01-12-2004 08:33 AM - edited 02-20-2020 11:11 PM
Hi
Just started up my pix and changed the outside address.Tried to access the pdm via the browser,but cannot.Any guidance would be much appreciated.
01-20-2004 07:34 AM
Leo,
Thanks again.
I have done the commands as you requested.
I then attempted to login again by typing
I then get prompted again with the security certificate message.It says that the date is valid etc but it still says the name on the security certificate is invalid or does not match the name of the site.
At the top of the popup it says Information you exchange with this site cannot be viewed or changed by others.however there is a problem with the site's security certificate.
So I am still getting this message.
It does however come up with the pretty cisco picture again saying loading PIX PDM manager...please wait...
You got any further ideas?
Thanks again
Ward
01-20-2004 04:57 PM
Hi all.
May this sounds obvious but, have you already put the address of your pix as a trusted site in the Internet Explorer (i.e. https://10.98.7.250), this problem happened to me and I only needed to put te address of the pix as a trusted site and it works immedatly.
Hope this helps.
David
01-21-2004 07:24 AM
Ward,
First of all, the first pop-up does indeed consists of a messgae indicating that the date is valid, but the name of the site is invalid. This is normal and can be ignored by just accepting.
So, after this you are getting the username/password prompt and when entering just the enable secret you get the message loading PDM.
This indicates that your http server is up, you have http access, you have pdm location configured and that the password entered is valid.
What happens next is what it says, that PDM is loading...., at least, it should be :-S
Normally, the first time you enter PDM, you would get a prompt asking if you want to run and install PDM from Cisco. Did you ever get this message? If so, did you clicked yes then?
Is the box ever upgraded?
Could you enter a "show version" and post output, cause it starts to look like the PDM fiel is missing or something like that.
Maybe we can see something there....
Kind regards,
Leo
01-25-2004 05:01 AM
Hi Leo
Please see below the show version output.
Please note that I havew done everything that is in all the conversations.Do you think i might need to upgrade my PDM.This is a brand new pix firewall and has never been upgraded.
NLONL02FIREWALL# sho version
Cisco PIX Firewall Version 6.3(1)
Cisco PIX Device Manager Version 3.0(1)
Compiled on Wed 19-Mar-03 11:49 by morlee
NLONL02FIREWALL up 46 secs
Hardware: PIX-515E, 64 MB RAM, CPU Pentium II 433 MHz
Flash E28F128J3 @ 0x300, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
Encryption hardware device : Crypto5823 (revision 0x1)
0: ethernet0: address is 000e.833e.ee8b, irq 10
1: ethernet1: address is 000e.833e.ee8c, irq 11
Licensed Features:
Failover: Enabled
VPN-DES: Enabled
VPN-3DES-AES: Disabled
Maximum Interfaces: 6
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
<--- More --->
Throughput: Unlimited
IKE peers: Unlimited
This PIX has an Unrestricted (UR) license.
Serial Number: 806263072 (0x300e9920)
Running Activation Key: 0xed6cddef 0x4c4d4350 0xa3e2a0d9 0x4145f7ad
Configuration last modified by enable_15 at 00:00:10.920 UTC Fri Jan 1 1993
NLONL02FIREWALL#
02-09-2004 01:49 PM
Sorry for the late reply, but I´ve been a few days of because I´ve become father of a lovely daughter, so I was taken care of mother and child :-))
Ehm, something bothers me from your last reply....
I always thought you had an allready up and running PIX and allready had access to it via PDM, then changed the outside IP-address after which PDM connection failed.
From your last messsage I understand that this is a new out-of-the-box PIX and that configured an IP-address on the outside interface and try to access the PDM via the outside interface. Is this correct?
If so then I´m sorry that I put you on the wrong track all the messages before this one.
If you want to have access to PDM on the outside interface there has to be some crypto-map configud and you have to have a VPN client on your system, caus you can not connect to PDM via the outside without the use of an IPSec tunnel.
You can only connect to PDM without using an IPSec tunnel if you are connecting via the inside IP-address.
If you have a new PIX and you defenitely want to connect via the outside interface to PDM you need to install VPN client on your PC and configure a crypto-map. If this is the case you should read the following sample config (and adapt it to your case):
Hope this helps,
Leo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide