Solved

Cisco PIX 515E default factory settings

Posted on 2011-03-24
7
1,720 Views
Last Modified: 2012-05-11
If i want to restore/wipe my cisco pix 515E to factory settings, what do i need to backup besides the flash and the asdm i am guessing the activation key just make a note of it? how would i activate?

this is my show version

Cisco PIX Security Appliance Software Version 8.0(4)
Device Manager Version 6.0(3)

Compiled on Thu 07-Aug-08 19:42 by xxxxxx
System image file is "flash:/pix804.bin"
Config file at boot was "startup-config"

pixfirewall up 2 days 22 hours

Hardware:   PIX-515E, 128 MB RAM, CPU Pentium II 433 MHz
Flash E28F128J3 @ 0xfff00000, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB

 0: Ext: Ethernet0           : address is xxxx.xxxx.xxxx, irq 10
 1: Ext: Ethernet1           : address is xxxx.xxxx.xxxx, irq 11
 2: Ext: Ethernet2           : address is xxxx.xxxx.xxxx, irq 11
 3: Ext: Ethernet3           : address is xxxx.xxxx.xxxx, irq 10
 4: Ext: Ethernet4           : address is xxxx.xxxx.xxxx, irq 9
 5: Ext: Ethernet5           : address is xxxx.xxxx.xxxx, irq 5

Licensed features for this platform:
Maximum Physical Interfaces  : 6
Maximum VLANs                : 25
Inside Hosts                 : Unlimited
Failover                     : Active/Active
VPN-DES                      : Enabled
VPN-3DES-AES                 : Enabled
Cut-through Proxy            : Enabled
Guards                       : Enabled
URL Filtering                : Enabled
Security Contexts            : 2
GTP/GPRS                     : Disabled
VPN Peers                    : Unlimited

This platform has an Unrestricted (UR) license.

Serial Number: xxxxxxxxx
Running Activation Key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Configuration last modified by enable_15 at 17:52:44.877 EDT Thu Mar 24 2011
0
Comment
Question by:lurezero
  • 4
  • 3
7 Comments
 
LVL 2

Expert Comment

by:leetpriest
ID: 35214990
Product activation and licensing should be retained on the device through IOS migrations. You may want to make note of the serial and activation key, but you shouldn't need to do anything with it. You really don't even need to back up the flash (unless you want to save your config) if you have access to download the cisco IOS.

Your best bet is to do the following:
write mem
Copy flash tftp your IOS, asdm and startup config. Copy the serial and activation to a notepad file.
write erase
reload

Then you should be good.
0
 

Author Comment

by:lurezero
ID: 35218486
ok, i was thinking the same....

the write erase command just erases the contents of NVRAM only right?
0
 
LVL 2

Expert Comment

by:leetpriest
ID: 35218548
Yes. Write mem is the same as the "erase startup-config" command, which erases the startup config file. After the next reload the pix will use a factory default startup-config and copy it over to the running-config.

You normally do not want to erase anything in the flash unless you're certain that it's corrupt or that you do not need it. This includes IOS images, sdm's, pdm's, adsm's, anyconnect clients, etc etc. Write erase is good enough to place the firewall back to default.

The only other way to put it back to the original purchase state is if you remember what ios image was on it, and what pdm, downloading those from Cisco, removing the current pdm's and IOS images, and replacing them with the old ones. This is a downgrade though, and the old images may not have some features that you've been using from the newer image. Especially since your current image is at least 2 major versions above what likely came with the pix at purchase.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:lurezero
ID: 35220159
you know i am having a dumb problem. factory settings applied. im now trying to copy the original running config or start-config file (3KB) to the startup config and running config but its not going through it outputs %error opening tftp://192.168.1.2/startup-config (no such device)

tftp IP is 1.2 and internal PIX is 1.1 and i found out i cannot even ping it

when i try to ping the tftp server it says "no route to host 1.2" really odd....i removed all AV apps and turned off the windows firewall
0
 
LVL 2

Expert Comment

by:leetpriest
ID: 35220223
Did you no shut the interface? Do you see your subnet as a connected subnet after you perform a show ip route?
0
 

Author Comment

by:lurezero
ID: 35220280
solved it, i configured through the default questions, copy run start, then i was able to ping the tftp server....but now i am still having the problem of copying the startup config file it says (unspecified error)
0
 
LVL 2

Accepted Solution

by:
leetpriest earned 500 total points
ID: 35220311
Rename it to startup-config.old then copy it over. Once done rename it back to what it was (startup-config.text I think, make note of it) and reload. Backup the current startup config on it first.

You may also want to consider opening the file on your pc and just manually copying the config over.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question