Solved

Access to PIX PDM

Posted on 2008-10-17
11
696 Views
Last Modified: 2012-05-05
Hi we support a company who have a pix firewall, i can access the CLI interface via telnet i know the read and enable passwords but when i go to access https://192.168.1.1 via an IE6 browser i always get authentication failed, i have tried a number of different username/password combinations including no username, pixadmin, admin but still no luck i'm assuming the password will be the enable password. Can anyone give any advice?

Thanks
0
Comment
Question by:Intrepidfox25
  • 6
  • 3
  • 2
11 Comments
 
LVL 17

Expert Comment

by:Andres Perales
Comment Utility
Are you trying to connect from outside their LAN or are you inside their LAN?
is the PDM enabled so that you can access it via the web?
0
 

Author Comment

by:Intrepidfox25
Comment Utility
Hi

Trying to access it from within the LAN

I cant be 100% on it being enabled but looking at the Policy it has lots of PDM Location Entries so again was just assuming what would i look for in the policy to tell me it is enabled?

0
 
LVL 17

Expert Comment

by:Andres Perales
Comment Utility
do a show ver on your pix from the cli and see if PDM is installed, if installed, then look for a line that states
http enabled
 
0
 

Author Comment

by:Intrepidfox25
Comment Utility
done the command and it does not say PDM is installed..have we found my problem?  I can see http enabled in the policy though.
0
 
LVL 8

Accepted Solution

by:
Jay_Gridley earned 500 total points
Comment Utility
If you have the
http enabled
command you also need to allow traffic to it.  Add the following:
http   inside
(where  is your LAN IP address and  your subnet mask)

You also need to create a user to use for logging in:
username example password example privilege 15

After that you should be able to login using the user "example" you just created with it's password.

JG
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:Intrepidfox25
Comment Utility
Hi yes traffic is alllowed to it, As you can probably tell i dont know a lot about CISCO Pix what command do i run to create a user?
also going back to my other post when i do show ver as suggested by peralesa i can't see PDM installed?
0
 
LVL 8

Expert Comment

by:Jay_Gridley
Comment Utility
I'm not sure if the installation of PDM would show up in a show version, that's why I hadn't answered that part yet. I don't have a PIX handy to test it unfortunately.
If your PIX Firewall is new and was shipped with PIX Firewall software version 6.0 or higher, then PDM should already be installed.

I included the command to add a user in my previous post:
username example password example privilege 15

replace example with username and password of your choice.
0
 

Author Comment

by:Intrepidfox25
Comment Utility
Yes the Pix is version 6.3

i will try creating the user as suggested and let you know how i get on,
0
 

Author Comment

by:Intrepidfox25
Comment Utility
hi i haven't had a chance to try this yet but should get time next week
0
 
LVL 8

Expert Comment

by:Jay_Gridley
Comment Utility
Np, just let us know if it worked or if you have any more problems.

JG.
0
 

Author Comment

by:Intrepidfox25
Comment Utility
Hi Sorry i have only just got to look at this again!

I created the user as suggested and now when i enter my new user name and password it goes to a error 404 file not found IE Page so i am now being authenticated.

Any other thoughts.

Cheers
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now