Getting Started with the PIX Security Appliance
Configuring the PIX Security Appliance

Accessing Privileged Mode
Upon first accessing a security appliance, the administrator is presented with pixfirewall> prompt when using a PIX Security Appliance, or ciscoasa> for an Adaptive Security Appliance. This is the prompt for the unprivileged mode. This mode enables users to view restricted settings. In a previously configured PIX, pixfirewall> may be replaced with a network specific hostname prompt such as Paris>, London>, etc. To get started with the PIX, the first command used is the enable command. This command provides entrance to the privileged access modes. After the enable command is entered, the PIX prompts the user for a privileged mode password. By default, a password is not required, so Enter can be pressed at the password prompt, or a password can be created. In privileged mode the prompt changes to #.

The enable password command sets the privileged mode password. The password is case sensitive and can be up to 16 characters long. Any character can be used except the question mark, space, and colon. The password should be written down and stored in a manner consistent with the security policy. After this password is created, it cannot be viewed again because it is stored as an MD5 hash. The show enable password command lists the encrypted form of the password. After passwords are encrypted, they cannot be reversed back to plain text.

The syntax for the enable commands is shown in Figure .

NOTE:

An empty password is also changed into an encrypted string.

Accessing Configuration Mode
Use the configure terminal command to move from privileged mode to configuration mode . As soon as the command is entered, the prompt changes to (config)#. Configuration mode enables a user to change system configurations. The exit or quit command is used to exit and return to the previous mode.

The help Command
Help information is available from the PIX Security Appliance command line. If help? is entered, all commands that are available in the current privilege level and mode are displayed. In Figure , all the commands for the unprivileged mode are displayed.

The help, usage, description, and syntax, for an individual command can be seen by entering the help command followed by the command name, for example pixfirewall>help enable. In Figure , the usage and description for the enable command is displayed.

The syntax for the help command is shown in Figure .

If a command string is unknown, ? can be entered after the command. The command syntax is listed as the output.