I have some querries related to output of some commands i executed in our L3 Switches.
1) i have executed the command "sh ip http server all" on L3 switch , output is as:-
L3_Switch#sh ip http server all HTTP server status: Disabled HTTP server port: 80 HTTP server authentication method: enable HTTP server access class: 0 HTTP server base path: Maximum number of concurrent server connections allowed: 5 Server idle time-out: 180 seconds Server life time-out: 180 seconds Maximum number of requests allowed on a connection: 1 HTTP secure server capability: Not present
HTTP server application session modules: Session module Name Handle Description HOME_PAGE 4 IOS Homepage Server HTTP_IFS 1 HTTP based IOS File Server CVDM 2 Cisco View Device Manager Server WEB_EXEC 3 HTTP based IOS EXEC Server DISTRIB 5 Distributed HTTP server
HTTP server current connections: local-ipaddress:port remote-ipaddress:port in-bytes out-bytes
HTTP server statistics: Accepted connections total: 48071
Is there anything wrong with this output as i have seens many sessions are established on this device (with port 80).
Whts this "HTTP server authentication method: enable" means in Third line [ no ip http is configured on this device]
I have doubt ...is these are un-authorisd sessions by un-authorised persons. If yes..Then what to do to overcome this.
2) I have executed "sh snmp" command on our other Switch L3. output is as:-
Cisco_Switch#sh snmp Chassis: FCX193022MZ 38470050 SNMP packets input 0 Bad SNMP version errors 59684 Unknown community name 200 Illegal operation for community name supplied 13 Encoding errors 78776295 Number of requested variables 325 Number of altered variables 28870535 Get-request PDUs 6902781 Get-next PDUs 604 Set-request PDUs 38410353 SNMP packets output 0 Too big errors (Maximum packet size 1500) 351462 No such name errors 65 Bad values errors 48 General errors 38410350 Response PDUs 0 Trap PDUs SNMP agent enabled
SNMP logging: disabled
I have seen some "Bad Valued errors" in this output , "Encoding Errors" are also 13.
Is there something wrong with snmp polling. What are the reasons for this errors. How to clear this.
This is the method that will be used to authenticate, even though your server is not enabled, the default authentication method is "enable" for enable password:
Router(config)#ip http authentication ?
aaa Use AAA access control methods
enable Use enable passwords
local Use local username and passwords
> Is there anything wrong with this output as i have seens many sessions are established on this device (with port 80).
> I have doubt ...is these are un-authorisd sessions by un-authorised persons. If yes..Then what to do to overcome this.
This is pretty strange indeed to see connections made to the http server, when this one is disabled. Maybe a bug that display some of the connection attempt? Or other use of port 80 like port forwarding, copy http, ...
I'm not sure what is the cause of this, this is happening several times a day from different users, maybe do a "debug ip http all" to see a bit more about the connection made?
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...