Configure Cisco SDM

April 18, 2011·

Today we will be going over the steps that are required to set up the Cisco SDM (Security Device Manger) The Cisco SDM is a Web-based device management tool a GUI for Cisco routers this can simplify router deployments and cut ownership costs. SDM is fairly easy to set up but you still need at least some experience in the router command-line to get SDM working.

This tutorial is already assuming that the Cisco SDM program has been installed on the PC. If the router has enough flash you can also install SDM on the router, but it is usually slower and does take some CPU power. My advice is to install it on the PC. To support Cisco SDM the PC must have a Pentium III or faster processor and at least 512MB of RAM. Cisco SDM also needs Java version 6 or newer installed on the PC. I have found out by personal experience that the newer versions of Java don’t work nice with SDM. The Java version I would stick with when using Cisco SDM is Java version 6 Update 6. I would also suggest that the PC using SDM not be in a production environment because of the older Java version.

Another thing that is often a problem when using SDM is the Java heap size or the memory Java uses, Some SDM components need at least 256MB of memory to run correctly, like the IPS (Intrusion Prevention System component) To change this find the Java application settings in the Windows Control Panel double click, Once the Java Control Panel opens click on the tab Java and under the Java Applet Runtime Settings select View. A another window will appear called Java Runtime Settings highlight the Java Runtime Parameters and type the following –Xmx256.

Java Control Runtime — Java_Control_Runtime

With all that out-of-the-way let’s set up SDM. You can do this a couple of ways like add security to the router when connecting to SDM.

However this tutorial is going to focus on the required areas that are needed to get SDM working. The first thing that needs to be done is to configure at least one interface on the router that will connect to the computer with SDM installed. For this tutorial it will be Fast-Ethernet 0/0 and the IP address is 192.168.5.1 with a subnet mask of 255.255.255.0 (Here is the configuration from the router)

Router>enable
Router#configure terminal
Router(config)#interface fastEthernet 0/0
Router(config-if)#ip address 192.168.5.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit

Once the computer and the router are connected to the same network, issue a ping command from the command-line of the PC. The pings should be successful. The last command that is required for SDM to work, is to turn on the HTTP server on the router. All other commands like a secure password, AAA, are encouraged but not required for SDM to work.

Router(config)#ip http server

Once you have at least the above commands set up launch the SDM program from the computer. The SDM program will want the router’s IP address. (For this tutorial the routers IP address is 192.168.5.1 and HTTPS is not enabled) If you configured the HTTPS server on the router then select the check box saying “This device has HTTPS enabled and I want to use it”. Otherwise select the Launch button.

If no problems occur a couple of things will been showing up on the screen the first thing you will notice is that Internet Explorer will open and screen like below will appear. Although you can close this one, I like to keep these windows open when working with SDM.

The next screen is the SDM Launch Page and like it says another window will open along with reminding you not to close this window until you are done with Cisco SDM.

The next window will open and you will see a status box. This will be looking at the router platform and running configuration and loading the required information for SDM to work.

After the status box is done, it will close and you now have the Cisco SDM “Home” page loaded and are ready to start configuring or monitoring your router with a GUI interface.

That’s it! You can find more information at Cisco.com and although SDM is being phased out with the new Cisco Configuration Professional program they both have the same goal to manage a Cisco device with a GUI interface. Like always I hope this tutorial was informative and if you have any ideas on the next topic that deals with either ICND1 or ICND2 let me know.

Configuring SSH (ryansrealm.com/ciscoskills)
Configuring Cisco Router Firewall through Command Prompt (brighthub.com)
Cisco Learning Labs is Live! (ryansrealm.com/ciscoskills)

Troubleshooting Process Configuring Zone Based Firewalls via SDM

Configure Cisco SDM

Related Articles