Installing the PDM

The PDM is actually software stored on the PIX firewall itself and downloaded to create the GUI after an HTTPS connection is made by a client. In addition, the PDM image can be acquired from Cisco. Before installing the PDM software, be sure the firewall meets the minimum requirements listed previously. The following are the basic steps needed to configure a new PIX firewall that has no current PDM or configuration:

1. Activate DES or 3DES.

2. Configure a basic IP address on the PIX.

3. Place the PDM software (image) on a TFTP server.

4. Upload the PDM image.

Activating DES or 3DES

Encryption licensing can be obtained from Cisco. The DES activation key is free, whereas the 3DES key comes at a small cost. The show version command can display your current activation keys.

Configuring a Basic IP Address

To upload the PDM image, a basic IP address needs to be set on an interface. The command shown here demonstrates this:

 pixfirewall(config)# ip address inside 192.168.1.1 255.255.255.255 

PDM Software on a TFTP Server

After the PDM image/software is obtained from Cisco, save it on a basic TFTP server. A free TFTP server can be obtained from Cisco and be easily installed. After it's installed, make sure your TFTP server and the firewall can connect to each other.

Uploading the PDM Image

By now, everything should be ready to upload the image. The example shown here states that the TFTP server address is 192.168.1.2 and the image name is pdm-211.bin :

 pixfirewall(config)# copy tftp flash:pdm Address or name of remote host [127.0.0.1]? 192.168.1.2 Source file name [cdisk]? pdm-211.bin copying tftp://192.168.1.2/pdm-211.bin to flash:pdm [yesnoagain]? yes Erasing current PDM file Writing new PDM file !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! PDM file installed. 

The copy tftp flash:pdm command needs to have the pdm option; otherwise , you can overwrite the PIX operating system.