INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

Intel 3110 VPN password

Intel 3110 VPN password

(OP)
Wondering if anyone knows how to clear administrative/all  passwords on an Intel VPN 3110 with firmware version 6.81, which as per Intel's website, must be returned to a factory authorized center to do this. I'm assuming it's something to do with jumpers inside, of which there are a few. I really don't want to have to ship this thing away just for this.

Thanks in advance

RE: Intel 3110 VPN password

Hello!
It´s realy not possible to reset the 3110 by customer before the firmware version 6.9. if you have only forgoten the telnet password and you have access with the vpn manager, you can upgrade the device to fw 6.9 and than you can reset the 3110 complete from the console.
best regards from germany,
frank

RE: Intel 3110 VPN password

(OP)
Hi Frank,

It's the console/admin password I need to change. I can connect to the console with Hyperterminal through the com port, but obviously can't get any further than that.

Thanks anyway.

RE: Intel 3110 VPN password

Hi Pluggedin -

I'm having the same problem.  Do you ever get any resolution or did you have to send it back to the factory.

Let me know.

Thanks.

dwnice

RE: Intel 3110 VPN password

I have the same problem.  Someone has given me 4 3110's but not reset the passwords...so i am forced to resend to the factory but Intel says it wont even do that!  Shiva, however, will, for the modest sum of US$150.  http://www.shiva.com/support.htm

Cheers,

RE: Intel 3110 VPN password

Can anybody help me please? I just bought shiva vpn express, it's running 6.70 also client ver is 6.70. But i do not have the shiva vpn manager for 6.70. I try intel download but you need contract number. Can anyone help
thanks all

RE: Intel 3110 VPN password

Sure... Just did it today...

Unplug the shiva.
Open the shiva and remove the flash card and flash card reader as one unit.
Plug the card reader into an IDE bus (just like a hard drive) on a pc running linux (with power off).
Boot the PC and mount the new drive.

Or plug the flash card into a pcmcia type II card slot on your laptop (laptop off) should work but I didn't test it, your mileage may vary.

If you want to keep the configuration and just set a new password then look at and/or edit isbr.cfg, somewhere near the end of the file you should see something that looks like this...



manager admin bird2prey full
manager-allow both
manager-protocol 17
max-telnet 2
console-timeout 5
telnet-timeout 5
!
acl-match-exact off
!
end

As you can see the previous password of my shiva was bird2prey. You can safely edit this password to anything you want more than 6 characters long.

Reinstall the hardware into the shiva and hook it back up and turn it on. Connect via terminal software and once the shiva starts to run type enable and the shiva will ask for your password type in your new password and you are in!

Here is some interesting reading for you...

Virtual Private Networking (VPN)
Directory Files Explained

When running the show directory command from either the Intel® NetStructure™ VPN Manager or from a shell session, you see a list of the following files. Not every file shows up on every device. It matters what your configuration settings are for the device.

Boot.cfg - Configuration settings for bootup. An example of the Boot.cfg is as follows:

    bootimage normal
    safe-mode enable
    safe-timeout 60
    log-buffer 100
    console-mode enable

Boot_pre.cfg - Previous version of the boot configuration. You can restore to this version if unwanted changes were made to the Boot.cfg by replacing the Boot.cfg with the Boot_pre.cfg.

CRL.dat - Certificate revocation list. The VPN device gets this from the Certificate Authority server every x amount of time. The administrator can configure how often the VPN Gateway polls for this list in the VPN Manager, under the Security/Shiva CA section.

Diskkern.bin - Binary code that tells the hardware to behave like a VPN device.

Dh.dat - Diffie-Hellmen key values.

ISBR.cfg - Normal mode configuration.

ISBR.exe - Safe mode operating system.

IF.cfg - Hardware configuration file. This file contains interface information and the device serial number. An example of the IF.cfg file for a device with two ethernet interfaces, no serial interfaces and one async interface, is as follows:

    E2S0A1
    VPN01388

License.txt - License acceptance.

Lrvg.exe - Normal mode operating system.

Lrvg.acl - ACL configuration.

Previous.cfg - Latest normal mode configuration before committing changes.

Safe.cfg - Safe mode configuration.

If the VPN Gateway is configured to use certificates, you have the following files:

Note: A 512 public key was used for the following example.

512.ca - Your certificate. In this case the certificate has a key length of 512 bytes.

512.crl - Revocation list where revoked certificates are tracked. This list is updated as often as you state in the VPN Gateway's configuration and is how the VPN Gateway knows which certificates have been revoked and are no longer good.

512.nca - The next certificate after the present one expires.

There are also a few hidden files.

!nvram.!!! - This is the enable password for the VPN box. If the password for the box is forgotten, it can be cleared by deleting the file if the user has a model of VPN Gateway with the flash card. Be sure you power down the VPN Gateway when removing or inserting the flash memory. To delete this file you need to insert the flash card into a PCMCIA (or PC CARD) slot. Do NOT delete the file using Windows* Explorer. Open an MS-DOS prompt. Change to the drive letter corresponding to the flash disk.

Type Attrib -r !nvram.!!! to turn off the read only attribute for the file.

Now type Del !nvram.!!!

Now when you reinstall the flash card into the VPN device the enable password will be set to the default again.

!ace.!!! - Encryption keys used to communicate with Security Dynamics* ACE/Server.

Good luck! Mine is up and running like a champ.

RE: Intel 3110 VPN password

(OP)
Wow, I didn't think I'd get a response to this, and I appreciate it. But unfortunately, this solution doesn't help me - this unit doesn't have a flash card/reader, it has something that resembles a shortened memory board, about 1.5 inches long, with the version and other numbers written on it. I assume that is what holds the key to my progress. Any other thoughts?

RE: Intel 3110 VPN password

So, i have 2 shiva vpn boxs and 2 intel 3110s (those i wanna keep) but happy to send you one of the shiva's (and they can run the 7.0 release) but you'd have to pay for the shipping and handling.

RE: Intel 3110 VPN password

(OP)
Thanks, et, but that's not neccessary. I appreciate the thought. I was just curious if anyone knew of a reader for the memory board in this thing.

RE: Intel 3110 VPN password

Do you have any pictures of this memory board I can look at.
If I can see it I might be able to suggest a way to hack it.

I am going to upgrade my flash card from 8MB to 64MB so I can run 7.0. Intel says it only requires 32MB but I can get a deal on a 64MB.

etexastea would you be willing to ship one to Canada?

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close