Sunday, June 26, 2011

How to reset lost password at IBM ISS MX Firewalls

Use Putty, Hyper terminal wont work with this procedure.

* Open a console terminal session with the M/MX appliance.
* Reboot the appliance.
* Press [Delete] to enter setup.
* When the GRUB menu appears, press 'e'
* Select the kernel that you wish to boot and type 'e' for edit.
* Select the line that starts with 'kernel' and type 'e' to edit the line.
* Go to the end of the line and type 'single' as a separate word (press the [Spacebar] and then type single).
* Press [Enter] to exit edit mode.
* Back at the GRUB screen, type 'b' to boot into single user mode.
* You should get a fairly normal looking boot sequence except that it terminates a little early at a bash prompt.

NOTE: If you get a "Give root password for system maintenance" message, your system has been secured to require the root password for any level of access. In that case, this procedure isn't going to work and you would need to reimage the system to regain access.

Once you get to the command prompt, the / file system may not be mounted as writable. To ensure that it is writable, enter the following
command:
mount -o remount,rw /

* If all is successfull up to this point, you can type the following and change the root password to whatever you like:
passwd

* You can also change the command line admin password here using the following command:
passwd admin

* You can change the web interface admin password here using the following command:
htpasswd -m /var/www/auth/htpasswd admin

* Once the passwords have been changed, reboot the appliance with the
command:
shutdown -r now

* After the system has finished rebooting, you should be able to login with the newly changed password.

Checkpoint L2TP Android Configuration

 The only setup difference between Iphone and Android is the L2TP preshared key.This is empty at  Android side.

*Go to Settings -> Wireless & Networks -> VPN Settings

 -vpn name: “set a vpn name”
  -vpn server : “set firewall ip”
  -ipsec preshared key:” set l2tp key ”
  -l2tp preshared key : “disable”

You will be able to connect from Android.