Cisco PDM Installation and Configuration Guide for Firewall Services Module, Version 4.0
Configuring PDM
Download this chapter
Configuring PDMConfiguring PDM
give_us_feedback

Table Of Contents

Configuring PDM

Starting PDM with Internet Explorer

Starting PDM with Netscape 7.1

PDM Home Page

Using the PDM Startup Wizard


Configuring PDM

This section describes how to configure your PDM. It includes the following topics:

Starting PDM with Internet Explorer

Starting PDM with Netscape 7.1

Using the PDM Startup Wizard

Starting PDM with Internet Explorer

Perform the following steps to start PDM with Internet Explorer:

Step 1 On an Internet Explorer browser running on a workstation connected to the firewall unit, enter the following: 

https://fwsm_inside_interface_ip_address

where fwsm_inside_interface_ip_address is the IP address of the inside interface of your firewall, entered in standard (number) format.

This launches PDM.

Note Ensure that you add the "s" to "https" or the web browser cannot connect. HTTPS (HTTP over SSL) provides a secure connection between your browser and the firewall that you are using PDM to configure or monitor.

Step 2 Accept the security certificate. (You must accept the certificate to use PDM.)

To avoid the certificate from appearing in Windows Internet Explorer when the certificate dialog (titled "Security Alert") is shown, perform the following steps:

a. Click View Certificate.

b. Click Install Certificate.

c. Click next>next>Finish>Yes.

d. Click OK in the certificate dialog box.

e. In the Security Alert dialog box, click Yes.

Note Subsequent PDM loads will not show the certificate dialog box.

Step 3 Enter your password. If no password has been set, choose and enter one at this time. Click OK to continue.

Step 4 Answer `Yes' to the Security Warning asking "Do you want to install and run `Cisco PDM Version 4.0'"?

If you do not want this question to be asked next time you load PDM, check the box with the label `Always trust content from Cisco Systems.'

Step 5 Follow the instructions on screen.

PDM starts after the certificates are accepted.

Step 6 For more information on how to use PDM, see the online Help at http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pdm/v_40/pdm40olh.pdf

Starting PDM with Netscape 7.1

Perform the following steps to start PDM with Netscape 7.1:

Step 1 On a Netscape 7.1 browser running on a workstation connected to the firewall unit, enter the following:

https://172.23.59.230/

This launches PDM.

Step 2 Accept the security certificate. (You must accept the certificate to use PDM.)

To avoid the certificate from appearing in Netscape 7.1 when the certificate dialog (titled "Security Alert") is shown, perform the following steps:

a. Click Next at the New Site Certificate screen.

b. Click Next at the next New Site Certificate screen.

c. Select Accept this certificate forever (until it expires), and click Next at the next New Site Certificate screen.

d. Click Next at the next New Site Certificate.

e. Click Finish at the next New Site Certificate.

f. Click Continue at the Certificate Name Check.

Step 3 Enter your user name and password. Click OK.

Step 4 Select `Remember this decision,' and click Grant at the next four Java Security screens.

PDM starts after the certificates are accepted.

Step 5 For more information on how to use PDM, see the online Help at http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pdm/v_40/pdm40olh.pdf

PDM Home Page

The PDM home page lets you view, at a glance, important information about your firewall such as the status of your interfaces, the version you are running, licensing information, and performance. Many of the details available on the PDM home page are available elsewhere in PDM, but this is a useful and quick way to see how your firewall is running. All information on the Home page is updated every ten seconds, except for the Device Information.

You can access the Home page any time by clicking Home on the main toolbar.

Note Firewall Type The FWSM can run in two firewall modes: Routed—In routed mode, the FWSM is considered to be a router hop in the network. It performs Network Address Translation (NAT) between connected networks, and can use OSPF or passive RIP (in single context mode). Routed mode supports up to 256 interfaces per context, with a maximum of 1000 interfaces across all contexts. Transparent—In transparent mode, the FWSM acts like a "bump in the wire," or a "stealth firewall," and is not a router hop. The FWSM connects the same network on its inside and outside ports, but each port must be on a different VLAN. No dynamic routing protocols or NAT are required. Transparent mode supports only inside and outside interfaces in single mode and per context in multiple mode. Transparent mode helps simplify your firewall configuration and reduces its visibility to attackers. You can also use a transparent firewall for traffic that would otherwise be blocked in routed mode. For example, a transparent firewall can allow multicast streams.

The PDM home page displays the following fields:

Area
Description

Device Information

This area displays the following information:

HostName, Firewall Version, Device Type, Firewall Type, Context Mode, PDM Version, Total Memory, and Supported Features list.

Interface Status

Interface—Displays the interface name as configured in the Interfaces panel. You can click any of the table headings to sort by that value.

IP Address/Mask—Displays the IP address of the associated interface.

Traffic Status

Connection Usage—Displays the number of TCP and UDP connections that occur each second. Their sum is displayed as the total number of connections.

Outside Interface Traffic Usage —This displays the traffic going through outside interface in kilobits per second.

System Resources Status

CPU—Displays the percentage of CPU being utilized at the moment.

CPU Usage (percent)—Displays the real time status of CPU usage and history for the last five minutes.

Memory—Displays the total amount of memory being utilized at the moment.

Memory Usage (percent)—Displays the real time memory usage and history for the last five minutes, in megabytes.

Memory (MB)—Displays information about free, used and total memory in megabytes. Note that one megabyte is equal to 1,048,576 bytes.


Using the PDM Startup Wizard

By completing this wizard, your firewall is immediately enabled.

Note You can configure PDM manually using the online Help at http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pdm/v_40/pdm40olh.pdf

After PDM launches, you can access the PDM Startup Wizard at any time from the main PDM control panel as follows:

Step 1 On the PDM top menu, click Wizards>Startup Wizard.

Step 2 Read the Welcome to the Startup Wizard page and click Next when ready to continue.

Step 3 Fill in the configuration prompts according to your network security policies. Click Next at the end of each wizard page to go to the next set of prompts, or click Back to go back to the previous prompts.

For assistance with deciding what to enter into the Startup Wizard dialog boxes, click Help.

Step 4 When you have completed all the wizard pages, the Startup Wizard Completed page displays. To send the configuration to your firewall and exit the wizard, click Finish. Otherwise, click Back to make changes to previous pages.