trouble on password recovery of old pix 501

Unanswered Question
Jan 27th, 2010

Hello, thanks in advance

I have an old pix 501 and lost the passwords - i follow the password recover tutorial from cisco, but the firewall do not work properly.

First, I see the BIOS version on this screen : Cisco Secure PIX Firewall BIOS (4.2) #6: Mon Aug 27 15:09:54 PDT 2001

as i can supose - the BIOS version is 4.2.

Then I proceed the download of nppix.bin file as suggest. After uploaded by tftp, the screen of terminal freeze on this message.


monitor> tftp

tftp [email protected]........................................................

Received 110592 bytes


The firewall don't ask to me by to "erase all passwords". It's just freeze.

So, i don't have idea on what to do ! anybody suggest anyting ?

Sorry by bad english.

*passwor recover tutorial link is:

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Kureli Sankar Wed, 01/27/2010 - 18:18

Did you try to ping?

Did you follow all the steps?

  1. Install a serial terminal or a PC with terminal emulation software             on the PIX console port.

  2. Verify that you have a connection with the PIX, and that characters             are going from the terminal to the PIX, and from the PIX to the terminal.

    Note: Because you are locked out, you only see a password                 prompt.

  3. Immediately after you power on the PIX Firewall and the startup             messages appear, send a BREAK character or press the             ESC key. The monitor> prompt             is displayed. If needed, type ? (question mark) to list the             available commands.

  4. Use the interface command to specify             which interface the ping traffic should use. For floppiless PIXes with only two             interfaces, the monitor command defaults to the             inside interface.

  5. Use the address command to specify the             IP address of the PIX Firewall's interface.

  6. Use the server command to specify the IP             address of the remote TFTP server containing the PIX password recovery file.

  7. Use the file command to specify the             filename of the PIX password recovery file. For example, the 5.1 release uses a             file named np51.bin.

  8. If needed, enter the gateway command to             specify the IP address of a router gateway through which the server is             accessible.

  9. If needed, use the ping command to             verify accessibility. If this command fails, fix access to the server before             continuing.

  10. Use the tftp command to start the             download.

  11. As the password recovery file loads, this message is displayed:

    Do you wish to erase the passwords? [yn] y 
    Passwords have been erased.

    Note: If there are Telnet or console aaa                 authentication commands in version 6.2, the system also prompts                 to remove these.

  12. The default Telnet password after this process is "cisco." There is             no default enable password. Go into configuration mode and issue the             passwd your_password command             to change your Telnet password and the enable password             your_enable_password command to create an             enable password, and then save your configuration.


jose_aof01 Thu, 01/28/2010 - 08:44


I understand my fail !!!

i see the version of my firewall on wrong screen! - the correct version is 6.3 and i found this vaule on screen after flash boot.



This Discussion