?
Solved

PIX 500 Series Password Recovery Fails

Posted on 2007-12-05
3
Medium Priority
?
332 Views
Last Modified: 2010-04-09
I have a PIX 500 series firewall for which I need to recover the password. I have followed the instructions contained in Cisco Document ID: 8529 - "Password Recovery Procedure for the PIX", but cannot regain control of the device.

When the proceure asks if I want to remove the password, I respond Y; when it asks if I want to remove the configure, I respond N.  The procedure then proceeds as documented,  reboots the PIX, and places me back into the monitor.  I type in the command "enable" and am asked supply a password.  According to the documentation, there should be no password, so I respond by hitting "Enter", only to receive a "Login Failed" message.  The PIX was confirmed to be running software version 7.1(2).  The password recovery file used was "np70.bin.  Despite much searching on the net, I could find an "np71" file.

I've tried using both "" and "cisco" as  passwords, tried logging in as "admin" or as "cisco" but am repeatedly rejected.
0
Comment
Question by:JDL_Tech
  • 2
3 Comments
 
LVL 16

Accepted Solution

by:
2PiFL earned 2000 total points
ID: 20410985
This procedure is also suppose to change the telnet password back to the default.  Can you telnet by using the default telnet password cisco?  
0
 

Author Comment

by:JDL_Tech
ID: 20412719
I performed an SSH session with the firewall using "admin", "Administrator", and "cisco" as users.  I'm still denied access while using the default "cisco" password.
0
 

Author Comment

by:JDL_Tech
ID: 20418781
I found my error.  With OS  7.1(2) one first must change the "enable" password, then authorize the system to make the change.  I failed to do the latter.

I now have regained control of the firewall.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses
Course of the Month14 days, 16 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question