Hi
since a couple of days I can`t connect to my router via HTTPS. The admin access is programmed in the firewall and i have HTTPS and SSH checked.
i can connect via SSH without issue.
here is the CFG file
!
!
! ADTRAN, Inc. OS version R10.9.1.E
! Boot ROM version 13.03.00.SB
! Platform: NetVanta 3448, part number 1200821E1
! Serial number LBADTN1113AG368
!
!
hostname "AQTR_QC"
no enable password
!
clock timezone -5-Eastern-Time
!
ip subnet-zero
ip classless
ip default-gateway XX.XX.XX.XX
ip routing
ipv6 unicast-routing
!
!
domain-name "aqtr.qc.ca"
domain-proxy
name-server 4.2.2.1 8.8.8.8
!
!
auto-config
!
event-history on
no logging forwarding
no logging email
!
no service password-encryption
!
username "Adm1n" password "Pa55w0rd"
!
!
ip firewall
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
no ip firewall alg sip
!
!
!
!
!
!
!
!
!
!
!
no dot11ap access-point-control
!
!
!
!
!
!
!
ip dhcp excluded-address 192.168.30.10 192.168.30.11
!
ip dhcp pool "Management"
network 192.168.30.0 255.255.255.0
domain-name "aqtr.qc.ca"
dns-server 4.2.2.1 8.8.8.8
default-router 192.168.30.1
!
!
!
!
!
!
!
ip crypto
!
crypto ike policy 100
initiate main
respond anymode
local-id address XX.XX.XX.XX
peer XX.XX.XX.XX
attribute 1
encryption 3des
hash md5
authentication pre-share
!
crypto ike remote-id address XX.XX.XX.XX preshared-key AQTR5236444 ike-policy 100 crypto map VPN 10 no-mode-config no-xauth
!
!
ip crypto ipsec transform-set esp-3des-esp-md5-hmac esp-3des esp-md5-hmac
mode tunnel
!
ip crypto map VPN 10 ipsec-ike
description VPN TO MTL
match address ip VPN-10-vpn-selectors
set peer 207.253.176.42
set transform-set esp-3des-esp-md5-hmac
ike-policy 100
!
!
!
!
vlan 1
name "Default"
!
!
!
no ethernet cfm
!
interface eth 0/1
description Connection acces internet
ip address XX.XX.XX.XX 255.255.255.248
ip access-policy Public
ip crypto map VPN
media-gateway ip primary
no shutdown
!
!
interface eth 0/2
ip address dhcp
shutdown
!
!
!
interface switchport 0/1
no shutdown
!
interface switchport 0/2
no shutdown
!
interface switchport 0/3
no shutdown
!
interface switchport 0/4
no shutdown
!
interface switchport 0/5
no shutdown
!
interface switchport 0/6
no shutdown
!
interface switchport 0/7
no shutdown
!
interface switchport 0/8
no shutdown
!
!
!
interface vlan 1
description Connection systeme Tel
ip address 192.168.30.1 255.255.255.0
ip access-policy Private
media-gateway ip primary
no shutdown
!
!
interface t1 1/1
shutdown
!
!
!
!
!
!
!
ip access-list extended VPN-10-vpn-selectors
permit ip 192.168.30.0 0.0.0.255 192.168.25.0 0.0.0.255
!
ip access-list extended web-acl-2
remark NEC SV8100
permit tcp any eq 8000 any eq 8000 log
!
ip access-list extended web-acl-3
remark admin access
permit tcp any any eq https log
permit tcp any any eq ssh log
!
ip access-list extended web-acl-5
remark traffic to unit
permit ip any any log
!
ip access-list extended web-acl-6
remark NAT
permit ip any any log
!
ip access-list extended web-acl-7
remark Pcpro Debug
permit tcp any eq 5963 any eq 5963 log
!
!
!
!
ip policy-class Private
allow list VPN-10-vpn-selectors
allow list web-acl-5 self
nat source list web-acl-6 interface eth 0/1 overload
!
ip policy-class Public
allow reverse list VPN-10-vpn-selectors stateless
allow list web-acl-3 self
nat destination list web-acl-2 address 192.168.30.10
nat destination list web-acl-7 address 192.168.30.10
!
!
!
no tftp server
no tftp server overwrite
http server
no http secure-server
no snmp agent
no ip ftp server
ip ftp server default-filesystem flash
no ip scp server
no ip sntp server
!
!
!
!
!
!
!
!
!
sip udp 5060
sip tcp 5060
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
line con 0
no login
!
line telnet 0 4
login
no shutdown
line ssh 0 4
login local-userlist
no shutdown
!
!
!
!
!
!
!
end
You have
no http secure-server
in your configuration. This shuts down the HTTPS interface. Remove that line by entering:
http secure-server
in config mode. Then save your configuration.
You have
no http secure-server
in your configuration. This shuts down the HTTPS interface. Remove that line by entering:
http secure-server
in config mode. Then save your configuration.
I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it and select another in its place with the applicable buttons. If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.
Thanks,
Levi