Getting Started with the PIX Security Appliance
User interface

The PIX Security Appliance contains a command set based on the Cisco IOS, and provides four administrative access modes:

  • Unprivileged mode – This mode is available when the PIX is first accessed. The > prompt is displayed. This mode provides a restricted, limited, view of PIX settings.
  • Privileged mode – This mode displays the # prompt and enables users to change the current settings. Any unprivileged command also works in privileged mode.
  • Configuration mode – This mode displays the (config)# prompt and enables users to change system configurations. All privileged, unprivileged, and configuration commands work in this mode.
  • Monitor mode – This is a special mode that enables users to update the image over the network or to perform password recovery. While in the monitor mode, users can enter commands specifying the location of the TFTP server and the PIX software image or password recovery binary file to download.

Within each access mode, most commands can be abbreviated down to the fewest unique characters for a command. For example, sh run can be entered to view the configuration instead of entering the full command show running-config. The abbreviation en can be entered instead of enable to start privileged mode, and con t can be used instead of configuration terminal to start configuration mode.

NOTE:

Configurations can be created on a text editor and then cut and pasted into the configuration. The configuration can be pasted in one line at a time, or the entire configuration can be pasted at once. Always check the configuration after pasting large blocks of text to be sure that everything has been copied.