No those don't help. I you have policy-nat configured on the PIX (possilby for NAT before encryption due to overlapping IP space) then when you access via PDM you get a msg that since policy-nat is being used you can only use PDM for viewing/monitoring, but not to change the config.
Phil, I know exactly what your problem is, I had this issue with a client running 6.3.2 when I was ready to open a TAC case to be sure if upgrading pix code to latest 6.x train and PDM to see if it would solve the issue client decided to leave it as is CLI only and wait for ASA upgrade. I do not know whether upgrading to 6.3(5) along with PDM upgrade would resolve the PDM not understanding Policy NAT commands, unfortunaly the workaround seems to be NOT Use PDM and give up gui, or if use PDM remove Policy NAT or upgrade to 7.x ..
Back then four months ago I chekced all bugs on 6.3.5 and PDM on this train and found nothing mentioning this issue.
What code are you running ? 6.3.5 and lates PDM code? if you are running 6.3.5 make sure you have teh latest PDM code on that train, if you do then bad news, I would recommend opening a TAC case.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...