Reset Cisco PIX Firewall 515e

Unanswered Question
Jennifer Halim Wed, 04/07/2010 - 06:07

Here is the password recovery procedure:

You would need to know what is the version of PIX to download corresponding password recovery binary file:

If you perform the password recovery, you do not need to reconfigure the PIX firewall.

Hope that helps.

JORGE RODRIGUEZ Wed, 04/07/2010 - 07:59

There are couple of methods to wipe out device configuration,  either use pix(config)# write erase, or use configure factory-default parameter under global configuration  see both links bellow.

PIX code 7.x - factory-default

PIX code 6.x  - factory-default


It works!

Now I'm at the point to start using Cisco ASDM and its not letting me connect to the firewall. I prefer using the GUI to configure all security policies than using command prompt.

However, as I mentioned above, it is not letting me connect. it keeps giving me an error "Unable to launch device manager from"

Any ideas?

francisco_1 Wed, 04/07/2010 - 09:20

you need to permit http connection

http server enable

http inside

francisco_1 Wed, 04/07/2010 - 09:50

sounds like asdm image is not loaded.

can you post "sh asdm image" and "show flash" and "show version"

LVCLC-FW# sh flash

flash file system:  version:3  magic:0x12345679

  file 0: origin:       0 length:1978424

  file 1: origin: 2097152 length:2377

  file 2: origin: 2621440 length:1928

  file 3: origin:       0 length:0

  file 4: origin:       0 length:0

  file 5: origin: 8257536 length:308

LVCLC-FW# sh asdm image

Type help or '?' for a list of available commands.

LVCLC-FW# sh version

Cisco PIX Firewall Version 6.3(5)

Compiled on Thu 04-Aug-05 21:40 by morlee

LVCLC-FW up 1 hour 21 mins

Hardware:   PIX-515, 64 MB RAM, CPU Pentium 200 MHz

Flash i28F640J5 @ 0x300, 16MB

BIOS Flash AT29C257 @ 0xfffd8000, 32KB

0: ethernet0: address is 0003.6bf6.ed00, irq 11

1: ethernet1: address is 0003.6bf6.ed01, irq 10

2: ethernet2: address is 00e0.b604.7c8d, irq 9

3: ethernet3: address is 00e0.b604.7c8c, irq 9

4: ethernet4: address is 00e0.b604.7c8b, irq 9

5: ethernet5: address is 00e0.b604.7c8a, irq 9

Licensed Features:

Failover:                    Enabled

VPN-DES:                     Enabled

VPN-3DES-AES:                Enabled

Maximum Physical Interfaces: 6

Maximum Interfaces:          10

Cut-through Proxy:           Enabled

Guards:                      Enabled

URL-filtering:               Enabled

Inside Hosts:                Unlimited

Throughput:                  Unlimited

IKE peers:                   Unlimited

This PIX has an Unrestricted (UR) license.

Serial Number: 405442124 (0x182a8e4c)

Configuration last modified by enable_15 at 12:58:09.171 UTC Wed Apr 7 2010


francisco_1 Wed, 04/07/2010 - 10:50

you are using Cisco PIX Firewall Version 6.3(5). you need to use instead the PDM (PIX Device Manager)  not ASDM to connect to web GUI. To run ASDM on your PIX, you need to have minimum i believe PIX OS version 7.0.

After going thru all this trouble, is not easier just to create the rules thru command prompt?  Basically, here is what needs to be acomplished,

internal networks:

both needs to be able to search internet websites, browse, and connect to other remote networks (ex.

On the other hand, a remote network (ex. needs to have access to internal network

Can you provide an example?


francisco_1 Thu, 04/08/2010 - 03:56

The config below should allow you to access the internet at least.

nameif ethernet0 outside security0  (This the outside interface)
nameif ethernet1 inside security100
ip address outside **  (Enter your Public IP Provided by your ISP)

ip address inside 192.168.*.* (Enter your Inside IP)
pdm location inside
global (outside) 1 interface 
nat (inside) 1 0 0
access-group acl_inside in interface inside
route outside *** (** This should be your ISP router)
http server enable
http 192.168.*.* inside  (*** subnet to manage Web GUI on PIX)
access-list acl_inside permit ip any any

Make sure have a route to the PIX.




This Discussion