Cisco Devices and HTTP

As a rule running web interface control on a Cisco device is a bad idea. But there are times when you may want to run it. Some of Cisco’s management tools expect it.

  • no ip http server – Kill HTTP when possible
  • ip http secure-server – If you have to run web management use HTTPS for encryption
  • ip http access-class XX – Apply an ACL to restrict hosts that can reach the web management, where XX you replace with your ACL number