HTTP 101
To enable the HTTP Server on the Cisco IOS, use:
R(config)# ip http server
By default, the server runs on port 80. You can change it with:
R(config)# ip http port PORT-NUMBER
To restrict the clients that can access the HTTP server, use:
R(config)# ip http access-class ACL
To enable authentication for the HTTP server, use:
R(config)# ip http authentication {enable|local}
! When using local auth, the user must have priv 15
If you use AAA authentication then you can also set up AAA authentication:
R(config)# ip http authentication aaa login-authentication METHOD-LIST
! Additionaly, define EXEC and COMMAND authorization:
R(config)# ip http [exec-authorization METHOD-LIST|command-authorization LEVEL METHOD-LIST
Normally, the files used by the HTTP server are located on the flash. You can specify the path to the server root, using:
R(config)# ip http path PATH-TO-SERVER-ROOT
To define a timeout policy, use the command:
R(config)# ip http timeout-policy idle IDLE-TIMEOUT life LIFE-TIMEOUT requests MAX-REQ
! IDLE-TIMEOUT - default 180 - timeout if no data is received
! LIFE-TIMEOUT - default 180 - max lifetime of a connection regardless of data sent
! MAX-REQ - maximum number of requests per connection.
To enable the HTTPS server, use:
R(config)# ip http secure-server
By default, the secure server runs on port 443, but it can be changed with:
R(config)# ip http secure-port PORT-NUMBER
The Cisco IOS Router can also act as an HTTP Client. The HTTP client is used when issuing commands such as:
R# more http://SERVER[/PAGE]
R# copy http://SERVER/FILE ...
The HTTP client can be configured inside the configuration mode. For example you can specify an HTTP user and password to be used:
R(config)# ip http client username USER
R(config)# ip http client password PASS
or the source interface:
R(config)# ip http source-interface INTERFACE
Additionaly an HTTP Proxy can be configured, using:
R(config)# ip http client proxy-server PROXY-SRV proxy-port PROXY-PORT