This question is regarding the Tech Recipe posted by qmchenry on August 30, 2004. I could not find it in the forum thread, so I could reply to it, which is why this is a "New" topic. If you do a google search on <reset pix password>, it will be the third link listed.
I've followed the instructions qmchenry stated with a couple of differences: 1-my TFTP server is located on the inside (on the PC, which is connected via hyperterminal pe to the PIX; so the interface is set to 1
2-I did not use a cross-over cable. I left the cabling as it was: cable modem going to ethernet0 and ethernet1 going to a Nortel Baystack switch where the pc (with windows 2000 server running and my pdc) is plugged into
So, my settings are: interface 1 address 10.1.1.1 (ip of PIX) server 10.1.1.2 (ip of tftp server) file np70.bin
I am able to ping the tftp server and get 100% reply, but when I run tftp, the hyperterminal only sits at the prompt: tftp np70bin@10.1.1.2
There are no dots and the activity light on pix blinks a lot, but eventually I have to break the connection and the tftp server log states something like unable to send file to 10.1.1.1.
There is one other piece of information. My Cisco PIX version is 7.1(2) but the highest version file I could find is np70.bin. I didn't think it would hurt to try it. Could this be the conflict? Is there a newer version?
I'd appreciate any and all advice you can give me.
Thanks in advance.
aaronm
· 3 years ago
Do you have an access-list on that interface? You might also try a different tftp software. I'm not 100% on the layout of your PIX, but remember that you need PIX(config)# tftp-server (interface) <ip> <directory>
Good luck!
awais
· 1 year ago
i awais afridi i m working on pix 501 i have same problem plz someone help me i will b very thankful to that person...
Rex
· 10 months ago
Hello,
When I cycle power on my Cisco PIX-501, it reports three different version numbers. I'm trying to determine which of these version numbers I use when downloading the appropriate "npXX.bin" file for password recovery:
CISCO SYSTEMS PIX-501 Embedded BIOS Version 4.3.200 07/31/01 15:58:22.08
Here's an extract for Cisco's Password Recovery web page:
The appropriate binary file, depending on the PIX software version you run:
o np70.bin (7.x and 8.0 release)
o np63.bin (6.3 release)
o np62.bin (6.2 release)
o np61.bin (6.1 release)
o np60.bin (6.0 release)
o np53.bin (5.3 release)
o np52.bin (5.2 release)
o np51.bin (5.1 release)
o np50.bin (5.0 release)
o np44.bin (4.4 release)
o nppix.bin (4.3 and earlier releases)
Note: You need to determine what .bin file to use, which depends upon the PIX code that your PIX currently runs irrespective of the BIOS version.
I assume is 6.3, but I'm very new to the Cisco world and I do NOT want to turn a minor problem in to a big problem!
Many thanks, Rex
secxisco46
· 1 month ago
This is good but it's still not working for me. Let me explain. At my workplace they were using PIX 506E before but now they just removed it and using proxy instead. Now, I just want to play with pix for my personal learning purpose and we lost the password.
According to this post it should work fine but I think the enabled ACL and other filtering stuff is preventing TFTP to download image into PIX.
So far I am able to ping TFTP server from PIX but my PC/ TFTP server is not able to ping PIX (may be ACLs)
All Comments
I've followed the instructions qmchenry stated with a couple of differences:
1-my TFTP server is located on the inside (on the PC, which is connected via hyperterminal pe to the PIX; so the interface is set to 1
2-I did not use a cross-over cable. I left the cabling as it was: cable modem going to ethernet0 and ethernet1 going to a Nortel Baystack switch where the pc (with windows 2000 server running and my pdc) is plugged into
So, my settings are:
interface 1
address 10.1.1.1 (ip of PIX)
server 10.1.1.2 (ip of tftp server)
file np70.bin
I am able to ping the tftp server and get 100% reply, but when I run tftp, the hyperterminal only sits at the prompt: tftp np70bin@10.1.1.2
There are no dots and the activity light on pix blinks a lot, but eventually I have to break the connection and the tftp server log states something like unable to send file to 10.1.1.1.
There is one other piece of information. My Cisco PIX version is 7.1(2) but the highest version file I could find is np70.bin. I didn't think it would hurt to try it. Could this be the conflict? Is there a newer version?
I'd appreciate any and all advice you can give me.
Thanks in advance.
Good luck!
When I cycle power on my Cisco PIX-501, it reports three different version numbers. I'm trying to determine which of these version numbers I use when downloading the appropriate "npXX.bin" file for password recovery:
CISCO SYSTEMS PIX-501 Embedded BIOS Version 4.3.200 07/31/01 15:58:22.08
Cisco Secure PIX Firewall BIOS (4.2) #6: Mon Aug 27 15:09:54 PDT 2001
Cisco PIX Firewall Version 6.3(5)
Here's an extract for Cisco's Password Recovery web page:
The appropriate binary file, depending on the PIX software version you run:
o np70.bin (7.x and 8.0 release)
o np63.bin (6.3 release)
o np62.bin (6.2 release)
o np61.bin (6.1 release)
o np60.bin (6.0 release)
o np53.bin (5.3 release)
o np52.bin (5.2 release)
o np51.bin (5.1 release)
o np50.bin (5.0 release)
o np44.bin (4.4 release)
o nppix.bin (4.3 and earlier releases)
Note: You need to determine what .bin file to use, which
depends upon the PIX code that your PIX currently
runs irrespective of the BIOS version.
I assume is 6.3, but I'm very new to the Cisco world and I do NOT want to turn a minor problem in to a big problem!
Many thanks,
Rex
According to this post it should work fine but I think the enabled ACL and other filtering stuff is preventing TFTP to download image into PIX.
So far I am able to ping TFTP server from PIX but my PC/ TFTP server is not able to ping PIX (may be ACLs)
Anyone has idea how to recover in this case?