Cisco Content Service Switch (CSS) 11000/11500 series content services switches version 4.0 and above are capable of being monitored through a Web browser. This document provides a sample configuration for enabling Web management on the CSS 11000/11500.
For more information on document conventions, see the Cisco Technical Tips Conventions.
There are no specific prerequisites for this document.
The information in this document is based on the software and hardware versions below.
The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.
In this section, you are presented with the information to configure the features described in this document.
Use these commands to enable Web management on the CSS 11000/11500:
CS100(config)# no restrict web-mgmt<c>
CS100(config)# web-mgmt state enable<c>
This section provides information you can use to confirm your configuration is working properly.
Verify the configuration by issuing the following command:
CS100(config)# show running-config<cr>
*************************** GLOBAL ***************************
no restrict web-mgmt
This section provides information you can use to troubleshoot your configuration.
Below is troubleshooting information relevant to this configuration. Follow the instructions below to troubleshoot your configuration.
Launch any HTTP version 1.1 browser from your PC.
Navigate to the circuit VLAN address that you normally use when attempting a console or Telnet session. The CSS series switch uses port 8081 as its Web management port.
Note: The CSS series switch uses port 8081 as its Web management port for older WebNS versions, up to 5.xx. The CSS series switch uses port 443 as its Web management port starting WebNS software version 6.10 and 7.10 and up.
Input your username (your administrator login) and your password (your administrator password).
After a successful login, the System Information screen appears.
On the left menu, double-click the Getting Started folder.
Inside the Getting Started folder, double-click the desired activity.
From this menu, you can monitor the CSS configuration and overall system health. To configure a circuit, you must selct the VLAN number from the VLAN drop-down list.
Specify the circuit IP address and address prefix length.
Once you have select a circuit and entered an IP address and address prefix length, click the Add button to add the circuit to the running configuration. To delete a circuit, select the circuit and click the Delete button to delete the circuit from the running configuration.
Administrative access to the CSS 11000 should be limited to the administrative and technical staff. It is recommended that you use Access Control Lists (ACLs) to restrict users.
These ACLs are necessary to deny all attempts to access the Web console, assuming the switch is set up for port 80 traffic only:
CS100(config)# acl 99 <cr>
CS100(config-acl )# clause 200 permit <source IP> destination <circuit VLAN1> eq any <cr>
CS100(config-acl )# clause 199 permit any any destination eq 80 <cr>
CS100(config-acl )# clause 198 permit any any destination eq 443 <cr>
CS100(config-acl )# apply circuit-(VLAN1)<cr>
CS100(config)# acl enable <cr>
Note: Updates to either the Command Line Interface (CLI) or to the Web interface are released as changes are made.