Preventing users from accessing Cisco PDM

Discussion in 'Cisco' started by lombardi, Apr 8, 2004.

  1. lombardi

    lombardi Guest

    Hello,

    We currently have a cisco PIX configured for LOCAL HTTP
    authentication. When a user tries to access the internet they are
    prompted for a username and password from the Cisco PIX. This works
    fine. The question is how can we prevent the user from accessing the
    Cisco Pix PDM with the locally stored username and password. I
    noticed the commands allowed for privilege level two. Are any of
    these needed for users trying to access the web. Or do I enable the
    aaa authentication http command. I am a little confused as to what
    commands to assign to the basic users to perform this function. We do
    not have a radius or tacacs server, just local pix authentication. I
    do have one user for priviledge level 15 (The admin)

    Thanks,

    Joe
    lombardi, Apr 8, 2004
    #1
    1. Advertising

  2. lombardi

    Chad Mahoney Guest

    (lombardi) wrote in message news:<>...
    > Hello,
    >
    > We currently have a cisco PIX configured for LOCAL HTTP
    > authentication. When a user tries to access the internet they are
    > prompted for a username and password from the Cisco PIX. This works
    > fine. The question is how can we prevent the user from accessing the
    > Cisco Pix PDM with the locally stored username and password. I
    > noticed the commands allowed for privilege level two. Are any of
    > these needed for users trying to access the web. Or do I enable the
    > aaa authentication http command. I am a little confused as to what
    > commands to assign to the basic users to perform this function. We do
    > not have a radius or tacacs server, just local pix authentication. I
    > do have one user for priviledge level 15 (The admin)
    >
    > Thanks,
    >
    > Joe


    Joe,

    I think you are looking for this command:

    pdm location 192.168.100.100 255.255.255.255 inside

    This tells the PIX only the machine on the inside interface with IP
    192.168.100.100 can access the PDM.


    hth,

    Chad
    Chad Mahoney, Apr 13, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jim
    Replies:
    3
    Views:
    493
    Jeroen van Bemmel
    Aug 31, 2004
  2. Rami Rosen
    Replies:
    13
    Views:
    10,248
  3. skiierj

    preventing Users from changing wireless connections

    skiierj, Sep 15, 2006, in forum: Wireless Networking
    Replies:
    0
    Views:
    488
    skiierj
    Sep 15, 2006
  4. Replies:
    4
    Views:
    387
  5. Cdshakes
    Replies:
    0
    Views:
    651
    Cdshakes
    Apr 2, 2009
Loading...

Share This Page