How to recover a firewall after master key expiration
6271
Created On 06/10/20 09:06 AM - Last Modified 06/06/24 04:02 AM
Objective
This article is intended as a guide to restore the firewall from maintenance mode by recovering the configuration and restoring it after a factory reset.
As stated in the Administrator’s Guide: "Be sure to store the master key in a safe location. You cannot recover the master key and the only way to restore the default master key is to reset the firewall to factory default settings."
Environment
A firewall in maintenance mode due to master key expiration.
Procedure
- Connect to the console port of the firewall, which should show the maintenance mode window.
- Retrieve the configuration from maintenance mode.
- Follow the Administrator’s Guide to reset the firewall to factory default settings.
- Once the firewall is up and running again configure it with the same master key that was used previously to encrypt the configuration. The configuration cannot be loaded unless the currently configured master key is able to decrypt the configuration being imported.
- Import the configuration that was exported in step 2 back into the firewall.