The answer is a very simple one. What you want to do is to us the npxx.bin file to erase both the telnet and enable password in the pix. After that, reboot the pix.
While the pix is rebooting, physically remove the cable on the interface of the pix that the TACACS uses to talk to the PIX. Now, because the pix can NOT communicate with TACACS server, it stills prompts for username and password. This time your username will be "pix" and password for EXEC mode will be "cisco". After successfully logging into the pix, the enable mode to get into privilege is just a simple return. It's as easy as 123.... ----- Original Message ----- From: "Engelhard M. Labiro" To: Sent: Thursday, January 10, 2002 7:20 AM Subject: Re: Emergency: PIX 515 password recovery [7:31514] > How about setup a temporary AAA server with an > user&password and login with that username? > You can use sniffer for the IP address of AAA server > going out the PIX interface. > > > for my case, once I use default password" cisco " to enter it... > > > > the aaa configuration take effect, and it prompt out > > Username: > > passsword: immediately.... > > > > How can I use "write erase" command..... > > > > My situation is that the original AAA configuaration is still active, it > > will make a great difficulties in passowrd recovery....... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=31527&t=31514 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]