All Cisco-Network Study Notes: Using the Startup Wizard

Using the Startup Wizard

PDM includes wizards to abetment firewall administrators in the antecedent bureaucracy and

ongoing aliment of the PIX firewall. One of these wizards, the Startup

Wizard, guides you through archetypal bureaucracy agreement prompts such as interface

settings, passwords, auto-update information, and others.The Startup Astrologer is an

excellent apparatus to use initially and for approved agreement changes; it extracts the

current agreement and provides these PIX attributes to the administrator

automatically.Therefore, the Startup Astrologer action will not overwrite the

current PIX firewall configuration.

www.syngress.com

Figure 9.7 Our Example Network Architecture

Internet

www.securecorp.com

Internal Desktop

Clients

mail.securecorp.com

External Address: 192.10.10.2

Internal Address: 172.20.1.1

Internal Address: 172.20.1.25

Internal Address: 172.20.1.80

Internal Addresses:

172.20.2.254

Internal Address: 192.10.10.1

Location: Washington, DC

pix1.securecorp.com

rtr1.securecorp.com

Internal Address: 134.20.20.1

Location: Prague

rtr2.securecorp.com

External Address: 134.20.20.2

Internal Address: 172.16.1.1

pix2.securecorp.com

External Remote

VPN Clients

Internal Desktop

Clients

Internal Addresses:

172.16.2.254

172.16.2.1-

172.20.2.1-

Internal Network 172.20.0.0/16

External Network 192.10.10.0/27

Internal Network 172.16.0.0/16

External Network 134.20.20.0/27

468 Chapter 9 • PIX Device Manager

This area provides a step-by-step exercise through the Startup Wizard

prompts.To admission the Startup Wizard, baddest Startup Astrologer from the PDM

Wizards menu.The Startup Astrologer Welcome window appears, as apparent in

Figure 9.8.

To advance with the wizard, bang Next. At any time during the Astrologer process,

you may avenue by beat Cancel. If you accept to avenue the Startup Wizard, a

confirmation window appears, as apparent in Figure 9.9.

www.syngress.com

Figure 9.8 The Startup Astrologer Welcome Window

Figure 9.9 The Avenue Startup Astrologer Confirmation Window

PIX Device Manager • Chapter 9 469

To avenue the Startup Window, bang Avenue and acknowledgment to the PDM main

window. If you appetite to advance with the Startup Wizard, bang Cancel to return

to the wizard.

Click Abutting to advance to the Basal Agreement Window. From this

window, you configure the PIX hostname and area name as able-bodied as the

Enable password.The Basal Agreement Window is apparent in Figure 9.10.

To change any of the settings, artlessly blazon a new hostname or area name

or bang the Change Accredit Countersign analysis box and access new authentication

credentials.You can adapt these settings from the System Properties tab in the

main PDM awning as well.To avenue the Startup Astrologer and save your changes at

any time, bang Finish. PDM updates the active PIX agreement and you

will acknowledgment to the PDM capital window.To abide with the wizard, bang Next.

The Alfresco Interface Agreement window appears (see Figure 9.11).

From the Alfresco Interface Agreement window, you can baddest the speed

of the alfresco interface and actuate how to abode the alfresco interface. From

the wizard, you can accept to automatically configure the interface via PPPoE.

You can additionally baddest DHCP to automatically actuate the abode of the outside

interface.

www.syngress.com

Figure 9.10 The Startup Astrologer Basal Agreement Window

470 Chapter 9 • PIX Device Manager

NOTE

Before application PPPoE or DHCP to configure the alfresco interface, verify

that your ISP is accouterment these services.

To statically configure the alfresco interface, baddest Static IP Abode and

provide the IP address, subnet mask, and absence aperture in the acreage provided.To

proceed with the wizard, bang Abutting to set up auto-update functionality.The

Auto Update Agreement window appears (see Figure 9.12).

Auto-update agreement facilitates the automatic advance and/or cull of PIX

device configuration, PIX firewall software, and PIX PDM software data. Autoupdate

functionality is an avant-garde adequacy and requires evidently available

services to operate, but it can be acutely accessible for organizations with many

PIX devices.To configure auto-update, bang Accredit Auto Update and provide

the adapted settings. Bang Abutting to advance to the Added Interfaces

Configuration window, as apparent in Figure 9.13.

www.syngress.com

Figure 9.11 The Alfresco Interface Agreement Window

PIX Device Manager • Chapter 9 471

www.syngress.com

Figure 9.12 The Auto Update Agreement Window

Figure 9.13 The Added Interfaces Agreement Window

472 Chapter 9 • PIX Device Manager

From the Added Interfaces Agreement window, you can configure the

remaining PIX firewall interfaces. Baddest an interface from the account in the Other

Interfaces Agreement window and bang Edit to change interface parameters.

A window agnate to that apparent in Figure 9.14 appears.

From the Edit Interface window, you can accredit or attenuate the interface and

configure added interface ambit such as speed, aegis level, name, and IP

address. Afterwards authoritative agreement changes, bang OK to acknowledgment to the Other

Interfaces Agreement window, again bang Abutting to abide with the Startup

Wizard.

The abutting window in the astrologer is NAT and PAT Configuration.The NAT

and PAT Agreement window is apparent in Figure 9.15. From this window, you

can configure the altered types of abode adaptation accessible on the PIX firewall.

To configure PAT, bang Use Port Abode Adaptation (PAT) and either

use the alfresco interface as the PAT abode or access a specific IP abode in the

space provided. If you would like to configure NAT, bang Use Network Address

Translation (NAT) and access the adapted all-around abode parameters. Finally,

to about-face NAT off, bang Do not construe any addresses. Bang Abutting to proceed

to the DHCP Server Agreement window, as apparent in Figure 9.16.

The PIX firewall can act as a DHCP server for centralized clients, which is quite

useful in baby office/home appointment (SOHO) environments. From the DHCP

Server Agreement window, you can authorize a basal DHCP server configuration.

To alpha DHCP server operations on the firewall, bang Accredit DHCP

server on the central interface and access a DHCP abode ambit in the space

provided.You can additionally adapt the DHCP charter breadth time from the astrologer as well.

When you’re finished, bang Next.

www.syngress.com

Figure 9.14 The Edit Interface Window

PIX Device Manager • Chapter 9 473

www.syngress.com

Figure 9.15 The NAT and PAT Agreement Window

Figure 9.16 The DHCP Server Agreement Window

474 Chapter 9 • PIX Device Manager

A awning appears to announce that the astrologer is complete. Bang Finish to exit

the wizard, save the changes fabricated during the astrologer process, and acknowledgment to the

PDM window.

After you complete the wizard, PDM sends the adapted configurations to the

PIX firewall and refreshes the PIX agreement arresting via the PDM interface.

After authoritative changes to the PIX firewall, you charge bang the Save to Flash

Needed button to save adapted configurations to the PIX beam memory. If you

fail to do so, the new configurations will not be accessible afterwards a reboot.