Configure the Web Server

Note

Note

DEMO FEATURE - Read Only User for EDM is a demonstration feature on some products. Demonstration features are provided for testing purposes. Demonstration features are for lab use only and are not for use in a production environment. For more information, see VOSS Feature Support Matrix.

Perform this procedure to enable and manage the web server using the Command Line Interface (CLI). After you enable the web server, you can connect to EDM.

HTTP and FTP support both IPv4 and IPv6 addresses, with no difference in functionality or configuration. The TFTP server supports both IPv4 and IPv6 addresses. The TFTP client is not supported, only the server.

About this task

This procedure assumes that you use the default port assignments. You can change the port number used for HTTP and HTTPS.

Important

Important

If you want to allow HTTP access to the device, you must disable the web server secure-only option. If you want to allow HTTPS access to the device, the web server secure-only option is enabled by default.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Enable the web server:

    web-server enable

  3. Disable the secure-only option (for HTTP access) :

    no web-server secure-only

  4. Enable the secure-only option (for HTTPs access) :

    web-server secure-only

  5. Enable read-only user:

    web-server read-only-user enable

  6. Display the web server status:

    show web-server

Example

Enable the secure-only web-server. Configure the Read-Write-All access level username to smith2 and the password to 90Go2437. Enable read-only-user for the web server. Configure the read-only-user username to jones6 and the password to G69s8672.

Switch:1>enable
Switch:1#configure terminal
Switch:1(config)#web-server enable
Switch:1(config)#web-server secure-only
Switch:1(config)#web-server read-only-user enable
Switch:1(config)#web-server password rwa smith2
Enter the New password : ********
Re-enter the New password : ******** 
Password changed.
Switch:1(config)#web-server password ro jones6
Enter the New password : ********
Re-enter the New password : ******** 
Password changed.
Switch:1(config)#show web-server

Web Server Info :

        Status                    : on
        Secure-only               : enabled
        TLS-minimum-version       : tlsv12
        RO Username Status        : enabled
        RO Username               : jones6
        RO Password               : ********
        RWA Username              : smith2
        RWA Password              : ********
        Def-display-rows          : 30
        Inactivity timeout        : 900 sec
        Html help tftp source-dir : 
        HttpPort                  : 80
        HttpsPort                 : 443
        NumHits                   : 0
        NumAccessChecks           : 0
        NumAccessBlocks           : 0
        NumRxErrors               : 0
        NumTxErrors               : 0
        NumSetRequest             : 0
        Minimum password length   : 8
        Last Host Access Blocked  : 0.0.0.0
        In use certificate        : Self signed

Variable Definitions

Use the data in the following table to use the web-server command.

Variable

Value

def-display-rows <10-100>

Configures the number of rows each page displays, between 10 and 100.

enable

Enables the Web interface. To disable the web server, use the no form of this command:

no web-server [enable]

help-tftp <WORD/0-256>

Configures the TFTP or FTP directory for Help files, in one of the following formats: a.b.c.d:/| peer:/ [<dir>]. The path can use 0–256 characters. The following example paths illustrate the correct format:

  • 192.0.2.1:/help

  • 192.0.2.1:/

http-port <80-49151>

Configures the web server HTTP port. The default port is 80.

 https-port <443-49151>

Configure the web server HTTPS port. The default port is 443.

inactivity-timeout<30–65535>

Configures the web-server session inactivity timeout. The default is 900 seconds (15 minutes).

password {ro | rwa} WORD<1-20>

Configures the logon and password for the web interface.

password min-passwd-len<1–32>

Configures the minimum password length. By default, the minimum password length is 8 characters.

read-only-user

Enables read-only user for the web server.

Note:

read-only-user enable is available for demonstration purposes on some products. For more information, see VOSS Feature Support Matrix.

secure-only

Enables secure-only access for the web server.

tls-min-ver<tlsv10|tlsv11|tlsv12>

Configures the minimum version of the TLS protocol supported by the web-server. You can select among the following:

  • tlsv10 – Configures the version to TLS 1.0.

  • tlsv11 – Configures the version to TLS 1.1.

  • tlsv12 – Configures the version to TLS 1.2

The default is tlsv12.