Cisco Content Service Switch (CSS) 11000/11500 series content services
switches version 4.0 and above are capable of being monitored through a Web
browser. This document provides a sample configuration for enabling Web
management on the CSS 11000/11500.
For more information on document conventions, see the
Cisco Technical Tips
There are no specific prerequisites for this document.
The information in this document is based on the software and hardware
The information presented in this document was created from devices in
a specific lab environment. All of the devices used in this document started
with a cleared (default) configuration. If you are working in a live network,
ensure that you understand the potential impact of any command before using
In this section, you are presented with the information to configure
the features described in this document.
Use these commands to enable Web management on the CSS 11000/11500:
CS100(config)# no restrict web-mgmt<c>
CS100(config)# web-mgmt state enable<c>
This section provides information you can use to confirm your
configuration is working properly.
Verify the configuration by issuing the following command:
CS100(config)# show running-config<cr>
*************************** GLOBAL ***************************
no restrict web-mgmt
This section provides information you can use to troubleshoot your
Below is troubleshooting information relevant to this configuration.
Follow the instructions below to troubleshoot your
Launch any HTTP version 1.1 browser from your PC.
Navigate to the circuit VLAN address that you normally use when
attempting a console or Telnet session. The CSS series switch uses port 8081 as
its Web management port.
Note: The CSS series switch uses port 8081 as its Web management port
for older WebNS versions, up to 5.xx. The CSS series switch uses port 443 as
its Web management port starting WebNS software version 6.10 and 7.10 and
Input your username (your administrator login) and your password
(your administrator password).
After a successful login, the System Information
On the left menu, double-click the Getting Started
Inside the Getting Started folder, double-click
the desired activity.
From this menu, you can monitor the CSS configuration and overall
system health. To configure a circuit, you must selct the VLAN number from the
VLAN drop-down list.
Specify the circuit IP address and address prefix
Once you have select a circuit and entered an IP address and
address prefix length, click the Add button to add the circuit
to the running configuration. To delete a circuit, select the circuit and click
the Delete button to delete the circuit from the running
Administrative access to the CSS 11000 should be limited to the
administrative and technical staff. It is recommended that you use Access
Control Lists (ACLs) to restrict users.
These ACLs are necessary to deny all attempts to access the Web
console, assuming the switch is set up for port 80 traffic only:
CS100(config)# acl 99 <cr>
CS100(config-acl )# clause 200 permit <source IP> destination <circuit VLAN1> eq any <cr>
CS100(config-acl )# clause 199 permit any any destination eq 80 <cr>
CS100(config-acl )# clause 198 permit any any destination eq 443 <cr>
CS100(config-acl )# apply circuit-(VLAN1)<cr>
CS100(config)# acl enable <cr>
Note: Updates to either the Command Line Interface (CLI) or to the Web
interface are released as changes are made.