PIX 535 Firewall Password Recovery Procedure Fails

Unanswered Question
Apr 1st, 2010

I have a PIX 535 Firewall pair (Version 4.3) where we forgot the password. I am utilizing the Password Recovery Procedure found here: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a008009478b.shtml#sample. I am utilizing the management port through hyper terminal. I D/L the correct .bin file (nppix.bin) for the BIOS version 4.3. I have a ethernet cable connected from the laptop to the eth0 port on the PIX for the TFTP.


After configuring the interface, address, server, and file name in monitor mode, I am successful in getting the PIX to TFTP the file over. Once the file is transfered, I do not get the password recovery display message asking me to erase the passwords. Once the file transfers, it seems to just hang where the "received xxxxxxx bytes" is displayed.


This is what I see:

-----------------------------------------------------------------------------------------------------------------------------------------------------------------

Using 0: i82559 @ PCI(bus:0 dev:13 irq:10), MAC: 
monitor>address *.*.*.*
address *.*.*.*
monitor>server *.*.*.*
server *.*.*.*
monitor>file nppix.bin
file np52.bin
monitor>ping *.*.*.*
Sending 5, 100-byte 0xf8d3 ICMP Echoes to *.*.*.*, timeout is 4 seconds:
!!!!!
Success rate is 100 percent (5/5)
monitor>tftp
tftp nppix.bin@*.*.*.* via *.*.*.*...................................
...............................................................
.......
Received 110592 bytes
------------------------------------------------------------------------------------
That is it. It just hangs here. I do not receive the following message at all.

"Do you wish to erase the passwords? [yn] y
Passwords have been erased."

Anyone have any suggestions on why these devices are not taking the password recovery? Could this be caused
by maxing out the flash memory and there is not enough space to perform the load? Any guidance could help. 

Thanks.
 

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Thu, 04/01/2010 - 09:47

Hi Joe, this is a tough  one...     I would suggest to try the other unit , if you get similar results , try usin a fresh downloaded .bin file ,  ensure prior  transfering the .bin from tftp to pix  that  that NIC settings duplex/speed in PC/Laptop  are the same as with PIX ..  I would doubt trying with other unit to have same results..  but give that a try.


Regards

Actions

This Discussion

Related Content