PIX 515e

Unanswered Question
Jun 8th, 2009
User Badges:

Hi there,

I have at my lab a Cisco PIX 515e (failover) and it boot every 24 hours. The strange thing is every time it boots (automatic or forced one) it misses the remote access via ssh, and I have to go to the console and re-enter the "cry key gen rsa" command. Does anyone have any idea? Thanks in Advance.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Mon, 06/08/2009 - 13:12
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


After you generate the key are you then using this command -

pix# ca save all

this command writes the keys to persistent memory on the pix so it should be available after a reload.


j.conceicao Tue, 06/09/2009 - 05:01
User Badges:

Hi Jon,

Thanks for your help.

This command does exist anymore. I just use the write command, but it doesn't save the generated key at all. Anything else that I could do? Thanks again.


MaxiFire(config)# ca save all

WARNING: the 'ca' command syntax has been deprecated

CA root certificates, device certificates, and RSA key pairs are now saved by issuing a 'write mem'



srue Tue, 06/09/2009 - 06:15
User Badges:
  • Blue, 1500 points or more

if it only has a failover license but it not actually a memeber of a failover pair, it probably won't be able to save these locally.

j.conceicao Tue, 06/09/2009 - 07:07
User Badges:

Hi Srue,

Hmmm, why only the ca key? All the configuration remains...



This Discussion