Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN client accessing PDM interface

How to configure the VPN client which is already been assigned local pool by the PIX VPN to use the PDM thru the outside interface?

ANy sample config.I tried it following Cisco website config but seems like it not working.Do I need to open any ssl ports on the PIX?

6 REPLIES
Silver

Re: VPN client accessing PDM interface

You can connect to the interal IP address of the Pix over a VPN tunnel using Pix 6.3+ by using this feature:

management-access inside

New Member

Re: VPN client accessing PDM interface

Whag if I 'm using 6.2?

Cisco Employee

Re: VPN client accessing PDM interface

Sounds strange, but you have to access PDM by the outside interface over the VPN tunnel.

Here's an example:

http://www.cisco.com/warp/customer/110/pdm_vpntun.html

6.3 is needed as mentioned to access the inside interface over the VPN tunnel. Prior to this, management traffic to the inside interface is not permitted by design. 6.3 allows for this default policy to be changed.

Hope this helps,

peter

New Member

Re: VPN client accessing PDM interface

Well,the example i had tried it b4 and is not working.

Is it mean the connected VPN client on the outside interface will not be able to use the PDM(GUI) if the PIX version is less than 6.3.

Or should I allow any SSL port to go thru from the outside interface.

Cisco Employee

Re: VPN client accessing PDM interface

I have tested with this configuration a Site to Site VPN and have successfully accessed the outside interface to use PDM without having to open the Pix to permit SSL in from all networks on the outside.

I have not tried the VPN client as you mention you are using.

If you did upgrade to 6.3 on the Pix, you will be able to turn on the management-interface and use PDM with success.

I will try with 6.2 and earlier to VPN to the outside with a VPN client and attempt to use PDM with the sample configuration provided.

peter

Cisco Employee

Re: VPN client accessing PDM interface

I tried a simple client VPN configuration with the above link you tried in mind.

I did not have success using PDM to the outside interface.

As expected, this link is useful if the VPN is Site to Site.

I would upgrade your PIX to 6.3 and give the management interface command a try. This command was implemented to satisfy needs such as yours.

Hope this info helps,

peter

168
Views
5
Helpful
6
Replies
CreatePlease to create content