Cisco ASR1002-10G-VPN/K9 Software Guide - Page 337
Authentication and the Web User Interface, Domain Name System and the Web User Interface, Clocks
View all Cisco ASR1002-10G-VPN/K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 337 highlights
Chapter 14 Configuring and Accessing the Web User Interface Authentication and the Web User Interface Router(config)# transport-map type persistent webui http-https-webui Router(config-tmap)# server Router(config-tmap)# secure-server Router(config-tmap)# exit Router(config)# transport type persistent webui input http-https-webui *Apr 22 02:47:22.981: %UICFGEXP-6-SERVER_NOTIFIED_START: R0/0: psd: Server wui has been notified to start Authentication and the Web User Interface Users attempting to access the web user interface for a router are subject to the same authentication requirements configured for that router. The web browser prompts all users for a name and password combination, and the web browser then looks to the router configuration to see if a user should or should not be granted access to the web user interface. Only users with a privilege level of 15 can access the web user interface. Otherwise, authentication of web user interface traffic is governed by the authentication configuration for all other traffic. To configure authentication on your router, see Configuring Authentication. http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfathen.html Domain Name System and the Web User Interface The Domain Name System (DNS) is a distributed database in which you can map hostnames to IP addresses through the DNS protocol from a DNS server. If the router is configured to participate in the Domain Name System, users can access the web user interface by entering http:// as the web browser address. For information on configuring DNS, see Configuring DNS. http://www.cisco.com/en/US/docs/ios/ipaddr/configuration/guide/iad_config_dns_ps6922_TSD_Produ cts_Configuration_Guide_Chapter.html Clocks and the Web User Interface Requests to view the web user interface can be rejected by certain web browsers if the time as seen by the web browser differs from the time as seen by the router by an hour or more. For this reason, we recommend checking the router time using the show clock command before configuring the router and, if the router time is not properly set, use the clock set and clock timezone commands for setting the router clock. Similarly, the web browser's clock source, which is usually the personal computer, must also have an accurate time to properly access the web user interface. The following message appears when the web browser and the router clocks are more than an hour apart: Your access is being denied for one of the following reasons: . Your previous session has timed-out, or . You have been logged out from elsewhere, or . You have not yet logged in, or . The resource requires a higher privilege level login. OL-16506-10 Cisco ASR 1000 Series Aggregation Services Routers Software Configuration Guide 14-7