help with Accesing pix 506

Discussion in 'Cisco' started by Tomas, May 6, 2004.

  1. Tomas

    Tomas Guest

    Hi
    I have a secure pix 506 that I need to access for configuration.
    Problem is that those who had it installed is not reachable. Ive tried
    accessing with hyperterminal via a homemade rollover-cable but with no
    success.
    Since Im fairly new on cisco Id like some suggestions on how to crack
    this one.

    regards
    /Tomas
     
    Tomas, May 6, 2004
    #1
    1. Advertisements

  2. Tomas

    Armin Kask Guest


    http://www.cisco.com/en/US/products...ducts_password_recovery09186a008009478b.shtml
     
    Armin Kask, May 6, 2004
    #2
    1. Advertisements

  3. Tomas

    mh Guest

    If your problem is not knowing the passwords, then you need to follow
    the Cisco PIX password recovery procedure. Unfortunately you need to
    know the PIX software version that your PIX is running because there
    is a password recovery program for each major software release level
     
    mh, May 6, 2004
    #3
  4. Tomas

    Tomas Guest

    My main problem is that I cant connect to the firewall. Im using 9600,
    no flow etc but when connecting, the Hyperterminal wont connect.

    I will probably need to erase the passwords so thanks for the above.

    /Hylsan
     
    Tomas, May 7, 2004
    #4
  5. Tomas

    mh Guest

    You nedd to get console access in order to perform password recovery


    You might want to try using a different terminal emulator -
    checkout SimpleTerm Gold
     
    mh, May 7, 2004
    #5
  6. Tomas

    mh Guest

    To verify that you homemade rolled cable is good, get an inexpensive
    continiuty testor and check each RJ45 pinout.
     
    mh, May 7, 2004
    #6
  7. Some people will change the speed of the console port to improve
    performance, so you might want to try different speeds.

    If you have a cisco router, try connecting from the AUX port of your
    router to the Console port of your PIX. If you do a show line 10 (I
    think 10 is usually your AUX port), look for the line "Modem hardware
    state" and it should read:

    Modem hardware state: CTS* DSR* DTR RTS

    If it doesn't, there's something wrong with your rollover cable or DB
    to RJ adapter.

    One last thing... Are you sure your rollover cable is a rollover and
    not a crossover? Rollovers should have:

    Pin/Pin
    1/8
    2/7
    3/6
    4/5
    5/4
    6/3
    7/2
    8/1

    And your RJ45 to DB9/DB25 should be:
    Signal / RJ-45 Pin / DB-9 Pin / DB-25 Pin

    RTS
    8
    8
    5

    DTR
    7
    6
    6

    TxD
    6
    2
    3

    GND
    5
    5
    7

    GND
    4
    5
    7

    RxD
    3
    3
    2

    DSR
    2
    4
    20

    CTS
    1
    7
    4


    Good luck!

    Bayardo
     
    Bayardo Alvarez, May 10, 2004
    #7
  8. Tomas

    Tomas Guest

    Ive be able to accessing the pix now, with help of SimleTerm gold(as
    suggested)
    Now I "just" have to crack the password. Im using the password
    recovery tutorial that you suggested and hopefully it will work,
    otherwise Ill post more questions.

    Thanks for all replies!

    regards
    /Tomas
     
    Tomas, May 12, 2004
    #8
  9. Tomas

    Tomas Guest

    Ive now got another question for you gurus :)

    Ive removed the pix 506 from the network and have it connected to a pc
    that is completly "unconneced" ie no network(auto ip and dns).

    My question is; can I just connect the pix to my pc with a patch-cable
    and be able to upload this password recovery file?

    Im also not sure of the IPs inside the firewall so im uncertain of
    what IP I should enter as "address"
    as seen in the password recovery page;
    "5. Use the address command to specify the IP address of the PIX
    Firewall's interface"

    The other things I think Ive understood.

    Regards
    /Tomas
     
    Tomas, May 12, 2004
    #9
  10. :Ive removed the pix 506 from the network and have it connected to a pc
    :that is completly "unconneced" ie no network(auto ip and dns).

    :My question is; can I just connect the pix to my pc with a patch-cable
    :and be able to upload this password recovery file?

    yes, if you have the appropriate upload utility on the PC.
    (tftp server I think it is?)


    :Im also not sure of the IPs inside the firewall so im uncertain of
    :what IP I should enter as "address"
    :as seen in the password recovery page;
    :"5. Use the address command to specify the IP address of the PIX
    :Firewall's interface"

    Use whatever address you want the other end to know your PIX as
    for the duration of the recovery.
     
    Walter Roberson, May 12, 2004
    #10
  11. Tomas

    mh Guest

    How are you making out?

    BTW to get the right PIX recovery binary, you will need to know the
    current PIX software. This should be displayed on the console if you
    repower the box.
     
    mh, May 13, 2004
    #11
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.