Discover IP and reset PW on old PIX 515

[fs483]

Hello,

I've acquired an old PIX 515 from a company that went bankrupt. I'm trying to reuse this PIX. I've used Pix 501 and 506 and know that the PIX 515 is pretty much the same but more powerfull. I however don't know the enable password nor the IPs assigned to any of the 4 interfaces. I found the method for resetting the password by downloading the pnxx.bin file and to load it up by TFTP through the Monitor mode. However I don't know the IPs of any of the interfaces. Is there any way of finding the IP or even bypassing the IP of the interface. Currrently I'm running an IP scanner on one of the interfaces in hope of getting a hit. I know the Pix is running IOS 6.1(1). This unit is out of warranty and there's no way to contact the people who knew the PW. I also know that it has the unrestricted license applied.

Any help will be appreciated.

Thanks
anthony

 

[AJ1982]

Use a console cable to recover the password, lookup the following words on google

cisco pix password recovery

Ta

Fat

===

Fatman Superstar (Andrew James)

CCNA,
(CCNA Cisco Academy Instructor Trained)

 

[fs483]

Hi FatmanSuperstar,

I already have the procedure but I need to know the IP of the interface. At least I think I do. I've already downloaded teh NP61.bin file from

http://www.cisco.com/warp/110/np61.bin

. I also went into monitor mode using the cosole cable. I'm able to ping the TFTP server, then I set an address for one of the interface but I'm unable to ping it's interface. When I run the trace commande then TFTP, all I get is <5><5>. I see the link light flashing. After a few minutes, I press on ESC and I get and error 12 something. I'll try to do some more searching later tonight. Can anyone confirm to me that I can set any address on the interface and it should work ? My TFTP Server is also set on fixed IP on the same subnet as recommended in the doc to avoid using a gateway. I don't care about any of the config that's inside. My goal is to totally reset the whole pix.

Thanks
anthony

 

[fs483]

Ok, I did some more searching. My interfaces in the pix doesn't respond to PINGS in Monitor mode even after I set an IP address on the interface. I'm however able to ping the tftp server. Maybe this is a stupid question but when I specify the bin file what is the syntax and where do I put the file. I stored my file in the root of my C drive on my laptop. I then type the command FILE C:\NP61.BIN in Monitor mode, it shows tftp c:\np61.bin@192.168.1.200 but nothing else. If I press on ESC,this is what I get : TFTP failed (return:-12 arg:0x0) .

If the pix was configured not to respond to pings originally, will the pix ignore the rules (not respond with an ICMP message) when in Monitor mode ? Is there any other way to reset this &*(&* pix ? I'm going to try to open it and see if there's anything inside.

Thanks
anthony

 

[fs483]

Silly me, I was trying to upload the bin file from my local HD. Didn't click/catch on the TFTP server part. I downloaded a TFTP Server program for windows from Solar Winds. Put all .bin files inside the folder. Tried to initiate the upload from Monitor mode. Still no go.

Still trying...

anthony

 

[fs483]

YES!!! I finally managed to clear the password ! Now I'm checking to see how I can update the IOS to 6.3. Any quick suggestions to find out where I can get images... I'm reading...

Anthony

 

[smeek]

Normally, you can only download the images with a valid service contract. Additionally, the newer the image usually requires more memory, so you would need to check,

Steve

 

[fs483]

Does that mean units out of warranty aren't basically supported by Cisco anymore ?

Thanks
anthony

 

[smeek]

I think you get free software updates/support for 90 days, without a separate contract. You can always purchase a contract if you want update firmware and controls. BTW, I don't write Cisco's policies..., just trying to share what I know.

Steve