Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PDM Setup on PIX 520

Status
Not open for further replies.
fgaston

fgaston

IS-IT--Management
Nov 19, 2001
38
I have some questions pertaining to PDM:
1. Once installed and we get security certificate prompt, we are getting prompted for user name & password. Were these set earlier? How do we disable?
2. Box was programmed outside of office initially. Security certificate is saying it doesn't recognize the box that is connecting to it. Must PDM be reinstalled? Is granting user rights for PDM to others going to be a nightmare?
3. Lastly is the PDM interface fairly intuitive or will it require Cisco certified programmer to make all the changes?
Thanks much.
 
Sort by date Sort by votes

#1. The username and password works like this. The username can be anything. That name can be logged to syslog later when you have it configured. The password must be the enable password.


#2 PDM's security is based on SSL and limiting who can connect to the PIX by IP address. If you are having a security certificate problem that probably means that the PIX thinks it already gave your PC (based on its IP) a certificate but now you are connecting again and the cert is not there. You can clear the certs on the PIX by attaching to the console port, logging in using the eable password and issuing a command to clear certs locally. I'll check as to what that command is and get back to you.

#3 PDM is REALLY easy. It was designed for someone with little or no experience with the PIX.

Liberty for All,

Brian
 
Upvote 0 Downvote
Thanks-that helps a lot. I will go back to determine the enabled password & possibly flush the certificate.

One other question: Rather than have a separate failover unit is it possible to run a 2nd (fractional)into the 520 to both use its bandwidth as well as be there for redundancy, as long as I have a separate NIC for it? Or would this be impossible to program from a rules standpoint to have both pipes be allowing access? Thanks!
 
Upvote 0 Downvote
I checked regarding #2. The PIX will generate a new cert for the PDM SSL everytime it starts up. If you power cycle the PIX you should not have any certificate problem.

Liberty for All,

Brian
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
671
Sameer258
Sameer258
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
159
PauS0n
PauS0n
mcisar
  • Locked
  • Question
Disable CHAP on PPPoE WAN connection
Replies
0
Views
168
mcisar
mcisar
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
192
hairlessupportmonkey
hairlessupportmonkey
xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
108
xwray
xwray

Part and Inventory Search

Sponsor

Back
Top