Cisco PIX configuration

M

marley1

Supreme [H]ardness
Joined
Jul 18, 2000
Messages
5,447
Hey guys, I am not a Cisco guy. We just took over a network that has a PIX 506e as the firewall.

Is there any web GUI for this? I believe it is just being used as a PPTP and firewall.

I need to know how to reset password, and also see whats setup.
 
Be VERY careful with the web GUI of someof the older IOS versions. I've had them completely fubar configs before.
 
It's OLD-school java based. Might have to uninstall all versions of Java, and let the PIX specify the version. Also connect via https.
 
The Cisco java stuff is a major clusterf*ck. I hate it. They need to hire some Java engs from Oracle or something to fix their busted-ass code. Don't even bother trying to get it to work on your desktop machine unless you want to run vulnerable software -- install XP in a VM and then go get a supported version of Java from Oracle. (You'll have to look up the release notes for the web software version to see what JREs it supports.) Also expect to use IE and add the device's IP to the trusted list. And if you're using a newer IE, make sure you have compat mode turned on and are allowing popups.
 
When I need to use the java Cisco stuff I have a VM with IE6 and an old version of Java. Its the only way I could get access to most of the menus etc.
 
Yeah, was just going to say that I keep an XP VM around running IE 6.0 and Java 1.4 just for the rare occasion I have to manage a PIX. It still happens a few times a year and the CLI on PIX 6.3.5 and under is so antiquated I can't remember half the stuff in it. Also, if memory serves, you can't go past update 12 on Java 1.4 or it will crap out on you, IE 7+ is a no no as well. :)
 
Yeah, it's not just 1.4. Some specific point releases work for some features, others don't. Here's a link to the Release Notes for SDM 2.5 for example. You can see they have a list of JREs they support. The funny thing is, doesn't always work perfectly in each of them. Real pile of suck.

Just google for release notes for whatever version you're dealing with and try what they recommend in a VM.
 
Nate7311 said:
It's OLD-school java based. Might have to uninstall all versions of Java, and let the PIX specify the version. Also connect via https.
Click to expand...

Yup....they'll be so outdated and freak out at the version of Java that you (hopefully) currently have. Gotta uninstall whatever you have on your rig, try to find an old version of Firefox like 3...hit the PIX...shove in the old prehistoric version it will want....go from there.
 
YeOldeStonecat said:
Yup....they'll be so outdated and freak out at the version of Java that you (hopefully) currently have. Gotta uninstall whatever you have on your rig, try to find an old version of Firefox like 3...hit the PIX...shove in the old prehistoric version it will want....go from there.
Click to expand...

Big PITA. I've got some old HP Copiers that I have to manage as well that have Java-based digital send applications that require the same thing. As others said that's why I keep an OLD version of Firefox portable with an OLD Java plug-in handy.
 
YeOldeStonecat said:
Yup....they'll be so outdated and freak out at the version of Java that you (hopefully) currently have. Gotta uninstall whatever you have on your rig, try to find an old version of Firefox like 3...hit the PIX...shove in the old prehistoric version it will want....go from there.
Click to expand...

I wouldn't compromise a regular machine that way. VirtualBox is free and friendly.
 
You must log in or register to reply here.
Back
Top