CCNA Study Guide

This tutorial provides step by step guide to install and configure SDM - Cisco Security Device Manager.

Security Device Manager (SDM) is a web based utility developed by Cisco System for easy administration of cisco devices. It provides a GUI ( Graphic User Interface ) platform to manage some basic security features and interface connection configurations. Basically it was developed for SOHO ( small office / home office) networks, where administrators performing the configuration is probably less experienced with Cisco CLI.

Cisco 850, 870, 1800, 2800 and 3800 Series routers have preinstalled SDM. Along with these series router, it also supports from Cisco 830 series to Cisco 7301 series routers.

SDM requires Java Runtime environment ( Minimum 1.5 ) installed on your workstation. You can download Java Runtime environment from its official website.

SDM is available in two editions Full package and Express package.

  • Full package has more tools to manage the device. It can be found on the CD that you receive with your router. Alternatively you can download it from Cisco's official website.
  • Express package is a stripped down version of SDM. Usually it comes preinstalled in flash memory of supporting device.

SDM works on server client model where router play server role and workstation act as client. We need to make some configurations on both ends.

Necessary Router Configuration

Step 1 :- SDM uses HTTPS protocol for connectivity. Enable the HTTP and HTTPS servers on router.

Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# ip http server
Router(config)# ip http secure-server
Router(config)# ip http authentication local
Router(config)# ip http timeout-policy idle 600 life 86400 requests 10000

Step 2 :- Proper authentication is required to connect with router via SDM. Create a user account with following in global configuration mode, replacing username and password with the word that you want to use:

Router(config)# username username privilege 15 secret 0 password
For example, if you chose the username admin and the password vinita, you should enter the following:
Router(config)# username admin privilege 15 secret 0 vinita

This username and password would be used to login into Cisco SDM.

Step 3 :- Configure SSH and Telnet for local login and privilege level 15 with the following commands:

Router(config)# line vty 0 4
Router(config-line)# privilege level 15
Router(config-line)# login local
Router(config-line)# transport input telnet ssh
Router(config-line)# exit

Step 4 :- Assign IP address to Fast Ethernet interface. PC will connect with router via this interface.

Router(config)#interface fastethernet 0/0
Router(config-if)#ip address
Router(config-if)#no shutdown

Necessary connectivity requirement

If you are connecting PC directly to the Router use cross over cable. If you are connecting PC with Router via Switch or hub use straight cable.

Use Router's first available Ethernet or FastEthernet port for connectivity.

Make sure Router and PC remain in the same subnet. IP address configured on PC's lan card and Ethernet interface of Router that is used for connectivity belong to same network.

Accessing SDM

Cisco SDM is stored in flash memory of router. It can be invoked by executing an HTML file in the router archive, which then would load the signed Cisco SDM Java file. To launch Cisco SDM, use the following steps:

Step 1 :- Open your browser and enter the following URL:

https://<router IP address>

In our example it would be

https:// is used for secure connection. SSL protocol is required for secure connection.

http:// is used for unsecure connection where SSL is not available.

Step 2 :- As I have already mentioned earlier in this article that SDM requires authentication in order to connect with router. We have created necessary user account in previous section of this article. Enter username and password that we have created.

sdm access login box

If authentication is successful, SDM Java applet will begin loading to your PC's web browser.

SDM is a digitally signed Java applet that could trigger a security warning dialog box in your browser. Accept the certificate. SDM would display the launch page in browser.

sdm launch page

Cisco system no longer supports SDM. SDM had reached to end of life on 26 Feb 2011.

More information is available here

SDM has been replaced by CCP ( Cisco Configuration Professional ).

Share this Share This Article with Friends

Stay updateStay Update With US

More Articles For YouYou May Also Like