Cisco Pix Help - No web gui?

L

Linuxtim

Limp Gawd
Joined
Feb 26, 2003
Messages
203
Hi all

I have to manage a PIX firewall as part of my new job.
I have a console connection into it (so I can do sho ver etc).
What I need to do is open a port for video conferencing.

There is a GUI on the PIX but I can not access it. I can ping the PIX fine so I'm happy it is not a connection problem. Does anyone have experience trouble shooting the WEB GUI on a PIX 501?

Thanks in advance

L
 
take this with a grain of salt, I have not used a PIX box in a year+ and generally only deal with switches & routers so I may be way off on this

is it enabled? if you do show run it should show "http server enable"

if it's not enabled, login with the CLI

type these commands:

conf term
http 0 0
http server enable

don't write these changes to memory yet!!

try https://internal IP of your PIX (don't forget the S !!! I think they use SSL)
 
I never even bothered trying to use a GUI with our Pix 506. The CLI is easy enough to understand. All you need to do is add the correct port to the access list.
 
zrac said:
try https://internal IP of your PIX (don't forget the S !!! I think they use SSL)
Click to expand...

Yup..and correct version of Java. So if an old PIX, and a new install of Java..may not be able to get to it. Pain in the butts....few more weeks and the last PIX I'll have to deal with being replaced with an RV0
 
What they said - plus, and it's been probably three years on a PIX for me but if I recall the browser interface is quite limited in what you can change on a PIX. Some things can only be done via CLI. I do not remember if you can open specific ports via the web GUI though.
 
Just post a sterilized copy of the config, the ports you need opened, and we'll give you the config entries you need so all you'll have to do is copy/paste them in. Its much faster than troubleshooting the web interface, which I rather hate actually, and once we have the config I'm sure someoen will help you straighten out the GUI.
 
Hi All

OK, the process of what I did was:

console into PIX

enable (to log in)

show http - this showed me the http config is enabled (if it was not I could have enabled it as ZRac advised).

conf t
http 10.10.10.10 255.255.255.255 inside
end

wr m

This basically goes into config mode, allows my IP address (10.10.10.10) to access the web service and then saved.

This meant that httpS://pix (again, note the S as I forgot it a few times) now works. It does not load in IE though, but works fine in firefox so that is ok.

Thanks for all your help - just spoken to our ISP to see what ports we need to allow etc so it's all good.

L
 
i didnt think cisco even had a gui due to some of the limitations for gui. i guess i learned some new today (which means something old was forgotten :p)
 
You must log in or register to reply here.
Back
Top