cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4037
Views
0
Helpful
4
Replies

PIX 501 reset help

JJackel84
Level 1
Level 1

I have been trying to get a PIX 501 firewall reset and have been having the hardest time. Im a student and this is my first experience with a firewall. I have been going through the steps here

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a008009478b.shtml

I cant seem to connect to the tftp server, I have several nic's on my computer and tried them both and even plugged the firewall to the router and tried to use the gateway to help me connect but it doesnt seem to want to even ping for me.

I configured my NIC card to static 192.168.1.1 subnet 255.255.255.0

the address of the pix to 192.168.1.2

set the server as 192.168.1.1

file np63.bin

tried interface 0 and 1

the tftp im using came from http://tftpd32.jounin.net and is also set to 192.168.1.1

i get

Sending 5, 100-byte 0x18a3 ICMP Echoes to 192.168.1.1, timeout is 4 seconds:

Success rate is 0 percent (0/5)

when i use the router I set the routers ip to 192.168.1.1 and the NIC to 192.168.1.15 and the firewall to 192.168.1.20

try both interfaces and no connection. I have tried the ethernet cable plugged in on both the 0 and 1 interface on the external ports but still nothing.

does anyone have any ideas?

2 Accepted Solutions

Accepted Solutions

Hi Bro

What you have done is correct, as shown below;

monitor>interface 0
monitor>address 192.168.1.2
monitor>server 192.168.1.1
monitor>file np63.bin
monitor>gateway 192.168.1.2

monitor>ping 192.168.1.2

monitor>tftp

Do you wish to erase the passwords? [yn] y
Passwords have been erased.

Rebooting....

My guess is either you didn't connect to Ethernet0/0 when you were do the above-mentioned steps or your laptop's Windows's Firewall is turned on.

Warm regards,
Ramraj Sivagnanam Sivajanam

View solution in original post

Can you use another PC?

Warm regards,
Ramraj Sivagnanam Sivajanam

View solution in original post

4 Replies 4

Hi Bro

What you have done is correct, as shown below;

monitor>interface 0
monitor>address 192.168.1.2
monitor>server 192.168.1.1
monitor>file np63.bin
monitor>gateway 192.168.1.2

monitor>ping 192.168.1.2

monitor>tftp

Do you wish to erase the passwords? [yn] y
Passwords have been erased.

Rebooting....

My guess is either you didn't connect to Ethernet0/0 when you were do the above-mentioned steps or your laptop's Windows's Firewall is turned on.

Warm regards,
Ramraj Sivagnanam Sivajanam

I have disabled the firewall via the services management console.

I hooked the firewall to my router and here are the commands I used

CISCO SYSTEMS PIX-501

Embedded BIOS Version 4.3.200 07/31/01 15:58:22.08

Compiled by morlee

16 MB RAM

PCI Device Table.

Bus Dev Func VendID DevID Class              Irq

00  00  00   1022   3000  Host Bridge       

00  11  00   8086   1209  Ethernet           9

00  12  00   8086   1209  Ethernet           10

Cisco Secure PIX Firewall BIOS (4.2) #6: Mon Aug 27 15:09:54 PDT 2001

Platform PIX-501

Flash=E28F640J3 @ 0x3000000

Use BREAK or ESC to interrupt flash boot.

Use SPACE to begin flash boot immediately.

Flash boot interrupted.                        

0: i8255X @ PCI(bus:0 dev:17 irq:9 )

1: i8255X @ PCI(bus:0 dev:18 irq:10)

Using 1: i82557 @ PCI(bus:0 dev:18 irq:10), MAC: 000f.8f6f.d11f

Use ? for help.

monitor> int 0

0: i8255X @ PCI(bus:0 dev:17 irq:9 )

1: i8255X @ PCI(bus:0 dev:18 irq:10)

Using 0: i82557 @ PCI(bus:0 dev:17 irq:9 ), MAC: 000f.8f6f.d11e

monitor> add 192.168.1.10

address 192.168.1.10

monitor> server 192.168.1.6

server 192.168.1.6

monitor> gate 192.168.1.1

gateway 192.168.1.1

monitor> ping 192.168.1.1

Sending 5, 100-byte 0xb887 ICMP Echoes to 192.168.1.1, timeout is 4 seconds:

!!!

Success rate is 60 percent (3/5)

monitor> ping 192.168.1.6

Sending 5, 100-byte 0xb888 ICMP Echoes to 192.168.1.6, timeout is 4 seconds:

Success rate is 0 percent (0/5)

monitor> 192.168.1.1

Invalid or incorrect command.  Use 'help' for help.

monitor> ping 192.168.1.1

Sending 5, 100-byte 0xb889 ICMP Echoes to 192.168.1.1, timeout is 4 seconds:

!!!!!

Success rate is 100 percent (5/5)

monitor> ping 192.168.1.1

Sending 5, 100-byte 0xb88a ICMP Echoes to 192.168.1.1, timeout is 4 seconds:

!!!!!

Success rate is 100 percent (5/5)

monitor> ping 192.168.1.6

Sending 5, 100-byte 0xb88b ICMP Echoes to 192.168.1.6, timeout is 4 seconds:

Success rate is 0 percent (0/5)

monitor> ping 192.168.1.6

Sending 5, 100-byte 0xb88c ICMP Echoes to 192.168.1.6, timeout is 4 seconds:

Success rate is 0 percent (0/5)

monitor>

My IP address on my PC is 192.168.1.6

The Router IP is 192.168.1.1

and obviously I set the FW to 192.168.1.10 to prevent DHCP from using that address

now I know the firewall service is disabled also.

I do see connectivity lights blinking on the front of the pix too. I have it plugged into the 0 port also.

Im not sure what else to do really.

Can you use another PC?

Warm regards,
Ramraj Sivagnanam Sivajanam

using a laptop to serve the TFTP seemed to do the trick. Im guessing that something with all the virtual NIC devices and the three installed physical ones created a problem somewhere in windows. but thank you for helping, always nice to have a community

Review Cisco Networking for a $25 gift card