Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

pdm location question

I installed PDM two days ago. I entered one pdm location address on the inside and for some reason I have over thrity pdm location entries now for inside, outside and the dmz.

Why did this happen?

2 REPLIES
Gold

Re: pdm location question

Hi Peter,

THE FOLLOWING IS A RESPONSE FROM CISCO TAC on PDM Location that I asked about 2 years ago, when I observed the same on the PIX config.

"A PDM location is a pure book keeping command used by PDM to build its topology

database.

It has nothing to do with the PIX's functionalities. In particular, it does

**NOT** control which host can access PDM which is a common misunderstanding.

The control is done by the command "http ".

Why do we need it?

In PDM's world, policy (those rules) is built on top of topology.

Ideally user creates the topology first via the Host/Network tab, then configures policy else where (like Access Rule tab).

A network object exists by itself, even if there is no policy configured directly on it at a particular time. We use "pdm location" command to remember the location of a network object."

Hope this helps.

Thanks - Jay.

New Member

Re: pdm location question

Thanks for clearing that up for me.

91
Views
5
Helpful
2
Replies