Solved

Old Cisco Pix (V3.0)

Posted on 2015-01-26
18
158 Views
Last Modified: 2015-02-12
I have an OLD cisco PIX that I'm trying ot log into from the web to use the GUI.  I'm having a difficult time as this is and old version.  I have a machine that has IE 6 and and older Java.  The problem is the SSL Cert is expired and although when the message box pops up and tells me that the certificate is not valid and cannot be used to verify the identity of this website.. If I click continue it just hangs.  Is there any way around this?
0
Comment
Question by:WellingtonIS
  • 10
  • 8
18 Comments
 
LVL 35

Expert Comment

by:Kimputer
ID: 40570513
You can easily use another browser and new Java. That way it's easier to see why it hangs. For instance, fully updated Chrome/Java, connect, continue (even though it says it's a risk), and it will probably work.
Using old IE6/Java is just a recipe for hell.
0
 

Author Comment

by:WellingtonIS
ID: 40570579
Chrome does the same thing.  This is the error:
NET::ERR_CERT_AUTHORITY_INVALID
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40570627
Look on the page, there's a small gray "Advanced" option, click, then "Proceed to xxx (unsafe)".
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:WellingtonIS
ID: 40570639
I do that then it pops up another screen and that where it just sits
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40570742
Maybe the device is defect, as you mentioned already that it's quite old. Not only that, you probably can't update the software anyway, making this device a security risk. Why even bother?
0
 

Author Comment

by:WellingtonIS
ID: 40570841
I'm bothering because I need to look at the settings on the device.  I have tunnels on there that I need to move to my ASA.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40571263
Serial port available?
0
 

Author Comment

by:WellingtonIS
ID: 40571271
Not sure but you think I can access the GUI via the serial Port?
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40571274
Definitely not, the serial port is purely for the text based flat file configuration information.
0
 

Author Comment

by:WellingtonIS
ID: 40571282
I can telnet in too.  its just easier to see the site to site VPN with the GUI  that's what I'm trying to accomplish
0
 

Author Comment

by:WellingtonIS
ID: 40571352
OK is there away that I can enable this so I can use ASDM software?
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40572269
No, telnet is pure text based.
Did you try with another pc/laptop to connect (again, using multiple browsers/java versions). The problem right now is that it hangs, while with a normal working device and pc, it should not hang, and always tell you why it stops (even if the browser lets you through, Java security can also block things, but still give you prompts).
0
 

Author Comment

by:WellingtonIS
ID: 40572538
I have only so far tried 2 machines.  My own and an old server.  But I'll try other options thanks.
0
 
LVL 35

Accepted Solution

by:
Kimputer earned 500 total points
ID: 40572547
If you have a good new working PC, and it also hangs, it's because the Cisco device is not serving the files needed. In that case I'm afraid you'll get nowhere with the GUI, and you have to use the text config to transfer the settings (which isn't a bad thing, as the GUI picks up this same info, it just shows it a bit differently.
0
 

Author Comment

by:WellingtonIS
ID: 40572551
it telling me my certificate is invalid and even though I'm accepting everything it still will not load.
0
 

Author Comment

by:WellingtonIS
ID: 40572641
Is there anyway to view the Certificate via command line on the PIX?
0
 
LVL 35

Assisted Solution

by:Kimputer
Kimputer earned 500 total points
ID: 40572661
Sadly, not that I'm aware of (I'm assuming you mean edit, as viewing certificates can already be done in the browser).
0
 

Author Closing Comment

by:WellingtonIS
ID: 40605626
Thanks I had to use telent there's no way to make this work.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question