Cisco PIX 501 Password Reset & Basic Configuration

Dear Members,

Here is another Howto for Cisco PIX 501 password Reset and Basic Configuration:

Prerequisites:

1. Terminal Serial Cable

2. Lan Cable (To connect Cisco Pix with the Network)

3. Cisco Pix Version (In my case it is 6.3)

4. File to Download Here is the Linux (http://www.cisco.com/image/gif/paws/8529/np63.bin)

5. TFTP Server ( I am using TFTPD32, you can google it and download as its free)

6. A computer on the same network as Cisco Pix Firewall and Running TFTP Server with np63.bin file in the TFTP Directory

Sample: C:\Program Files\Tftpd32

Server  Interface in TFTPD would be your computer’s IP address

First Connect Cisco Pix with Serial Cable and Configure the Terminal. (If you don’t know how to do it please send me mail or comment and i will write another how to for it)

Also Connect Lan Cable in First port of your Cisco Lan ports it is markets as “”1″”

Now switch on Cisco Pix and without delay on your terminal press Break Key (On my Laptop i had to press Fn and Pause Key),  then it will ask you to press Esc if you wish to enter the monitor mode, press Esc key and you will be prompted as below:

monitor>

Now in the monitor mode issue the following commands:

monitor> address 192.168.1.46   <—    [Ip address for Cisco Pix Firewall]

Now issue:

monitor> server 192.168.1.23  <–     [IP address where TFTP Server Resides]

monitor> file np63.bin  <—      [File Downloaded from Cisco, it is a binaray image file]

and finally run

monitor> tftp <—

If all goes well your current bin file will be overwritten by the new file you downloaded from Cisco. (Please make sure if you want to do it, else i would not be responsible for any loss or damage to your Cisco Device)

After copying the Device it will ask you if you wish to erase the password and current command on your Pix Devices , just answer “”Y”” for yes.

The Device will reboot and you will see the below prompt

pixfirewall>

Press en and the Enter for Enable Prompt

pixfirewall#

Enter Config Terminal mode by

pixfirewall#config terminal <—

pixfirewall(config)#

Now Type the below to load your pix firewall to Factory Default

pixfirewall(config)# configure factory-default <—

then type

pixfirewall(config)# wr mem <—   [To Save the Changes]

Done

Basic Configuration:

Setting up Clock:

pixfirewall(conf)# clock set 15:32:32 22 oct 2012

Setting up Interfaces:

External:

pixfirewall(config)# nameif ethernet0 outside security0 <–

pixfirewall(config)# ip address outside

Internal:

pixfirewall(config)# nameif ethernet1 inside security100 <–

pixfirewall(config)# ip address inside

To Remove DHCP:

pixfirewall(config) no dhcpd enable <—

Now type show run to check your current configuration:

pixfirewall# show run <—

Enabling NAT on inside Interface:

pixfirewall(config)#nat (inside) 1 0.0.0.0 0.0.0.0

Adding Static route for outside Interface

pixfirewall(config)#route outside 0.0.0.0 0.0.0.0

pixfirewall(config)# wr mem    [save changes]

Now ping and you will be able to connect to the outside and inside world.

More Configuration Coming Up !!

Enjoy

Don’t forget to comment !

Thanks,

Salman Aftab