PIX 515: Factory default has stopped the PIX working

I reset a PIX 515 back to default factory settings, previously I had used ASDM to connect.

However now I cannot connect via ASDM or ping the PIX. Both of which I previously had been able to do prior to resettig to factory default settings.

I enabled ICMP to try pinging but to no avail.

My config is as shown below, could anyone see why I cannot connect?

PIX Version 7.0(1) names ! interface Ethernet0 speed 100 duplex full nameif outside security-level 0 ip address dhcp setroute ! interface Ethernet1 nameif inside security-level 100 ip address ! enable password 8Ry2YjIyt7RRXU24 encrypted passwd 2KFQnbNIdI.2KYOU encrypted hostname pixfirewall ftp mode passive access-list acl_out extended permit icmp any any pager lines 24 logging buffered debugging logging asdm informational mtu inside 1500 no failover monitor-interface outside monitor-interface inside asdm image flash:/asdm-501.bin no asdm history enable arp timeout 14400 access-group acl_out in interface outside timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute http server enable http inside no snmp-server location no snmp-server contact snmp-server enable traps snmp telnet timeout 5 ssh timeout 5 console timeout 0 dhcpd address inside dhcpd lease 3600 ! class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class inspection_default inspect dns maximum-length 512 inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp


Reply to
Loading thread data ...

Did you generate a new CA ? Factory default would reset the hostname and ssh / ssl access depends upon the key matching properly.

There were a number of bugs fixed after 7.0(1).

I notice your configuration has no 'icmp' command, but the default is to permit ping, so that shouldn't be the answer, in theory.

Reply to
Walter Roberson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.