
Most if not all Cisco IOS devices, both [switches](/switching) and [routers](/routing), as well as [ASA](/asa) devices, have the capability to run a local web server. This web server is used for several purposes, primarily to obtain a web interface GUI for the router to configure it and/or to view statistical and monitoring information about the device. 

Of course, the actual features that you are able to configure and see from that web interface depend upon the platform and the IOS version that you are using.

To enable the web server on a Cisco IOS router or switch, you use one of the following commands in global configuration mode:

```undefined
ip http server
ip http secure-server
```

The first command enables the web server using HTTP while the second enables it using HTTPS. Once this is done, you can then enter the IP address of the device (the address of any interface by default) and view the web page. 

For Cisco ASA,  use the `http server enable` command to start the built-in HTTP server.  This server only only supports HTTPS.

In the ASA OS, you would also need to specify which hosts or networks are allowed to connect to the HTTP server using the `http <network> <netmask> <interface>` command. For example, to allow any host on the 192.168.1.0/24 network to connect to the HTTP server through the inside interface, you would use the command `http 192.168.1.0 255.255.255.0 inside`.  Take a look at [Cisco ASA HTTPS server](/cisco-asa-https-server) for more info.

Best practice dictates that you should disable the web server due to the fact that it can be exploited for attacks. This can be done using the following commands on IOS devices:

```perl
no ip http server
no ip http secure-server
```


Links:

https://forum.networklessons.com/t/cisco-ios-nat-port-forwarding/1229/37?u=lagapides

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/https/command/nm-https-cr-book/nm-https-cr-cl-sh.html#wp3775424912

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/https/command/nm-https-cr-book/nm-https-cr-cl-sh.html#wp3445024686

IOS - ip http server

GRE - Recursive routing error

GRE - Tunnel Addressing

GRE MTU settings

GRE and IPSec

GRE tunnel and multicast

GRE tunnel key operation with only one tunnel key configured

GRE tunnel key

GRE tunnels and how they transmit multicast packets

HSRP - standby group numbers

HTTP - viewing HTTP messages in Wireshark

Hardware - Application Specific Integrated Circuit (ASIC)

High-Level Data Link Control (HDLC)

Home lab computer requirements

Hot Standby Router Protocol (HSRP)

How to practice labbing - best practices

How to prepare for Cisco DNA

IANA

ICANN

ICMP - Mitigating Vulnerabilities

ICMP - Vulnerabilities

ICMP - response to a ping that is blocked by an ACL

ICMP codes and types

ICMP

IEEE

IETF

IGMP - Snooping Querier Election

IGMP - Snooping Querier

IGMP - access group

IGMP - fast leave

IGMP - filtering using ACLs

IGMP - ip igmp snooping querier command

IGMP - membership report

IGMP - using VLAN access maps to filter multicast traffic

IGMP Snooping internal interface

IGMP default IOS configurations

IGMP last member query interval

IGMP membership query max response time

IGMP membership reports destination

IGMP report suppression

IGMP snooping prevents report suppression

IGMP snooping source IP address for messages

IGMP snooping

IGMP version 1 how hosts stop receiving multicast traffic

IGMP

IGMPv2 - leave group message mechanism

IGRP

IOS - Configuration Archive and Rollback

IOS - Right To Use (RTU) License

IOS - licensing

IOS - show license command

IOS - using ftp or tftp source-interface command

IOS configuration register

IOS install mode vs bundle mode

IOS key chain feature

IP - When is the TTL decremented in a router

IP Address Management (IPAM) Tools

IP Addressing on a Router

IP Fragmentation - effects on network traffic

IP Fragmentation Attack

IP Routing table - process by which entries are matched

IP SLA - Route Flapping Problem

IP SLA Parameters

IP SLA tracking syntax

IP addressing on a Switch

IP routing table - candidate default route

IP routing table - default route

IP routing table - static route

IPSec - Authentication Header (AH)

IPSec - ESP vs AH

IPSec - Encapsulating Security Payload (ESP)

IPSec - Key Exchange Data

IPSec - NAT, AH, and ESP

IPSec - crypto map multiple peers

IPSec ESP Wireshark decrypt payload

IPSec NAT Transparency

IPSec how it works with NAT-T

IPSec profile operation with more than one crypto isakmp policy

IPSec

IPsec - does it support multicast

IPv4 - Internal Host Loopback Address Range

IPv4 - ToS Byte definition

IPv4 - classful addressing

IPv4 - classless addressing

IPv4 - header protocol field

IPv4 - no subnet mask information in the IP header

IPv4 - subnet mask

IPv4 Link-local address range

IPv4 Private IP address ranges

IPv4 Subnetting invalid entry causing network address of zero

IPv4 header length field

IPv4 network and broadcast addresses

IPv4 point to point addresses

IPv4

IPv6 - ACLs, RAs, and RSes

IPv6 - DHCPv6

IPv6 - IPv4-mapped IPv6 address

IPv6 - NDP Neighbor Discovery Process

IPv6 - NDP preferred and valid lifetimes