From: Glenn Johnson (gjcomcast@comcast.net)
Date: Fri Aug 22 2003 - 23:48:30 GMT-3
Hello DT,
15 seems to be the default level, even though the documentation indicates
If I enter this, I am prompted and can login with the following relatively
At the prompt --
Config --
Of course to do much beyond telnet on the page that loads may require
-----Original Message-----
Hey Glenn,
I just tried it. You are 100% right. Thank you. But, why is "priv 15"
dt
> If you add priv 15 to your username setup it will work. AAA is not
This archive was generated by hypermail 2.1.4
: Tue Sep 02 2003 - 18:54:05 GMT-3
that the web page should load with diminished capabilities if you only have
access to a lower priv level. It seems as if the page is indirectly being
loaded as http://
http://
level URL in your browser for a given level, e.g.,
http://
limited user:
Username: Joe
Password: cisco
R1
Username Joe password cisco
another login with a higher user level, but at least you can get to the
page. I guess if you wanted to do more you could redefine the privilege
levels of the various commands on the page. HTH
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
ccie2be
Sent: Friday, August 22, 2003 10:15 PM
To: Group Study; Glenn Johnson
Subject: Re: IP http authentication local
needed?
----- Original Message -----
From: "Glenn Johnson" <gjcomcast@comcast.net>
To: "'ccie2be'" <ccie2be@nyc.rr.com>; "'Group Study'"
<ccielab@groupstudy.com>
Sent: Friday, August 22, 2003 7:32 PM
Subject: RE: IP http authentication local
> necessary. Why would you need to config your VTY lines for an HTTP setup?
>
> Ip http server
> Ip http authentication local
> Username Joe priv 15 password cisco
> Username Bad password cisco
>
> Username Joe can get in just fine via HTTP w/local auth, Username Bad
> cannot.
>
> Try it -- it works.
>
> The online info is avail at:
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_
> c/fcprt1/fcd105.htm#1000995
>
> Accessing Your Router's Home Page
> Cisco IOS software allows users with a default privilege level of 15 to
> access a predefined home page for a router or access server. If you have
> been assigned a privilege level other than 15, the Web page will display
and
> accept those commands which have been defined for your user level. [note
> that this would require changing the priv levels]
>
> To access the home page for your router or access server with a default
> privilege level of 15 (<<<<<<------), perform the following steps:
>
> Step 1 Enter the following command in the URL field of your Web browser
> and press return: http:// router-name/. (For example, to access a Cisco
> router named cacophony with a default privilege level of 15, type
> http://cacophony/.)The browser then prompts you for the password.
>
> Step 2 Enter the password.
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> ccie2be
> Sent: Friday, August 22, 2003 7:06 PM
> To: Group Study; Adam Asay
> Subject: Re: IP http authentication local
>
> Hey Adam,
>
> I tried adding those commands. Unfortunately, it didn't work :-)
>
> What else could it be? This is suppose to be very simple and to make
> matters worse, I'm using the solution config from IPExpert. (This is
> e-scenario lab 346).
>
> Do I need to configure any particular commands under line vty 0 4 before
> this will work?
>
> Thank, dt
>
> ----- Original Message -----
> From: "Adam Asay" <aasay@cerberian.com>
> To: "ccie2be" <ccie2be@nyc.rr.com>; "Group Study" <ccielab@groupstudy.com>
> Sent: Friday, August 22, 2003 6:43 PM
> Subject: RE: IP http authentication local
>
>
> > You need to enable AAA on the router before you can authenticate against
> it.
> >
> > Try adding these commands.
> >
> > aaa new-model
> > aaa authentication login default local
> > aaa authorization exec default local
> >
> > -Adam
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> > ccie2be
> > Sent: Friday, August 22, 2003 4:16 PM
> > To: Group Study
> > Subject: IP http authentication local
> >
> >
> > Hi all,
> >
> > I configured a router with above command and, of course, username dt
> > password
> > cisco, but I can't access the router via my IE explorer browser version
> 5.5.
> >
> > Here's the config:
> >
> > username dt password cisco
> >
> > ip http server
> > ip http authentication local
> >
> > I checked that both username and pasword were entered in small case.
And,
> > if
> > I remove the ip http authen local command, I get in without any problem.
> > Anybody have any ideas as to why this isn't working?
> >
> > dt
> >
> >
> > _______________________________________________________________________
> > You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> _______________________________________________________________________
> You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> _______________________________________________________________________
> You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html