topic Re: a pix cannot be that silly! in Network Security

a pix cannot be that silly!

Males — Fri, 21 Feb 2020 07:37:16 GMT

Hey you guys,

I'm trying to get a pix which had a previous config to "recover" and let me in via console. There was an ACS service set up on it (as I said, it used to be standby, more precisely for the one we have in production right now). However I got it out of there thinking I would be able to login via console ...not.

I haven't found any such thing as a recovery procedure (remember how it's done on other CCO devices). So of course to make things work quickly I'll plug it back in prod, but I am still convinced there is a way to work around this issue...

Any ideas?

Re: a pix cannot be that silly!

piseli — Wed, 08 Sep 2004 15:29:01 GMT

Do you have a backup of your configuration to figure out how your device is setup ?

There might be, depending on the configuration, a local account with username password to login into the PIX.

But It is possible that your Admin blocked all access including console access, telnet and ssh and you need to have an ACS account to login.

Anyway password recovery is on this web site:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a008009478b.shtml

sincerly

Patrick

Re: a pix cannot be that silly!

Males — Wed, 08 Sep 2004 19:37:08 GMT

hey,

Thanks for the tip, but for some reason I couldn't tftp the file. So I plugged it back (not a problem since it was still standby) and took out the "aaa authentication enable console TACACS+". At first I did try to set the auth to local but it wouldn't work. When I took out the statement completely, I was prompted for the local pass I had set.

Go figure.

In any case, thanks for the info...