It is highly recommended to have a console connection while resetting the Firewall to Factory Defaults. A console connection allows you to see the progress of the reset procedure.
Locate the Asset Recovery Pinhole (labeled RESET on some devices) on the device.
For this example, we have selected a NetScreen 5GT device.
Using a thin, firm wire (such as a paper clip), push the pinhole for four to six seconds, and then release. A serial console message states that the Configuration Erasure Process has been initiated, and the system sends an SNMP/SYSLOG alert. The Status LED blinks amber / red once every second.
Wait for one-half to two seconds. After the first reset is accepted, the Power LED blinks green; the device is now waiting for the second reset push. The serial console message now reads, Waiting for 2nd confirmation.
Push the reset pinhole again for four to six seconds. The Status LED lights amber / red for one-half second, and then returns to the blinking green state.
The device resets to its original factory settings. When the device resets, the Status LED will turn amber /red for one-half second and then return to the blinking green state. The serial console message states Configuration Erase sequence accepted, unit reset. The system generates SNMP and SYSLOG alerts to configured SYSLOG or SNMP trap hosts.
The device now reboots. The default factory settings are:
System IP Address 192.168.1.1
If you do not follow the complete sequence, the reset process cancels without any configuration change and the serial console message states Configuration Erasure Process aborted. The Status LED returns to blinking green. During a reset, there is no guarantee that the final SNMP alert sent to the receiver before the reset will be received.
Having trouble performing the Hardware Reset steps above?
If you do not have a console connected to help you inform you of the progress of the reset procedure, then it can be difficult to perform the above steps. Watching the Status LED is a another way to determine when to push and release the pinhole. It is also helpful to ping 192.168.1.1 (the default IP address assigned to the trust interface of the firewall) from a client connected to the trust port of the firewall during this process.
a. Push and HOLD pinhole with thin wire. The Status LED will turn to a “blinking amber'. Keep holding, and when it turns to 'blinking green', immediately release the pinhole.
b. After 1 second, push and HOLD the pinhole again. The Status LED will turn to a “blinking red”. Keep holding, and when the Status LED turns to 'solid amber' or 'solid green', immediately release the pinhole and wait.
c. Firewall will reboot and be available in approximately 3-5 minutes. Pings to 192.168.1.1 should then work.
Another option to reset the device to factory default:
If the Serial number of the device is known, then you can logon to the device by using the Serial Number as the Username and Password and this will reset the device to factory default. In this case, the default settings would be the same as mentioned above.