit tcp host x.x.x.x host x.x.x.x eq 22
access-list 100 permit tcp x.x.x.x 0.0.0.15 host x.x.x.x eq www
access-list 100 permit tcp host x.x.x.x host x.x.x.x eq 443
access-list 100 permit tcp x.x.x.x 0.0.0.15 host x.x.x.x eq 443
access-list 100 permit tcp host x.x.x.x host x.x.x.x eq 443
access-list 100 permit tcp host x.x.x.x host x.x.x.x eq cmd
access-list 100 permit tcp x.x.x.x 0.0.0.15 host x.x.x.x eq cmd
access-list 100 permit tcp host x.x.x.x host x.x.x.x eq cmd
access-list 100 deny   tcp any host x.x.x.x eq telnet
access-list 100 deny   tcp any host x.x.x.x eq 22
access-list 100 deny   tcp any host x.x.x.x eq www
access-list 100 deny   tcp any host x.x.x.x eq 443
access-list 100 deny   tcp any host x.x.x.x eq cmd
access-list 100 deny   udp any host x.x.x.x eq snmp
access-list 100 permit ip any any
access-list 102 remark CCP_ACL Category=1
access-list 102 permit tcp x.x.x.x 0.0.0.31 host x.x.x.x eq telnet
access-list 102 permit tcp x.x.x.x 0.0.0.31 host x.x.x.x eq 22
access-list 102 permit tcp x.x.x.x 0.0.0.31 host x.x.x.x eq www
access-list 102 permit tcp x.x.x.x 0.0.0.31 host x.x.x.x eq 443
access-list 102 permit tcp x.x.x.x 0.0.0.31 host x.x.x.x eq cmd
access-list 102 deny   tcp any host x.x.x.x eq telnet
access-list 102 deny   tcp any host x.x.x.x eq 22
access-list 102 deny   tcp any host x.x.x.x eq www
access-list 102 deny   tcp any host x.x.x.x eq 443
access-list 102 deny   tcp any host x.x.x.x eq cmd
access-list 102 deny   udp any host x.x.x.x eq snmp
access-list 102 permit ip any any
no cdp run

!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner exec
banner login
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
access-class 23 in
access-class 23 out
privilege level 15
login local
transport input telnet ssh
transport output ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
ntp clock-period 17175052
ntp server 207.46.232.182 source FastEthernet4 prefer

!
webvpn cef
end
all Flash files are here
3 -rwx        1038 Dec 18 2010 19:55:41 -07:00 home.shtml
    4 -rwx        3179 Dec 18 2010 19:55:41 -07:00 sdmconfig-8xx.cfg
    5 -rwx      112640 Dec 18 2010 19:55:46 -07:00 home.tar
    6 -rwx      931840 Dec 18 2010 19:56:27 -07:00 es.tar
    7 -rwx     1505280 Dec 18 2010 19:57:45 -07:00 common.tar
    8 -rwx         660 Dec 13 2010 04:29:06 -07:00 vlan.dat
    9 -rwx     2242560 Dec 18 2010 20:01:05 -07:00 wlanui.tar

I am using the router to study for my CCNA so I just need to get pointed in the correct direction.

Thanks