Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
286
Views
5
Helpful
2
Replies

pdm location question

Peter010101
Level 1
Level 1

‎12-18-2003 10:21 AM - edited ‎03-09-2019 05:55 AM

I installed PDM two days ago. I entered one pdm location address on the inside and for some reason I have over thrity pdm location entries now for inside, outside and the dmz.

Why did this happen?

Labels:
0 Helpful
2 Replies 2

jmia
Level 7
Level 7

‎12-19-2003 06:39 AM

Hi Peter,

THE FOLLOWING IS A RESPONSE FROM CISCO TAC on PDM Location that I asked about 2 years ago, when I observed the same on the PIX config.

"A PDM location is a pure book keeping command used by PDM to build its topology

database.

It has nothing to do with the PIX's functionalities. In particular, it does

**NOT** control which host can access PDM which is a common misunderstanding.

The control is done by the command "http ".

Why do we need it?

In PDM's world, policy (those rules) is built on top of topology.

Ideally user creates the topology first via the Host/Network tab, then configures policy else where (like Access Rule tab).

A network object exists by itself, even if there is no policy configured directly on it at a particular time. We use "pdm location" command to remember the location of a network object."

Hope this helps.

Thanks - Jay.

Peter010101
Level 1
Level 1
In response to jmia

‎12-19-2003 10:01 AM

Thanks for clearing that up for me.

0 Helpful
Customers Also Viewed These Support Documents