From: Glenn Johnson (gjcomcast@comcast.net)
Date: Fri Aug 22 2003 - 20:32:39 GMT-3
If you add priv 15 to your username setup it will work. AAA is not
necessary. Why would you need to config your VTY lines for an HTTP setup?
Ip http server
Ip http authentication local
Username Joe priv 15 password cisco
Username Bad password cisco
Username Joe can get in just fine via HTTP w/local auth, Username Bad
cannot.
Try it -- it works.
The online info is avail at:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_
c/fcprt1/fcd105.htm#1000995
Accessing Your Router's Home Page
Cisco IOS software allows users with a default privilege level of 15 to
access a predefined home page for a router or access server. If you have
been assigned a privilege level other than 15, the Web page will display and
accept those commands which have been defined for your user level. [note
that this would require changing the priv levels]
To access the home page for your router or access server with a default
privilege level of 15 (<<<<<<------), perform the following steps:
Step 1 Enter the following command in the URL field of your Web browser
and press return: http:// router-name/. (For example, to access a Cisco
router named cacophony with a default privilege level of 15, type
http://cacophony/.)The browser then prompts you for the password.
Step 2 Enter the password.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
ccie2be
Sent: Friday, August 22, 2003 7:06 PM
To: Group Study; Adam Asay
Subject: Re: IP http authentication local
Hey Adam,
I tried adding those commands. Unfortunately, it didn't work :-)
What else could it be? This is suppose to be very simple and to make
matters worse, I'm using the solution config from IPExpert. (This is
e-scenario lab 346).
Do I need to configure any particular commands under line vty 0 4 before
this will work?
Thank, dt
----- Original Message -----
From: "Adam Asay" <aasay@cerberian.com>
To: "ccie2be" <ccie2be@nyc.rr.com>; "Group Study" <ccielab@groupstudy.com>
Sent: Friday, August 22, 2003 6:43 PM
Subject: RE: IP http authentication local
> You need to enable AAA on the router before you can authenticate against
it.
>
> Try adding these commands.
>
> aaa new-model
> aaa authentication login default local
> aaa authorization exec default local
>
> -Adam
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> ccie2be
> Sent: Friday, August 22, 2003 4:16 PM
> To: Group Study
> Subject: IP http authentication local
>
>
> Hi all,
>
> I configured a router with above command and, of course, username dt
> password
> cisco, but I can't access the router via my IE explorer browser version
5.5.
>
> Here's the config:
>
> username dt password cisco
>
> ip http server
> ip http authentication local
>
> I checked that both username and pasword were entered in small case. And,
> if
> I remove the ip http authen local command, I get in without any problem.
> Anybody have any ideas as to why this isn't working?
>
> dt
>
>
> _______________________________________________________________________
> You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Tue Sep 02 2003 - 18:54:05 GMT-3