Here it is! My FIRST tutorial... and after all these years... lol

I was trying to help out a buddy from class who has just gotten himself a Cisco 831 Router.

He is a beginner with Cisco but really wanted to learn it, so he got it.
I told him to just use the CRWS to get the basic connection configuration setup.

The CRWS is only on a couple of different Cisco models. It is generally used on SOHO/broadband routers.
The 800 series and the SOHO 71, 77, 78 and 91.

It is VERY useful to use the CRWS to at least configure your WAN port.
Since cable and dsl configs can change so much, you can spend hours troubleshooting why your config won't work.
The CRWS will do it in a matter of seconds.

He was having some problems with the Cisco Router Web Setup (CRWS) and I thought that he should upgrade his CRWS files.
Sometimes, it won't load because you need Microsoft Virtual Machine... but that was not the case here.

I already had the latest version, but I figured that I'd show him exactly what he'd have to do to upgrade it.
I deleted my copy from the webflash: filesystem and started fresh. That is why there is no difference in the filesystem with regards to file size.

First, you will need a couple of things. You guessed it! The updated CRWS files.
You have to have an account on Cisco's site to get the updated CRWS files.

You will also need some way to transfer the files over... so, tftp is perfect for this job.
I use the version from SolarWinds. Its free and easy to use.
http://solarwinds.net/
(NOTE: You can also use xmodem... but its so painfully slow!)

Put the CRWS files in your tftp root. Then start the tftp server.

Now we are almost ready to roll.

You also have to make sure that your PC and the router have connectivity.
I like to make it static, so I don't have to configure the DHCP server.

Here I'm going to use the following TCP/IP settings for the router and workstation:

Cisco
192.168.0.1
255.255.255.0

PC
192.168.0.10
255.255.255.0

You should already know how to set your IP static on your workstation. I hope...

Now, lets set the LAN ethernet port with an IP address. In my case, the interface is called "ethernet 0".
If you already have this setup, skip this part. Just connect via telnet or ssh.
Move to where we actually start checking the filesystems and getting ready to upload/download the CRWS files.


Note: I use shortcuts in my commands... config t means configure terminal, or int eth 0 means interface ethernet 0, or sh means show, etc.
Hope you don't mind... its just a habit.


Connect to the router using to the console port via the cable that is included with the router.
Use hyperterminal to connect. Com 1 or 2, whichever you are using. Most newer PCs only have a Com 1.
Set the connection to 9600 bps, 8-N-1.

Press enter a couple of times to get connected.

You will have to get into enable mode...

Then you can set your interface ethernet 0 port to the 192.168.0.1 address.

cisco>enable
Password:
cisco#config t
Enter configuration commands, one per line. End with CNTL/Z.
cisco(config)#int eth 0
cisco(config-if)#ip address 192.168.0.1 255.255.255.0
cisco(config-if)#end
cisco#
Ping to make sure that you have connectivity between the two.

C:\Documents and Settings\user>ping 192.168.0.1

Pinging 192.168.0.1 with 32 bytes of data:

Reply from 192.168.0.1: bytes=32 time=2ms TTL=255
Reply from 192.168.0.1: bytes=32 time=2ms TTL=255
Reply from 192.168.0.1: bytes=32 time=2ms TTL=255
Reply from 192.168.0.1: bytes=32 time=2ms TTL=255

Ping statistics for 192.168.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 2ms, Average = 2ms
If you haven't set up your terminal access, you can continue to use the console.
I've configured my terminals to use ssh... so I'm going connect via ssh.

To start though... just use the console since you already have the cable hooked up.

What the fsck do you think you are doing?!
cisco line 1
I just logged into the router and am greeted.
It shows that I've set a custom banner and that I've connected via line 1.

If you are using the console, you won't get line 1. You will get something like con 0 or con 1.
I don't quite recall at the moment.
If you haven't set a banner, then you won't get one.

Now I want to update my CRWS files.

First we need to find out which filesystem the files reside.

cisco#sh file systems
File Systems:

Size(b) Free(b) Type Flags Prefixes
- - opaque rw system:
131072 118373 nvram rw nvram:
- - opaque rw null:
- - unknown wo rommon:
- - network rw tftp:
* 8388608 1748936 flash rw flash:
1835008 13372 flash rw webflash:
- - opaque ro xmodem:
- - opaque ro ymodem:
- - network rw rcp:
- - network rw ftp:
- - network rw http:
- - network rw scp:
- - network rw https:
- - opaque ro cns:

cisco#
Here I see that I have both a flash: and webflash:
I know that these routers store the CRWS files in webflash:

The flash: filesystem is generally used to store the IOS. (I also keep configs in there.)
The webflash: filesystem is used to store the CRWS files.
At least... thats how it is with my 806. I believe the rest of the broadband routers are this way too.


I issue the command sh webflash: because I want to see the "webflash:" filesystem.

cisco>sh webflash:

Web flash directory:
File Length Name/status
1 792 configexp.cfg [deleted]
2 794160 crws_1.jar
3 237247 crws_2.jar
4 40256 gui.html
5 4564 home.html
6 252 ipcpsubnet.cfg
7 8082 loading.gif
8 3463 vpnlogin.html
9 58582 crws_vpnlogin.jar
10 191961 crwsbhlp.html
11 986 ConfigExp_806.cfg
[1341060 bytes used, 756092 available, 2097152 total]
2048K bytes of processor board Web flash (Read/Write)
This shows us the files that are currently in webflash. These are the files we want to delete and replace with updated files. (remember, I already had the updated files, so mine are going to look the same)

Here we also see that the file configexp.cfg was deleted. That is because I'm using the Cisco 806 and the file configexp_806.cfg is used instead of configexp.cfg. If you have any other broadband router besides the 806, you would use the configexp.cfg instead of the configexp_806.cfg file.

You will need to be in privledge exec mode for the most of this... so I'll get into that now.

cisco>enable
Password:
First, I want to make sure that the http server and https servers are not running.
We don't want someone trying to run the CRWS when we are updating it.
I don't know what will happen if someone is using it and you try to update the CRWS... and I really don't want to know.

cisco#sh ip http server status
HTTP server status: Disabled
HTTP server port: 80
HTTP server authentication method: enable
HTTP server access class: 0
HTTP server base path:
Maximum number of concurrent server connections allowed: 5
Server idle time-out: 180 seconds
Server life time-out: 180 seconds
Maximum number of requests allowed on a connection: 1
HTTP secure server capability: Present
HTTP secure server status: Disabled
HTTP secure server port: 443
HTTP secure server ciphersuite: 3des-ede-cbc-sha des-cbc-sha rc4-128-md5 rc4-128-sha
HTTP secure server client authentication: Disabled
HTTP secure server trustpoint:
If it were enabled... you have to disable it.

cisco#config t
Enter configuration commands, one per line. End with CNTL/Z.
cisco(config)#no ip http server
cisco(config)#no ip http secure-server
cisco(config)#end
cisco#
Now its time to erase!

cisco#erase webflash:
Erasing the webflash filesystem will remove all files! Continue? [confirm]
Erasing device... eeeeeeeeeeeeeeee ...erasedee
Erase of webflash: complete
I like to check it to make sure that is really erased...

cisco#sh webflash:

Web flash directory:
No files in Web flash
[0 bytes used, 1835008 available, 1835008 total]
2048K bytes of processor board Web flash (Read/Write)
Now we get to copy from the tftp server to the cisco webflash:

cisco#copy tftp webflash:
Address or name of remote host []? 192.168.0.10
Source filename []? ConfigExp_806.cfg
Destination filename [ConfigExp_806.cfg]?
Accessing tftp://192.168.0.10/ConfigExp_806.cfg...
Erase webflash: before copying? [confirm]n
Loading ConfigExp_806.cfg from 192.168.0.10 (via Ethernet0): !
[OK - 986 bytes]

Verifying checksum... OK (0x5EAB)
986 bytes copied in 0.112 secs (8804 bytes/sec)
I like to make sure that it actually went there...

cisco#sh webflash:

Web flash directory:
File Length Name/status
1 986 ConfigExp_806.cfg
[1052 bytes used, 1833956 available, 1835008 total]
2048K bytes of processor board Web flash (Read/Write)
Now we do the same thing for the rest of the files. You don't have to verify all of them.
I just do it for the first one to make sure I have the syntax correct.

I won't go through each file, because they are all similar. You just change the source filename and the destination filename.
Just make sure that when it prompts you to erase the filesystem, you press "n".
Otherwise, you'll keep erasing the filesystem with each new file you tftp.

Now that I've copied all of the files sucessfully, I want to verify it.

cisco#sh webflash:

Web flash directory:
File Length Name/status
1 986 ConfigExp_806.cfg
2 941455 CRWS_1.jar
3 278042 CRWS_2.jar
4 62561 CRWS_VPNLogin.jar
5 474217 CRWSbHlp.html
6 47026 GUI.html
7 4895 home.html
8 252 IPCPSubnet.cfg
9 8082 loading.gif
10 3463 VPNLogin.html
[1821636 bytes used, 13372 available, 1835008 total]
2048K bytes of processor board Web flash (Read/Write)
Now that we've verified that all the files have been copied over... its time to start the http and https servers.

cisco#config t
Enter configuration commands, one per line. End with CNTL/Z.
cisco(config)#ip http server
cisco(config)#ip http secure-server
cisco(config)#end
And finally, make sure its running.

cisco#sh ip http server status
HTTP server status: Enabled
HTTP server port: 80
HTTP server authentication method: enable
HTTP server access class: 0
HTTP server base path:
Maximum number of concurrent server connections allowed: 5
Server idle time-out: 180 seconds
Server life time-out: 180 seconds
Maximum number of requests allowed on a connection: 1
HTTP secure server capability: Present
HTTP secure server status: Enabled
HTTP secure server port: 443
HTTP secure server ciphersuite: 3des-ede-cbc-sha des-cbc-sha rc4-128-md5 rc4-128-sha
HTTP secure server client authentication: Disabled
HTTP secure server trustpoint:
Now we can point our web browser to the Cisco router
I believe that you have to use Internet Explorer. I've never gotten any other browser to load it properly.

It is generally good practice to disable the http and https servers when you're not using them.
No use running services that you aren't using right then and there.

Viola! Thats all there is to it.

Hope that this was easy to understand. Its my first tutorial, so if you have any changes, recommendations... I'll be more than happy to change things around.

Updating the IOS is VERY similar to this. Its just a lot easier to run into more problems, so I didn't start with that. I started with something easier.