CNA 5.x and SSH

Unanswered Question
aborole Tue, 01/22/2008 - 17:19

Do you mean without using HTTP ? CNA manages the device using HTTP/HTTPS

aborole Wed, 01/23/2008 - 19:37

For CNA to communicate securely with the devices, it can use HTTPS. This means the switch needs to be running a crypto (k9) image. Once you have that and configure the command "ip http secure-server" you can start using HTTPS - so CNA will discover the device and use HTTPS for communicating.

Please let me know if this helps.

Here are some details about the switches...They are all Cisco Catalyst 2950 24 port switches and they are running the 12.1(22)E8a crypto image. I have successfully configured ssh on the switches, but I do not see an option for ip http secure-server when I enter global config mode.

Any thoughts?

Thank you again for your help.

aborole Thu, 01/24/2008 - 10:20

can you paste the output of the command "show ip http server status" ? It should tell us if secure server is running or not

aborole Fri, 01/25/2008 - 12:01

It seems that SSL support is not available in the 12.1 IOS images and 2950 is still on 12.1 images so it will not support SSL so you cannot enable secure server. new devices like 2960 have SSL support.


This Discussion