cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
823
Views
0
Helpful
6
Replies

How reset password on offline pix501?

noleander1
Level 1
Level 1

Hi.  I bought a used Pix501 firewall.  The seller does not have the password.   I've read the instructions at

http://www-tss.cisco.com/eservice/compass/common/activities/password_PIX.htm#sample   but I cannot get them to work.   I have a PC with HyperTerminal and TFTP server on it.   The PC is connected to the Pix501 with a console cable, and I can communicate with the Pix501 (Break during startup;  see the "monitor" command).    My issue is with the ethernet connection:   I need to get a working ethernet to the Pix501.  I've tried connecting the Pix501 to my LinkSys router, but that is not working:  the router does not acknowledge the existence of the Pix501; and  the ping command (from Pix501 to the PC) times out.   The Pix501 is not configured yet:  putting it in the middle of my network as a router will cause everything to stop.  It can only exist (now) as a standalone, isolated host.   So my question is: how can I get an ethernet-IP address for the Pix501?   Does the ethernet cable go into the Pix501 outside or inside port?   Can I directly connect the Pix501 ethernet to my PC ethernet?   Is there anyway to upload the password reset file thru the serial/console port?

6 Replies 6

You would connet the ASA directly to your PC.  You would then need to configure an IP on your PC that is within the subnet configured on the ASA.

once you do this, you should be able to ping the PC from the ASA.  Now you can start the file transfer.

--

Please rate all helpful posts

--
Please remember to select a correct answer and rate helpful posts

Marius:  thanks for the idea.   I'll give it a try.  Question:   How can I find out what the IP addresses of the Pix501 are?   I cannot log into it ("enable" command)  to do a "show ip"  command to see what IP address ranges it has internally defined.   Is there a way I can find the Pix501 IP address from the "monitor" prompt  I get when breaking during the bootup?

If you followed the password recovery in the link you have in the original post then the ASA IP would be 10.21.1.99.

Then you would configure the server as IP 10.21.1.2 255.255.255.0 ( this will be your PC, I am assuming the ASA will assign a /24 subnet mask even though you don't configure it manually).  Make sure you configure you PC with this IP.  Now you should have connectivity between the two, and you should be able to initiate the file transfer.

Is there a way I can find the Pix501 IP address from the "monitor" prompt  I get when breaking during the bootup?

monitor> address 10.21.1.99

--
Please remember to select a correct answer and rate helpful posts

Did you manage to get this sorted, do you require any more assistance?

Please rate helpful posts!

--
Please remember to select a correct answer and rate helpful posts

No, I was not able to reset the password.   I tried everything:  As you suggested, I connected the Pix501 directly to the PC (rather than going via the router) and yet I was never able to get the ethernet connection working:  I could not ping the PC from the Pix501 (or vice versa).   The serial connection worked great, but that alone is not enough to load the reset file into the Pix501.   I don't see how someone could design a box like this and require _two_ connections to reset to factory startup state. If the customer needs to do this, the customer is obviously desparate -  perhaps in a time criticall situation, and the reset procedure should only require a single connection, preferably the serial line.   Many devices just have a button you press & hold for 10 seconds.  Too risky?  Fine, require the serial line and a special file download.  But _two_ communication lines?  that is excessive.

I'm just going to drop the Pix501 .. it is very user-unfriendly.

But the responses here were helpful:  I'll mark the top grades.  Thanks for your input!

did you remember to turn off your PCs firewall when youpinged from the pix?

--
Please remember to select a correct answer and rate helpful posts
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: