03-16-2007 07:46 AM - edited 03-09-2019 05:37 PM
Hi,
One of my colleagues is considering utilizing on his PIX running OS 7.2 the ADSM gui interface. I do not have any exposure to ADSM, because I'm the type of guy who like the command line, which give me a feeling of control.
I know the PDM for version 6.3 didn't like complex configurations especially with NAT policies. I'm wondering if ADSM for PIX 7.2 has similar limitations.
Can anyone offer real world experiences?
Regards
Jeff
03-16-2007 08:20 AM
hi,
asdm opens up even if u have policy nat configured.
it's much more user friendly then pdm and also,much more near to the command line format.
-------
let me know if you are looking for some exact feature compariosn between pdm and asdm.
thx.
sushil
cisco tac
03-16-2007 09:41 AM
Hi Sushil,
My concern is usability. I know in pdm, I've created a policy NAT based upon an acl and the pdm did not like this even though the policy based global/NAT was supported by Cisco. PDM rverted to monitor mode and I was not able to use PDM any longer to make changes. By the way, the PDM I speak of is on my small PIX501. I did not use or plan on using PDM or adsm om my 525.
I guess I'm concerned that asdm will support complex PIX configurations such as logical interfaces, policy nat, etc.
Regards
Jeff
03-16-2007 10:18 AM
yup,absolutely.
for further details,you can check the release notes here:
http://www.cisco.com/en/US/products/ps6121/prod_release_note09186a00806a9755.html
hth
sushil
cisco tac
03-16-2007 10:56 AM
I didn't actually deal with this but one of my colleague could not enter an ACL with object-group such as
"access-list from-Internet-in extended permit object-group TCP_UDP any host 65.2.x.x object-group DNS"
using ASDM, he ended using
"access-list from-Internet-In extended permit udp any host 65.2.x.x object-group DNS"
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide