3.3 Important Cisco IOS Features
3.3.8 HTTP switch commands

The Catalyst Web Interface (CWI) is a browser-based tool that you can use to configure the Cisco 6000, 5000, and 4000 Family Switches. It consists of a graphical user interface (GUI) that runs on the client, Catalyst CiscoView (CV), and a Hypertext Transfer Protocol (HTTP) server that runs on the switch.

A GUI alternative to the CLI and SNMP interfaces, the CWI provides a real-time graphical representation of the switch and detailed information, such as port status, module status, type of chassis, and modules. The CWI uses HTTP to download Catalyst CV from the server to the client.

Communication between the client and server usually occurs on a TCP/IP connection. The TCP/IP port number for HTTP is 80. In this client/server mode, the client opens a connection to the server and sends a request. The server receives the request, sends a response back to the client, and closes the connection.

To configure the HTTP server on a set command-based switch, perform the following tasks at the CLI:

  1. Assign an IP address to the switch, if necessary using the command set interface sc0 [ip_addr / netmask].
  2. Enable the HTTP server on the switch using the command set ip http server enable.
  3. Configure the HTTP port (TCP/IP port default is 80; perform this step only if you need to change the default) using the command set ip http port port_number default.
  4. Verify the HTTP server and CWI support by using the command show ip http.

Catalyst Switch software allows you to configure authentication for console and Telnet logins using the RADIUS/TACACS/Kerberos/Local database. With software Release 5.4(2) or later, you can also configure authentication for HTTP users.

When you log into the switch using HTTP, a dialog box appears and prompts you for your username and password. After you provide your username and password, the system authenticates your login with the HTTP user-authentication method. The system denies access unless the username and password are valid. In the default configuration, verification is enabled for all users of the CWI. The system validates the login password against the local login password.

Authentication for the CWI occurs at these two security levels:

  • Level 1 - Username and Password Authentication

Level 1 requires you to obtain authentication by providing a username and password. This process is similar to the authentication that you obtain at the command prompt for Telnet and console sessions.

After you pass the first level of security, you can download the Catalyst CV.

  • Level 2 - SNMP IP Permit Restriction

Level 2 restricts the IP address of the incoming SNMP request. The IP address of the SNMP request must be configured correctly before the CWI can communicate with the switch.

To configure authentication, perform these tasks at the CLI:

  Task Command
Step 1 Configure authentication login.  set authentication login
Step 2 Display authentication.  show authentication

The example in Figure shows how to set the authentication login for the HTTP option.

To download the Catalyst CV from your browser, follow these steps:

Step 1 - Enter the switch address in the Universal Resource Locator (URL) field of your browser. For example, open Netscape Navigator or Internet Explorer and enter the following:

http://10.1.1.1

In this example, 10.1.1.1 is the switch IP address. After you connect to the switch, a login dialog appears and prompts for your username and password.

Step 2 - Provide your username and password. The home page of the switch appears on your browser.

Step 3 - Click the Switch Manager link to download the Catalyst CV. The switch downloads the Catalyst CV, and your browser opens with a real-time view of the switch chassis.