PIX 515e

j.conceicao · ‎06-08-2009

Hi there,

I have at my lab a Cisco PIX 515e (failover) and it boot every 24 hours. The strange thing is every time it boots (automatic or forced one) it misses the remote access via ssh, and I have to go to the console and re-enter the "cry key gen rsa" command. Does anyone have any idea? Thanks in Advance.

Jonas

Jon Marshall · ‎06-08-2009

Jonas

After you generate the key are you then using this command -

pix# ca save all

this command writes the keys to persistent memory on the pix so it should be available after a reload.

Jon

j.conceicao · ‎06-09-2009

Hi Jon,

Thanks for your help.

This command does exist anymore. I just use the write command, but it doesn't save the generated key at all. Anything else that I could do? Thanks again.

----

MaxiFire(config)# ca save all

WARNING: the 'ca' command syntax has been deprecated

CA root certificates, device certificates, and RSA key pairs are now saved by issuing a 'write mem'

----

Jonas

srue · ‎06-09-2009

if it only has a failover license but it not actually a memeber of a failover pair, it probably won't be able to save these locally.

j.conceicao · ‎06-09-2009

Hi Srue,

Hmmm, why only the ca key? All the configuration remains...

Jonas