PDA

View Full Version : SDM v2.5, 3620 router, and IOS 12.2(19a)


laser
02-20-2009, 03:45 PM
Hey folks

I've finally got SDM installed on my router I selected "install on PC and router" hope that's correct (during SDM install utility)? I saw something via google about only selecting PC not router.

Anyway my 3620 will not allow for these commands

Router(config)# ip http secure-serve
Router(config-line)# transport input telnet ssh

It will take "transport input telnet" will not allow "ssh" portion.

When I try to connect I get the authentication pop up boxes (2x) then I get a third box "Enter SSH Credential" I use the information from "Router(config)# username <username> privilege 15 password 0 <password>"
but I can never get it to work. I don't want to use SSH at all, not for my lab anyway. I'm using SDM 2.5

Your thought appreciated, thanks

I followed these instructions

Configuring router to run SDM



Follow the instructions below to configure a router to run SDM.

Step 1:

1. Connect to your router using Telnet, SSH or via console.
2. Enter the global configuration mode using the command:
Router>enable
Router#conf terminal
Router(config)#

Step 2 :

Enable the router's HTTP/HTTPS server, using the following Cisco IOS commands:

Router(config)# ip http server

Router(config)# ip http secure-server

Router(config)# ip http authentication local

Note:- HTTPS is enabled only for crypto enabled IOS images.

Step 3:

Create a user with privilege level 15.

Router(config)# username <username> privilege 15 password 0 <password>

Note:- Replace <username> and <password> with the username and password that you want to configure.

Step 4:

Configure SSH and Telnet for local login and privilege level 15:

Router(config)# line vty 0 4

Router(config-line)# privilege level 15

Router(config-line)# login local

Router(config-line)# transport input telnet

Router(config-line)# transport input telnet ssh

Router(config-line)# exit

Step 5: (Optional) Enable local logging to support the log monitoring function:

Router(config)# logging buffered 51200 warning

crissa
02-21-2009, 04:53 PM
Hey folks

I've finally got SDM installed on my router I selected "install on PC and router" hope that's correct (during SDM install utility)? I saw something via google about only selecting PC not router.

Anyway my 3620 will not allow for these commands

Router(config)# ip http secure-serve
Router(config-line)# transport input telnet ssh

It will take "transport input telnet" will not allow "ssh" portion.

[...]

Hello,
what is the exact filename of the IOS you use? Keep in mind that not all IOS versions include ssh! (Check the Cisco Feature Navigator: <http://www.cisco.com/go/cfn/>)
Bye, Tore

laser
02-23-2009, 06:18 AM
Hi Crissa, thanks for your response.

This is my IOS
c3620-i-mz.122-19a.bin

I don't think IOS 12.2 will work w/ SDM.
Not sure.

crissa
02-23-2009, 07:03 AM
Hi Crissa, thanks for your response.

This is my IOS
c3620-i-mz.122-19a.bin

I don't think IOS 12.2 will work w/ SDM.
Not sure.

Hello,
the 3620 router is not on the list of routers which support SDM ...

The latest IOS for a 3620 router is 12.3 and it seems that SDM is only supported with 12.4 (and newer) IOS versions!
Bye, Tore

laser
02-23-2009, 07:37 AM
Hi Crissa

I found this bit of information about SDM, supported IOS, and hardware.

http://www.ciscozine.com/2008/11/28/security-device-manager-aka-sdm/

IOS naming convention for anyone interested
http://www.cisco.com/warp/public/620/1.html#intro

crissa
02-23-2009, 08:32 AM
Hi Crissa

I found this bit of information about SDM, supported IOS, and hardware.

http://www.ciscozine.com/2008/11/28/security-device-manager-aka-sdm/

IOS naming convention for anyone interested
http://www.cisco.com/warp/public/620/1.html#intro

Hello,
according to the Cisco Feature Navigator SDM is not supported with a 3620 router (I searched for "SDM" and "Security"). Of cource you can give it a try! ;-)
Bye, Tore

crissa
02-23-2009, 11:31 AM
Hello,
according to the Cisco Feature Navigator SDM is not supported with a 3620 router (I searched for "SDM" and "Security"). Of cource you can give it a try! ;-)
Bye, Tore

Hello,
I just tried to use the c3620-i-mz.123-24.bin IOS with SDM (version 2.4.1) ... and it worked!

Seems that that the SDM page is more trustworthy than the Feature Navigator. :-(
Bye, Tore