https://community.cisco.com/t5/network-security/pix-pdm/m-p/200913#M605453 <HTML><HEAD></HEAD><BODY><P>Have you created a crypto key? </P><P></P><P>The security features needed by the httpS: (note the trailing "S") connection requires that you generate a crypto key (same for SSH).</P><P></P><P>Good Luck</P><P></P><P>Scott</P><P></P></BODY></HTML> Wed, 28 May 2003 17:44:45 GMT scottmac 2003-05-28T17:44:45Z https://community.cisco.com/t5/network-security/pix-pdm/m-p/200910#M605450 <P>I am trying to get PDM working on my PIX 515. My PIX firewall version is 6.2(1) and I have installed PDM 2.1(1). I am successfully running PDM 3.0 on another PIX I have running version 6.3. Do I have the wrong version of PDM installed for 6.2(1). Which PDM binary do I need for version 6.2(1) exactly? PDM-211.bin is currently installed, so would I need PDM-201.bin?? Or if PDM-211.bin is the correct binary, what would be a reason it won't kick up?</P> Fri, 21 Feb 2020 06:46:11 GMT https://community.cisco.com/t5/network-security/pix-pdm/m-p/200910#M605450 eknell 2020-02-21T06:46:11Z https://community.cisco.com/t5/network-security/pix-pdm/m-p/200911#M605451 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>PDM 2.1(1) is the right version for 6.2(1). What is the actual problem? It doesn't display the page at all? If you do "show version", do u see DES/3DES enabled. Does it show that you have the PDM installed? You may run "setup" to reset the values on the PIX in the config mode. Please, consult with the following link:</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/sw/netmgtsw/ps2032/products_installation_guide_chapter09186a00800e3314.html" target="_blank">http://www.cisco.com/en/US/products/sw/netmgtsw/ps2032/products_installation_guide_chapter09186a00800e3314.html</A></P><P></P><P>Thanks,</P><P></P><P>Mynul</P></BODY></HTML> Wed, 28 May 2003 15:10:33 GMT https://community.cisco.com/t5/network-security/pix-pdm/m-p/200911#M605451 mhoda 2003-05-28T15:10:33Z https://community.cisco.com/t5/network-security/pix-pdm/m-p/200912#M605452 <HTML><HEAD></HEAD><BODY><P>PIX 6.2.1 and PDM 2.1(1) should work fine. Check for the basics on the below url</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_tech_note09186a0080094ac1.shtml" target="_blank">http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_tech_note09186a0080094ac1.shtml</A></P><P></P><P>Thanks,</P><P>yatin</P></BODY></HTML> Wed, 28 May 2003 15:10:51 GMT https://community.cisco.com/t5/network-security/pix-pdm/m-p/200912#M605452 ywadhavk 2003-05-28T15:10:51Z https://community.cisco.com/t5/network-security/pix-pdm/m-p/200913#M605453 <HTML><HEAD></HEAD><BODY><P>Have you created a crypto key? </P><P></P><P>The security features needed by the httpS: (note the trailing "S") connection requires that you generate a crypto key (same for SSH).</P><P></P><P>Good Luck</P><P></P><P>Scott</P><P></P></BODY></HTML> Wed, 28 May 2003 17:44:45 GMT https://community.cisco.com/t5/network-security/pix-pdm/m-p/200913#M605453 scottmac 2003-05-28T17:44:45Z https://community.cisco.com/t5/network-security/pix-pdm/m-p/200914#M605454 <HTML><HEAD></HEAD><BODY><P>My actual problem is that I am getting a page can't be displayed error. DES is enabled and it also shows Cisco PIX Device Manager Version 2.1(1) is installed. I have actually already read that particular link and everything is kosher. I am running IE6 SP1 on an XP box, which does have the updated Java engine also. I haven't tryed running "setup" yet, but I have 2 other PIX firewalls running the new 6.3 version with the PDM 3.0 just fine, and I didn't have to revert to using "setup" which is confusing? </P></BODY></HTML> Wed, 28 May 2003 17:47:43 GMT https://community.cisco.com/t5/network-security/pix-pdm/m-p/200914#M605454 eknell 2003-05-28T17:47:43Z https://community.cisco.com/t5/network-security/pix-pdm/m-p/200915#M605455 <HTML><HEAD></HEAD><BODY><P>My understanding is that I would only have to setup crypto specifications if I was trying to access the PDM from the outside interface, which I am not. If I am totally wrong on this, can you please elaborate? If I need to setup crypto and ISAKMP attributes, I will. I am running the PDM on 2 of my other PIX firewalls just fine, except they are running 6.3. Thanks for you help.</P></BODY></HTML> Wed, 28 May 2003 18:00:36 GMT https://community.cisco.com/t5/network-security/pix-pdm/m-p/200915#M605455 eknell 2003-05-28T18:00:36Z https://community.cisco.com/t5/network-security/pix-pdm/m-p/200916#M605456 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Thanks and understand your concern regarding rerunning the setup. Sometimes you have to run this beacuse of the corruption of certificate for ssl. With setup, you will generate a new certificate. Does the same IE works with your other PIXes, if thats the case, then running setup most likely would ressolve your issue. If this IE doesn' t work with the other PDMs then you may also want to refer to the following thread due to SUN JVM issue.</P><P></P><P><A class="jive-link-custom" href="http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&amp;CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.ee9891f" target="_blank">http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&amp;CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.ee9891f</A></P><P></P><P>Thanks,</P><P></P><P>Mynul</P></BODY></HTML> Wed, 28 May 2003 18:04:40 GMT https://community.cisco.com/t5/network-security/pix-pdm/m-p/200916#M605456 mhoda 2003-05-28T18:04:40Z https://community.cisco.com/t5/network-security/pix-pdm/m-p/200917#M605457 <HTML><HEAD></HEAD><BODY><P>I installed the new Sun VM and that still didn't help out. Also, the same IE works on my other PIX's. I still haven't tryed running the "setup" yet on my 515, becuase I have to wait until after hours, but I thought I would add one more interesting fact. When I run a port scan on the inside interface's of my other PIX's, it shows port 443 (https) open. On my 515, it isn't open. I don't have any specific conduits to allow https on my other firewalls. Would I need to allow tcp and udp port 443 to a private IP?</P></BODY></HTML> Wed, 28 May 2003 19:36:54 GMT https://community.cisco.com/t5/network-security/pix-pdm/m-p/200917#M605457 eknell 2003-05-28T19:36:54Z https://community.cisco.com/t5/network-security/pix-pdm/m-p/200918#M605458 <HTML><HEAD></HEAD><BODY><P>Hi, </P><P></P><P>Indeed the port scan report is interesting.. If you have configured PDM then tcp/443 should show open not the UDP. If you have acl applied then yes you do need to allow tcp/443. If you have the similar setup on all the pixes in terms of ACL, and if the port scanner shows you diff report, my suggestion would be to use a diff. port scanner just to make sure that its not false positive. </P><P></P><P>Thanks,</P><P></P><P>Mynul</P></BODY></HTML> Wed, 28 May 2003 23:21:44 GMT https://community.cisco.com/t5/network-security/pix-pdm/m-p/200918#M605458 mhoda 2003-05-28T23:21:44Z https://community.cisco.com/t5/network-security/pix-pdm/m-p/200919#M605459 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Your understanding is accurate. Thanks,</P><P></P><P>Mynul</P></BODY></HTML> Thu, 29 May 2003 13:46:28 GMT https://community.cisco.com/t5/network-security/pix-pdm/m-p/200919#M605459 mhoda 2003-05-29T13:46:28Z https://community.cisco.com/t5/network-security/pix-pdm/m-p/200920#M605460 <HTML><HEAD></HEAD><BODY><P>My PDM (acessing from the inside interface) would't work until I generated a crypto key. That was with V6.2 or 6.2(2) ..I don't remember which ..</P><P></P><P>This was on a 501 w/ 3DES feature / 10 user.</P><P></P><P>FWIW</P><P></P><P>Scott</P><P></P></BODY></HTML> Thu, 29 May 2003 17:46:59 GMT https://community.cisco.com/t5/network-security/pix-pdm/m-p/200920#M605460 scottmac 2003-05-29T17:46:59Z