Cisco PIX 520 - PIX Firewall 520 Installation Manual page 50
Installation guide
Hide thumbs
Also See for PIX 520 - PIX Firewall 520:
- User manual (24 pages) ,
- User manual (114 pages) ,
- Online help manual (256 pages)
Table of Contents
Advertisement
Troubleshooting
Table 5-1
Common Troubleshooting Symptoms, Conditions, and Workarounds (continued)
Symptom
Certificate displays a message that its
timestamp is in the future when
connecting to the PIX Firewall.
Browser cannot access PDM.
Clicking Grant causes PDM to crash.
Cisco PIX Device Manager Installation Guide
5-4
Conditions
The browser displays a message with
the certificate's timestamp each time a
user connects to the PIX Firewall.
When you attempt to access PDM, the
message "the page cannot be displayed"
appears in Internet Explorer or the
message "network connection was
refused by the server" appears in
Netscape Communicator.
If you are using PDM with Netscape
Version 4.73 and you have a corrupted
certificate database, the browser may
crash if you do the following:
1.
Run an applet that uses a digital
certificate.
2.
Renew the certificate.
Run the new applet with the
3.
updated certificate.
Start PDM.
4.
5.
Click Grant to launch PDM.
This can happen on Windows, Sun
Solaris, or Linux and is a problem in the
Netscape Java Virtual Machine (JVM).
Chapter 5
Tips and Troubleshooting
Workaround
To reset the PIX Firewall clock setting, go
to the Configuration>System
Properties> Administration>Clock
screen on PDM. Using PDM, look at the
VPN screen under
IKE>Certificate>Enrollment to check
the timestamp on the certificate.
Alternatively, you can also use the show
ca certificate command to check the
timestamp on the certificate.
Check that you are using "https" in
1.
your connection to
"
https://pix_inside_interface_
" and not "http." The
ip_address
connection cannot be made using
"http," it must be "https."
If you cannot connect, enter the show
2.
version command to check that you
have the proper activation key to use
DES or 3DES. If you do not, obtain an
activation key that supports this
requirement before continuing. If,
after confirming that your activation
key supports using DES or 3DES, you
still cannot connect, refer to
"Checking Your Connection to the
PIX
Firewall".
To work around this, remove the corrupted
cert7.db file (the certificate database file),
located in the your Netscape directory. A
new cert7.db file is created when you run
Netscape again.
However, this removes all of the
certificates that you have previously
accepted as trusted. (This includes
certificates that you accepted from other
sites as well as certificates that you
entered manually.)
78-15483-01
- Quick Links:
- Downloading the Pdm Software
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
