Solved

Old Cisco Pix (V3.0)

Posted on 2015-01-26
18
153 Views
Last Modified: 2015-02-12
I have an OLD cisco PIX that I'm trying ot log into from the web to use the GUI.  I'm having a difficult time as this is and old version.  I have a machine that has IE 6 and and older Java.  The problem is the SSL Cert is expired and although when the message box pops up and tells me that the certificate is not valid and cannot be used to verify the identity of this website.. If I click continue it just hangs.  Is there any way around this?
0
Comment
Question by:WellingtonIS
  • 10
  • 8
18 Comments
 
LVL 35

Expert Comment

by:Kimputer
ID: 40570513
You can easily use another browser and new Java. That way it's easier to see why it hangs. For instance, fully updated Chrome/Java, connect, continue (even though it says it's a risk), and it will probably work.
Using old IE6/Java is just a recipe for hell.
0
 

Author Comment

by:WellingtonIS
ID: 40570579
Chrome does the same thing.  This is the error:
NET::ERR_CERT_AUTHORITY_INVALID
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40570627
Look on the page, there's a small gray "Advanced" option, click, then "Proceed to xxx (unsafe)".
0
 

Author Comment

by:WellingtonIS
ID: 40570639
I do that then it pops up another screen and that where it just sits
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40570742
Maybe the device is defect, as you mentioned already that it's quite old. Not only that, you probably can't update the software anyway, making this device a security risk. Why even bother?
0
 

Author Comment

by:WellingtonIS
ID: 40570841
I'm bothering because I need to look at the settings on the device.  I have tunnels on there that I need to move to my ASA.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40571263
Serial port available?
0
 

Author Comment

by:WellingtonIS
ID: 40571271
Not sure but you think I can access the GUI via the serial Port?
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40571274
Definitely not, the serial port is purely for the text based flat file configuration information.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:WellingtonIS
ID: 40571282
I can telnet in too.  its just easier to see the site to site VPN with the GUI  that's what I'm trying to accomplish
0
 

Author Comment

by:WellingtonIS
ID: 40571352
OK is there away that I can enable this so I can use ASDM software?
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40572269
No, telnet is pure text based.
Did you try with another pc/laptop to connect (again, using multiple browsers/java versions). The problem right now is that it hangs, while with a normal working device and pc, it should not hang, and always tell you why it stops (even if the browser lets you through, Java security can also block things, but still give you prompts).
0
 

Author Comment

by:WellingtonIS
ID: 40572538
I have only so far tried 2 machines.  My own and an old server.  But I'll try other options thanks.
0
 
LVL 35

Accepted Solution

by:
Kimputer earned 500 total points
ID: 40572547
If you have a good new working PC, and it also hangs, it's because the Cisco device is not serving the files needed. In that case I'm afraid you'll get nowhere with the GUI, and you have to use the text config to transfer the settings (which isn't a bad thing, as the GUI picks up this same info, it just shows it a bit differently.
0
 

Author Comment

by:WellingtonIS
ID: 40572551
it telling me my certificate is invalid and even though I'm accepting everything it still will not load.
0
 

Author Comment

by:WellingtonIS
ID: 40572641
Is there anyway to view the Certificate via command line on the PIX?
0
 
LVL 35

Assisted Solution

by:Kimputer
Kimputer earned 500 total points
ID: 40572661
Sadly, not that I'm aware of (I'm assuming you mean edit, as viewing certificates can already be done in the browser).
0
 

Author Closing Comment

by:WellingtonIS
ID: 40605626
Thanks I had to use telent there's no way to make this work.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now