Hi all.

May this sounds obvious but, have you already put the address of your pix as a trusted site in the Internet Explorer (i.e. https://10.98.7.250), this problem happened to me and I only needed to put te address of the pix as a trusted site and it works immedatly.

Hope this helps.

David

Ward,

First of all, the first pop-up does indeed consists of a messgae indicating that the date is valid, but the name of the site is invalid. This is normal and can be ignored by just accepting.

So, after this you are getting the username/password prompt and when entering just the enable secret you get the message loading PDM.

This indicates that your http server is up, you have http access, you have pdm location configured and that the password entered is valid.

What happens next is what it says, that PDM is loading...., at least, it should be :-S

Normally, the first time you enter PDM, you would get a prompt asking if you want to run and install PDM from Cisco. Did you ever get this message? If so, did you clicked yes then?

Is the box ever upgraded?

Could you enter a "show version" and post output, cause it starts to look like the PDM fiel is missing or something like that.

Maybe we can see something there....

Kind regards,

Leo

Hi Leo

Please see below the show version output.

Please note that I havew done everything that is in all the conversations.Do you think i might need to upgrade my PDM.This is a brand new pix firewall and has never been upgraded.

NLONL02FIREWALL# sho version

Cisco PIX Firewall Version 6.3(1)

Cisco PIX Device Manager Version 3.0(1)

Compiled on Wed 19-Mar-03 11:49 by morlee

NLONL02FIREWALL up 46 secs

Hardware: PIX-515E, 64 MB RAM, CPU Pentium II 433 MHz

Flash E28F128J3 @ 0x300, 16MB

BIOS Flash AM29F400B @ 0xfffd8000, 32KB

Encryption hardware device : Crypto5823 (revision 0x1)

0: ethernet0: address is 000e.833e.ee8b, irq 10

1: ethernet1: address is 000e.833e.ee8c, irq 11

Licensed Features:

Failover: Enabled

VPN-DES: Enabled

VPN-3DES-AES: Disabled

Maximum Interfaces: 6

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: Unlimited

<--- More --->

Throughput: Unlimited

IKE peers: Unlimited

This PIX has an Unrestricted (UR) license.

Serial Number: 806263072 (0x300e9920)

Running Activation Key: 0xed6cddef 0x4c4d4350 0xa3e2a0d9 0x4145f7ad

Configuration last modified by enable_15 at 00:00:10.920 UTC Fri Jan 1 1993

NLONL02FIREWALL#

Sorry for the late reply, but I´ve been a few days of because I´ve become father of a lovely daughter, so I was taken care of mother and child :-))

Ehm, something bothers me from your last reply....

I always thought you had an allready up and running PIX and allready had access to it via PDM, then changed the outside IP-address after which PDM connection failed.

From your last messsage I understand that this is a new out-of-the-box PIX and that configured an IP-address on the outside interface and try to access the PDM via the outside interface. Is this correct?

If so then I´m sorry that I put you on the wrong track all the messages before this one.

If you want to have access to PDM on the outside interface there has to be some crypto-map configud and you have to have a VPN client on your system, caus you can not connect to PDM via the outside without the use of an IPSec tunnel.

You can only connect to PDM without using an IPSec tunnel if you are connecting via the inside IP-address.

If you have a new PIX and you defenitely want to connect via the outside interface to PDM you need to install VPN client on your PC and configure a crypto-map. If this is the case you should read the following sample config (and adapt it to your case):

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094497.shtml

Hope this helps,

Leo