Marka Mekapse
asked on
newbie on pix 525 - PDM access
ok so i am a newbie to the pix 525 and need some guidance.
i was looking to access the PDM but i find that it isn't the same as accessing the PDM on a 506e. am i right? i found some sites out there that say you can use the ASDM if so, i don't want to screw up my pix by uploading something that isn't compatible.
attached is my ocnfig
thanks
i was looking to access the PDM but i find that it isn't the same as accessing the PDM on a 506e. am i right? i found some sites out there that say you can use the ASDM if so, i don't want to screw up my pix by uploading something that isn't compatible.
attached is my ocnfig
thanks
:
PIX Version 7.2(4)
!
hostname pixfirewall
domain-name default.domain.invalid
enable password iMJCYSF9e3ba/od. encrypted
passwd iMJCYSF9e3ba/od. encrypted
names
!
interface Ethernet0
nameif outside
security-level 0
ip address 0.0.0.0 0.0.0.0
!
interface Ethernet1
nameif inside
security-level 100
ip address 10.10.10.1 255.0.0.0
!
ftp mode passive
dns server-group DefaultDNS
domain-name default.domain.invalid
pager lines 24
mtu inside 1500
mtu outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable
http 0.0.0.0 0.0.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet timeout 5
ssh timeout 5
console timeout 0
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:d41d8cd98f00b204e9800998ecf8427e
: end
pixfirewall(config)#
note http 0 0 inside will allow ASDM access for everyone! to lock it down see http://www.petenetlive.com/KB/Article/0000173.htm
ASKER
this is what show flash displays
Directory of flash:/
5 -rw- 8515584 00:17:58 Jan 01 1993 pix724.bin
Directory of flash:/
5 -rw- 8515584 00:17:58 Jan 01 1993 pix724.bin
Thats just the OS :(You need the ASDM image - if you dont have a valid support contract you are a bit stuck - unless you have the CD that came with the firewall that has a copy on it :)
ASKER
ok - what version of ASDM should i request? i want to make sure that i get the correct one.
ASKER
i purchased this pix and dont have the CD; however, i do have access to the asdm files. there a re a few versions and i want to make sure that i get the correct one. can you assist?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Excellent work guys! this helped me out a great deal
thanks!
thanks!
Plus 7.2(2) is old update the OS (at which time you can install the ASDM see instructions on my website here http://www.petenetlive.com/KB/Article/0000074.htm
However if you don't have a support contract you cant download the images - so issue a
show flash
or
show disk0
command and see if you have an asdm image already in there
it will look like
asdm-xxx.bin <----xxx will be three numbers - which is the version
If its there
log in go to enable mode > so to conf t mode and issue the following commands
http server enable
http 0 0 inside
asdm image flash:/asdm-xxx.bin <--- replace with the three numbers in yours
Pete