Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cisco PIX 506E Firewall PDM issue

Posted on 2013-01-22
3
Medium Priority
?
777 Views
Last Modified: 2013-02-18
I am unable to access the PDM via the inside IP address.  I am able to access the PIX via the consol cable and term connect.  I have tried to connect directly to the PIX.  I have an older version of the PDM, and I also have an older version of Java.  I have always been able to connect in the past to this PIX, but now I cannot.
0
Comment
Question by:jbionic2000
  • 2
3 Comments
 
LVL 8

Expert Comment

by:pgolding00
ID: 38812920
can you provide "show version", the ip addressing config of the firewall, and advise the ip of the pc you run pdm from please?

can the pc ping the pix inside address? or is it coming through a vpn from the outside?
0
 

Author Comment

by:jbionic2000
ID: 38831538
The version is 3.0.  The internal IP of the firewall is 206.94.44.252.  The IP of the PC I am trying to access from is 206.94.44.10.  The gateway of the the PC is the firewall address 206.94.44.252.  I can ping the address of the firewall from inside and it is not coming from the any VPN.  I am using IE 6.0 and java 1.4.1.  I have seen the issue with the Java version being to new in the past using another PC to connect to the PDM.  This is completely different because at least then I would connect to the PDM it just wouldn't completely load.
0
 
LVL 8

Accepted Solution

by:
pgolding00 earned 1600 total points
ID: 38833575
you indicated that this used to work on the same client that now does not work - so what changed?

check that the netmask on pc and pix are the same, but i assume this must be ok as you can ping the pix.

from show version, do you see PDM listed similar to below? but yours is showing ver 3.0?
pixfirewall#show version
Cisco Secure PIX Firewall Version 6.1(1)
PIX Device Manager Version 1.1(2)  
...
Licensed Features:
Failover:   Disabled
VPN-DES:    Enabled
VPN-3DES:   Disabled

also note the lines for vpn-des and 3des - what does yours show? one of them must be enabled.

in the config do you have something like-
http 206.94.44.10 255.255.255.255 inside
 or whatever is appropriate for the interface name? you might have a subnet address and mask here - thats fine too. you should also see http server enabled in the config

is the pix clock correct - "sho clock" ? was it correct when first accessed by pdm? if you browse to the pix with https, then review the certificate details, verify that the from and to dates in the certificate are within the current date in the client and the pix. if not there is a process to resolve this here -
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094ac1.shtml

there is also a few other things to verify at that link. if none of that works, i would remove the pdm image from the firewall, zeroise the rsa keys, reboot it and the client, then reinstall the pdm image and re-generate the rsa keys.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question