×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Configure the HTTP/HTTPS Service Task on the WAP125 Wireless-AC/N Dual Band Desktop Access Point with PoE

Document

Thu, 06/15/2017 - 23:00
Jun 14th, 2017
User Badges:

Cisco Support Community

Article ID: 5595

Objective

HyperText Transfer Protocol Secure (HTTPS) is a transfer protocol that is more secure than HTTP. The access point can be managed through both HTTP and HTTPS connections when the HTTP/HTTPS servers are configured. Some web browsers use HTTP while others use HTTPS. An access point must have a valid Secure Socket Layer (SSL) certificate to use HTTPS services.

Why do we need to configure the HTTP/HTTPS Service Task?

This feature is useful to keep out rogue hosts from accessing the web-based utility. Using the Management Access Control List, it allows you to specify up to 10 IP addresses, five for IPv4 and five for IPv6 to have access to the web-based utility.

The objective of this document is to show you how to fortify your network by showing you how to configure the HTTP/HTTPS Service Task on the WAP125.

Applicable Devices

  • WAP125

Software Version

  • 1.0.0.3

Gather the Support Information

Step 1. Log in to the web-based utility and choose System Configuration > Management.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%201.PNG

Step 2. In the Maximum Sessions field under Connect Session Settings, enter a value from 1 to 10 to set the maximum number of simultaneous web sessions. A session is created each time a user logs on to the device. If the maximum session is reached then the next user who attempts to log on into the device with HTTP or HTTPS service is rejected. The default is 5.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%202.PNG

Step 3. In the Session Timeout field, enter a value between 2 and 60 minutes to set the time the web session can remain idle. The default value is 10 minutes.

Note: In this example, 13 is used.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%203.PNG

Step 4. Check the Enable HTTP Service check box to allow web sessions to be connected through HTTP.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%204.PNG

Step 5. (Optional) Click More to view more options and configure a port number.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%205.PNG

Step 6. In the HTTP Port field, enter a logical port number to use for HTTP connections. The port value ranges from 1025 to 65535. The default well-known port for HTTP connections is 80.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%206.PNG

Step 7. (Optional) Check the Redirect HTTP to HTTPS check box to allow the browser to redirect you to a more secure protocol, HTTPS upon establishing a web session.

Note: This option is only available if HTTP Service check box is disabled in Step 4. In this example, this option is checked.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%207.PNG

Step 8. Click OK to return to the Management page and continue with the configuration.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%208.PNG

Step 9. Check the Enable HTTPS Service check box to allow web sessions to be established through a secured protocol, HTTPS. This option is enabled by default.

Note: If this option is disabled, any existing connections using the HTTPS are disconnected.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%209.PNG

Step 10. Click More to define a port to be used by HTTPS and to choose Transport Layer Security Versions to be used on HTTPS.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%2010.PNG

Step 11. Under the HTTPS Port area, check the check boxes of the following security protocols that are used over HTTPS:

  • TLSv1.0 — Transport Layer Security version 1 (TLSv1) is a cryptographic protocol that provides security and data integrity for communication over the Internet.
  • TLSv1.1 — An improved version of the first version of the TSLv1, improves the data security and integrity for communication.
  • SSLv3 — Secured Socket Layer version 3 (SSLv3) is a protocol that is used over HTTPS to establish secured sessions and communication over the Internet.

Note: In this example, all check boxes are checked.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%2011.PNG

Step 12. In the HTTPS Port field, enter a logical port number to use for HTTPS connections. The default well-known port is 443.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%2012.PNG

Step 13. Click OK to continue.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%2013.PNG

Step 14. Check the Enable ACL Mode check box to specify an Access Control List (ACL) of IP addresses that are permitted to access the web-based utility. If this feature is disabled, then this grants access to the web-based utility.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%2014.PNG

Step 15. Click More to specify a list of IPv4 and IPv6 addresses permitted to access the web-based utility.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%2015.PNG

Step 16. In the IPv4 and IPv6 address fields, enter the administrative IP addresses in the respective formats that will be granted access to the web-based utility.

Tip: Assign static IP addresses to the administrative IP addresses.

Note: In this example, 192.168.2.123 is used as the IPv4 administrative address and fdad:b197:cb72:0000:0000:0000:0000:0000 is used as the IPv6 administrative address.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%2016.PNG

Step 17. Click OK.

AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%2017.PNG

Step 18. Click AB_Configure%20HTTPS%20on%20the%20WAP125_06012017_Step%2018.PNG.

You should now have successfully configured the HTTP/HTTPS Service Task on the WAP125.

Loading.

Actions

This Document