[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


PIX 501 Console Mode

Posted on 2004-11-15
Medium Priority
Last Modified: 2008-01-09
I have a slight dillema on my hand.  I inherited a PIX 501 and need to view it's configuration.  If I console into the unit with a null modem cable, do I use hyperterminal and what settings should I configure it to?  If I need to wipe out the configuration how can I do this. The recent user of this device does not remember the password and we are acquiring the company.  I need a quick answer since I am still waiting for my recently purchased smartnet contract.
Question by:jmorin1

Expert Comment

ID: 12586222

Accepted Solution

fatlad earned 2000 total points
ID: 12591620
You will need the PIX Password Lockout Utility. You can get this from the Cisco website: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a008009478b.shtml and a tftp server.

Once you have these follow the following steps:

1. Install a serial terminal or a PC with terminal emulation software on the PIX console port.

2. Verify that you have a connection with the PIX, and that characters are going from the terminal to the PIX, and from the PIX to the terminal.

Note: Because you are locked out, you will see only a password prompt.

3. Immediately after you power on the PIX Firewall and the startup messages appear, send a BREAK character or press the ESC key. The monitor> prompt is displayed. If needed, type ? (question mark) to list the available commands.

4. Use the interface command to specify which interface the ping traffic should use. For floppiless PIXes with only two interfaces, the monitor command defaults to the inside interface.

5. Use the address command to specify the IP address of the PIX Firewall's interface.

6. Use the server command to specify the IP address of the remote TFTP server containing the PIX password recovery file.

7. Use the file command to specify the filename of the PIX password recovery file. For example, the 5.1 release uses a file named np51.bin.

8. If needed, enter the gateway command to specify the IP address of a router gateway through which the server is accessible.

9. If needed, use the ping command to verify accessibility. If this command fails, fix access to the server before continuing.

10. Use the tftp command to start the download.

11. As the password recovery file loads, the following message is displayed:

Do you wish to erase the passwords? [yn] y
Passwords have been erased.

Note: If there are Telnet or console aaa authentication commands in version 6.2, the system will also prompt to remove these.

12. The default Telnet password after this process is "cisco." There is no default enable password. Go into configuration mode and issue the passwd your_password command to change your Telnet password and the enable password your_enable_password command to create an enable password, and then save your configuration.

Hope this helps


Author Comment

ID: 12601041
I will be at the site tomorrow and follow up with a status and decision. Thank you all.


Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question