• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1407
  • Last Modified:

Pix 515E Password Reset - stuck at tftp command

Pix 515E (floppyless) with unknown passwords.  Followed several suggestions to reset password.  Stuck at tftp.
Followed directions from:  http://www.cisco.com/warp/public/110/34.shtml as well as others.

Pix515E version 6.3 (verified from console)
Downloaded np63.bin file to tftp root
Started Solarwinds tFtp - ip address
Connected cross-over cable from interface 1 to nic on tftp server machine (same as console machine)
Consoled to Pix with Hyperterm Personal - at monitor prompt
entered the following commands:
  interface 1
  file np63.bin
  ping  (100% successful)

At this point it states: tftp np63.bin@   and NOTHING.  no dots, no activity on the tftp server of a connection, no errors.  Let it sit 15 minutes 'just in case it was a slow day' and received squat.  Unable to break out of command.

From what I've read, if the .bin file is incorrect, erratic behavior is not out of the norm, but usually has to do with not receiving the "clear password" prompt or (god forbid) an actual error message.  I also learned a pix can be configured not to allow a password reset but instead a prompt to erase config.  I'd welcome this at this point.

This pix has more acl rules that I wish to remember and they all need to be changed to new internal ip addresses.  Redoing this from scratch is a cause for concern and one that I'd like to avoid.  No Cisco smart-net/support for this device with this client.

I verified the following information:

tftp server is working (used another win-based pc and connected vai tftp command and received a file)
tftp server is configured to be wide-open
crossover cable is good (tested on other systems)
no firewall running on pc
I've tried using different ip addresses, defining a gateway (i'm on the same subnet, same cable)
I did not try defining a subnet on the pix (is it possible?)
I'm unable to ping the pix from the pc, but can ping the pc from the pix

It's friday, I'm back onsite to attack this monday.  help greatly appreciated!  I'm hoping I overlooked something simple here.
1 Solution
Hii did you use the server command, which tells the Cisco pix that is the palce to get the tftp file example below

monitor>interface 1
monitor> address
monitor> server   <<<---------------------
monitor>file np63.bin
monitor>ping  (100% successful)
Do you have a firewall on your TFTP PC?
I always forget to turn off my blackIce when I try to tftp something.
Did you set the security settings on tftp to none - give all files/take all files ?
dkorfantyAuthor Commented:
kuro2ck - i did do server

lrmoore - no firewal installed on laptop - double-checked anyway.  I'm able to use a tftp client and connect and download a file which is what is driving me crazy about the whole thing.  I disabled any and all security on the tftp server.  I've used solarwinds and tftpd32

Solved - assumption once again my downfall.  I assumed that since I was able to connect to the laptop via a tftp client and download a file all was well.  I managed to change all the variables involved (multiple cables, cisco pix's, tftp programs) but assumed my laptop was fine since I confirmed tftp connection and download were possible.

I decided to use a different machine for the tftp server and it worked like a charm.

I'm not 100% sure the cause, but I can't waste the time to determine what it was.
Appreciate the responses.  Sorry to waste time.

My suggestion is to disable any Windows Firewall that you can have and also to test using another TFTP server. I always use TFTPD32. Here is the link: http://tftpd32.jounin.net/
I have never had issues with that one.

Let me know how it goes.

PAQed with points refunded (500)

Community Support Moderator
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now