?
Solved

Password Recovery on Cisco PIX 506E

Posted on 2009-02-12
2
Medium Priority
?
1,032 Views
Last Modified: 2012-06-27
Inherited a client with a Cisco Pix 506 E, which is working without no problems.  But we need to reconfigure the unit and cannot get the password for the enable command to look at routing table etc.  Previous consultants claimed they used default passwords.  I can log into the unit and get the primary screen which uses the default password "cisco" but then if I try to log in using pixuser or pixadmin with the default password, it does not work.  Is there a non-destructive way to recover the password with blowing out all the settings, and how much time would you estimate for a basic reconfiguration of the unit
0
Comment
Question by:Peterson50
2 Comments
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 1000 total points
ID: 23621343
Here is the procedure.  Install a TFTP server if you don't have one already and download the appropriate file based on version running on the PIX (np63.bin if running 6.3).  Then follow the "Pix without floppy drive" instructions to clear the passwords.  This will not erase the configuration (only passwords).

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a008009478b.shtml
0
 
LVL 4

Assisted Solution

by:Tachyon_1
Tachyon_1 earned 1000 total points
ID: 23636995
JFrederick29 has given you just the right answer.  I only want to expand on it a little.

When you look at the procedure at the Cisco website, it's a little scary and complex looking. But in reality, it's not all that bad if you prepare and follow the instructions.

First, unless you already happen to have a TFTP server setup on your network, go and download TFTPd32 if you are running Windows on your desktop. Get it here... http://tftpd32.jounin.net/
Otherwise, if you are running some sort of Unix/Linux, then I assume you know how to setup tftpd, if not, use man.
So install TFTPd32, make a blank directory somewhere (I made one called TFTP in My Documents).
Next click on settings and under TFTP Securiy, check "None". Now click "OK" and back on the main screen next to "Current Directory"  choose browse and go find your TFTP directory you created earlier.
Next copy your correct bin file (eg. np63.bin ) to the TFTP directory.
Back in TFTPd32, make sure the server interface entry correctly reflects the IP address of the computer you are working on.
Now you are ready to connect to the PIX with the console cable and Hyperterm (or equivalent).
In Hyperterm, make sure you have the come port set to 9600-8-N-1 and hardware flow control.
connect to the PIX with Hyperterm and you should get some sort of response (eg. Username: )
Now that you know the connection is good, get ready to reboot the PIX. Have your finger over the Escape key on the keyboard of the PC connected to the console port of the PIX and that the Hyperterminal window is active. power off the PIX and when it comes back up you will see text coming up on the Hyperterminal window. If not, check your connection  and try again.
Once you get to the monitor> prompt in the Hyperterminal window, you can proceed with the instructions on the Cisco page. Or you can try the simplified version found here:
http://www.networkug.com/weBlog/2007/howto-recover-a-password-on-a-cisco-pix-firewall/

One more thing, if you happen to hit Esc too soon when the PIX is booting, you'll get a test mode prompt. Just hit 'C' and enter and get ready to hit the Esc key right away after that until you get to the monitor> prompt.

Good luck!
0

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Ser…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question