• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1040
  • Last Modified:

Password Recovery on Cisco PIX 506E

Inherited a client with a Cisco Pix 506 E, which is working without no problems.  But we need to reconfigure the unit and cannot get the password for the enable command to look at routing table etc.  Previous consultants claimed they used default passwords.  I can log into the unit and get the primary screen which uses the default password "cisco" but then if I try to log in using pixuser or pixadmin with the default password, it does not work.  Is there a non-destructive way to recover the password with blowing out all the settings, and how much time would you estimate for a basic reconfiguration of the unit
0
Peterson50
Asked:
Peterson50
2 Solutions
 
JFrederick29Commented:
Here is the procedure.  Install a TFTP server if you don't have one already and download the appropriate file based on version running on the PIX (np63.bin if running 6.3).  Then follow the "Pix without floppy drive" instructions to clear the passwords.  This will not erase the configuration (only passwords).

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a008009478b.shtml
0
 
Tachyon_1Commented:
JFrederick29 has given you just the right answer.  I only want to expand on it a little.

When you look at the procedure at the Cisco website, it's a little scary and complex looking. But in reality, it's not all that bad if you prepare and follow the instructions.

First, unless you already happen to have a TFTP server setup on your network, go and download TFTPd32 if you are running Windows on your desktop. Get it here... http://tftpd32.jounin.net/
Otherwise, if you are running some sort of Unix/Linux, then I assume you know how to setup tftpd, if not, use man.
So install TFTPd32, make a blank directory somewhere (I made one called TFTP in My Documents).
Next click on settings and under TFTP Securiy, check "None". Now click "OK" and back on the main screen next to "Current Directory"  choose browse and go find your TFTP directory you created earlier.
Next copy your correct bin file (eg. np63.bin ) to the TFTP directory.
Back in TFTPd32, make sure the server interface entry correctly reflects the IP address of the computer you are working on.
Now you are ready to connect to the PIX with the console cable and Hyperterm (or equivalent).
In Hyperterm, make sure you have the come port set to 9600-8-N-1 and hardware flow control.
connect to the PIX with Hyperterm and you should get some sort of response (eg. Username: )
Now that you know the connection is good, get ready to reboot the PIX. Have your finger over the Escape key on the keyboard of the PC connected to the console port of the PIX and that the Hyperterminal window is active. power off the PIX and when it comes back up you will see text coming up on the Hyperterminal window. If not, check your connection  and try again.
Once you get to the monitor> prompt in the Hyperterminal window, you can proceed with the instructions on the Cisco page. Or you can try the simplified version found here:
http://www.networkug.com/weBlog/2007/howto-recover-a-password-on-a-cisco-pix-firewall/

One more thing, if you happen to hit Esc too soon when the PIX is booting, you'll get a test mode prompt. Just hit 'C' and enter and get ready to hit the Esc key right away after that until you get to the monitor> prompt.

Good luck!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now