First please excuse my lack of knowledge, today is my 2nd day ever touching a Cisco equipment.
I got this router, and i want to use it at home for my 8 static IPs. I will have one firewall behind this router, which connects me to the corporate VPN, I will have another wireless router behind the cisco for my home network, and a few servers, mail www, etc. All these on a different static IP.
I established a Console connection to the 806, and I am able to log in, etc. I believe that Factory Default would enable DHCP service, and allow me to manage through the Web on 10.10.10.1 . Now, when I reset it to factory (I hope I did), I wasnt able to connect through the web, so went back to the console, and I see that the setting is completely blank, no default settings applied. How can I get it back to real factory default? Being a beginner, a web interface would help me a lot I believe.
Through the console I managed to set up IP addresses for both interfaces, and DHCP on eth0, and I am able to reach the router via Web, but it isnt working. It loads, asks a username and password. I supply the password I gave with "enable secret" command, and it goes on, then says router is not connected, check cables, etc. I am able to see the Cisco opening site, so I am 100% sure the connection is live, however it wouldnt let me do anything there. Also I noted that when I connect via web, it asks for username and password, although I only have a password I think.
I am sure my post is full of nonsense, again, please excuse this for me.
Thanks a lot for any help,
Log into the Router via the console, do a SHOW INTERFACE to see if your interfaces are UP & UP. If they are not, this will be some indication of what is wrong (i.e. wrong cable, etc). If they are UP & UP, make sure you have an access-list that allows your inside network to get out.
If you want to reset to factory default you can run the SETUP command from enable or config T mode. This will prompt you for IP address and other info about protocols. Good luck.
Yes, the interface is up, as I am able to log in with Telnet, and also with Web, and I am even prompted for login, just it isnt letting me on for some reason. There is no auth error in IE either. I also tried a wrong password, it then re-prompts me for credentials, and when I enter my secret password with no username, it goes through, and then drops me. But like I said, I can even see the Web-UI of the Cisco router, so the connection is evident.
Thanks for any help,
This is the running-config currently. As I was playing with it, now its a bit different than how it was when I first posted. I did a reset to Factory Defaults, and I went through the initial configuration. The only difference I can see is that now HTTP is disabled. When it was enabled, I had the login problem.
Do you see anything obvious?
Also, if I find a good configuration example on the internet, how do I upload it to the router?
Current configuration : 589 bytes
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
enable secret 5 scrambled password here
enable password unscrambled password here
ip address 192.168.1.254 255.255.255.0
hold-queue 100 out
ip address xxx.xxx.xxx.xxx 255.255.248.0
no ip http server
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
line con 0
line vty 0 4
password unscrambled password here
scheduler max-task-time 5000
Thanks for the link, but it didnt really help me. I am not trying to set up VPN, and I already found a good configuration which will work for me, I just dont know how to upload a config file to the router, or do I have to add the entries one by one?
As for HTTP access, I added the entries to the Console:
ip http server
ip http access-class 24
access-list 24 allow any
The access-class and access-list I copied from your link. Still the same, router is managable through Telnet, but not HTTP. If telnet works, I can safely state I guess that the Ethernet interface is fine. Is there anything I can do about this?
You can copy and paste your config. Edit the config file you have to your liking and then:
- connect to the router via console.
- enter global config mode
- now copy your config file and paste it at the prompt.
You can also copy the file via tftp but try the copy&paste first.
Ben, the web interface that you are referring to is CRWS.
The following document is a good read:
Cisco Router Web Setup 3.3 Troubleshooting Guide
Try creating a user.
username < > password < >
Now, every time you login using the web interface, provide the username/password specified above.
If this does not work, you may add try the following in addition to the above step:
line vty 0 4
Now, even for telnet the same username and password would be used.
If this works, do rate it.
Thanks copy paste works like a charm.
The user was created, but it wont let me in. Is it by default a level 15 access? What I see in the config after creating the user:
username (xzy) password 0 (xyz)
Does it mean a level 0 access, or I am mistaken?
I will read the documentation when I get home, hoping I can advance further.
Thanks, and any suggestions are still welcome. What is strange, that now with the username I created it bounces the prompt back, and after 3 tries, it says Authentication Failure. If I try it without a username, and use my secret password, it lets me in, but it never loads properly. It still complains that the browser is unable to talk to the router.
The 0 after password is "encryption-type". It
defines whether the text immediately following is encrypted, and, if so, what type of encryption is used. Currently defined encryption types are 0, which means that the text immediately following is not encrypted, and 7, which means that the text is encrypted using a Cisco-defined encryption algorithm.
Also, the default privilege level is '1'. Level 15 is the level of access permitted by the enable password.
If you are successfully authenticated using just the password then it could be a browser related problem due to some java components may be. I feel that the document that I included in my last post should be helpful.
Thanks for your answer. I went through the whole documentation, and all seems well. The files are in the webflash, and all other looks good too. I can only imagine this point that the IOS is bad, or corrupt. Do you think that sounds reasonable?
Other than that, here is the portion of the config file which relates to the vty line, could you verify that its correct?
As for browsers I tried it from 2 PC, one with Windows and IE and Firefox, and from a Debian linux with Firefox. Same goes for all.
line con 0
line vty 0 4
exec-timeout 0 0
The vty line here is configured for local authentication. So, the username and password configured in global configuration mode would be used. The password specified under vty 0 4 is not used. Also, can you please copy and paste the exact error message that you get along with show run.
The 0 in this case indicates a clear text password.
If your password was included in the copy&paste operation, then there might be an extra space unintentionally tagged onto the end of the password. So try to login with an extra space character at the end.
I have reset the router to factory defaults by rommon1>confreg 0x142 and used the copy-paste to upload a configuration which has no password protection. Now I am able to log in to the router, but the 2 day effort for getting this to work doesnt seem to pay back. I find the web interface less useful than it is in a $50 Linksys router :( Is this normal that the web interface is lacking?
On top, when I clicked on Router Features, and Firewall beneath it, I got a "Feature is not supported" message.
Does it mean that Firewall is not supported by this router?