Thursday, September 30, 2010

Cisco Catalyst 2950 HTTP: out of lines

This week I have being working on a lab setup to test some new features on an ACS deployment for a customer. For the lab, I took a couple of Catalyst 2950s/3550s and did some AAA configuration on them, so that pretty much everything AAA related went to the ACS servers.

After everything was done, I was doing verification on different things and everything was working as it should and then it was HTTP turn on the 2950s, the configuration was there but nothing was happening, all I got was a blank page every time I tried to enter the Web GUI.

Doing a debug ip http transactions showed:

000605: Sep 30 09:58:32.736 CEST: HTTP: out of lines
000606: Sep 30 09:58:32.748 CEST: HTTP: out of lines
000607: Sep 30 09:58:32.768 CEST: HTTP: out of lines
000608: Sep 30 09:58:32.780 CEST: HTTP: out of lines

My first thought was check to see if indeed the switch was out of lines, but that wasn't the case:

SW1#sh users all
    Line       User       Host(s)              Idle       Location
   0 con 0                                     00:00:00
*  1 vty 0     lab        idle                 00:00:00 1.1.1.1
   2 vty 1                                     00:00:00
   3 vty 2                                     00:00:00
   4 vty 3                                     00:00:00
   5 vty 4                                     00:00:00
   6 vty 5                                     00:00:00
   7 vty 6                                     00:00:00
   8 vty 7                                     00:00:00
   9 vty 8                                     00:00:00
  10 vty 9                                     00:00:00
  11 vty 10                                    00:00:00
  12 vty 11                                    00:00:00
  13 vty 12                                    00:00:00
  14 vty 13                                    00:00:00
  15 vty 14                                    00:00:00
  16 vty 15                                    00:00:00

Some searching later I found that apparently on the 2950s (Version 12.1(22)EA13) if you have transport input ssh on the vty lines, HTTP doesn't work, the issue was solved changing the vty  lines configuration to transport input ssh telnet.

I wasn't able to reproduce the same behavior on the 3550s (Version 12.2(53)SE).

4 comments:

  1. I was able to reproduce it on a router :P

    2d05h: HTTP: out of lines
    k9sy-mz.122-46a.bin

    and it has a bit of logic, but not realy working as intended i presume.

    ReplyDelete
  2. This was preventing me from adding our 2950s as community members in Network Assistant, and I've been tearing my hair out trying to figure out what was wrong. Not thrilled to have to re-enable telnet, but I'll live. Thank you _SO_ much!

    ReplyDelete
  3. Thanks Nook, glad it help you out. Check my new blog for more interesting networking posts http://blog.initialdraft.com

    ReplyDelete