Author Topic: Cant log into Firewall (Read 1961 times)

Meomix · « **on:** July 14, 2009, 03:53:10 PM »

The firewalls model is a Nokia IP120 and i can not access the Web GUI anymore, It was working fine until dad screwed up the "Nokia's Checkpoint Plugin" installation.

I went to the command line and tried to type in cpconfig to reset the firewall but it spit out an error saying that the Hostname resolution is incorrect And that i should go to "Voyager -> Configure -> Static Host Entries" to fix the problem in gui mode WHICH I CAN NOT ACCESS!

Does anyone know how to set the Static Host Entries on command line? i have been searching google to no avail.

dankles · « **Reply #1 on:** July 14, 2009, 03:59:41 PM »

Quote from: Meomix on July 14, 2009, 03:53:10 PM

The firewalls model is a Nokia IP120 and i can not access the Web GUI anymore, It was working fine until dad screwed up the "Nokia's Checkpoint Plugin" installation.

I went to the command line and tried to type in cpconfig to reset the firewall but it spit out an error saying that the Hostname resolution is incorrect And that i should go to "Voyager -> Configure -> Static Host Entries" to fix the problem in gui mode WHICH I CAN NOT ACCESS!

Does anyone know how to set the Static Host Entries on command line? i have been searching google to no avail.

Judging from your expertise, I'm guessing you already looked for a reset button to press and hold till the lights blink.

Meomix · « **Reply #2 on:** July 14, 2009, 05:21:53 PM »

Quote from: dankles on July 14, 2009, 03:59:41 PM

Quote from: Meomix on July 14, 2009, 03:53:10 PM
The firewalls model is a Nokia IP120 and i can not access the Web GUI anymore, It was working fine until dad screwed up the "Nokia's Checkpoint Plugin" installation.

I went to the command line and tried to type in cpconfig to reset the firewall but it spit out an error saying that the Hostname resolution is incorrect And that i should go to "Voyager -> Configure -> Static Host Entries" to fix the problem in gui mode WHICH I CAN NOT ACCESS!

Does anyone know how to set the Static Host Entries on command line? i have been searching google to no avail.

Judging from your expertise, I'm guessing you already looked for a reset button to press and hold till the lights blink.

Yep.. i went to hold down the reset button for a long time, the lights didn't blink however the power button was a constant green and the fault was at a constant red (the red light appeared when i was trying to restore the firewall back to normal by re-adding ip address, dns etc etc)

When i let go of the reset button orange lights start blinking as well as the red light and we still cant enter the Web GUI.

halfelite · « **Reply #3 on:** July 14, 2009, 11:25:19 PM »

That is if you have a service contract. If not look around on the net. That will restore it to factory default.

1.) Get ipso.tgz and place onto an ftp server accessible from the Nokia
2.) Connect via Console port to the box (not ssh)
3.) Interrupt the boot process and enter Bootmgr
4.) Type Install and follow the instructions.

Meomix · « **Reply #4 on:** July 15, 2009, 11:12:35 AM »

Quote from: halfelite on July 14, 2009, 11:25:19 PM

That is if you have a service contract. If not look around on the net. That will restore it to factory default.

1.) Get ipso.tgz and place onto an ftp server accessible from the Nokia
2.) Connect via Console port to the box (not ssh)
3.) Interrupt the boot process and enter Bootmgr
4.) Type Install and follow the instructions.

We dont have the serial number the bastard who sold us the device removed it.

In any case i have located the problem, before the Firewall went down dad said he went to the Nokia Web GUI and enabled Check Point VPN-1 Pro/Express NGX package that is when everything went haywire, is there a way to DISABLE this in command line mode?

kyanwan · « **Reply #5 on:** July 15, 2009, 08:15:22 PM »

Quote from: Meomix on July 15, 2009, 11:12:35 AM

We dont have the serial number the bastard who sold us the device removed it.

Shoulda refused that item on the spot. In my books - wiped serial = stolen goods = I don't touch it.

The reset button is like the reset button on your PC. It reboots the device.

Have you tried reset, hold down the reset and unplug the power source from the device (*Not the wall) while keeping it held, plug back in with the reset depressed. With most enterprise routers I've encountered (Snapgear, Ramp, Sonicwall Soho & TZ, Watchguard) - this is the means to hard reset to factory defaults. This is also how I've fixed quite a few fucked enterprise firewalls myself.

( From what you described - sounds like you might not have tried this. This here should be the FASTEST fix you can find. I bet - you can fix up everything faster than you can ever find the answer to the requested how-do-you-disable-it from ssh/terminal question. )

You should have a clean from firmware configuration after that.

Meomix · « **Reply #6 on:** July 16, 2009, 07:07:23 AM »

Quote from: kyanwan on July 15, 2009, 08:15:22 PM

Quote from: Meomix on July 15, 2009, 11:12:35 AM
We dont have the serial number the bastard who sold us the device removed it.

Shoulda refused that item on the spot. In my books - wiped serial = stolen goods = I don't touch it.

The reset button is like the reset button on your PC. It reboots the device.

Have you tried reset, hold down the reset and unplug the power source from the device (*Not the wall) while keeping it held, plug back in with the reset depressed. With most enterprise routers I've encountered (Snapgear, Ramp, Sonicwall Soho & TZ, Watchguard) - this is the means to hard reset to factory defaults. This is also how I've fixed quite a few fucked enterprise firewalls myself.

( From what you described - sounds like you might not have tried this. This here should be the FASTEST fix you can find. I bet - you can fix up everything faster than you can ever find the answer to the requested how-do-you-disable-it from ssh/terminal question. )

You should have a clean from firmware configuration after that.

Yeah when the turd sold us the item he made sure he serial at the back could not be seen / our ill-experience on not knowing how serious serials where led to all that crap.

Quote

Have you tried reset, hold down the reset and unplug the power source from the device (*Not the wall) while keeping it held, plug back in with the reset depressed. With most enterprise routers I've encountered (Snapgear, Ramp, Sonicwall Soho & TZ, Watchguard) - this is the means to hard reset to factory defaults. This is also how I've fixed quite a few fucked enterprise firewalls myself.

Ok let me clarify your post

You want me to:
1. Hold down the reset button
2. While holding down the reset button remove the plug attached to the device NOT the plug attached to the wall
3. Then Release the reset button and plug the cord back to the device?

Im i rite? XD

Oh and another thing, this Nokia has no DHCP server so i cant make my NIC Card fish out its default IP Address, do you have any clue what the default is?

halfelite · « **Reply #7 on:** July 16, 2009, 07:38:16 AM »

try seeing if you can run "cpconfig" to disable it

or see if you can

try to rename/move active.db under /config and pull the plug

or if all else fails You should not need a the img running this. Although dont take my word on it.

cd /config/db
rm initial
or
newsystems -f

kyanwan · « **Reply #8 on:** July 16, 2009, 10:41:34 PM »

Quote from: Meomix on July 16, 2009, 07:07:23 AM

Quote from: kyanwan on July 15, 2009, 08:15:22 PM
Quote from: Meomix on July 15, 2009, 11:12:35 AM
We dont have the serial number the bastard who sold us the device removed it.

Shoulda refused that item on the spot. In my books - wiped serial = stolen goods = I don't touch it.

The reset button is like the reset button on your PC. It reboots the device.

Have you tried reset, hold down the reset and unplug the power source from the device (*Not the wall) while keeping it held, plug back in with the reset depressed. With most enterprise routers I've encountered (Snapgear, Ramp, Sonicwall Soho & TZ, Watchguard) - this is the means to hard reset to factory defaults. This is also how I've fixed quite a few fucked enterprise firewalls myself.

( From what you described - sounds like you might not have tried this. This here should be the FASTEST fix you can find. I bet - you can fix up everything faster than you can ever find the answer to the requested how-do-you-disable-it from ssh/terminal question. )

You should have a clean from firmware configuration after that.

Yeah when the turd sold us the item he made sure he serial at the back could not be seen / our ill-experience on not knowing how serious serials where led to all that crap.

Quote
Have you tried reset, hold down the reset and unplug the power source from the device (*Not the wall) while keeping it held, plug back in with the reset depressed. With most enterprise routers I've encountered (Snapgear, Ramp, Sonicwall Soho & TZ, Watchguard) - this is the means to hard reset to factory defaults. This is also how I've fixed quite a few fucked enterprise firewalls myself.

Ok let me clarify your post

You want me to:
1. Hold down the reset button
2. While holding down the reset button remove the plug attached to the device NOT the plug attached to the wall
3. Then Release the reset button and plug the cord back to the device?

Im i rite? XD

Oh and another thing, this Nokia has no DHCP server so i cant make my NIC Card fish out its default IP Address, do you have any clue what the default is?

Almost exact - but step 3:

keep the reset button depressed while you reconnect power - so, you're turning it on WITH the reset button still held down.

This method can take seemingly "bricked" units and restore them from ROM.

Factory defaults - everything - should be in the manual from the MFG on the device.

It's almost always 192.168.0.1 or 192.168.1.1 or something like that.

( * NOTE HERE: - I would STRONGLY suggest against deleting files. It's better to mv initial initial.bak Once you are completely 100% positive you no longer need the file -aka- it's working - then you delete it. )

halfelite · « **Reply #9 on:** July 16, 2009, 11:46:05 PM »

Quote from: kyanwan on July 16, 2009, 10:41:34 PM

Quote from: Meomix on July 16, 2009, 07:07:23 AM
Quote from: kyanwan on July 15, 2009, 08:15:22 PM
Quote from: Meomix on July 15, 2009, 11:12:35 AM
We dont have the serial number the bastard who sold us the device removed it.

Shoulda refused that item on the spot. In my books - wiped serial = stolen goods = I don't touch it.

The reset button is like the reset button on your PC. It reboots the device.

Have you tried reset, hold down the reset and unplug the power source from the device (*Not the wall) while keeping it held, plug back in with the reset depressed. With most enterprise routers I've encountered (Snapgear, Ramp, Sonicwall Soho & TZ, Watchguard) - this is the means to hard reset to factory defaults. This is also how I've fixed quite a few fucked enterprise firewalls myself.

( From what you described - sounds like you might not have tried this. This here should be the FASTEST fix you can find. I bet - you can fix up everything faster than you can ever find the answer to the requested how-do-you-disable-it from ssh/terminal question. )

You should have a clean from firmware configuration after that.

Yeah when the turd sold us the item he made sure he serial at the back could not be seen / our ill-experience on not knowing how serious serials where led to all that crap.

Quote
Have you tried reset, hold down the reset and unplug the power source from the device (*Not the wall) while keeping it held, plug back in with the reset depressed. With most enterprise routers I've encountered (Snapgear, Ramp, Sonicwall Soho & TZ, Watchguard) - this is the means to hard reset to factory defaults. This is also how I've fixed quite a few fucked enterprise firewalls myself.

Ok let me clarify your post

You want me to:
1. Hold down the reset button
2. While holding down the reset button remove the plug attached to the device NOT the plug attached to the wall
3. Then Release the reset button and plug the cord back to the device?

Im i rite? XD

Oh and another thing, this Nokia has no DHCP server so i cant make my NIC Card fish out its default IP Address, do you have any clue what the default is?

Almost exact - but step 3:

keep the reset button depressed while you reconnect power - so, you're turning it on WITH the reset button still held down.

This method can take seemingly "bricked" units and restore them from ROM.

Factory defaults - everything - should be in the manual from the MFG on the device.

It's almost always 192.168.0.1 or 192.168.1.1 or something like that.

( * NOTE HERE: - I would STRONGLY suggest against deleting files. It's better to mv initial initial.bak Once you are completely 100% positive you no longer need the file -aka- it's working - then you delete it. )

Good point thanks I missed adding mv instead of rm.

Meomix · « **Reply #10 on:** July 18, 2009, 08:39:01 AM »

Quote from: kyanwan on July 16, 2009, 10:41:34 PM

Quote from: Meomix on July 16, 2009, 07:07:23 AM
Quote from: kyanwan on July 15, 2009, 08:15:22 PM
Quote from: Meomix on July 15, 2009, 11:12:35 AM
We dont have the serial number the bastard who sold us the device removed it.

Shoulda refused that item on the spot. In my books - wiped serial = stolen goods = I don't touch it.

The reset button is like the reset button on your PC. It reboots the device.

Have you tried reset, hold down the reset and unplug the power source from the device (*Not the wall) while keeping it held, plug back in with the reset depressed. With most enterprise routers I've encountered (Snapgear, Ramp, Sonicwall Soho & TZ, Watchguard) - this is the means to hard reset to factory defaults. This is also how I've fixed quite a few fucked enterprise firewalls myself.

( From what you described - sounds like you might not have tried this. This here should be the FASTEST fix you can find. I bet - you can fix up everything faster than you can ever find the answer to the requested how-do-you-disable-it from ssh/terminal question. )

You should have a clean from firmware configuration after that.

Yeah when the turd sold us the item he made sure he serial at the back could not be seen / our ill-experience on not knowing how serious serials where led to all that crap.

Quote
Have you tried reset, hold down the reset and unplug the power source from the device (*Not the wall) while keeping it held, plug back in with the reset depressed. With most enterprise routers I've encountered (Snapgear, Ramp, Sonicwall Soho & TZ, Watchguard) - this is the means to hard reset to factory defaults. This is also how I've fixed quite a few fucked enterprise firewalls myself.

Ok let me clarify your post

You want me to:
1. Hold down the reset button
2. While holding down the reset button remove the plug attached to the device NOT the plug attached to the wall
3. Then Release the reset button and plug the cord back to the device?

Im i rite? XD

Oh and another thing, this Nokia has no DHCP server so i cant make my NIC Card fish out its default IP Address, do you have any clue what the default is?

Almost exact - but step 3:

keep the reset button depressed while you reconnect power - so, you're turning it on WITH the reset button still held down.

This method can take seemingly "bricked" units and restore them from ROM.

Factory defaults - everything - should be in the manual from the MFG on the device.

It's almost always 192.168.0.1 or 192.168.1.1 or something like that.

( * NOTE HERE: - I would STRONGLY suggest against deleting files. It's better to mv initial initial.bak Once you are completely 100% positive you no longer need the file -aka- it's working - then you delete it. )

I just tried what you said. i held down the reset button unplugged it, plugged it back in with the rest button still held on then i released the reset button, it did not reset back to factory defaults.

So i went to rename the initial to initial.bak like you said, now i CANT TELNET into the router, the gateways 192.168.0.1 / 192.168.1.1 are not working. And i CANT CONSOLE into the router, the stupid console cable that came with it never worked b(_ _)d

halfelite · « **Reply #11 on:** July 18, 2009, 09:39:53 PM »

did you try going through cpconfig

before moving the initial file?

Also the IP would default to the factory. more then likely its now a 10.0 or 10.10 address now. Also are you sure its the console cable and not the settings on your pc? Goto any store and get a usb to serial and then a new cable. And make sure to use the right settings.

Meomix · « **Reply #12 on:** July 19, 2009, 03:49:15 PM »

Quote from: halfelite on July 18, 2009, 09:39:53 PM

did you try going through cpconfig

before moving the initial file?

Also the IP would default to the factory. more then likely its now a 10.0 or 10.10 address now. Also are you sure its the console cable and not the settings on your pc? Goto any store and get a usb to serial and then a new cable. And make sure to use the right settings.

I already did cpconfig over 39 times, it refused to work unless i fixed Hostname Resolution.

BakaBT

Author Topic: Cant log into Firewall (Read 1961 times)

Meomix

Cant log into Firewall

dankles

Re: Cant log into Firewall

Meomix

Re: Cant log into Firewall

halfelite

Re: Cant log into Firewall

Meomix

Re: Cant log into Firewall

kyanwan

Re: Cant log into Firewall

Meomix

Re: Cant log into Firewall

halfelite

Re: Cant log into Firewall

kyanwan

Re: Cant log into Firewall

halfelite

Re: Cant log into Firewall

Meomix

Re: Cant log into Firewall

halfelite

Re: Cant log into Firewall

Meomix

Re: Cant log into Firewall