Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: ip address of pix 506e?

ip address of pix 506e? 10 years 7 months ago #14491

  • rcpr
  • rcpr's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
Hi all!

Glad I found this site.

If I am out of line with my post, please point me in right direction.

I inherited at my job a network with a PIX 506e connected to a cisco 800 series off a nettopia dsl device.

I need to get in to the pix 506e to setup and change the vpn settings. the password has to be reset. i have a serial emulator talking to the 506e and I can get to the monitor> prompt. but when i point to my tftp server for the np63.bin file, it times outs. my gateway is showing 192.168.100.1. so i am assuming that is the pix 506e. since that is the only ip address that appears likely to be the 506e. i am apparently wrong since i cannot ping the tftp server (192.168.100.54) from the monitor> prompt.

any suggestions of finding the ip address?

thanks
The administrator has disabled public write access.

PIX 10 years 7 months ago #14512

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
Welcome to Firewall.cx rcpr
You might not be wrong; logic does suggest that the gateway address will be that of the PIX. Perhaps the reason you can't get to the TFTP server is that the PIX configuration isn't permitting it. SInce you inherited the thing you don't know for sure how, or from where, the previous admin used to configure it. I don't know much about the PIX, however, so at this point I'll shut up and let someone else tell us how to get into it
The administrator has disabled public write access.

Re: ip address of pix 506e? 10 years 7 months ago #14517

  • d_jabsd
  • d_jabsd's Avatar
  • Offline
  • Distinguished Member
  • Posts: 153
  • Karma: 0
Can you post the commands and output from the monitor prompt?

The config is never read when you go into monitor mode, so the pix has no IP information at that point.

You need to tell it which interface the tftp server is connected to, then give that interface an address, then tell it the server address.

the ping command is available to test connectivity before trying to tftp the file. The tftp server is also going to need to be on the same subnet as the interface you specify. It will work if its not, but it makes life easier. I recommend downloading a free tftp server to your workstation/laptop, then plug that system directly into the inside port and go from there. Since you are in monitor mode, you can unplug the outside since no traffic is passing through anyway.
The administrator has disabled public write access.

My next opportunity for downtime will be this weekend 10 years 7 months ago #14520

  • rcpr
  • rcpr's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
My laptop doesn't have a serial port, but our dhcp server does. so i was using it for the tftp server and it's serial (com1). i just noticed that in my earlier post i said the tftp server was 192.168.100.54. that was incorrect - sorry. i should of typed 192.168.100.20.

i set the ADDRESS to 192.168.100.1 (pix)

i set the server to 192.168.100.20 (tftp) (solarwinds)

i didn't set the gateway.

I will take snapshots of all the responses and post.

thanks
The administrator has disabled public write access.

Re: ip address of pix 506e? 10 years 7 months ago #14524

  • d_jabsd
  • d_jabsd's Avatar
  • Offline
  • Distinguished Member
  • Posts: 153
  • Karma: 0
I would set the gateway to the same address as the tftp server.

Even though its a connected subnet, it may not behave correctly without a route.

Also check for a firewall on the TFTP Server and make sure tftp is allowed through.

For serial, you can get a usb-serial converter. I use one on my Thinkpad and works pretty well... why they include a printer port but no serial port is beyond me... whoever came up with that idea should be fired or shot or both.
The administrator has disabled public write access.

i tried again this weekend... still no success. 10 years 6 months ago #14636

  • rcpr
  • rcpr's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
i had an older dell laptop that had a serial port, so i used it.

i set the gateway to the same address as the pix 192.168.100.1

i still cannot ping the tftp server.

i made certain there is no firewall on the tftp machine. i successfully ping it from another machine prior to my attempt to reset the pix firewall.

any more ideas would be greatly appreciated...

Randy
The administrator has disabled public write access.
Time to create page: 0.084 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup