PIX 501 - Web Username/Password not working 1

[stuartmarsh47]

I have a Cisco 501 PIX Firewall @ work that I would like to configure through the web browser. When I put the IP address in my browser it asks for a username/password but everything I try is rejected.
I have console access to the PIX and http is enabled. I have added a user to the local database with 'username admin password *** privilege 15' but the browser still does not let me in.
Does anybody have any ideas what could be cuasing this problem?

Thanks.

 

[Minue]

Hello
The quickess way would be to remove the passwords and new user temporily.Launch the web browser and just give OK to all the pop-up windows.It will let you in.Then do the user and passwords from the PDM.
If you don't like that method I will try to tell you tommorow what's wrong.
Regards

 

[stuartmarsh47]

Could you tell me how I do this?
Would it be with 'No Username'?

 

[Minue]

Hello
I have had this problem too,but I coudn't remember how to fix it.That's why I told you I would work it out tommorow.Try this when the browser as for "username/password" if you have and enable password configure on the PIX,leave the username blank and put the enable password in the password section.You should get access!After because You have configure a local database user with the level 15,another window should pop-up.Then you can put the admin password *** combination in.Or easier just delete the database with the 'No Username'
Good luck!

 

[boymarty24]

try adding

aaa authentication http console LOCAL

 

[Supergrrover]

Try

http://www.cisco.com/warp/public/110/pdm_http404.shtml

Make sure that you are using M$ Java and not Sun's current version.


Brent
Systems Engineer / Consultant
CCNP, CCSP

 

[stuartmarsh47]

boymarty24 - Thanks for the suggestion but I have already done this.
Supergrrover - I removed Sun Java and installed Ms Java but this didn't seem to help. This doesn't seem to be an issue with Java but with the logon process.

Thanks.

 

[Supergrrover]

You tried
username: pix or blank
password: telnet password or enable password
It has to be one of those combinations if you haven't enabled AAA.
Are you sure the PDM is loaded on the device?


Brent
Systems Engineer / Consultant
CCNP, CCSP

 

[Minue]

Hello
The combination is
username: blank
password: enable password

Strangly I have alway loaded the PIX PDM on computers without JAVA installed at all.So it's not a java problem because he's getting the logon window.It's not even a AAA problem,the AAA authentication window pop up after the pdm is partially loaded.The above works for me!

Regards

 

[stuartmarsh47]

I have tried blank username/enable password, and comibnations of pix, pixuser, pixadmin, admin, and root.
What I noticed is strange is that the PIX originally did not have a 'aaa authentication http console LOCAL' line in the config but was still asking for a username/password. Nothing worked for this so I inserted aaa auth and the same thing occured.
Is there a way to start the config for PDM over without losing the rest of my config?

Thanks.

 

[Minue]

Hello
It's not clear to me if you can get to the PDM.In case you haven't got it working.Just start simple take out all reference to AAA authentication including the usernames.Just do the blank username and the present enable password.It must let you in to the PDM,there no magic with cisco equipment,it always a question about the config and knowing how they operate.
After you get into the PDM just work your way up with more complex stuff like the AAA and what ever you want to do.
Regards

 

[Supergrrover]

stuartmarsh47,
Post a config from the CLI (mask passwords and the middle two octets of the public IP.)


Brent
Systems Engineer / Consultant
CCNP, CCSP

 

[stuartmarsh47]

Minue - I followed your advice and the PDM is working now.
I don't know what was wrong with it but removing aaa and starting again has done the trick.

Thanks everyone for your help.