Cisco IOS Configuration Fundamentals Command Reference, Release 12.2
Cisco IOS Web Browser UI Commands
Downloads: This chapterpdf (PDF - 159.0KB) The complete bookPDF (PDF - 7.32MB) | Feedback

Cisco IOS Web Browser User Interface Commands

Table Of Contents

Cisco IOS Web Browser User Interface Commands

international

ip http access-class

ip http authentication

ip http port

ip http server

terminal international


Cisco IOS Web Browser User Interface Commands


This chapter provides descriptions of the commands used to enable the HTTP server on your router to allow the use of the Cisco IOS Web browser user interface (UI) and ClickStart.

For configuration tasks and examples, refer to the "Using the Cisco Web Browser User Interface" chapter in the Release 12.2 Cisco IOS Configuration Fundamentals Configuration Guide.

international

If you are using Telnet to access a Cisco IOS platform and you want to display 8-bit and multibyte international characters (for example, Kanji) and print the Escape character as a single character instead of as the caret and bracket symbols (^[), use the international line configuration command. To display characters in 7-bit format, use the no form of this command.

international

no international

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

Line configuration

Command History

Release
Modification

11.3

This command was introduced.


Usage Guidelines

If you are configuring a Cisco IOS platform using the Cisco Web browser UI, this feature is enabled automatically when you enable the Cisco Web browser UI using the ip http server global configuration command.

Examples

The following example enables a Cisco IOS platform to display 8-bit and multibyte characters and print the Escape character as a single character instead of as the caret and bracket symbols (^[) when you are using Telnet to access the platform:

line vty 4
 international

Related Commands

Command
Description

terminal international

Prints the Escape character as a single character instead of as the caret and bracket symbols (^[) for a current Telnet session in instances when you are using Telnet to access a Cisco IOS platform and you want to display 8-bit and multibyte international characters (for example, Kanji).


ip http access-class

To assign an access list to the HTTP server used by the Cisco IOS ClickStart software or the Cisco Web browser UI, use the ip http access-class global configuration command. To remove the assigned access list, use the no form of this command.

ip http access-class {access-list-number | access-list-name}

no ip http access-class {access-list-number | access-list-name}

Syntax Description

access-list-number

Standard IP access list number in the range 0 to 99, as configured by the access-list (standard) global configuration command.

access-list-name

Name of a standard IP access list, as configured by the ip access-list command.


Defaults

No access list is applied to the HTTP server.

Command Modes

Global configuration

Command History

Release
Modification

11.2

This command was introduced.


Usage Guidelines

If this command is configured, the specified access list is assigned to the HTTP server. Before the HTTP server accepts a connection, it checks the access list. If the check fails, the HTTP server does not accept the request for a connection.

Examples

The following example assigns the access list named marketing to the HTTP server:

ip http access-class marketing
ip access-list standard marketing
 permit 192.168.34.0  0.0.0.255
 permit 172.16.0.0  0.0.255.255
 permit 10.0.0.0  0.255.255.255
! (Note: all other access implicitly denied)

Related Commands

Command
Description

ip access-list

Defines an IP access list by name.

ip http server

Enables monitoring or configuring of routers using the Cisco Web browser UI.


ip http authentication

To specify a particular authentication method for HTTP server users, use the ip http authentication global configuration command. To disable a configured authentication method, use the no form of this command.

ip http authentication {aaa | enable | local | tacacs}

no ip http authentication {aaa | enable | local | tacacs}

Syntax Description

aaa

Indicates that the AAA facility is used for authentication.

enable

Indicates that the enable password method, which is the default method of HTTP server user authentication, is used for authentication.

local

Indicates that the local user database as defined on the Cisco router or access server is used for authentication.

tacacs

Indicates that the TACACS or XTACACS server is used for authentication.


Defaults

The default method of authentication for the HTTP server interface is the enable password method.

Command Modes

Global configuration

Command History

Release
Modification

11.2 F

This command was introduced.


Usage Guidelines

The ip http authentication command specifies the authentication method to be used for login when a client connects to the HTTP server. Use of the ip http authentication aaa command option is recommended. The enable, local, and tacacs methods should be specified using the aaa authentication login command.

The "enable" password method is the default HTTP server authentication method. If the enable password is used as the HTTP server login authentication method, the client connects to the HTTP server with a default privilege level of 15.


Note When the "enable" password is used as the HTTP server login authentication method, any username entered will be ignored; the server will only verify the "enable" password. This may make it easier for an attacker to access the router. Because a username and password pair is more secure than using only a password for authentication, using only "enable" password for authentication is strongly discouraged. Instead, use of the local or tacacs authentication options, configured as part of a global Authentication, Authorization, and Accounting (AAA) framework, is recommended.
To configure HTTP access as part of a AAA policy, use the ip http authentication aaa command option. The "local", "tacacs", or "enable" authentication methods should then be configured using the aaa authentication login command.


For information about adding users into the local username database, refer to the Cisco IOS Security Configuration Guide.

Examples

The following example specifies that the method configured for AAA should be used for authentication for HTTP server users. The AAA login method is configured as the "local" username/password authentication method.

Router(config)# ip http authentication aaa 
Router(config)# aaa authentication login default local

Related Commands

Command
Description

ip http server

Enables the HTTP server.

aaa authentication login

Specifies the login authentication method to be used by the authentication, authorization, and accounting (AAA) service.


ip http port

To specify the port to be used by the Cisco IOS ClickStart software or the Cisco Web browser UI, use the ip http port global configuration command. To use the default port, use the no form of this command.

ip http port port-number

no ip http port

Syntax Description

port-number

Port number for use by the HTTP server.


Defaults

The HTTP server uses port 80.

Command Modes

Global configuration

Command History

Release
Modification

11.2

This command was introduced.


Usage Guidelines

Use this command if ClickStart or the Cisco Web browser UI cannot use port 80.

Examples

The following example configures the router so that you can use ClickStart or the Cisco Web browser UI through port 60:

ip http server
ip http port 60

Related Commands

Command
Description

ip http server

Enables a Cisco 1003, Cisco 1004, or Cisco 1005 router to be configured from a browser using the Cisco IOS ClickStart software, and enables any router to be monitored or have its configuration modified from a browser using the Cisco Web browser UI.


ip http server

To enable the Cisco Web browser UI on a router or access server, use the ip http server global configuration command. To disable this feature, use the no form of this command.

ip http server

no ip http server

Syntax Description

This command has no arguments or keywords.

Defaults

This feature is automatically enabled on Cisco 1003, Cisco 1004, and Cisco 1005 routers that have not yet been configured. For Cisco 1003, Cisco 1004, and Cisco 1005 routers that have already been configured, and for all other routers, this feature is disabled.

The HTTP server is disabled on the Cisco Catalyst 4000 series switch. The HTTP server is enabled for clustering and on the following Cisco switches: Catalyst 3700 series, Catalyst 3750 series, Catalyst 3550 series, Catalyst 3560 series, and Catalyst 2950 series.

Command History

Release
Modification

11.2

This command was introduced.


Command Modes

Global configuration

Usage Guidelines

This command enables a simple HTTP server on your system. The HTTP server in Cisco IOS software is used primarily for the Cisco Web browser user interface (UI) and ClickStart.

The Cisco Web browser UI allows configuration and monitoring of a router or access server using any web browser. Enabling the Cisco Web browser UI also allows Cisco 1003, Cisco 1004, and Cisco 1005 routers to be configured from a browser using ClickStart.

To view the home page of the router, use a Web browser pointed to http://x.y.z.t, where x.y.z.t is the IP address of your router or access server, or, if a name has been set, use http://router-name. Varying forms of authentication for login can be set using the ip http authentication command, but the default login method is entering the enable password when prompted.

For information on accessing a router Web page at a privilege level other the default of 15 (privileged EXEC mode), see the "Using the Cisco Web Browser to Issue Commands" section of the Cisco IOS Configuration Fundamentals Configuration Guide.

Examples

The following example enables the HTTP server on the router, allowing use of the Cisco Web browser UI to monitor the router and issue commands to it:

ip http server

Related Commands

Command
Description

ip http access-class

Assigns an access list to the HTTP server used by the Cisco IOS ClickStart software or the Cisco Web browser UI.

ip http authentication

Specifies an authentication method for HTTP server users.

ip http port

Specifies the port to be used by the Cisco IOS ClickStart software or the Cisco Web browser UI.


terminal international

If you are using Telnet to access a Cisco IOS platform and you want to display 8-bit and multibyte international characters (for example, Kanji) and print the Escape character as a single character instead of as the caret and bracket symbols (^[) for a current Telnet session, use the terminal international EXEC command. To display characters in 7-bit format for a current Telnet session, use the no form of this command.

terminal international

no terminal international

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

EXEC

Command History

Release
Modification

11.3

This command was introduced.


Usage Guidelines

If you are configuring a Cisco IOS platform using the Cisco Web browser UI, this feature is enabled automatically when you enable the Cisco Web browser UI using the ip http server global configuration command.

Examples

The following example enables a Cisco IOS platform to display 8-bit and multibyte characters and print the Escape character as a single character instead of as the caret and bracket symbols (^[) when you are using Telnet to access the platform for the current Telnet session:

Router# terminal international

Related Commands

Command
Description

international

Prints the Escape character as a single character instead of as the caret and bracket symbols (^[) in instances when you are using Telnet to access a Cisco IOS platform and you want to display 8-bit and multibyte international characters (for example, Kanji).