Hi
since a couple of days I can`t connect to my router via HTTPS. The admin access is programmed in the firewall and i have HTTPS and SSH checked.
i can connect via SSH without issue.
here is the CFG file
!
!
! ADTRAN, Inc. OS version R10.9.1.E
! Boot ROM version 13.03.00.SB
! Platform: NetVanta 3448, part number 1200821E1
! Serial number LBADTN1113AG368
!
!
hostname "AQTR_QC"
no enable password
!
clock timezone -5-Eastern-Time
!
ip subnet-zero
ip classless
ip default-gateway XX.XX.XX.XX
ip routing
ipv6 unicast-routing
!
!
domain-name "aqtr.qc.ca"
domain-proxy
name-server 4.2.2.1 8.8.8.8
!
!
auto-config
!
event-history on
no logging forwarding
no logging email
!
no service password-encryption
!
username "Adm1n" password "Pa55w0rd"
!
!
ip firewall
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
no ip firewall alg sip
!
!
!
!
!
!
!
!
!
!
!
no dot11ap access-point-control
!
!
!
!
!
!
!
ip dhcp excluded-address 192.168.30.10 192.168.30.11
!
ip dhcp pool "Management"
network 192.168.30.0 255.255.255.0
domain-name "aqtr.qc.ca"
dns-server 4.2.2.1 8.8.8.8
default-router 192.168.30.1
!
!
!
!
!
!
!
ip crypto
!
crypto ike policy 100
initiate main
respond anymode
local-id address XX.XX.XX.XX
peer XX.XX.XX.XX
attribute 1
encryption 3des
hash md5
authentication pre-share
!
crypto ike remote-id address XX.XX.XX.XX preshared-key AQTR5236444 ike-policy 100 crypto map VPN 10 no-mode-config no-xauth
!
!
ip crypto ipsec transform-set esp-3des-esp-md5-hmac esp-3des esp-md5-hmac
mode tunnel
!
ip crypto map VPN 10 ipsec-ike
description VPN TO MTL
match address ip VPN-10-vpn-selectors
set peer 207.253.176.42
set transform-set esp-3des-esp-md5-hmac
ike-policy 100
!
!
!
!
vlan 1
name "Default"
!
!
!
no ethernet cfm
!
interface eth 0/1
description Connection acces internet
ip address XX.XX.XX.XX 255.255.255.248
ip access-policy Public
ip crypto map VPN
media-gateway ip primary
no shutdown
!
!
interface eth 0/2
ip address dhcp
shutdown
!
!
!
interface switchport 0/1
no shutdown
!
interface switchport 0/2
no shutdown
!
interface switchport 0/3
no shutdown
!
interface switchport 0/4
no shutdown
!
interface switchport 0/5
no shutdown
!
interface switchport 0/6
no shutdown
!
interface switchport 0/7
no shutdown
!
interface switchport 0/8
no shutdown
!
!
!
interface vlan 1
description Connection systeme Tel
ip address 192.168.30.1 255.255.255.0
ip access-policy Private
media-gateway ip primary
no shutdown
!
!
interface t1 1/1
shutdown
!
!
!
!
!
!
!
ip access-list extended VPN-10-vpn-selectors
permit ip 192.168.30.0 0.0.0.255 192.168.25.0 0.0.0.255
!
ip access-list extended web-acl-2
remark NEC SV8100
permit tcp any eq 8000 any eq 8000 log
!
ip access-list extended web-acl-3
remark admin access
permit tcp any any eq https log
permit tcp any any eq ssh log
!
ip access-list extended web-acl-5
remark traffic to unit
permit ip any any log
!
ip access-list extended web-acl-6
remark NAT
permit ip any any log
!
ip access-list extended web-acl-7
remark Pcpro Debug
permit tcp any eq 5963 any eq 5963 log
!
!
!
!
ip policy-class Private
allow list VPN-10-vpn-selectors
allow list web-acl-5 self
nat source list web-acl-6 interface eth 0/1 overload
!
ip policy-class Public
allow reverse list VPN-10-vpn-selectors stateless
allow list web-acl-3 self
nat destination list web-acl-2 address 192.168.30.10
nat destination list web-acl-7 address 192.168.30.10
!
!
!
no tftp server
no tftp server overwrite
http server
no http secure-server
no snmp agent
no ip ftp server
ip ftp server default-filesystem flash
no ip scp server
no ip sntp server
!
!
!
!
!
!
!
!
!
sip udp 5060
sip tcp 5060
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
line con 0
no login
!
line telnet 0 4
login
no shutdown
line ssh 0 4
login local-userlist
no shutdown
!
!
!
!
!
!
!
end
