Creating a simple rule using PDM 3.0(1)

Discussion in 'Cisco' started by Corbin O'Reilly, Nov 14, 2003.

  1. Hi everyone. I would like to prevent a specific external IP address from
    accessing anything on my Internal LAN. I have just recently loaded PDM
    3.0(1) onto my PIX 515 running 6.3(1) and am getting used to it. Let's
    assume the external IP address that I want to block is 61.132.89.106. When I
    create a new rule, it wants me to fill in certain information under the
    ACTION, SOURCE HOST/NETWORK, DESTINATION HOST/NETWORK, and PROTCOL AND
    SERVICE boxes. Please tell me if what I am choosing is correct.

    ACTION = deny
    SOURCE HOST/NETWORK = outside, 61.132.89.106, 255.255.255.255
    DESTINATION HOST/NETWORK = inside, 0.0.0.0, 0.0.0.0
    PROTOCOL AND SERVICE = IP

    If I choose these settings and click OK a box comes up and says, "PDM cannot
    find 61.132.189.106 255.255.255.255 on interface outside. Would you like to
    add this host or network now?" Do I want to go ahead and do this?

    Thanks for the help.
     
    Corbin O'Reilly, Nov 14, 2003
    #1
    1. Advertisements

  2. Hi. I successfully created this rule but I have one more question. When I do
    a Show Config in the CLI, the line "pdm location Hacker1 255.255.255.255
    outside" now shows up in the config. Hacker1 is a reference to the external
    IP address 61.132.89.106 that I am now blocking. Should I remove this line?
    Thanks.
     
    Corbin O'Reilly, Nov 20, 2003
    #2
    1. Advertisements

  3. :Hi. I successfully created this rule but I have one more question. When I do
    :a Show Config in the CLI, the line "pdm location Hacker1 255.255.255.255
    :eek:utside" now shows up in the config. Hacker1 is a reference to the external
    :IP address 61.132.89.106 that I am now blocking. Should I remove this line?

    You could, but PDM will just recreate the line the next time it
    reads the config.

    It isn't an operative line -- it just gives pdm information that pdm
    uses to present data to the user.
     
    Walter Roberson, Nov 20, 2003
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.