I found a nice looking PIX 515E firewall on Ebay. I have plans of configuring it and placing it on my live network. The unit comes with Unlimited licenses (I don’t actually need that many, just what it came with).
I do have to remember to read the Ebay auctions a little closer. I may not have bid on this unit if I would have seen the phrase all sales are final with no returns. The unit does power on, and is in great condition, however it’s fully configured with an enable password on it. I asked the seller what it was, and he doesn’t know. He didn’t of course mention this little fact in his auction. He just said call Cisco.
Well with a bit of research I found out how to reset all passwords on a Cisco PIX firewall. The process involves being physically connected to the firewall, downloading a bin file from Cisco (the bin you needs depends on the version number your PIX is running) and a TFTP server. I have a TFTP server already setup on my MacBook Pro that I use to console and telnet into my routers so that was set. Once the firewall begins to startup you just need to press ESC to stop the boot process and then issue the commands to tell the firewall what IP address it should you, the name of the bin file, the IP of your TFTP server and then start to transfer.
After that it goes quite smoothly. I was then able to reset my PIX and do the configuration based on my needs. I did need to make a few changes to the Cisco 2610XM router, such as:
Bridging the ADSL with Fa0/0 so they share the public IP.
Then I assigned the public IP that was pointing to my server to Eth0 on the PIX and set Eth1 to the private IP address that was originally on Fa0/0 on the 2610XM router. The only issue I have at the moment with it is it slows my network down a bit. Usually dropping the speed form 5 mbps to 3 mbps. There may be an issue with the hardware as I found some CRC errors on the Eth1 port. To test things out I’m going to use a small Cisco PIX 501 firewall and see if that does anything different.