- Posts: 5
- Thank you received: 0
ip address of pix 506e?
18 years 6 months ago #14491
by rcpr
ip address of pix 506e? was created by rcpr
Hi all!
Glad I found this site.
If I am out of line with my post, please point me in right direction.
I inherited at my job a network with a PIX 506e connected to a cisco 800 series off a nettopia dsl device.
I need to get in to the pix 506e to setup and change the vpn settings. the password has to be reset. i have a serial emulator talking to the 506e and I can get to the monitor> prompt. but when i point to my tftp server for the np63.bin file, it times outs. my gateway is showing 192.168.100.1. so i am assuming that is the pix 506e. since that is the only ip address that appears likely to be the 506e. i am apparently wrong since i cannot ping the tftp server (192.168.100.54) from the monitor> prompt.
any suggestions of finding the ip address?
thanks
Glad I found this site.
If I am out of line with my post, please point me in right direction.
I inherited at my job a network with a PIX 506e connected to a cisco 800 series off a nettopia dsl device.
I need to get in to the pix 506e to setup and change the vpn settings. the password has to be reset. i have a serial emulator talking to the 506e and I can get to the monitor> prompt. but when i point to my tftp server for the np63.bin file, it times outs. my gateway is showing 192.168.100.1. so i am assuming that is the pix 506e. since that is the only ip address that appears likely to be the 506e. i am apparently wrong since i cannot ping the tftp server (192.168.100.54) from the monitor> prompt.
any suggestions of finding the ip address?
thanks
18 years 6 months ago #14512
by TheBishop
Welcome to Firewall.cx rcpr
You might not be wrong; logic does suggest that the gateway address will be that of the PIX. Perhaps the reason you can't get to the TFTP server is that the PIX configuration isn't permitting it. SInce you inherited the thing you don't know for sure how, or from where, the previous admin used to configure it. I don't know much about the PIX, however, so at this point I'll shut up and let someone else tell us how to get into it
You might not be wrong; logic does suggest that the gateway address will be that of the PIX. Perhaps the reason you can't get to the TFTP server is that the PIX configuration isn't permitting it. SInce you inherited the thing you don't know for sure how, or from where, the previous admin used to configure it. I don't know much about the PIX, however, so at this point I'll shut up and let someone else tell us how to get into it
18 years 6 months ago #14517
by d_jabsd
Replied by d_jabsd on topic Re: ip address of pix 506e?
Can you post the commands and output from the monitor prompt?
The config is never read when you go into monitor mode, so the pix has no IP information at that point.
You need to tell it which interface the tftp server is connected to, then give that interface an address, then tell it the server address.
the ping command is available to test connectivity before trying to tftp the file. The tftp server is also going to need to be on the same subnet as the interface you specify. It will work if its not, but it makes life easier. I recommend downloading a free tftp server to your workstation/laptop, then plug that system directly into the inside port and go from there. Since you are in monitor mode, you can unplug the outside since no traffic is passing through anyway.
The config is never read when you go into monitor mode, so the pix has no IP information at that point.
You need to tell it which interface the tftp server is connected to, then give that interface an address, then tell it the server address.
the ping command is available to test connectivity before trying to tftp the file. The tftp server is also going to need to be on the same subnet as the interface you specify. It will work if its not, but it makes life easier. I recommend downloading a free tftp server to your workstation/laptop, then plug that system directly into the inside port and go from there. Since you are in monitor mode, you can unplug the outside since no traffic is passing through anyway.
18 years 6 months ago #14520
by rcpr
Replied by rcpr on topic My next opportunity for downtime will be this weekend
My laptop doesn't have a serial port, but our dhcp server does. so i was using it for the tftp server and it's serial (com1). i just noticed that in my earlier post i said the tftp server was 192.168.100.54. that was incorrect - sorry. i should of typed 192.168.100.20.
i set the ADDRESS to 192.168.100.1 (pix)
i set the server to 192.168.100.20 (tftp) (solarwinds)
i didn't set the gateway.
I will take snapshots of all the responses and post.
thanks
i set the ADDRESS to 192.168.100.1 (pix)
i set the server to 192.168.100.20 (tftp) (solarwinds)
i didn't set the gateway.
I will take snapshots of all the responses and post.
thanks
18 years 6 months ago #14524
by d_jabsd
Replied by d_jabsd on topic Re: ip address of pix 506e?
I would set the gateway to the same address as the tftp server.
Even though its a connected subnet, it may not behave correctly without a route.
Also check for a firewall on the TFTP Server and make sure tftp is allowed through.
For serial, you can get a usb-serial converter. I use one on my Thinkpad and works pretty well... why they include a printer port but no serial port is beyond me... whoever came up with that idea should be fired or shot or both.
Even though its a connected subnet, it may not behave correctly without a route.
Also check for a firewall on the TFTP Server and make sure tftp is allowed through.
For serial, you can get a usb-serial converter. I use one on my Thinkpad and works pretty well... why they include a printer port but no serial port is beyond me... whoever came up with that idea should be fired or shot or both.
18 years 6 months ago #14636
by rcpr
Replied by rcpr on topic i tried again this weekend... still no success.
i had an older dell laptop that had a serial port, so i used it.
i set the gateway to the same address as the pix 192.168.100.1
i still cannot ping the tftp server.
i made certain there is no firewall on the tftp machine. i successfully ping it from another machine prior to my attempt to reset the pix firewall.
any more ideas would be greatly appreciated...
Randy
i set the gateway to the same address as the pix 192.168.100.1
i still cannot ping the tftp server.
i made certain there is no firewall on the tftp machine. i successfully ping it from another machine prior to my attempt to reset the pix firewall.
any more ideas would be greatly appreciated...
Randy
Time to create page: 0.128 seconds