321 Studios OL-7141-04 manual SDP Troubleshooting Tips

Page 52

Chapter 1 Cisco SDM Express

SDP Troubleshooting Tips

SDP Troubleshooting Tips

Use this information before enrolling using Secure Device Provisioning (SDP) to prepare the connection between the router and the certificate server. If you experience problems enrolling, you can review these tasks to determine where the problem is.

When SDP is launched, you must minimize the browser window displaying this help topic so that you can view the SDP web application.

Troubleshooting Tips

These recommendations involve preparations on the local router and on the Certificate Authority (CA) server. You need to communicate these requirements to the administrator of the CA server. Ensure the following:

•The local router and the CA server have IP connectivity between each other. The local router must be able to ping the certificate server successfully, and the certificate server must be able to successfully ping the local router.

•The CA server administrator uses a web browser that supports JavaScript.

•The CA server administrator has enable privileges on the local router.

•The firewall on the local router will permit traffic to and from the certificate server.

•If a firewall is configured on the Petitioner and/or on the Registrar, you must ensure that the Firewall permits HTTP or HTTPS traffic from the PC from which the SDM /SDP application is invoked.

For more information about SDP, see the following web page:

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_gui de09186a008028afbd.html#wp1043332

	Cisco SDM Express
1-46	OL-7141-04

Image 52

Contents Cisco SDM Express User’s Guide Cisco SDM Express User’s Guide N T E N T S Contents Cisco SDM Express Edit Mode Contents Welcome A P T E RBasic Configuration Username and Password FieldsHostname Field Domain Name FieldRouter Provisioning Enable Secret Password FieldSDM Express Provision From USB Token USB Token or USB FlashSecure Device Provisioning CNS ServerProvision From USB Flash File Selection Wireless Interface Configuration LAN Interface ConfigurationName SizeWireless Parameters Fields Interface/Bridge-to-Interface ListIP Address Field Subnet Mask FieldDhcp Server Configuration Enable Dhcp server on the LAN interface Check BoxRefresh, Apply Changes, Discard Changes Buttons Starting IP Address FieldPrimary Domain Name Server Field Ending IP Address FieldSecondary Domain Name Server Field Enable PPPoE Check Box Internet WAN Ethernet InterfaceUse these DNS values for Dhcp clients Check Box Address Type ListAuthentication Type Check Box Password FieldConfirm Password Field Username FieldInternet WAN Autodetect Encapsulation Status Icon and Enable or Disable ButtonInternet WAN User Specified Encapsulation Virtual Path Identifier Field Encapsulation ListVirtual Circuit Identifier Field IP Address for Remote Connection in Central Office Field WAN Interface Selection Enable or Disable ButtonAdd Connection, Edit, Delete Buttons Interface List Serial ConnectionRefresh Button Frame Relay Configuration Settings Link IP Address and Subnet Mask FieldsFrame Relay Configuration Settings Dlci FieldLMI Type Field Use Ietf Frame Relay Encapsulation Check BoxInternet WAN Advanced Options CNS Server InformationPrimary DNS Field Firewall ConfigurationSecondary DNS Field Security Settings Disable Snmp Services on Your Router Check Box Disable Services that Involve Security Risks Check BoxEncrypt Passwords Check Box Enhance Security on Router Access Check BoxSummary Supplementary Help Cisco Network ServicesCisco Router and Security Device Manager Security Settings Disable SnmpDisable Finger Service Disable PAD ServiceDisable TCP Small Servers Service Disable UDP Small Servers Service Disable IP Bootp Server ServiceDisable IP Identification Service Disable CDPDisable IP Source Route Enable Password Encryption ServiceEnable Netflow Switching Enable TCP Keepalives for Inbound Telnet SessionsEnable Sequence Numbers and Time Stamps on Debugs Enable TCP Keepalives for Outbound Telnet SessionsEnable IP CEF Set Scheduler Interval Set Scheduler AllocateSet TCP Synwait Time Enable Logging Enable Unicast RPF on Outside InterfacesDisable IP Gratuitous ARPs Disable IP RedirectsDisable IP Proxy ARP Disable IP Directed BroadcastDisable MOP Service Disable IP UnreachablesDisable IP Mask Reply Set Minimum Password Length to Less Than 6 CharactersSet Authentication Failure Rate to Less Than 3 Retries Set BannerEnable Telnet Settings Enable SSH for Access to the RouterHelp Button Cisco SDM Express ButtonsAbout Button Reconnecting to the Router After Initial Configuration Exit ButtonApply Changes Button Discard Changes ButtonTesting Your WAN Internet Connection SDP Troubleshooting Tips Troubleshooting TipsIcons OverviewLAN Fields Internet WAN Fields Firewall FieldsUsername/Login Password/Password is Encrypted Fields Edit/Delete ButtonsEncrypt password using MD5 hash algorithm Checkbox Bridge/Do not bridge LAN interface with wireless CheckboxEdit a Username Refresh/Apply Changes/Discard Changes ButtonsWireless WAN-Unable to Configure WAN InterfaceLAN interface configuration Fields No WAN AvailableDelete Connection Enable Firewall/Disable Firewall ButtonsFirewall Unable to configure Firewall Window Unable to Configure NATAdd or Edit Address Translation Rule Routing Disable Services that Involve Security Risks Checkbox Select All Recommended by Cisco CheckboxEncrypt Passwords Checkbox Synchronize with my local PC clock CheckboxTools PingUpdate SDM from Cisco.com To clear the output of the ping commandSource Field Destination FieldUpdate SDM from CD Update SDM from Local PCCCO Login Synchronize Checkbox Date and Time PropertiesEdit Date and Time Fields Reset to Factory Defaults Save Running Config to PCWrite down these steps and then reset the router Apply ButtonReconfiguring Your PC with a Static or a Dynamic IP Address Microsoft Windows NT Feature Not Available Cisco SDM Express Edit Mode Feature Not Available D E IN-2