The PDM is actually software stored on the PIX firewall itself and downloaded to create the GUI after an HTTPS connection is made by a client. In addition, the PDM image can be acquired from Cisco. Before installing the PDM software, be sure the firewall meets the minimum requirements listed previously. The following are the basic steps needed to configure a new PIX firewall that has no current PDM or configuration:
Activating DES or 3DES
Encryption licensing can be obtained from Cisco. The DES activation key is free, whereas the 3DES key comes at a small cost. The show version command can display your current activation keys.
Configuring a Basic IP Address
To upload the PDM image, a basic IP address needs to be set on an interface. The command shown here demonstrates this:
pixfirewall(config)# ip address inside 192.168.1.1 255.255.255.255
PDM Software on a TFTP Server
After the PDM image/software is obtained from Cisco, save it on a basic TFTP server. A free TFTP server can be obtained from Cisco and be easily installed. After it's installed, make sure your TFTP server and the firewall can connect to each other.
Uploading the PDM Image
By now, everything should be ready to upload the image. The example shown here states that the TFTP server address is 192.168.1.2 and the image name is pdm-211.bin :
pixfirewall(config)# copy tftp flash:pdm Address or name of remote host [127.0.0.1]? 192.168.1.2 Source file name [cdisk]? pdm-211.bin copying tftp://192.168.1.2/pdm-211.bin to flash:pdm [yesnoagain]? yes Erasing current PDM file Writing new PDM file !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! PDM file installed.