AP541N Management Issues

Unanswered Question
Feb 8th, 2010

Hi:

I recently adquired an AP541N Version AP541N-K9-1.7(2) and found that it has telnet and ssh ports open and cannot find a way to block access through this ports.

SSH and TELNET console are linux, it looks like a customized linux distro. I dont like anybody begin to play with that. How can i block that?

Also the default user name is cisco, is not possible to change that? I tried through web console but the device never accept other username than cisco for login.

Regards.

Leo

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Christian Woege... Thu, 06/30/2011 - 03:35

Hello Leo!

There's a possibility to change the name of the admin-user "cisco" to another by editing the saved configuration xml-file:

1) Save the configuration into the config.xml

2) Open the saved configuration file config.xml in a texteditor

3) Search for cisco

4) Change it to your-admin-account

5) Save the config.xml

6) Upload the config-file to your AP541N and reboot

7) Login with the new Username

At the moment I didn't find where and how the password is stored. I also didnt't try out what happens, when the firmare is updated. Perhaps the custom admin-name is overwriten.

Regarding your request for blocking telnet and ssh:

1) Login to your AP541N

2) Enter this command on the CLI: set ssh status down

3) Enter this command on the CLI: set telnet status down

4) Enter this command on the CLI: save-running

Now telnet and ssh should be disabled.

Regards,

Woger


regards,

Woger

aalogin2009 Sat, 07/23/2011 - 20:48

Hi Woger, thanks for your tip re the admin username, works a treat.

I am now trying to change the password, cant see a spot for that in the XML and the "change admin password" built into the GUI doesnt work.

Tried rebooting the AP, but no joy there either, gear is an AP541N and fw 2.0(0)

Any tips greatly appreciated

Christian Woege... Mon, 07/25/2011 - 05:01

Hello aalogin2009!

I think the password can not be changed after editing the XML-config. I think there is a bug in the firmware, because the name of the admin is also not changeable via the WEB-GUI because the name is hardcoded in the XML. So when you change the name of the admin in the XML-Config, the WEB-GUI "can't find" the user whose password should be changed.

Try to rename the admin-name to default, change the password via WEB-GUI and change it back to your custom name. This is an awfull workaround but as long as the name of the admin-name can't be changed via WEB-GUI, I think this is the only way.

If you've got a Service-Contract on your AP541N make a service-call an request this "feature". If cisco got many of this requests, perhaps they will fix this issue in an upcomming release.

BR,

Woger

Actions

This Discussion