HTTP 101

1. HTTP Server

To enable the HTTP Server on the Cisco IOS, use:

R(config)# ip http server

By default, the server runs on port 80. You can change it with:

R(config)# ip http port PORT-NUMBER

To restrict the clients that can access the HTTP server, use:

R(config)# ip http access-class ACL

To enable authentication for the HTTP server, use:

R(config)# ip http authentication {enable|local}
! When using local auth, the user must have priv 15

If you use AAA authentication then you can also set up AAA authentication:

R(config)# ip http authentication aaa login-authentication METHOD-LIST
! Additionaly, define EXEC and COMMAND authorization:
R(config)# ip http [exec-authorization METHOD-LIST|command-authorization LEVEL METHOD-LIST

Normally, the files used by the HTTP server are located on the flash. You can specify the path to the server root, using:

R(config)# ip http path PATH-TO-SERVER-ROOT

To define a timeout policy, use the command:

R(config)# ip http timeout-policy idle IDLE-TIMEOUT life LIFE-TIMEOUT requests MAX-REQ
! IDLE-TIMEOUT - default 180 - timeout if no data is received
! LIFE-TIMEOUT - default 180 - max lifetime of a connection regardless of data sent
! MAX-REQ - maximum number of requests per connection.

1.1 HTTPS Server

To enable the HTTPS server, use:

R(config)# ip http secure-server

By default, the secure server runs on port 443, but it can be changed with:

R(config)# ip http secure-port PORT-NUMBER

2. HTTP Client

The Cisco IOS Router can also act as an HTTP Client. The HTTP client is used when issuing commands such as:

R# more http://SERVER[/PAGE]
R# copy http://SERVER/FILE ...

The HTTP client can be configured inside the configuration mode. For example you can specify an HTTP user and password to be used:

R(config)# ip http client username USER
R(config)# ip http client password PASS

or the source interface:

R(config)# ip http source-interface INTERFACE

Additionaly an HTTP Proxy can be configured, using:

R(config)# ip http client proxy-server PROXY-SRV proxy-port PROXY-PORT

Leave a Reply

Your email address will not be published. Required fields are marked *