Video game design employment outlook

Cisco Security Device Manager on the Mac

Cisco Security Device Manager on the Mac

Cisco Router and Security Device Manager (SDM) is a Web-based device-management tool that enables you to deploy and manage the services on a Cisco IOS router. Even if you decide to do your initial configuration with the CLI, the Monitoring mode of the SDM is a great way to get a graphical real-time "pulse" on the state of your router.

The SDM application can run either as an application installed on the your Windows PC or from the router�s flash thru your web browser. This post will show you how to install, and run, the SDM application in Mac OS X. This should go without saying, but dont expect official support from Cisco regarding this configuration.

My main use case for this was to use Mac OS X, with the Cisco SDM, for the CCNA Security lab exercises with GNS3. You could also use these directions to install the Cisco SDM on Linux, albeit with a different method of grabbing the Wine package.

Get and Install the Software
We will now obtain and install the required software in this section. It is very important to download the exact versions of the Mozilla Firefox for Windows and Java Runtime Environment for Windows. If you do a search around the web, you will notice a pattern of issues with SDM when you dont have a compatible Firefox/JRE version pair. I had to do some "trial and error" to find a stable version pair.

# XQuartz
The XQuartz project is an open-source effort to develop a version of the X.org X Window System that runs on Mac OS X. Download and install the latest disk image from the XQuartz site.

# MacPorts
MacPorts will give your Mac OS X operating system access to ~8000 ports (open-source software). Our X server and Wine installations will require the MacPorts infrastructure to be installed and configured correctly. If you don�t have MacPorts already installed, visit http://www.macports.org for the full details of the installation process.

If you have MacPorts already installed, synchronize your installation with the MacPorts rsync server. Open Terminal.app and run this command:

$ sudo port -d selfupdate

# Wine
Wine is a compatibility layer that allows you to run Windows software on your Mac without the requirement of a virtualization hypervisor. We will use Wine for the Windows version of Firefox, Java Runtime Environment (JRE), and the Cisco SDM software. Run this command from Terminal.app to install the latest version of Wine thru MacPorts:

$ sudo port -v install wine

We can verify a successful installation by running this command from Terminal.app:

$ wine notepad &

You should see the Wine Notepad application launch.


# Mozilla Firefox for Windows
Download Mozilla Firefox 3.0.19 for Windows. A simple Google query of �windows firefox 3.0.19 download� should return a list of at least a few sites still hosting this older version. I saved the file to my /Users/marc/Downloads/Windows directory.

We will now install the Firefox application thru Wine. Run this command from Terminal.app (Note: Remember Bash tab completion is your friend):

$ wine "$HOME/Downloads/Windows/Firefox Setup 3.0.19.exe" &

Select the defaults for the Mozilla Firefox Setup Wizard. Uncheck Launch Firefox now at the end of the setup and click Finish.

# Java Runtime Environment for Windows
The Cisco SDM leverages the JRE. Download Java Platform Standard Edition (Java SE) 6 Update 6 from Oracle. I found this file version in the archive section of their site. I saved the file to my /Users/marc/Downloads/Windows directory.

Install the Java Runtime Environment (JRE) thru Wine. Run this command from Terminal.app:

$ wine $HOME/Downloads/Windows/jre-6u6-windows-i586-p.exe &

• Click the Accept button to install the JRE.
• Click the Finish button to end the setup wizard.

# Cisco Security Device Manager
We have finally come to the installation of the Cisco SDM with all the prerequisite installations complete. You will need to download the Cisco SDM 2.5 from http://www.cisco.com. I�ve unpacked the SDM package to my /Users/marc/Downloads/Windows/SDMv25 directory.

Launch the SDM setup with following command in Terminal.app:

$ wine $HOME/Downloads/Windows/SDMv25/setup.exe &

• Click the Next button to start the wizard.
• Select I accept the terms of the license agreement and click the Next button.
• Select This Computer on the Install Options screen then click the Next button.

• Click the Next button to accept the default install location.
• Click the Install button on the following screen.
• Click the Finish button to close the Installation Wizard Complete screen.

Configuration
We still have a few configuration steps left for Firefox and the Cisco IOS.

# Firefox
In this step, we will force Firefox to be the default browser when launching the SDM. Run this command from Terminal.app:

$ wine "$HOME/.wine/drive_c/Program Files/Mozilla Firefox/firefox.exe" -silent -setDefaultBrowser

We also need to disable the pop-up blocker in Firefox (requirement for SDM). Run this command from Terminal.app to open Firefox:

$ wine "$HOME/.wine/drive_c/Program Files/Mozilla Firefox/firefox.exe" &

• Click Tools -> Options from the top toolbar menu.
• Click the Content tab.
• Uncheck Block pop-up windows and click the OK button.

Close the Firefox application.

# Configure IOS for SDM Access
Best practice would dictate you enable the secure web server in a production environment, but I will be using the basic HTTP web server for testing purposes in our example.

Create a user and enable the HTTP server.

R1> enable
R1# conf t
R1(config)# username marc privilege 15 secret cisco
R1(config)# ip http server
R1(config)# ip http authentication local
R1(config)# ip http timeout-policy idle 600 life 86400 requests 1000
R1(config)# exit

Set the IP address for the network interface.

R1(config)# int fa0/0
R1(config-if)# ip address 10.11.1.1 255.255.255.0
R1(config-if)# no shut
R1(config-if)# end

Launch Security Device Manager
We are almost there. Let�s open the SDM Launcher by running this command from Terminal.app:

$ wine "$HOME/.wine/drive_c/Program Files/Cisco Systems/Cisco SDM/SDMLauncher.exe" &

• Enter your router IP address/Hostname into the Device IP Address or Hostname field.
• Enable the This device has HTTPS enabled and I want to use it. checkbox if you have configured the ip http secure-server option in the router IOS configuration.
• Click the Launch button to open the SDM Java applet.

A Firefox window should now appear with a login dialog box in the foreground.

• Enter your credentials in the Authentication Required dialog box.
• Click the OK button to login.

We should now be presented with the Cisco Router and Security Device Manager (SDM) window.



Troubleshooting
This section will give you a workaround if you are having graphical issues with SDM. Wine does a pretty good job of translating Windows DirectX, but it is still a little rough around the edges. We can disable DirectX acceleration for Java with a registry setting. This will allow you to launch the SDM in software rendering mode.

Open the Wine Configuration Editor. Run this command from Terminal.app:

$ winecfg &

On the Graphics tab, enable the Emulate a virtual desktop checkbox and create a desktop size of 1024 x 768. Click the OK button to save the settings.


Now open the Wine Control Panel. Run this command from Terminal.app:

$ wine control &

Double-click the Java icon. The Java configuration panel may not launch, and you may also notice a Java exception access violation error in the output of Terminal.app. This step is still necessary because the event creates the proper Java registry data which we will modify in the next step.

Open the Registry Editor. Run this command from Terminal.app:

$ regedit &

• Navigate thru the registry with the path of HKEY_CURRENT_USERSoftwareJavaSoftJava2D1.6.0_3.
• Double-click the DXAcceleration key.
• Enter 0 for the hexadecimal value and click the OK button.

Close the Registry Editor.

The next time you launch the Cisco SDM you should be able to run the Java applet without graphical glitches.