Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SRP527W SSH user/password?

Hi all, im having trouble setting up site to site vpn from my 527w to my 877 series and thought it would be much easier to see whats going on the 527 if i could see command line

so ive ssh'd to the 527s ip address but none of the usernames/password combos work that let me in the web gui, what are the logins? does anybody know?

Thanks

9 REPLIES
New Member

Re: SRP527W SSH user/password?

To access the WEB GUI of this device there are 2 different logins

that you can use. You can use cisco, cisco as the username and password or

admin,admin as the username and password. I would reccommend logging in as admin,admin. You

will see more available options under admin.

THANKS

New Member

Re: SRP527W SSH user/password?

hi yeah, i found those accounts and have logged in with those, but when i ssh to the ip address of the router i get login prompt but neither credentials work, and i cant find any ssh access info in the web gui logged in as an admin

is ssh enabled but no account can use it?

New Member

Re: SRP527W SSH user/password?

Hi, were u able to get resolution/answer for this, I'm experiencing the same thing.

Cisco Employee

Re: SRP527W SSH user/password?

Hi All,

The SSH interface is protected by a device  specific password that may only be accessed by Cisco engineering staff.   There is no command line interface hidden behind this password, so would  be of limited use to most users.

That said, you might find the following useful in setting up a VPN between the SRP and IOS device:

Consider the following network:

This is the IOS configuration:

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

lifetime 28800

crypto isakmp key SECRET-KEY address 192.168.200.162

!

!

crypto ipsec transform-set SETNAME esp-3des esp-sha-hmac

!

crypto map CISCO 1 ipsec-isakmp

set peer 192.168.200.162

set transform-set SETNAME

set pfs group2

match address 110

!

interface FastEthernet4

ip address 192.168.200.146

crypto map CISCO

!

interface Vlan1

ip address 192.168.9.1 255.255.255.0

!

access-list 110 permit

ip 192.168.9.0 0.0.0.255 192.168.15.0 0.0.0.255

The SRP IKE Policy is as follows:

...and the SRP500 IPSec policy is:

If both IP addresses are directly reachable, NAT-T is not  required:

VPN connection status and control is available from the SRP status page:

New Member

Re: SRP527W SSH user/password?

Thanks for that Andrew, will keep that for reference.


Though the reason I wanted SSH access was to test Port Mirroring bases from this post:
https://supportforums.cisco.com/thread/2075293

monitor session 1 source interface FaX/X

monitor session 1 destination interface FaX/X

I can't find seem to find to do this via the WEB GUI.
Thanks.

Cisco Employee

Re: SRP527W SSH user/password?

Ah - Those are commands for an IOS router.  The SRP500 is a Linux based device and does not have this functionality.

Andy

New Member

Re: SRP527W SSH user/password?

Oh ok, I didnt see port mirroring as feature in the datasheet, though when I saw that post, I thought its possible.

Thanks.

New Member

Re: SRP527W SSH user/password?

Thanks for those details!

So, that means no RSA certificates for authentication on these devices then...?

-- Lee

Cisco Employee

Re: SRP527W SSH user/password?

Hi Lee,

That's correct.  No certificates for IPSec, just shared secret.

Andy

4420
Views
0
Helpful
9
Replies