Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cisco PIX 506E Firewall PDM issue

Posted on 2013-01-22
3
Medium Priority
?
773 Views
Last Modified: 2013-02-18
I am unable to access the PDM via the inside IP address.  I am able to access the PIX via the consol cable and term connect.  I have tried to connect directly to the PIX.  I have an older version of the PDM, and I also have an older version of Java.  I have always been able to connect in the past to this PIX, but now I cannot.
0
Comment
Question by:jbionic2000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 8

Expert Comment

by:pgolding00
ID: 38812920
can you provide "show version", the ip addressing config of the firewall, and advise the ip of the pc you run pdm from please?

can the pc ping the pix inside address? or is it coming through a vpn from the outside?
0
 

Author Comment

by:jbionic2000
ID: 38831538
The version is 3.0.  The internal IP of the firewall is 206.94.44.252.  The IP of the PC I am trying to access from is 206.94.44.10.  The gateway of the the PC is the firewall address 206.94.44.252.  I can ping the address of the firewall from inside and it is not coming from the any VPN.  I am using IE 6.0 and java 1.4.1.  I have seen the issue with the Java version being to new in the past using another PC to connect to the PDM.  This is completely different because at least then I would connect to the PDM it just wouldn't completely load.
0
 
LVL 8

Accepted Solution

by:
pgolding00 earned 1600 total points
ID: 38833575
you indicated that this used to work on the same client that now does not work - so what changed?

check that the netmask on pc and pix are the same, but i assume this must be ok as you can ping the pix.

from show version, do you see PDM listed similar to below? but yours is showing ver 3.0?
pixfirewall#show version
Cisco Secure PIX Firewall Version 6.1(1)
PIX Device Manager Version 1.1(2)  
...
Licensed Features:
Failover:   Disabled
VPN-DES:    Enabled
VPN-3DES:   Disabled

also note the lines for vpn-des and 3des - what does yours show? one of them must be enabled.

in the config do you have something like-
http 206.94.44.10 255.255.255.255 inside
 or whatever is appropriate for the interface name? you might have a subnet address and mask here - thats fine too. you should also see http server enabled in the config

is the pix clock correct - "sho clock" ? was it correct when first accessed by pdm? if you browse to the pix with https, then review the certificate details, verify that the from and to dates in the certificate are within the current date in the client and the pix. if not there is a process to resolve this here -
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094ac1.shtml

there is also a few other things to verify at that link. if none of that works, i would remove the pdm image from the firewall, zeroise the rsa keys, reboot it and the client, then reinstall the pdm image and re-generate the rsa keys.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question