Hi All: I have a PIX 506e running version 6.3(4) and PDM 3.0(2).

The PIX is a couple of years old, and if I try to load the PDM on anything
newer than Win2K/IE6, I get a java exception error in the browser and the
PDM window doesn't open. Is this a function of how old the PDM version is,
or is there a different issue affecting what computer/browser/java version
can access the PDM?

If, as I suspect, the PIX should be updated, is the only way to get the new
software by purchasing a support contract from Cisco?

In article <3yh3k.1287$8q2.658@trnddc02>, geekyguy <geeky@guy.com> wrote:
Java compatability problems. You will need an -older- Java version.


The newest PIX version you could get for the 506E would be one of
the 6.3(5) subreleases, and if you are the registered owner of the
device then you are entitled to that subrelease anyhow due to
security problems in what you are running.

PIX 7.x is not -supported- on the PIX 506E (though some people say
they have managed to run it... but usually in order to get it to
fit they have to drop the ASDM software that is the PIX 7.x
equivilent of PDM... which would rather defeat your purposes.)

I don't know if you could even get a service contract on your
506E at this point, as it has been EOS'd, and EOL cannot be far off now.

Walter Roberson wrote:
To be precise, you will need version 1.3

Thanks...that's a big help to know which version.

Is that true even for the latest versions of PIX?

I have a Vista laptop that I would prefer to use for PDM access...it has
Java 6 Update 5 installed on it. Is it safe to uninstall that and install
1.3? (and would that even work?)

Or do I need to keep a VM of XP handy <g>?

"artie lange" <Artie@lange.com> wrote in message
news:T-ydneffFO769dPVnZ2dnUVZ_qjinZ2d@supernews.com...

geekyguy wrote:
Latest versions of the PDM (now called ASDM)works with the newest
versions of Java.

It would all depend on the requirements of Java 1.3, I can not say if it
is Vista compatible. I can say with XP you can uninstall the isntalled
version of Java and download 1.3 from java.com.

In article <T-ydnebfFO5qFtPVnZ2dnUVZ_qjinZ2d@supernews.com>,
artie lange <Artie@lange.com> wrote:
True, but no version of the PIX software that uses ASDM is officially
supported on the poster's PIX 506E.

"Walter Roberson" <roberson@hushmail.com> wrote in message
news:vjw3k.19773$gc5.8177@pd7urf2no...
Thanks for that info.

So, is this PIX so old as to be technologically obsolete, in that it should
be upgraded at this point?

Also, is there any benefit to upgrading from version 6.3(4) and PDM 3.0(2)
to whatever is the latest version, or is that throwing good money after bad
at this point? I also asked in my original post if there is a cost
associated with upgrading the software?

geekyguy wrote:

There are many ways to answer that question, if your conclusion is that
because you have to use Java 1.3 from 2000 instead of the latest release
of Java to access the PDM, makes the equipment obsolete, then yes I
would make that point. But the firewall can be configured from many
different ways not just the PDM, you can use the CLI which will
eliminate the need for the PDM. Does the firewall work for your company
is the question you need to ask yourself, if so then why upgrade, if not
then look into upgrading to the new ASA line that comes with all the
software updates installed.

There are some security issues fixed I believe from 6.3(4) to 6.3(5)I am
not that familiar with the licensing of these boxes so I can not answer
the question, you *may* be entitled to the upgrade, if not you need a
smartnet for the unit.

artie lange <Artie@lange.com> writes:
You should be able to get to this page from the basic free CCO type
account (ie. signup on cisco.com for an account).

http://www.cisco.com/cgi-bin/tablebuild.pl/PIXPSIRT

I haven't tried it with a normal level account through.

That would be the latest security fix for the PIX (newer than the
regular download page).

Since the box is in maintenance only mode now and only security bug
fixes happen, you can see that this box isn't going to have alot going
on with it otherwise.

"Doug McIntyre" <merlyn@geeks.org> wrote in message
news:484ea8b0$0$76841$8046368a@newsreader.iphouse. net...

NOTE:
There are currently no files for this type.

The images in this directory resolve specific security vulnerabilities
for the Cisco PIX Security Appliance. For additional information,
please refer to the Security Advisories located here:

http://www.cisco.com/en/US/products/...s_listing.html

The images located in this directory are fully supported by Cisco TAC.

Is there anything significant about the security fixes in 6.3(5) that would
warrant paying for a new service contract just to download it?

This firewall is in front of some webservers and a database server, nothing
more...it doesn't seem like I would need to upgrade to the latest hardware
just for the java-compatibility...although I'm not really a CLI kind of guy
<g>. Of course, any time I've needed to do anything more basic than opening
a port or adding a static route, I've had to run the CLI from within the PDM
anyways...

Thanks to you both for the help!

geekyguy wrote:

Again, that is a question for you to answer, I do not believe there is
any MAJOR bug within 6.3(3) that was fixed in 6.3(5), but how much is
the security of your datacenter and your database worth?