VPN on PIX 515e HELP

Unanswered Question

I need some help using the VPN wizard. First of all, the manual I have for the 515e says that PDM should be the GUI used to setup everything but this PIX has ASDM, is there a difference?

I don't have a real public network to connect to right now, so I am just using a PC on the outside to simulate it until I figure out how this thing works.

When I chose the VPN icon on the left side of the screen I get the following error: ASDM is unable to contact firewall. I can't find help on what this means.

Also when I get to the finishing step of the VPN wizard it is filled with errors, I believe this is due to the error above.

Can someone assist me, or point me in the direction of a useful guide to doing this.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
whisperwind Fri, 10/12/2007 - 06:00
User Badges:

I beleive the error message is pretty self explanatort :-)

Double check the connectivity

PDM is the Pix Device Manager whereas these days on new code its ASDM = adaptive security device manager

It maybe that you need to need to upgrade the gui

I think you might need to still explain it to me. I am connected to the PIX in order to be using the ASDM that is embedded on the PIX, so how can I not be connected to the firewall.

Also I am using the GUI through the inside port and I changed the IP address of this port to match the subnet of the inside network, I lost connectivity of course and tried to open a new web browser pointed to this new IP address and no go! Any idea why this won't work?

Forgive me if these are dumb questions, I am a newbie here, thanks.

khempkins Fri, 10/12/2007 - 11:32
User Badges:

You need to specify networks that can access the pix.

By default, http (what you need for asdm-access) is configured to allow access from on the inside interface.

If you change the inside-adress you would need to connect with console-cable/telnet and issue:

enable (to get into admin-mode)

conf t (complete command: configure terminal - gets you into config-mode)

http inside (or whatever matches your network)

end (get out of config-mode)

wr mem (save stuff)

Hope this helps !



This Discussion