1. Home
  2. Cisco Systems
  3. Why am I a t**t? PIX related incident!

Why am I a t**t? PIX related incident!

Hi all

When you do something good you should always be rewarded, even if it's just a nice warm feeling inside!

On the other hand when you do something bad you should be punished and I am officialy punishing myself by posting this message...

Tonight I connected to my work network via a Cisco VPN client through a Cisco 515E PIX (This is managed by a third party supplier)... So I thought I would be a clever t%*t and change the domain name in the PIX... If this wasn't enough I decided to relod the PIX when it warned me that the encryption was no longer valid.

After rebooting it I realised that the failover PIX would kick in...

Now I can't get into my network and fix my errors! It's ok because I don't have a boss (what I mean is it is my PIX), obviously I have a boss - everybody has a boss!

The problem is I'm not sure if I can get into the box locally tomorrow and change the domain name back and reboot the two boxes or do I have to punish myself even more and phone the supplier that looks after the PIX and admit what a t%*t I am? Eat humble pie or fix the error?

Feel free to call me a t$*t... or you could help me! Will this be sorted when I change the domain name back?

Thanks.

Reply to
Marraboy
Loading thread data ...

In article , Marraboy wrote: :Tonight I connected to my work network via a Cisco VPN client through a :Cisco 515E PIX (This is managed by a third party supplier)... So I :thought I would be a clever t%*t and change the domain name in the :PIX... If this wasn't enough I decided to relod the PIX when it warned :me that the encryption was no longer valid.

:The problem is I'm not sure if I can get into the box locally tomorrow :and change the domain name back and reboot the two boxes or do I have :to punish myself even more and phone the supplier that looks after the :PIX and admit what a t%*t I am? Eat humble pie or fix the error?

If you have physical access to the PIX, and you have enough privilege to change the hostname in the first place, then you can connect a serial cable to the console port, connect to it at 9600, and use that to change the hostname.

Changing the hostname back will not solve the problem. Change the hostname to whatever you want, then ca generate rsa key 1024 then ca save all That will generate and save a new RSA key (you can't get the old one back) suitable for ssh use.

If you are using digital certificates instead of preshared keys, then you might have to take extra steps, and you would likely have to change the hostname back to what it was. In this situation, you

-might- perhaps need to re-enroll the PIX... I haven't configured any certificates so I don't know what exactly is involved.

Reply to
Walter Roberson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.