08-27-2012 02:44 PM - edited 02-21-2020 04:43 AM
I have been trying to get a PIX 501 firewall reset and have been having the hardest time. Im a student and this is my first experience with a firewall. I have been going through the steps here
I cant seem to connect to the tftp server, I have several nic's on my computer and tried them both and even plugged the firewall to the router and tried to use the gateway to help me connect but it doesnt seem to want to even ping for me.
I configured my NIC card to static 192.168.1.1 subnet 255.255.255.0
the address of the pix to 192.168.1.2
set the server as 192.168.1.1
file np63.bin
tried interface 0 and 1
the tftp im using came from http://tftpd32.jounin.net and is also set to 192.168.1.1
i get
Sending 5, 100-byte 0x18a3 ICMP Echoes to 192.168.1.1, timeout is 4 seconds:
Success rate is 0 percent (0/5)
when i use the router I set the routers ip to 192.168.1.1 and the NIC to 192.168.1.15 and the firewall to 192.168.1.20
try both interfaces and no connection. I have tried the ethernet cable plugged in on both the 0 and 1 interface on the external ports but still nothing.
does anyone have any ideas?
Solved! Go to Solution.
08-28-2012 06:43 PM
Hi Bro
What you have done is correct, as shown below;
monitor>interface 0
monitor>address 192.168.1.2
monitor>server 192.168.1.1
monitor>file np63.bin
monitor>gateway 192.168.1.2
monitor>ping 192.168.1.2
monitor>tftp
Do you wish to erase the passwords? [yn] y
Passwords have been erased.
Rebooting....
My guess is either you didn't connect to Ethernet0/0 when you were do the above-mentioned steps or your laptop's Windows's Firewall is turned on.
08-28-2012 08:52 PM
08-28-2012 06:43 PM
Hi Bro
What you have done is correct, as shown below;
monitor>interface 0
monitor>address 192.168.1.2
monitor>server 192.168.1.1
monitor>file np63.bin
monitor>gateway 192.168.1.2
monitor>ping 192.168.1.2
monitor>tftp
Do you wish to erase the passwords? [yn] y
Passwords have been erased.
Rebooting....
My guess is either you didn't connect to Ethernet0/0 when you were do the above-mentioned steps or your laptop's Windows's Firewall is turned on.
08-28-2012 08:08 PM
I have disabled the firewall via the services management console.
I hooked the firewall to my router and here are the commands I used
CISCO SYSTEMS PIX-501
Embedded BIOS Version 4.3.200 07/31/01 15:58:22.08
Compiled by morlee
16 MB RAM
PCI Device Table.
Bus Dev Func VendID DevID Class Irq
00 00 00 1022 3000 Host Bridge
00 11 00 8086 1209 Ethernet 9
00 12 00 8086 1209 Ethernet 10
Cisco Secure PIX Firewall BIOS (4.2) #6: Mon Aug 27 15:09:54 PDT 2001
Platform PIX-501
Flash=E28F640J3 @ 0x3000000
Use BREAK or ESC to interrupt flash boot.
Use SPACE to begin flash boot immediately.
Flash boot interrupted.
0: i8255X @ PCI(bus:0 dev:17 irq:9 )
1: i8255X @ PCI(bus:0 dev:18 irq:10)
Using 1: i82557 @ PCI(bus:0 dev:18 irq:10), MAC: 000f.8f6f.d11f
Use ? for help.
monitor> int 0
0: i8255X @ PCI(bus:0 dev:17 irq:9 )
1: i8255X @ PCI(bus:0 dev:18 irq:10)
Using 0: i82557 @ PCI(bus:0 dev:17 irq:9 ), MAC: 000f.8f6f.d11e
monitor> add 192.168.1.10
address 192.168.1.10
monitor> server 192.168.1.6
server 192.168.1.6
monitor> gate 192.168.1.1
gateway 192.168.1.1
monitor> ping 192.168.1.1
Sending 5, 100-byte 0xb887 ICMP Echoes to 192.168.1.1, timeout is 4 seconds:
!!!
Success rate is 60 percent (3/5)
monitor> ping 192.168.1.6
Sending 5, 100-byte 0xb888 ICMP Echoes to 192.168.1.6, timeout is 4 seconds:
Success rate is 0 percent (0/5)
monitor> 192.168.1.1
Invalid or incorrect command. Use 'help' for help.
monitor> ping 192.168.1.1
Sending 5, 100-byte 0xb889 ICMP Echoes to 192.168.1.1, timeout is 4 seconds:
!!!!!
Success rate is 100 percent (5/5)
monitor> ping 192.168.1.1
Sending 5, 100-byte 0xb88a ICMP Echoes to 192.168.1.1, timeout is 4 seconds:
!!!!!
Success rate is 100 percent (5/5)
monitor> ping 192.168.1.6
Sending 5, 100-byte 0xb88b ICMP Echoes to 192.168.1.6, timeout is 4 seconds:
Success rate is 0 percent (0/5)
monitor> ping 192.168.1.6
Sending 5, 100-byte 0xb88c ICMP Echoes to 192.168.1.6, timeout is 4 seconds:
Success rate is 0 percent (0/5)
monitor>
My IP address on my PC is 192.168.1.6
The Router IP is 192.168.1.1
and obviously I set the FW to 192.168.1.10 to prevent DHCP from using that address
now I know the firewall service is disabled also.
I do see connectivity lights blinking on the front of the pix too. I have it plugged into the 0 port also.
Im not sure what else to do really.
08-28-2012 08:52 PM
Can you use another PC?
08-29-2012 08:08 PM
using a laptop to serve the TFTP seemed to do the trick. Im guessing that something with all the virtual NIC devices and the three installed physical ones created a problem somewhere in windows. but thank you for helping, always nice to have a community
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide