User Guide
Page 2
q Runs on all PIX 501, PIX 506, PIX 515, PIX 520, PIX 525, and PIX 535 platforms that are upgrading from a previous version of PIX Firewall, you need to use TFTP from a single workstation. PDM is available on platforms that were...(GUI) for you. q Monitors and configures one PIX Firewall unit and administer several PIX Firewall units from the PIX Firewall to copy the PDM image to the PIX Firewall unit for configuring and monitoring the Cisco PIX Firewall. This topic includes the following : q Helps you configure your PIX Firewall. For example, PDM does the following sections: ...
q Runs on all PIX 501, PIX 506, PIX 515, PIX 520, PIX 525, and PIX 535 platforms that are upgrading from a previous version of PIX Firewall, you need to use TFTP from a single workstation. PDM is available on platforms that were...(GUI) for you. q Monitors and configures one PIX Firewall unit and administer several PIX Firewall units from the PIX Firewall to copy the PDM image to the PIX Firewall unit for configuring and monitoring the Cisco PIX Firewall. This topic includes the following : q Helps you configure your PIX Firewall. For example, PDM does the following sections: ...
User Guide
Page 56
debug Debug packets or ICMP tracings through the PIX Firewall. See ipsec, isakmp, map, ca commands alias Administer overlapping addresses ... for an interface Define a local address pool Configure Unicast RPF on established connections failover Enable/disable PIX failover feature to filter inbound traffic access-list Add an access list age This command is deprecated....Configure IPsec, IKE, and CA configure Configure from terminal, floppy, or memory, clear configure copy Copy image or PDM file from privileged mode domain-name Change domain name dynamic-map Specify a dynamic crypto map ...
debug Debug packets or ICMP tracings through the PIX Firewall. See ipsec, isakmp, map, ca commands alias Administer overlapping addresses ... for an interface Define a local address pool Configure Unicast RPF on established connections failover Enable/disable PIX failover feature to filter inbound traffic access-list Add an access list age This command is deprecated....Configure IPsec, IKE, and CA configure Configure from terminal, floppy, or memory, clear configure copy Copy image or PDM file from privileged mode domain-name Change domain name dynamic-map Specify a dynamic crypto map ...
Installation Guide
Page 4
...Linux 2 - 5 Installing PDM 3-1 2-4 Downloading the PDM Software 3 - 1 Downloading PDM from Cisco.com 3 - 1 Downloading PDM Using FTP 3 - 2 Installing PDM 3-2 3-4 Loading the PDM Image Configuring PDM 4-1 Starting PDM with Internet Explorer PDM Home Page 4-1 4-2 Starting PDM with Netscape Navigator... Using a TFTP Server 5-1 4-6 Checking Your Connection to the PIX Firewall 5-2 5-3 A-1 A-1 5-1 Obtaining a Windows TFTP Server Enabling UNIX TFTP Support A - 2 Enabling TFTP Access on a Sun Solaris System Cisco PIX Device Manager Installation Guide, Version 3.0 A-2 iv 78-15483-01
...Linux 2 - 5 Installing PDM 3-1 2-4 Downloading the PDM Software 3 - 1 Downloading PDM from Cisco.com 3 - 1 Downloading PDM Using FTP 3 - 2 Installing PDM 3-2 3-4 Loading the PDM Image Configuring PDM 4-1 Starting PDM with Internet Explorer PDM Home Page 4-1 4-2 Starting PDM with Netscape Navigator... Using a TFTP Server 5-1 4-6 Checking Your Connection to the PIX Firewall 5-2 5-3 A-1 A-1 5-1 Obtaining a Windows TFTP Server Enabling UNIX TFTP Support A - 2 Enabling TFTP Access on a Sun Solaris System Cisco PIX Device Manager Installation Guide, Version 3.0 A-2 iv 78-15483-01
Installation Guide
Page 13
...PIX Firewall or PDM images Document Conventions Command descriptions use these conventions: Braces ({ }) indicate a required choice. Preface Document Organization Document Organization The major sections of this manual. Boldface indicates commands and keywords that are capable of doing something that might result in equipment damage or loss of the Cisco PIX... Device Manager (PDM) Version 3.0 Preparations and other requirements before installing the PIX Firewall Installing the hardware and connecting the external network ...
...PIX Firewall or PDM images Document Conventions Command descriptions use these conventions: Braces ({ }) indicate a required choice. Preface Document Organization Document Organization The major sections of this manual. Boldface indicates commands and keywords that are capable of doing something that might result in equipment damage or loss of the Cisco PIX... Device Manager (PDM) Version 3.0 Preparations and other requirements before installing the PIX Firewall Installing the hardware and connecting the external network ...
Installation Guide
Page 24
... be sent to you registered Cisco user, refer to get the PIX Firewall image. Note PDM is 1 MB. Before upgrading from cisco.com http://www.cisco.com/cgi-bin/tablebuild.pl/pix) to the Upgrading Software for the maximum recommended configuration file size by Platform PIX Firewall Version PIX 501 PIX 506/506E, 515/515E, 520 PIX 525, PIX 535 1 Maximum Configuration 256 KB...
... be sent to you registered Cisco user, refer to get the PIX Firewall image. Note PDM is 1 MB. Before upgrading from cisco.com http://www.cisco.com/cgi-bin/tablebuild.pl/pix) to the Upgrading Software for the maximum recommended configuration file size by Platform PIX Firewall Version PIX 501 PIX 506/506E, 515/515E, 520 PIX 525, PIX 535 1 Maximum Configuration 256 KB...
Installation Guide
Page 29
... This section includes the following website: http://www.cisco.com/support/bugtools • • • • • Cisco PIX Device Manager Installation Guide 78-15483-01 2-1 If you are using PDM with PIX Firewall software versions earlier than Version 6.3. JVM Bug with the same firewall. PDM Version 3.0 is a single image which is moved after clicking buttons, window...
... This section includes the following website: http://www.cisco.com/support/bugtools • • • • • Cisco PIX Device Manager Installation Guide 78-15483-01 2-1 If you are using PDM with PIX Firewall software versions earlier than Version 6.3. JVM Bug with the same firewall. PDM Version 3.0 is a single image which is moved after clicking buttons, window...
Installation Guide
Page 30
...4.73 can use PDM Version 3.0. See Appendix A, "Using a TFTP Server." Cisco PIX Device Manager Installation Guide 2-2 78-15483-01 For example, the PIX Firewall unit must be running PIX Firewall software Version 6.3. (If you have a TFTP or FTP server installed. Renew ...currently running on your PIX Firewall.) If you are not running PIX Firewall software Version 6.3, see the instructions for installing PIX Firewall software in the Cisco PIX Firewall and VPN Configuration Guide. (After installing a PIX Firewall image, reboot your PIX Firewall to begin running the new image on Windows, Sun ...
...4.73 can use PDM Version 3.0. See Appendix A, "Using a TFTP Server." Cisco PIX Device Manager Installation Guide 2-2 78-15483-01 For example, the PIX Firewall unit must be running PIX Firewall software Version 6.3. (If you have a TFTP or FTP server installed. Renew ...currently running on your PIX Firewall.) If you are not running PIX Firewall software Version 6.3, see the instructions for installing PIX Firewall software in the Cisco PIX Firewall and VPN Configuration Guide. (After installing a PIX Firewall image, reboot your PIX Firewall to begin running the new image on Windows, Sun ...
Installation Guide
Page 31
... created with the PIX Firewall. If you are using PDM with an existing PIX Firewall configuration, refer to the appropriate version of the Cisco PIX Device Manager Release Notes for monitoring only. If you are not. Caution If you are using CSPM, use PIX Firewall software Version 6.3 and PDM Version 3.0, both the PIX Firewall image and the PDM image must be installed...
... created with the PIX Firewall. If you are using PDM with an existing PIX Firewall configuration, refer to the appropriate version of the Cisco PIX Device Manager Release Notes for monitoring only. If you are not. Caution If you are using CSPM, use PIX Firewall software Version 6.3 and PDM Version 3.0, both the PIX Firewall image and the PDM image must be installed...
Installation Guide
Page 32
...FTP instead of TFTP for "tftp server" on the Web. We do not specifically recommend any high quality freeware and shareware TFTP server. Cisco PIX Device Manager Installation Guide 2-4 78-15483-01 Windows then displays a graphical user interface (GUI) listing the IP address information. This section ... Chapter 2 Determining the IP Address of Your Server Preparing to Install PDM Determining the IP Address of Your Server Loading a PIX Firewall or PDM image requires you can be found by searching for loading of security and a 16 MB file size limitation. Note that recent versions of...
...FTP instead of TFTP for "tftp server" on the Web. We do not specifically recommend any high quality freeware and shareware TFTP server. Cisco PIX Device Manager Installation Guide 2-4 78-15483-01 Windows then displays a graphical user interface (GUI) listing the IP address information. This section ... Chapter 2 Determining the IP Address of Your Server Preparing to Install PDM Determining the IP Address of Your Server Loading a PIX Firewall or PDM image requires you can be found by searching for loading of security and a 16 MB file size limitation. Note that recent versions of...
Installation Guide
Page 35
... a username and password, enter your Cisco.com username and password.) On the Cisco Secure PIX Firewall Software page, find the section titled "Select a File to Download", click pdm-nnn.bin (where nnn represents the PDM software image version that you want to install Cisco PIX Device Manager (PDM) Version 3.0 on your Cisco.com username and password and click...
... a username and password, enter your Cisco.com username and password.) On the Cisco Secure PIX Firewall Software page, find the section titled "Select a File to Download", click pdm-nnn.bin (where nnn represents the PDM software image version that you want to install Cisco PIX Device Manager (PDM) Version 3.0 on your Cisco.com username and password and click...
Installation Guide
Page 37
...boot immediately. Use SPACE to interrupt flash boot. Reading 1507840 bytes of image from the PIX Firewall console. Wait 30 seconds for the PIX Firewall command prompt to display. Cisco PIX Device Manager Installation Guide 78-15483-01 3-3 The HyperTerminal window is ....54ff.3773 mcwa i82559 Ethernet at irq 11 MAC: 00d0.b792.409d c i s c o S y s t e m s Private Internet eXchange Cisco PIX Firewall Cisco PIX Firewall Version 6.3 Licensed Features: Failover: Enabled VPN-DES: Enabled VPN-3DES: Enabled Maximum Interfaces: 6 Cut-through Proxy: Enabled Guards: Enabled URL-filtering: Enabled...
...boot immediately. Use SPACE to interrupt flash boot. Reading 1507840 bytes of image from the PIX Firewall console. Wait 30 seconds for the PIX Firewall command prompt to display. Cisco PIX Device Manager Installation Guide 78-15483-01 3-3 The HyperTerminal window is ....54ff.3773 mcwa i82559 Ethernet at irq 11 MAC: 00d0.b792.409d c i s c o S y s t e m s Private Internet eXchange Cisco PIX Firewall Cisco PIX Firewall Version 6.3 Licensed Features: Failover: Enabled VPN-DES: Enabled VPN-3DES: Enabled Maximum Interfaces: 6 Cut-through Proxy: Enabled Guards: Enabled URL-filtering: Enabled...
Installation Guide
Page 38
... server. Enter the enable command if your PIX Firewall unit is so equipped. for more information on and try to connect again. Cisco PIX Device Manager Installation Guide 3-4 78-15483-01 Start your PIX Firewall password. (After starting a new PIX Firewall, you should change the password to secure ...Step 12 Step 13 Loading the PDM Image Perform the following steps to load the PDM image file onto the PIX Firewall: Step 1 Enter the following at the prompt to enter configuration mode: pixfirewall# configure terminal Caution If your PIX Firewall is running the TFTP server, as...
... server. Enter the enable command if your PIX Firewall unit is so equipped. for more information on and try to connect again. Cisco PIX Device Manager Installation Guide 3-4 78-15483-01 Start your PIX Firewall password. (After starting a new PIX Firewall, you should change the password to secure ...Step 12 Step 13 Loading the PDM Image Perform the following steps to load the PDM image file onto the PIX Firewall: Step 1 Enter the following at the prompt to enter configuration mode: pixfirewall# configure terminal Caution If your PIX Firewall is running the TFTP server, as...
Installation Guide
Page 39
...Image Table 3-1 Setup Command Prompts Step Step 1 Command Enable Password []: Purpose Enter an alphanumeric password, up to 16 characters as hour:minutes:seconds. Step 6 Click Save to save the information to UTC. Specify up to 16 characters in the Pacific Daylight Savings time zone, set the clock to the PIX Firewall Flash memory. Cisco PIX... Device Manager Installation Guide 78-15483-01 3-5 Set the PIX Firewall clock to flash? Specify the network mask for the PIX Firewall unit. The following is...
...Image Table 3-1 Setup Command Prompts Step Step 1 Command Enable Password []: Purpose Enter an alphanumeric password, up to 16 characters as hour:minutes:seconds. Step 6 Click Save to save the information to UTC. Specify up to 16 characters in the Pacific Daylight Savings time zone, set the clock to the PIX Firewall Flash memory. Cisco PIX... Device Manager Installation Guide 78-15483-01 3-5 Set the PIX Firewall clock to flash? Specify the network mask for the PIX Firewall unit. The following is...
Installation Guide
Page 40
Chapter 3 Loading the PDM Image Installing PDM Step 7 Step 8 Click Exit. Click Yes to exit HyperTerminal. Cisco PIX Device Manager Installation Guide 3-6 78-15483-01
Chapter 3 Loading the PDM Image Installing PDM Step 7 Step 8 Click Exit. Click Yes to exit HyperTerminal. Cisco PIX Device Manager Installation Guide 3-6 78-15483-01
Installation Guide
Page 53
...use a TFTP server to note that modern versions of Cisco IOS software also support the use of FTP instead of TFTP for loading of images or configuration files. You must have a new activation key sent to install the PIX Firewall software. Use of FTP overcomes a number of inherent ...PIX Firewall is also useful to access PIX Firewall or PDM images. You must have an activation key that can have a TFTP or FTP server to you by searching for support of the Secure Sockets Layer (SSL) protocol. We do not specifically recommend any of security and a 16 MB file size limitation. Cisco PIX...
...use a TFTP server to note that modern versions of Cisco IOS software also support the use of FTP instead of TFTP for loading of images or configuration files. You must have a new activation key sent to install the PIX Firewall software. Use of FTP overcomes a number of inherent ...PIX Firewall is also useful to access PIX Firewall or PDM images. You must have an activation key that can have a TFTP or FTP server to you by searching for support of the Secure Sockets Layer (SSL) protocol. We do not specifically recommend any of security and a 16 MB file size limitation. Cisco PIX...
Installation Guide
Page 55
... received packet was not big enough to be a valid TFTP packet. The image filename you want to be found. Check the spelling of the connection did not...angle brackets. The received IP packet's destination address did not match the expected values. Cisco PIX Device Manager Installation Guide 78-15483-01 A-3 The error code appears inside parentheses. Table... Code -1 2 3 4 5 6 7 Description Timeout between the PIX Firewall and TFTP server. For example, random bad blocks appear as received from the PIX Firewall unit's monitor mode. An unexpected TFTP code occurred. Step 3 If...
... received packet was not big enough to be a valid TFTP packet. The image filename you want to be found. Check the spelling of the connection did not...angle brackets. The received IP packet's destination address did not match the expected values. Cisco PIX Device Manager Installation Guide 78-15483-01 A-3 The error code appears inside parentheses. Table... Code -1 2 3 4 5 6 7 Description Timeout between the PIX Firewall and TFTP server. For example, random bad blocks appear as received from the PIX Firewall unit's monitor mode. An unexpected TFTP code occurred. Step 3 If...
User Manual
Page 25
...Cisco Configuration Assistant is deployed, you also can download the Cisco Configuration Assistant to your Cisco network devices. Some general Cisco...and configuration synchronization-for Cisco switches, routers, ... image) and a logical view (network Topology image...) of different network devices • Drag-and-drop software upgrade for multiple devices, including backup and restoration of device configuration files • Security configuration for all the Cisco access points in the network • Authenticated and encrypted communications between the Cisco...such as Cisco Unified ...
...Cisco Configuration Assistant is deployed, you also can download the Cisco Configuration Assistant to your Cisco network devices. Some general Cisco...and configuration synchronization-for Cisco switches, routers, ... image) and a logical view (network Topology image...) of different network devices • Drag-and-drop software upgrade for multiple devices, including backup and restoration of device configuration files • Security configuration for all the Cisco access points in the network • Authenticated and encrypted communications between the Cisco...such as Cisco Unified ...
User Manual
Page 69
... amber Power is disabled due to the attached device would exceed the switch power capacity. For information about Smartports, see the Cisco Configuration Assistant online help. In this mode, each port image shows the applied port role. In this mode, the port LEDs show the operating speed (10, 100, or 1000 Mb.../1000 ports operate only in half-duplex mode. Solid green Power is in full-duplex mode. OL-12761-02 User Guide for the Catalyst Express 520 Switches 6-5
... amber Power is disabled due to the attached device would exceed the switch power capacity. For information about Smartports, see the Cisco Configuration Assistant online help. In this mode, each port image shows the applied port role. In this mode, the port LEDs show the operating speed (10, 100, or 1000 Mb.../1000 ports operate only in half-duplex mode. Solid green Power is in full-duplex mode. OL-12761-02 User Guide for the Catalyst Express 520 Switches 6-5
User Manual
Page 82
The same software image is causing the problem. To reset the switch: • If you .../ Reset window, and click the Reset the Switch radio button. You can reset the switch only through the Cisco Configuration Assistant. Caution Resetting the switch deletes all customized switch settings, including the IP address, and returns the switch... Chapter 7 Troubleshooting the Switch Reset the Switch If you cannot solve a problem by reconfiguring a feature through the Cisco Configuration Assistant, resetting the switch might solve the problem or help you do not have access to the device manager...
The same software image is causing the problem. To reset the switch: • If you .../ Reset window, and click the Reset the Switch radio button. You can reset the switch only through the Cisco Configuration Assistant. Caution Resetting the switch deletes all customized switch settings, including the IP address, and returns the switch... Chapter 7 Troubleshooting the Switch Reset the Switch If you cannot solve a problem by reconfiguring a feature through the Cisco Configuration Assistant, resetting the switch might solve the problem or help you do not have access to the device manager...
User Manual
Page 84
... solid green SYSTEM LED means that the switch is the switch continuously trying to restart. Use the Cisco Configuration Assistant to its factory default settings. Press the ADMIN button, and at least one switch port...all switch configuration settings and returning the switch to a device. You might need to recover the switch software if the image is not connected to its factory default settings, follow these steps: Step 1 Step 2 Step 3 Step 4 Step... the switch software. 7-10 User Guide for the Catalyst Express 520 Switches OL-12761-02 The ADMIN button should be blinking green.
... solid green SYSTEM LED means that the switch is the switch continuously trying to restart. Use the Cisco Configuration Assistant to its factory default settings. Press the ADMIN button, and at least one switch port...all switch configuration settings and returning the switch to a device. You might need to recover the switch software if the image is not connected to its factory default settings, follow these steps: Step 1 Step 2 Step 3 Step 4 Step... the switch software. 7-10 User Guide for the Catalyst Express 520 Switches OL-12761-02 The ADMIN button should be blinking green.