ADSM Limitations

Unanswered Question
Mar 16th, 2007
User Badges:


One of my colleagues is considering utilizing on his PIX running OS 7.2 the ADSM gui interface. I do not have any exposure to ADSM, because I'm the type of guy who like the command line, which give me a feeling of control.

I know the PDM for version 6.3 didn't like complex configurations especially with NAT policies. I'm wondering if ADSM for PIX 7.2 has similar limitations.

Can anyone offer real world experiences?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
suschoud Fri, 03/16/2007 - 08:20
User Badges:
  • Gold, 750 points or more


asdm opens up even if u have policy nat configured.

it's much more user friendly then pdm and also,much more near to the command line format.


let me know if you are looking for some exact feature compariosn between pdm and asdm.



cisco tac

jkrawczyk Fri, 03/16/2007 - 09:41
User Badges:

Hi Sushil,

My concern is usability. I know in pdm, I've created a policy NAT based upon an acl and the pdm did not like this even though the policy based global/NAT was supported by Cisco. PDM rverted to monitor mode and I was not able to use PDM any longer to make changes. By the way, the PDM I speak of is on my small PIX501. I did not use or plan on using PDM or adsm om my 525.

I guess I'm concerned that asdm will support complex PIX configurations such as logical interfaces, policy nat, etc.



Tshi M Fri, 03/16/2007 - 10:56
User Badges:
  • Silver, 250 points or more

I didn't actually deal with this but one of my colleague could not enter an ACL with object-group such as

"access-list from-Internet-in extended permit object-group TCP_UDP any host 65.2.x.x object-group DNS"

using ASDM, he ended using

"access-list from-Internet-In extended permit udp any host 65.2.x.x object-group DNS"


This Discussion