1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Switch
  5. Catalyst 2000
  6. Configuration handbook

Cisco Catalyst 2000 Configuration Handbook page 29

Catalyst series lan switching
Hide thumbs
Table of Contents

Advertisement

8 Cisco LAN Switching Configuration Handbook
Web browser interface.
4.
a. Enable the web interface:
Note The switch web interface should not be used for access from a public (Internet) net-
work because of a major vulnerability with the HTTP server service. This vulnerability is
documented as Cisco Bug ID CSCdt93862. To disable the HTTP server, use the no ip http
server command. In addition to this bug, the default authentication uses clear-text pass-
words. If you must use the web interface, make sure to configure a stronger authentication
method and limit access in Steps c and d that follow.
b. (Optional) Set the web browser port number:
c. (Optional) Limit access to the web interface:
d. (Optional) Choose a method for user authentication:
word causes the idle timer to be reset by outbound traffic on the line, keeping
the connection up.
Define an idle timeout for all EXEC mode sessions:
Switch(config-line)# exec-timeout minutes [seconds]
Active EXEC mode sessions are automatically closed after an idle time period of
minutes and seconds (default 10 minutes). To disable idle EXEC timeouts on the
line, use the no exec-timeout or exec-timeout 0 0 command.
Enable session timeout warnings:
Switch(config-line)# logout-warning [seconds]
Users are warned of an impending logout seconds before it occurs. By default,
no warning is given. If the seconds field is left off, it defaults to 20 seconds.
Switch(config)# ip http server
The web interface server is started, enabling users to monitor or configure the
switch through a web browser.
Switch(config)# ip http port number
HTTP traffic for the web interface can be set to use TCP port number (default 80).
Switch(config)# ip http access-class access-list
A standard IP access list (specified by either number or name) can be used to
limit the source IP addresses of hosts accessing the web interface. This should be
used to narrow the range of potential users accessing the switch's web interface.
Switch(config)# ip http authentication {aaa | enable | local | tacacs}
Users attempting to access the switch's web interface can be challenged and
authenticated with several different mechanisms. By default, the enable method
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cisco Catalyst 2000

Related Products for Cisco Catalyst 2000

This manual is also suitable for:

Catalyst 3000Catalyst 3560-eCatalyst 2940Catalyst 2975Catalyst 2960Catalyst 4948 ... Show all

Table of Contents