Sunday, January 9, 2005

How to Restore a PIX Firewall to its Factory Defaults

Warning: The following procedure will erase any existing configuration on the PIX firewall. You are strongly encouraged to make a backup of the firewall’s configuration prior to executing the following procedure.

To prepare the PIX Firewall to be decommissioned or restored to its factory default state, perform the following steps:

Connect to the console port of the PIX and bring up Hyperterminal (or your preferred terminal emulation software).

Enter Priviledged Exec Mode, then enter Global Configuration Mode and type the following commands:

ca zeroize rsa [enter]
ca save all [enter]
exit [enter]
write erase [enter]
[enter] To Confirm Erase
reload [enter]
[enter] To Confirm Reload

At this point, the PIX should reload, perform the Power On Self Test and then display the following text:

Pre-configure PIX Firewall now through interactive prompts [yes]?

At this point, the PIX is set to the factory defaults. You can power it down or rebuild the configuration.

You can practice this procedure and many others when you register for our 2-day hands-on ASA / PIX firewall seminar. It’s available in public seminars in Seattle or in onsite presentations at the location of your choice for groups of four or more.

No comments: