Cisco PIX (500 Series) Password Recovery / Reset

KB ID 0000064 

Problem

If you are locked out of your PIX firewall then you will need to do some password recovery, this procedure will reset the enable password and remove any AAA username and password settings on the PIX.

Note: If you have a PIX 520 (This has a floppy drive, and the process is different) CLICK HERE

Solution

Before You Start !

1. You need to know the software version that is running on the PIX e.g 6.3(5) or 7.0(1)

2. You need a TFTP server set up and running CLICK HERE for instructions.

3. You need to be connected to the PIX via its console cable CLICK HERE for instructions.

4. You need to download the “PIX Password Lockout Utility” that’s appripriate for your PIX i.e if your running 6.3(5) download , np63.bin or version 7.0(1) download np70.bin etc, you get get them HERE Put the file in the root directory of your TFTP server.

Procedure

1. Connect to the Firewall via console cable, then power cycle the firewall, as the firewall reboots press BREAK or ESC to interrupt the boot sequence and get to the monitor prompt.

[box]

monitor> 

[/box]

2. Now the firewall has no config loaded, so you need to tell it everything it needs to know, firstly we need to set up the inside interface so we can load in the password reset utility. Use the interface command (PIX’s with only two interfaces it will default to the inside interface).

[box]

monitor> interface 1
0: i8255X @ PCI(bus:0 dev:17 irq:9 )
1: i8255X @ PCI(bus:0 dev:18 irq:10) 

Using 1: i82557 @ PCI(bus:0 dev:18 irq:10), MAC: 0012.daf1.5185
monitor>

[/box]

3. You need to tell it what its inside IP address is, use the address command.

[box]

monitor> address 192.168.1.1
address 192.168.1.1 

[/box]

4. Now you need to give it the IP address of the TFTP server you set up ealier, use the server command.

[box]

monitor> server 192.168.1.2
server 192.168.1.2 

[/box]

5. The last thing the PIX needs is the name of the password unlock file for this example I’ll use np63.bin, you will need to use the file command.

[box]

monitor> file np63.bin
file np63.bin

[/box]

6. To start the process, issue the tftp command.

[box]

monitor> tftp
tftp np63.bin@192.168.1.2.......................................................
................................................................................
..............................................
Received 92160 bytes 

Cisco Secure PIX Firewall password tool (3.0) #0: Thu Jul 17 08:01:09 PDT 2003
Flash=E28F640J3 @ 0x3000000
BIOS Flash=E28F640J3 @ 0xD8000

[/box]

7. Confirm by pressing y then {enter}.

[box]

Do you wish to erase the passwords? [yn] y

[/box]

8. Confirm by pressing y then {enter} again.

[box]

Do you want to remove the commands listed above from the configuration? [yn] y Passwords and aaa commands have been erased.

Rebooting..

 

[/box]

9. The Firewall will reboot and the passwords will be blanked.

[box]

Type help or '?' for a list of available commands.
Firewall> en
Password:
firewall#

[/box]

Related Articles, References, Credits, or External Links

Factory Reset a Cisco Firewall

Cisco Catalyst Password Recovery / Reset

Cisco ASA – Password Recovery / Reset

Cisco Router – Password Recovery /Bypass