Cisco PIX: Password recovery/reset

**Admin** · 04-Dec-2006, 12:42 AM

The password paradox is a commonplace condition. Make your passwords strong and difficult to guess, change them frequently, and don't write them down. It a formula for forgetfulness. Eventually, many organizations find themselves locked out of their PIX. This recipe describes the process for resetting the PIX password.

This information describes resetting the password on a PIX without a floppy drive. You must first have a TFTP server running. Most UNIX operating systems install with a TFTP server installed but possibly not running. Windows systems are at a disadvantage because Microsoft no longer ships Windows with a TFTP server. This recipe describes installing and configuring a third-party TFTP server on a Windows system.

You need a console connection to your PIX from some system that is capable of sending a BREAK signal (the HyperTerminal communications application that ships with Windows doesn't do this.. again, Windows folks are at a disadvantage). The Private Edition of HyperTerminal does do breaks (if you press the keyboard combination on your keyboard that corresponds to the BREAK key).

Next, if you don't know what version of software is running on your PIX (or if you aren't sure, do this anyway -- you forgot the password, afterall), connect to the PIX with the terminal emulator of your choice (HyperTerminal, tip, minicom, etc.) and make sure you see reasonable responses to pressing ENTER (like a password prompt or the name of the router as a nonprivileged prompt. Reboot the router by turning it off and back on and watch the output. It will tell you the software version number running.

Download the corresponding file from Cisco that matches your PIX software version (for example, PIX software version 6.1 would correspond to the file np61.bin) and save it in your TFTP root directory. Now you are ready for the fun stuff.

Reboot your PIX again and send it a BREAK signal (~# in tip, CTRL-A f in minicom) while it is starting to boot. You will get a prompt like monitor>.

Determine (by number) which ethernet interface will be used to connect to the TFTP server. The easiest way to know is to unplug an interface and connect directly to the TFTP server host through a crossover ethernet cable. The TFTP server can be on another subnet since the PIX can be configured to use a gateway during this process.

The rest of this recipe will be based on the assumption that the interface is number 0 (if it isn't, only the interface command below needs to be changed). We'll also assume that the software version is 6.3 and that we've downloaded np63.bin. The IP address of the TFTP server will be 192.168.2.69 for this example, and an IP address that can be used on the PIX is 192.168.1.2, on a different subnet from that of the TFTP server which is accessible through the gateway at 192.18.1.1. The IP addresses entered during this procedure will not affect the configuration of the PIX after the procedure is completed.

The following commands will cause the PIX to get the password reset image from the TFTP server and use it to reset the password:

monitor> interface 0
monitor> address 192.168.1.1
monitor> server 192.168.2.69
monitor> gateway 192.168.1.1
monitor> file np63.bin
monitor> tftp

The TFTP download should be quick (on the order of a few seconds). If it fails, it will timeout and give and error message. Verify your network cabling (ensure that there are link lights, if available, on both sides). You can ping the TFTP server (ping 192.168.2.69), although this may fail if the host running the TFTP service blocks pings, so it may not be helpful. If everything looks right, double check your settings as a typo in an IP address will cause problems.

Once the image is downloaded to the PIX, the password reset code will ask you if you are sure you want to reset the password. Press the y key to continue and in a moment, the password will be reset and the PIX will automatically reboot. The PIX will now have the default telnet password cisco and no enable password.

**zillah** · 11-Feb-2007, 02:12 AM

What I did
monitor> interface 0
0: i8255X @ PCI(bus:0 dev:14 irq:10)
1: i8255X @ PCI(bus:0 dev:13 irq:11)
2: i8255X @ PCI(bus:0 dev:17 irq:11)
Using 0: i82557 @ PCI(bus:0 dev:14 irq:10), MAC: 0014.6971.2b50
monitor> address 192.168.1.1
address 192.168.1.1
monitor> server 192.168.1.5
server 192.168.1.5
monitor> file np63.bin
file np63.bin
monitor> tftp
tftp nppix.bin@192.168.1.5
TFTP failed (return:-10 arg:0x1)

I do not why it did fail ? I could not ping the PIX either, I do not have any firewall on my Laptop

04-Dec-2006, 12:42 AM	#1 (permalink)
Admin Administrator Posts: 876 Join Date: Oct 2005 Rep Power: 10 IM:	Cisco PIX: Password recovery/reset The password paradox is a commonplace condition. Make your passwords strong and difficult to guess, change them frequently, and don't write them down. It a formula for forgetfulness. Eventually, many organizations find themselves locked out of their PIX. This recipe describes the process for resetting the PIX password. This information describes resetting the password on a PIX without a floppy drive. You must first have a TFTP server running. Most UNIX operating systems install with a TFTP server installed but possibly not running. Windows systems are at a disadvantage because Microsoft no longer ships Windows with a TFTP server. This recipe describes installing and configuring a third-party TFTP server on a Windows system. You need a console connection to your PIX from some system that is capable of sending a BREAK signal (the HyperTerminal communications application that ships with Windows doesn't do this.. again, Windows folks are at a disadvantage). The Private Edition of HyperTerminal does do breaks (if you press the keyboard combination on your keyboard that corresponds to the BREAK key). Next, if you don't know what version of software is running on your PIX (or if you aren't sure, do this anyway -- you forgot the password, afterall), connect to the PIX with the terminal emulator of your choice (HyperTerminal, tip, minicom, etc.) and make sure you see reasonable responses to pressing ENTER (like a password prompt or the name of the router as a nonprivileged prompt. Reboot the router by turning it off and back on and watch the output. It will tell you the software version number running. Download the corresponding file from Cisco that matches your PIX software version (for example, PIX software version 6.1 would correspond to the file np61.bin) and save it in your TFTP root directory. Now you are ready for the fun stuff. Reboot your PIX again and send it a BREAK signal (~# in tip, CTRL-A f in minicom) while it is starting to boot. You will get a prompt like monitor>. Determine (by number) which ethernet interface will be used to connect to the TFTP server. The easiest way to know is to unplug an interface and connect directly to the TFTP server host through a crossover ethernet cable. The TFTP server can be on another subnet since the PIX can be configured to use a gateway during this process. The rest of this recipe will be based on the assumption that the interface is number 0 (if it isn't, only the interface command below needs to be changed). We'll also assume that the software version is 6.3 and that we've downloaded np63.bin. The IP address of the TFTP server will be 192.168.2.69 for this example, and an IP address that can be used on the PIX is 192.168.1.2, on a different subnet from that of the TFTP server which is accessible through the gateway at 192.18.1.1. The IP addresses entered during this procedure will not affect the configuration of the PIX after the procedure is completed. The following commands will cause the PIX to get the password reset image from the TFTP server and use it to reset the password: monitor> interface 0 monitor> address 192.168.1.1 monitor> server 192.168.2.69 monitor> gateway 192.168.1.1 monitor> file np63.bin monitor> tftp The TFTP download should be quick (on the order of a few seconds). If it fails, it will timeout and give and error message. Verify your network cabling (ensure that there are link lights, if available, on both sides). You can ping the TFTP server (ping 192.168.2.69), although this may fail if the host running the TFTP service blocks pings, so it may not be helpful. If everything looks right, double check your settings as a typo in an IP address will cause problems. Once the image is downloaded to the PIX, the password reset code will ask you if you are sure you want to reset the password. Press the y key to continue and in a moment, the password will be reset and the PIX will automatically reboot. The PIX will now have the default telnet password cisco and no enable password.

11-Feb-2007, 02:12 AM	#2 (permalink)
zillah Fix my Error! Posts: 23 Join Date: Jun 2006 Rep Power: 0 IM:	Re: Cisco PIX: Password recovery/reset What I did monitor> interface 0 0: i8255X @ PCI(bus:0 dev:14 irq:10) 1: i8255X @ PCI(bus:0 dev:13 irq:11) 2: i8255X @ PCI(bus:0 dev:17 irq:11) Using 0: i82557 @ PCI(bus:0 dev:14 irq:10), MAC: 0014.6971.2b50 monitor> address 192.168.1.1 address 192.168.1.1 monitor> server 192.168.1.5 server 192.168.1.5 monitor> file np63.bin file np63.bin monitor> tftp tftp nppix.bin@192.168.1.5 TFTP failed (return:-10 arg:0x1) I do not why it did fail ? I could not ping the PIX either, I do not have any firewall on my Laptop Last edited by zillah; 11-Feb-2007 at 04:00 AM.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Reset Your Vista Password with Your iPod	Iphone	Microsoft windows vista error	0	06-May-2007 10:23 PM
Reset Admin Password	Iphone	Microsoft Windows xp error	0	04-May-2007 09:29 AM
How to reset local admin password?	Iphone	Microsoft Windows xp error	1	17-Apr-2007 06:23 AM
Recover or Reset XP admin password	Anilrgowda	Microsoft Windows xp error	0	28-Feb-2007 11:22 PM
Cisco 2950 switch password recovery	Admin	Hardware tutorials	0	04-Dec-2006 12:53 AM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)