PDM certificate Problem

rajankumaresan · ‎01-23-2002

When i type https://X.X.X.X (pix inside ip)it opens and shows that the information which you are trying to send may not be secure..

i hv a doubt..it shows the certificate issued by and issed to is the same name...

what shd be the solution for this..but i can get in to pdm and making changes...is it not secured?

At the begining it says "its non secure and anybody can damage your information"

thanks in advance for the help...

ajd · ‎01-23-2002

You should set up the PIX so that a pdm location is specifically defined by IP not network. As with telnet you should only allow access from your workstation but not the network it resides on.

The initial 'handshake' is not secure because you have yet to agree to the certificate installation. Once you install the certificate you are 'guaranteed' a secure socket between the PIX and your browser.

what you may want to read up on 'ssl'. The fundamentals of which will help you understand the exchange.

-ne1secure

rajankumaresan · ‎01-23-2002

hi thanks for your help..

I hv configured for only the particular workstation ip..not the n/w..but what i see is it shows the certificate is not signed..

can i take a report from PDM ..i mean printout of the logs...

if i get a deny or some error messages how do i drop the same..do i need IDS for that..

ajd · ‎01-24-2002

all of those features are in debug and monitoring.

Check out the graphs within the PDM.

Contact Cisco for an eval of their Host IDS (entercept) it works really well and is easy to setup. You can print everything out on that (having to do with accesses, etc, no really packets).

-ne1secure?