Hi there...
I'm sure to be not the first person asking...
I've obtained a seconad hand Cisco PIX 501 and want to restore the factory defaults. The previous owner had installed the device with a password that i don't know
Any help ???? I have connected the device with a console cable
Thanx
Johan
On 11.06.2006 11:18 Johan wrote
Visit
Easy, ain't it?
Hi Johan,
To reset the PIX Firewall to factory default, log into the PIX, erase the configuration and reload the device.
Perform these 3 steps:
Step 1. Log in to the PIX Firewall.
This requires knowledge of the current passwords configured on the PIX Firewall.
If you do not know the passwords configured on the PIX Firewall, perform a password recovery procedure.
Password Recovery and AAA Configuration Recovery Procedure for the PIX
clear config all
The PIX Firewall should reset to factory default.
---------------------------------------------------------------------
Sometimes it is necessary to clear an existing configuration on a PIX to either move it to a new location for a different use or to make it perform properly.
In either case, it is important to understand the command necessary to do this and the impact that it has on performance.
Before you begin this process on an active network, save the existing configuration on your PIX to a TFTP server.
This allows you to retrieve the configuration file if needed.
When the write erase command
However, until the PIX is reloaded, it continues to perform using that configuration.
Once the PIX is reloaded, the configuration returns to this set of default commands:
nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password 8Ry2YjIyt7RRXU24 encrypted passwd 2KFQnbNIdI.2KYOU encrypted hostname pixfirewall fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol ils 389 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 fixup protocol skinny 2000 names no pager interface ethernet0 10full interface ethernet1 10full mtu outside 1500 mtu inside 1500 ip address outside 127.0.0.1 255.255.255.255 ip address inside 127.0.0.1 255.255.255.255 ip audit info action alarm ip audit attack action alarm pdm history enable arp timeout 14400 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323
0:05:00 si p 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius aaa-server LOCAL protocol local no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable no sysopt route dnat telnet timeout 5 ssh timeout 5 terminal width 80Only the password commands remain.
This allows you continued access into the device.
If the passwords are unknown, a password recovery is necessary.
Use the PIX Password Utility to reset the password in the configuration.
For details and step-by-step instructions, refer to:
Password Recovery and AAA Configuration Recovery Procedure for the PIX
Hope this helps.
Brad Reese BradReese.Com - Cisco Network Engineer Directory
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.