Solved

Cisco 501 Private Key Issue

Posted on 2003-11-14
4
1,778 Views
Last Modified: 2013-11-16
When I boot up my Pix 501 and go to login using the CLi i recieve the following error. Cannot Select Private Key. I have reset this unit using the configure factory-default command. Being new to the pix firewalls i am not sure what the problem is, can any one give me any insight? This is what it looks like.

CISCO SYSTEMS PIX-501
Embedded BIOS Version 4.3.200 07/31/01 15:58:22.08
Compiled by morlee
16 MB RAM

PCI Device Table.
Bus Dev Func VendID DevID Class              Irq
 00  00  00   1022   3000  Host Bridge        
 00  11  00   8086   1209  Ethernet           9
 00  12  00   8086   1209  Ethernet           10

Cisco Secure PIX Firewall BIOS (4.2) #6: Mon Aug 27 15:09:54 PDT 2001
Platform PIX-501
Flash=E28F640J3 @ 0x3000000

Use BREAK or ESC to interrupt flash boot.
Use SPACE to begin flash boot immediately.
Reading 1921536 bytes of image from flash.      
##########################################################################################################
16MB RAM
mcwa i82559 Ethernet at irq  9  MAC: 000d.bca4.2eb3
mcwa i82559 Ethernet at irq 10  MAC: 000d.bca4.2eb4
Flash=E28F640J3 @ 0x3000000
BIOS Flash=E28F640J3 @ 0xD8000

  -----------------------------------------------------------------------
                               ||        ||
                               ||        ||
                              ||||      ||||
                          ..:||||||:..:||||||:..
                         c i s c o S y s t e m s
                        Private Internet eXchange
  -----------------------------------------------------------------------
                        Cisco PIX Firewall

Cisco PIX Firewall Version 6.3(1)
Licensed Features:
Failover:           Disabled
VPN-DES:            Enabled
VPN-3DES-AES:       Enabled
Maximum Interfaces: 2
Cut-through Proxy:  Enabled
Guards:             Enabled
URL-filtering:      Enabled
Inside Hosts:       10
Throughput:         Unlimited
IKE peers:          10

This PIX has a Restricted (R) license.


  ****************************** Warning *******************************
  Compliance with U.S. Export Laws and Regulations - Encryption.
 
  This product performs encryption and is regulated for export
  by the U.S. Government.
 
  This product is not authorized for use by persons located
  outside the United States and Canada that do not have prior
  approval from Cisco Systems, Inc. or the U.S. Government.
 
  This product may not be exported outside the U.S. and Canada
  either by physical or electronic means without PRIOR approval
  of Cisco Systems, Inc. or the U.S. Government.
 
  Persons outside the U.S. and Canada may not re-export, resell
  or transfer this product by either physical or electronic means
  without prior approval of Cisco Systems, Inc. or the U.S.
  Government.
  ******************************* Warning *******************************

Copyright (c) 1996-2003 by Cisco Systems, Inc.

                Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

                Cisco Systems, Inc.
                170 West Tasman Drive
                San Jose, California 95134-1706

....................
DHCP command failed
outside interface address added to PAT pool

Cryptochecksum(unchanged): f54719c3 4a0c10bc ea9eeecd ebae3095
Type help or '?' for a list of available commands.
pixfirewall>
Cannot select private key
pixfirewall>

0
Comment
Question by:jfkappers
  • 2
4 Comments
 
LVL 13

Expert Comment

by:td_miles
ID: 9752515
Has this just started happening ? Was it working before ?

I'd suggest you upgrade to the latest IOS for the PIX (6.3.3) and see if this helps.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 9758467
looks like since you reverted to factory defaults the private key is invalid.
Can you reconfigure?
pixfirewall>enable
pixfirewall# setup

Answer the questions for the initial setup and it may generate a new key

Or you can generate a new key manually, but first you must give it a domain name:
pixfirewall(config)#domain-name example.com
pixfirewall(config)#ca generate rsa key 512



0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9774418
Are you still working on this? Can you update us with your status?

Thanks!
0
 

Author Comment

by:jfkappers
ID: 9778989
We would like to thank lrmoore, your answer sent us in the right direction.

jfkappers
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Cisco Pix/ASA hairpinning The term, hairpinning, comes from the fact that the traffic comes from one source into a router or similar device, makes a U-turn, and goes back the same way it came. Visualize this and you will see something that looks …
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video discusses moving either the default database or any database to a new volume.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now