First time setup of 1841 / No access via SDM

CNTSYSNETAG · ‎05-22-2008

Hello,

I set up my Cisco 1841 and I try to access the device using SDM. SDM seems to be installed on the Cisco 1841 ("Cisco Router and Security Device Manager (SDM) is installed on this device."), but it is not possible to access the device via SDM. I started the SDM launcher on my PC, entered the IP address of the Cisco, then a new window opens in my browser saying "Application will open in another window. If you wish, you can close this window.", but then nothing happens. I can ping the Cisco from my PC and I can ping the PC from the Cisco. Here is the current config:

--------------------

abc-gw#show running-config

Building configuration...

Current configuration : 2467 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname abc-gw

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

enable secret xxx

enable password xxx

!

no aaa new-model

!

resource policy

!

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

ip subnet-zero

ip cef

!

no ip dhcp use vrf connected

!

ip domain name yourdomain.com

!

username cisco privilege 15 secret xxx

!

interface FastEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$

ip address 192.168.4.20 255.255.255.0

speed auto

full-duplex

no mop enabled

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/0/0

shutdown

!

interface FastEthernet0/0/1

shutdown

no mop enabled

!

interface FastEthernet0/0/2

shutdown

!

interface FastEthernet0/0/3

shutdown

!

interface Vlan1

no ip address

shutdown

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.4.1

!

ip http server

ip http access-class 23

ip http authentication local

ip http timeout-policy idle 60 life 86400 requests 10000

!

access-list 20 permit 0.0.0.0 255.255.255.0

access-list 23 permit 10.10.10.0 0.0.0.7

access-list 23 permit 0.0.0.0 255.255.255.0

dialer-list 1 protocol ip permit

!

control-plane

!

banner login ^C

-----------------------------------------------------------------------

Cisco Router and Security Device Manager (SDM) is installed on this device.

This feature requires the one-time use of the username "cisco"

with the password "cisco". The default username and password have a privilege level of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI.

Here are the Cisco IOS commands.

username <myuser> privilege 15 secret 0 <mypassword>

no username cisco

Replace <myuser> and <mypassword> with the username and password you want to use.

For more information about SDM please follow the instructions in the QUICK START

GUIDE for your router or go to http://www.cisco.com/go/sdm

-----------------------------------------------------------------------

^C

!

line con 0

login local

line aux 0

line vty 0 4

access-class 23 in

privilege level 15

password )(!!,mqp!75

login local

transport input telnet

line vty 5 15

access-class 23 in

privilege level 15

password )(!!,mqp!75

login local

transport input telnet

!

end

--------------------

Any idea why I cannot access the device using SDM?

Wantser1981_2 · ‎05-22-2008

Your http access list (ACL 23) is incorrect.

I take it your machine is on the 192.168.4.x/24 network?

If so you need to allow

permit 192.168.4.0 0.0.0.255

You are currently matching against the network 10.10.10.0/29 and anything with a x.x.x.0 address which is invalid. Failing that remove "ip http access-class 23".

Also, I would enable ip http secure-server. I think SDM will require this from memory.

HTH

Andy

CNTSYSNETAG · ‎05-23-2008

Thank you! Now it works.