09-29-2010 10:04 PM - edited 03-11-2019 11:47 AM
Hi.. i'm facing a problem with my PIX515E with FO license. Each time my firewall reboot, my crypto key for ssh is gone hence i'm unable to use ssh as my remote access method. Is it part of PIX515E FO license limitation? appreciate that someone can give me an answer. thanks.
09-29-2010 10:09 PM
What version is your PIX firewall?
If it's version 6.3 and earlier: "ca save all" on the failover PIX, as that will save the key.
If it's version 7.0 and later: "wr mem" on the failover PIX, as that will save the key.
Hope that helps.
09-29-2010 10:27 PM
It is PIX version 8.0(4)
generate crypto key by using command "crypto key generate rsa modulus 1024".
I did write memory but the problem still persist.
any different between"write" command and "write memory" command? usually, i just type "wr" to save the config.
09-29-2010 10:37 PM
"wr" and "wr mem" is the same command.
Do you perform "wr" on the Active firewall, or on both Active and Standby firewall?
09-29-2010 10:39 PM
Hi... my Active firewall is faulty and will take some time for me to source for a new PIX unless i migrate it to ASA5500.. currently, my FO PIX is running as standalone..
09-30-2010 12:51 AM
FYI - PIX515E is also already EOL, so depending on whether you have smartnet contract already for the faulty device or not. If you don't have smartnet for the faulty device, you can't get replacement for the PIX515E anymore. If you have existing smartnet contract, then you can get the faulty PIX RMA.
Here is the EOL notification for your reference:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_eol_notice0900aecd8073fa36.html
You might want to consider migrating to ASA firewall anyway.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide