• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 396
  • Last Modified:

PIX firewall password recovery

I have a PIX firewall which is in a production network. The password is not known because the former network administrator left the company. Is there anyway to get into the PIX with restarting the PIX?


Thank You
0
vreyesii
Asked:
vreyesii
3 Solutions
 
InteraXCommented:
To reset the password on a PIX/ASA you need to reboot into monitor mode and load a password reset utility onto the PIX.

Which model and version of the OS are you running?
0
 
vreyesiiAuthor Commented:
I do not know the version because I cannot get into the PIX. The model of the PIX is 515.

0
 
batry_boyCommented:
If you console into the PIX and power cycle it, it will list the PIX OS version as part of the boot process.
0
IT Degree with Certifications Included

Aspire to become a network administrator, network security analyst, or computer and information systems manager? Make the most of your experience as an IT professional by earning your B.S. in Network Operations and Security.

 
Alan Huseyin KayahanCommented:
 First, you have to clear the password of your PIX. For this process, you should enter the monitor mode by pressing ESC during the boot of PIX. You should use CLI (Command line interface) during the process.
     You can reach the CLI with a rollover cable that one end with RJ45 to PIX's console port and the other end serial 9 pin female to your COM1. Then a hyperterminal connection on this, will allow you to see CLI.
      In this process, we will send PIX the password reset file which will run automatically and ask you to reset password or not. But we have to determine the suitable password file fot your PIX. First, you have to determine whic IOS your PIX is running. Then you should download the related password reset file.
     And you need a tftp server, which is a small program that has the capability to send/receive files to/from IOS devices.
    Link below tells the procedure. Skip the "PIX with a floppy"  and read the rest
    http://www.cisco.com/warp/public/110/34.shtml

After resetting the password, enter the privillaged console bye typing enable, then press enter for blanked password. Then type config terminal for entering config mode, then type config factory for PIX to load factory defaults. Type wr mem to write the changes to memory and reload for PIX to restart itself
0
 
Alan Huseyin KayahanCommented:
   Do not do
"After resetting the password, enter the privillaged console bye typing enable, then press enter for blanked password. Then type config terminal for entering config mode, then type config factory for PIX to load factory defaults. Type wr mem to write the changes to memory and reload for PIX to restart itself"

if you dont need to reset to factory defaults.
0
 
vreyesiiAuthor Commented:
Thank you all for your help and input.
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now