cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
73686
Views
10
Helpful
12
Replies

Cisco PIX 515E Firewall Factory Reset?

CCB
Level 1
Level 1

Hi,

Im connecting to my firewall through the console port, and need to know how to reset it to factory defaults. I have looked around online and can not see any reference on how to do this.

Any help would be much appreciated thanks.

12 Replies 12

varrao
Level 10
Level 10

Hi Jeff,

You would need to use the command:

configure factory-default

This will take the device to factory defaults.

Here is the config guide:

http://www.cisco.com/en/US/customer/docs/security/pix/pix63/command/reference/c.html#wp1055799

Hope this helps

Thanks,

Varun

object network tests
range 1.1.1.1-1.1.1.20

object network test1
host 192.168.1.1
nat (inside,outside) dynamic tests Configure configure factory-=
Thanks,
Varun Rao

Hi Varun,

Thanks for a fast response,

I just gave that a try but the unit is not understanding the command 'configure factory-default', and reading online it looks as though the 515e model does not support that particular command.

any other ideas would be greatly appreciated?

Hi Jeff,

the command is not applicable for PIX 515E;

On the PIX 501 and PIX 506/506E, the configure factory-default command  reinstates the factory default configuration. (This command is not  supported on other PIX Firewall platforms at this time.)  Use this  command carefully because, before reinstating the factory default  configuration, this command has the same effect as the clear configure all command; it clears all existing configuration information.

With no options specified, the configure factory-default command gives a default IP address of  192.168.1.1, and a netmask of 255.255.255.0, to the PIX Firewall inside interface.

With the configure factory-default  ip-address command, if you specify an inside IP address but no netmask, the  default address mask is derived from the specified IP address and is  based on the IP address class.

With the configure factory-default ip-address netmask command, the specified IP address and netmask are assigned to PIX inside interface.

The DHCP pool size under the factory default configuration is as follows:

For  the PIX 501, either a 10-user license that is limited to a pool size of  32 addresses, or a 50-user license is limited to a pool size of 128  addresses.

The PIX 506/506E is limited to a pool size of 256 addresses.

Could you explain the reason, why you want to set it to factory default????

Thanks,

Varun

Thanks,
Varun Rao

Thanks Varun,

Im trying to remove some un-needed data, and start everything from fresh.

So what do you think my best option would be in order for me to reset this unit, ive really hit a dead end here.

thanks for you assistance so far it is much appreciated.

Hi,

Here is the response from Cisco support forum - Jennifer Halim,

Here is the password recovery procedure:

http://www.cisco.com/en/US/docs/security/asa/asa70/configuration/guide/trouble.html#wp1049417

You would need to know what is the version of PIX to download corresponding password recovery binary file:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a008009478b.shtml

If you perform the password recovery, you do not need to reconfigure the PIX firewall.

Hope that helps.

aboutnetwork

hi,

thanks I had a look at your links but im pretty sure that this unit does not have a rommon mode, as when break or esc is pushed during startup i get shown the 'monitor' pre command.

As shown below

CISCO SYSTEMS PIX FIREWALL
Embedded BIOS Version 4.3.207 01/02/02 16:12:22.73
Compiled by morlee
128 MB RAM

PCI Device Table.
Bus Dev Func VendID DevID Class              Irq
00  00  00   8086   7192  Host Bridge
00  07  00   8086   7110  ISA Bridge
00  07  01   8086   7111  IDE Controller
00  07  02   8086   7112  Serial Bus         9
00  07  03   8086   7113  PCI Bridge
00  0D  00   8086   1209  Ethernet           11
00  0E  00   8086   1209  Ethernet           10
00  11  00   14E4   5823  Co-Processor       11
00  13  00   8086   B154  PCI-to-PCI Bridge
01  04  00   8086   1229  Ethernet           11
01  05  00   8086   1229  Ethernet           10
01  06  00   8086   1229  Ethernet           9
01  07  00   8086   1229  Ethernet           5

Cisco Secure PIX Firewall BIOS (4.2) #0: Mon Dec 31 08:34:35 PST 2001
Platform PIX-515E
System Flash=E28F128J3 @ 0xfff00000

Use BREAK or ESC to interrupt flash boot.
Use SPACE to begin flash boot immediately.
Flash boot interrupted.
0: i8255X @ PCI(bus:0 dev:14 irq:10)
1: i8255X @ PCI(bus:0 dev:13 irq:11)

Ethernet auto negotiation timed out.
Ethernet port 1 could not be initialized.
Use ? for help.
monitor>

.

perhaps 'monitor' and 'rommon' have the same functions as eachother but the rommon commands are not working with the monitor mode.

If anyone could shed some light on how i could reset the password or reset the entire unit to factory defaults it would be a great help.

thanks,

Just issue "write erase" and "reload" do not save the config when prompted.

It will wipe all the configuration and you can start from scratch.

-KS

Hi Poonguzhali,

Thanks for your reply

Sorry to ask, the answer is probably staring me in the face, but where do i enter this command as i have tried it after the initial boot at my 'pixfirewall' prompt and also after my 'monitor' prompt with no success.

Thanks,

I am assuming that you are able to get to the "#" prompt.

PIX# conf t

PIX(config)# write erase

Erase configuration in flash memory? [confirm]

[OK]

PIX(config)# reload

System config has been modified. Save? [Y]es/[N]o:  No

-KS

1. What is the console parameters? Is it the same as other switch?

 

2. If i am unable to console, any ways to hard reset to remove the configurations?

r-reed
Level 1
Level 1

This link will show you how to load an image from the monitor mode you appear to be in.  Hope it helps.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094a5d.shtml#faulty

Brendon Bell
Level 1
Level 1

I have been asked to reset to factory default 2 Cisco Pix 515E for a customer to repurpose them within their network.

I am unfortunately unfamiliar with the Cisco Pix having spent all my time on routers and switches.

So far, I have been able to boot it into monitor mode (the Pix equivalent of RomMon).

I cannot use the password recovery tool as I do not know what PIX software version the device is running, to download the appropriate binary file.

Does this:

Cisco Secure PIX Firewall BIOS (4.2)

Mean that I need to use this:

nppix.bin

(4.3 and earlier releases)

Any help would be appreciated.

Thanks,

Brendon.

Review Cisco Networking for a $25 gift card