So, forget the brute force idea I mentioned in my earlier post. I knew brute forcing any security appliance would be harder than I wanted to mess with. I also didn’t want to reset the PIX to factory defaults, since before this, i had never touched a Cisco device. The users are using the VPN as well and I really just didn’t want to mess with this. I just needed to open RDP to get to their server and the previous vendor magically forgot the password to the device when I took over their IT. Anyway, this is what I used to reset their password. As far as resolving some of their VPN issues… I’ll be consulting with some of my associates with more Cisco experience than myself.
To start, you need to download the np**.bin files from the Cisco.com. You will also need TFTP server software(i used TFTPD).
First, plug into the PIX with a console cable, verify your connection.(When connected, I used HyperTerminal).
Turn off, then back on the PIX. Right after the power goes back on, send a “BREAK” character(honestly, not sure what that means) or hit the ESC key(this is what I did).
For a PIX without a floppy drive and only 2 interfaces(like the one I was on), it automatically defaults traffic to the internal interface. This is what you want. Just in case use interface command to pick the right one.
interface 1
Use the “address” command to specify the IP of the PIX internal interface.
address 192.168.11.1
Use “server” command to specify IP of TFTP server containing the PIX pw recovery file.(the np**.bin)
server 192.168.11.49
Use “file” command to specify which file on the tftp server.
file np70.bin
Use “tftp” command to start download.
tftp
Then you get a question about wanting to erase the passwords. enter “y”
The default password is “cisco”, there is no default enable password. Use the passwd <new password>command to create an enable password. You’re all done. Let me know if I missed something.