Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
732
Views
0
Helpful
6
Replies

PDM or CLI

yogi_ccse786
Level 1
Level 1

‎11-23-2006 08:47 AM - edited ‎03-11-2019 01:59 AM

Hi Folks,

which is best to use on PIX. PDM or CLI.

does PDM provides all options that CLI provides?

Thanks & reg.

Yogi

Labels:
0 Helpful
6 Replies 6

m.sir
Level 7
Level 7

‎11-23-2006 10:11 AM

For configuring i prefere CLI you have better control over firewall... you need better understand what every command means... Especially when configuring VPNs or ACLS - PDM adds lot of confusing and useless lines to configuration

check following links for comparsion and for Supported and Unsupported Commands

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pdm/v_11/pdmig/pdm_app.htm

But I think PDM is better for monitoring you can use various graphical charts...

M.

Hope that helps rate if it does

0 Helpful

a.kiprawih
Level 7
Level 7

‎11-23-2006 03:36 PM

I think CLI provides more options than PDM/GUI.

If you're new to PIX, PDM is probably the best as it simplify lots of configuration and monitoring tasks. Most important is that you do not have to know what CLI equavalent to PDM options as there're a lot of commands you need to know and understand how to use it (syntax combination). PDM also gives you graphical stats that is easy for you to understand.

But on the other hand, some (CLI-exposed) would prefer CLI as it gives you flexibility, especialy on command options. PDM is good as it gives you visibility on PIX status via the graphs.

Combination of both knowledge will be the best.

HTH

AK

0 Helpful

e.beck
Level 1
Level 1
In response to a.kiprawih

‎01-22-2007 02:17 PM

If you currently have a PIX 501 w/ PDM installed, how do you remove it? I have 16 MB RAM and 8MB Flash w/ 6.3(5). When I try to tftp 7.2(1) or 7.2(2) to it, I get an out of memory error.

WEB

0 Helpful

scheikhnajib
Level 1
Level 1
In response to e.beck

‎01-26-2007 08:27 AM

Mate,

I only use the ASDM/PDM for some monitoring tasks but as everyone said, CLI gives you more control and understanding of the PIX/ASA config architecture.

And e.bek, PIX OS 7.0 is not supported on 501'2 so don't waste your time mate.

Cheers.

0 Helpful

jwalker
Level 3
Level 3
In response to e.beck

‎01-26-2007 09:35 AM

The new Branch office firewall from Cisco is the ASA5505. The PIX 501 can only be upraded to v6.3(5) because they do not have enough memory for 7.X and the memory cannot be upgraded. If you want the 7.X functionality, then check into the ASA5505.

Jay

0 Helpful

desai.jaideep
Level 5
Level 5

‎11-24-2006 02:09 AM

Hi

That will purely depend on the level of config. u are seeking.

PDM can do a basic setup with basic VPN access.There are options for ACLs and AAAs.

But for more flexibility, u need the CLI anyway.

Regards

JD

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card