Password Recovery

If you forget your enable password, the PIX firewall requires you to upload a file to the flash. This special file nullifies the current password without erasing your configuration. The process is virtually identical to loading a new image using the monitor> prompt and a TFTP server. You can download the password file for your specific version of OS image at

The password file for 6.2 release, for instance, is np62.bin . This utility resets the enable and Telnet passwords to their default settings, which is cisco for both of them.

Listing 4.13 shows the steps for uploading a password recovery file.

Listing 4.13 Password Recovery Example
 monitor> interface 1 monitor> address address monitor> server server monitor> file np62.bin file np62.bin monitor> tftp tftp np62.bin@ Received 73728 bytes Cisco Secure PIX Firewall password tool (3.0) #0: Wed Mar 27 11:02:16 PST 2002 Flash=E28F640J3 @ 0x3000000 BIOS Flash=E28F640J3 @ 0xD8000 Do you wish to erase the passwords? [yn] y The following lines will be removed from the configuration:     enable password ZFatiF0MarNtVoTD encrypted     passwd 2KFQnbNIdI.2KYOU encrypted Do you want to remove the commands listed above from the configuration? [yn] y 

Password recovery on older PIX firewalls such as the PIX 510 and 520 is done using a floppy disk: A password lockout utility is loaded from a floppy, and the PIX firewall is rebooted.

CSPFA Exam Cram 2 (Exam 642-521)
CCSP CSPFA Exam Cram 2 (Exam Cram 642-521)
ISBN: 0789730235
EAN: 2147483647
Year: 2003
Pages: 218 © 2008-2017.
If you may any questions please contact us: