Accessing Privileged Mode
Upon first accessing a security
appliance, the administrator is presented with pixfirewall>
prompt when using a PIX Security Appliance, or ciscoasa> for an
Adaptive Security Appliance. This is the prompt for the unprivileged mode. This
mode enables users to view restricted settings. In a previously configured PIX,
pixfirewall> may be replaced with a network specific hostname
prompt such as Paris>, London>, etc. To get
started with the PIX, the first command used is the enable
command. This command provides entrance to the privileged access modes. After
the enable command is entered, the PIX prompts the user for
a privileged mode password. By default, a password is not required, so
Enter can be pressed at the password prompt, or a password can be
created. In privileged mode the prompt changes to #.
The
enable password command sets the privileged mode password.
The password is case sensitive and can be up to 16 characters long. Any
character can be used except the question mark, space, and colon. The password
should be written down and stored in a manner consistent with the security
policy. After this password is created, it cannot be viewed again because it is
stored as an MD5 hash. The show enable password command
lists the encrypted form of the password. After passwords are encrypted, they
cannot be reversed back to plain text.
The syntax for the
enable commands is shown in Figure
.
 |
NOTE:
An empty password is also changed into an encrypted string.
|
Accessing Configuration Mode
Use the configure
terminal command to move from privileged mode to configuration mode
. As soon
as the command is entered, the prompt changes to (config)#.
Configuration mode enables a user to change system configurations. The
exit or quit command is used to exit
and return to the previous mode.
The help Command
Help
information is available from the PIX Security Appliance command line. If
help? is entered, all commands that are available in the
current privilege level and mode are displayed. In Figure
, all the
commands for the unprivileged mode are displayed.
The help, usage,
description, and syntax, for an individual command can be seen by entering the
help command followed by the command name, for example
pixfirewall>help enable. In Figure
, the usage and
description for the enable command is displayed.
The syntax for the help command is shown in Figure
.
If a
command string is unknown, ? can be entered after the
command. The command syntax is listed as the output.