2960s switch web interface

GDaines

Got a new 2960s switch at work which I'm setting up "to show I know what I'm doing", but I'm struggling.

This particular switch has a 10/100 management port which I've configured with an IP address of 10.10.10.1. I've then configured the IP address on my laptop to 10.10.10.2. From this I can browse to http://10.10.10.1 where I'm prompted for a password (which seems to be the enable secret password). So far so good.

I want to enable better security so I've been trying to follow this document: Using the Cisco Web Browser User Interface

ip http server was already enabled. Next it recommends using ip http authentication aaa followed by aaa authentication login default local. From my understanding this is supposed to use a local (switch) configured username and password, so let's say I set up username gd password cisco at the global configuration prompt. Now when I try to access the web interface I'm prompted for a username and password, but nothing I enter works. What am I doing wrong?

I've tried aaa authentication login default enable which supposedly uses the 'enable password' password, and aaa authentication login default none, both of which I believe ignore any username typed, but neither of these works either.

Am I misunderstanding the instructions or missing something really obvious?

Deathmage

GDaines wrote: »

Got a new 2960s switch at work which I'm setting up "to show I know what I'm doing", but I'm struggling.

This particular switch has a 10/100 management port which I've configured with an IP address of 10.10.10.1. I've then configured the IP address on my laptop to 10.10.10.2. From this I can browse to http://10.10.10.1 where I'm prompted for a password (which seems to be the enable secret password). So far so good.

I want to enable better security so I've been trying to follow this document: Using the Cisco Web Browser User Interface

ip http server was already enabled. Next it recommends using ip http authentication aaa followed by aaa authentication login default local. From my understanding this is supposed to use a local (switch) configured username and password, so let's say I set up username gd password cisco at the global configuration prompt. Now when I try to access the web interface I'm prompted for a username and password, but nothing I enter works. What am I doing wrong?

I've tried aaa authentication login default enable which supposedly uses the 'enable password' password, and aaa authentication login default none, both of which I believe ignore any username typed, but neither of these works either.

Am I misunderstanding the instructions or missing something really obvious?

by default the telnet or console passwords aren't setup.

you need to type the following, after opening up a putty serial connection into the switch from your laptop on the console port of the switch with a RS-232 serial USB adapter:

1) enable
2) config t
3) line vty 0 15
3a) logging synchronous
3b) exec-timeout 5 0
3c) login local
3d) exit
4) username [username] privilege 15 password [insert password]
5) exit
6) wr
7) log off putty telnet session

Then you will be able to access the web interface via the IP address with the login information entered above.

here is a Amazon return on some Serial USB Adapters: http://www.amazon.com/s/ref=nb_sb_noss?url=search-alias%3Daps&field-keywords=RS-232+serial+USB