Cisco IOS has its own integrated web server and by best practice you would never want to allow anonymous access to your device’s flash memory. This lab will discuss and demonstrate the IOS web server authentication mechanism.
Configuring Cisco IOS Web Server (HTTP and HTTPS) authentication is a common configuration used in production networks to authenticate unique users on devices that use self-hosted management web interfaces such as Cisco routers running the Cisco Security Device Manager (SDM) web interface of the Cisco Catalyst Switches that host the Web Based Device Management interface.
Step 1. – Configure R1 to use the domain name “freeccnaworkbook.com” as shown below;
R1 con0 is now available Press RETURN to get started. R1>enable R1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R1(config)#ip domain-name freeccnaworkbook.com
Step 2. – Enable the Cisco IOS secure web server by executing the ip http secure-server command in global configuration as shown below;
R11(config)#ip http secure-server % Generating 1024 bit RSA keys, keys will be non-exportable...[OK] %SSH-5-ENABLED: SSH 1.99 has been enabled R1(config)#
Step 3. – Configure the Cisco IOS Web Service to authenticate to the local user database as shown below;
R1(config)#ip http authentication local
Step 4. – Verify your configuration by connecting to the device’s FastEthernet0/0 IP Address via Internet Explorer or FireFox and using the credentials configured in the lab prerequisites section.
As shown in the image above you are prompted for a username and password. Provide the username and password you created in the prerequisite. Once authenticated successfully you will be presented with the following page;