cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
New Contributor III

3448 https connection no longer working - ssh is working

Jump to solution

Hi

since a couple of days I can`t connect to my router via HTTPS. The admin access is programmed in the firewall and i have HTTPS and SSH checked.

i can connect via SSH without issue.

here is the CFG file

!

!

! ADTRAN, Inc. OS version R10.9.1.E

! Boot ROM version 13.03.00.SB

! Platform: NetVanta 3448, part number 1200821E1

! Serial number LBADTN1113AG368

!

!

hostname "AQTR_QC"

no enable password

!

clock timezone -5-Eastern-Time

!

ip subnet-zero

ip classless

ip default-gateway XX.XX.XX.XX

ip routing

ipv6 unicast-routing

!

!

domain-name "aqtr.qc.ca"

domain-proxy

name-server 4.2.2.1 8.8.8.8

!

!

auto-config

!

event-history on

no logging forwarding

no logging email

!

no service password-encryption

!

username "Adm1n" password "Pa55w0rd"

!

!

ip firewall

no ip firewall alg msn

no ip firewall alg mszone

no ip firewall alg h323

no ip firewall alg sip

!

!

!

!

!

!

!

!

!

!

!

no dot11ap access-point-control

!

!

!

!

!

!

!

ip dhcp excluded-address 192.168.30.10 192.168.30.11

!

ip dhcp pool "Management"

  network 192.168.30.0 255.255.255.0

  domain-name "aqtr.qc.ca"

  dns-server 4.2.2.1 8.8.8.8

  default-router 192.168.30.1

!

!

!

!

!

!

!

ip crypto

!

crypto ike policy 100

  initiate main

  respond anymode

  local-id address XX.XX.XX.XX

  peer XX.XX.XX.XX

  attribute 1

    encryption 3des

    hash md5

    authentication pre-share

!

crypto ike remote-id address XX.XX.XX.XX preshared-key AQTR5236444 ike-policy 100 crypto map VPN 10 no-mode-config no-xauth

!

!

ip crypto ipsec transform-set esp-3des-esp-md5-hmac esp-3des esp-md5-hmac

  mode tunnel

!

ip crypto map VPN 10 ipsec-ike

  description VPN TO MTL

  match address ip VPN-10-vpn-selectors

  set peer 207.253.176.42

  set transform-set esp-3des-esp-md5-hmac

  ike-policy 100

!

!

!

!

vlan 1

  name "Default"

!

!

!

no ethernet cfm

!

interface eth 0/1

  description Connection acces internet

  ip address  XX.XX.XX.XX  255.255.255.248

  ip access-policy Public

  ip crypto map VPN

  media-gateway ip primary

  no shutdown

!

!

interface eth 0/2

  ip address dhcp

  shutdown

!

!

!

interface switchport 0/1

  no shutdown

!

interface switchport 0/2

  no shutdown

!

interface switchport 0/3

  no shutdown

!

interface switchport 0/4

  no shutdown

!

interface switchport 0/5

  no shutdown

!

interface switchport 0/6

  no shutdown

!

interface switchport 0/7

  no shutdown

!

interface switchport 0/8

  no shutdown

!

!

!

interface vlan 1

  description Connection systeme Tel

  ip address  192.168.30.1  255.255.255.0

  ip access-policy Private

  media-gateway ip primary

  no shutdown

!

!

interface t1 1/1

  shutdown

!

!

!

!

!

!

!

ip access-list extended VPN-10-vpn-selectors

  permit ip 192.168.30.0 0.0.0.255  192.168.25.0 0.0.0.255   

!

ip access-list extended web-acl-2

  remark NEC SV8100

  permit tcp any eq 8000 any eq 8000   log

!

ip access-list extended web-acl-3

  remark admin access

  permit tcp any  any eq https   log

  permit tcp any  any eq ssh   log

!

ip access-list extended web-acl-5

  remark traffic to unit

  permit ip any  any     log

!

ip access-list extended web-acl-6

  remark NAT

  permit ip any  any     log

!

ip access-list extended web-acl-7

  remark Pcpro Debug

  permit tcp any eq 5963 any eq 5963   log

!

!

!

!

ip policy-class Private

  allow list VPN-10-vpn-selectors

  allow list web-acl-5 self

  nat source list web-acl-6 interface eth 0/1 overload

!

ip policy-class Public

  allow reverse list VPN-10-vpn-selectors stateless

  allow list web-acl-3 self

  nat destination list web-acl-2 address 192.168.30.10

  nat destination list web-acl-7 address 192.168.30.10

!

!

!

no tftp server

no tftp server overwrite

http server

no http secure-server

no snmp agent

no ip ftp server

ip ftp server default-filesystem flash

no ip scp server

no ip sntp server

!

!

!

!

!

!

!

!

!

sip udp 5060

sip tcp 5060

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

line con 0

  no login

!

line telnet 0 4

  login

  no shutdown

line ssh 0 4

  login local-userlist

  no shutdown

!

!

!

!

!

!

!

end

Tags (2)
0 Kudos
1 Solution

Accepted Solutions
Highlighted
Honored Contributor
Honored Contributor

Re: 3448 https connection no longer working - ssh is working

Jump to solution

You have

no http secure-server


in your configuration.  This shuts down the HTTPS interface.  Remove that line by entering:

http secure-server


in config mode.  Then save your configuration.

View solution in original post

0 Kudos
2 Replies
Highlighted
Honored Contributor
Honored Contributor

Re: 3448 https connection no longer working - ssh is working

Jump to solution

You have

no http secure-server


in your configuration.  This shuts down the HTTPS interface.  Remove that line by entering:

http secure-server


in config mode.  Then save your configuration.

View solution in original post

0 Kudos
Highlighted
Anonymous
Not applicable

Re: 3448 https connection no longer working - ssh is working

Jump to solution

:

I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it and select another in its place with the applicable buttons.  If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.

Thanks,

Levi