Difference between revisions of "Password Recovery for Cisco ASA 5500 Series"

Latest revision as of 14:40, 12 January 2012

Step 1 Connect to the security appliance console port according to the "Accessing the Command-Line Interface".
Step 2 Power off the security appliance, and then power it on.
Step 3 During the startup messages, press the Escape key when prompted to enter ROMMON.
Step 4 To set the security appliance to ignore the startup configuration at reload, enter the following command:

rommon #1> confreg

The security appliance displays the current configuration register value, and asks if you want to change the value:

Current Configuration Register: 0x00000011

Configuration Summary:

 boot TFTP, image, boot default image from Flash on netboot failure

Do you wish to change this configuration? y/n [n]:

Step 5 Record your current configuration register value, so you can restore it later.
Step 6 At the prompt, enter Y to change the value.

The security appliance prompts you for new values.

Step 7 Accept the default values for all settings, except for the disable system configuration? value; at that prompt, enter Y
Step 8 Reload the security appliance by entering the following command:

rommon #2> boot

The security appliance loads a default configuration instead of the startup configuration.

Step 9 Enter privileged EXEC mode by entering the following command:

hostname> enable

Step 10 When prompted for the password, press Return.

The password is blank.

Step 11 Load the startup configuration by entering the following command:

hostname# copy startup-config running-config

Step 12 Enter global configuration mode by entering the following command:

hostname# configure terminal

Step 13 Change the passwords in the configuration by entering the following commands, as necessary:

hostname(config)# password <password>
hostname(config)# enable password <password>
hostname(config)# username <username> password <password>

Step 14 Change the configuration register to load the startup configuration at the next reload by entering the following command:

hostname(config)# config-register <value>

Where <value> is the configuration register value you noted in Step 5. 0×1 is the default configuration register. For more information about the configuration register, see the Cisco Security Appliance Command Reference.

Step 15 Save the new passwords to the startup configuration by entering the following command:

hostname(config)# copy running-config startup-config

@@ Line 1: / Line 1: @@
-'''Step 1''' Connect to the security appliance console port according to the "Accessing the Command-Line Interface".
+* '''Step 1''' Connect to the security appliance console port according to the "Accessing the Command-Line Interface".
-Buy and Sell Cisco Network Gear.
+* '''Step 2''' Power off the security appliance, and then power it on.
+* '''Step 3''' During the startup messages, press the '''Escape''' key when prompted to enter ROMMON.
+* '''Step 4''' To set the security appliance to ignore the startup configuration at reload, enter the following command:
-'''Step 2''' Power off the security appliance, and then power it on.
+ rommon #1> confreg
-'''Step 3''' During the startup messages, press the '''Escape''' key when prompted to enter ROMMON.
-'''Step 4''' To set the security appliance to ignore the startup configuration at reload, enter the following command:
-rommon #1> confreg
 The security appliance displays the current configuration register value, and asks if you want to change the value:
-Current Configuration Register: 0x00000011
+ Current Configuration Register: 0x00000011
-Configuration Summary:
+ Configuration Summary:
-   boot T F T P  image, boot default image from Flash on netboot failure
+   boot TFTP, image, boot default image from Flash on netboot failure
-Do you wish to change this configuration? y/n [n]:
+ Do you wish to change this configuration? y/n [n]:
-'''Step 5''' Record your current configuration register value, so you can restore it later.
+* '''Step 5''' Record your current configuration register value, so you can restore it later.
+* '''Step 6''' At the prompt, enter '''Y''' to change the value.
-'''Step 6''' At the prompt, enter '''Y''' to change the value.
 The security appliance prompts you for new values.
-'''Step 7''' Accept the default values for all settings, except for the "disable system configuration?" value; at that prompt, enter '''Y.'''
+* '''Step 7''' Accept the default values for all settings, except for the ''disable system configuration?'' value; at that prompt, enter '''Y'''
+* '''Step 8''' Reload the security appliance by entering the following command:
-'''Step 8''' Reload the security appliance by entering the following command:
+ rommon #2> boot
-rommon #2> boot
 The security appliance loads a default configuration instead of the startup configuration.
-'''Step 9''' Enter privileged EXEC mode by entering the following command:
+* '''Step 9''' Enter privileged EXEC mode by entering the following command:
-hostname> enable
+ hostname> enable
-'''Step 10''' When prompted for the password, press '''Return.'''
+* '''Step 10''' When prompted for the password, press '''Return.'''
 The password is blank.
-'''Step 11''' Load the startup configuration by entering the following command:
+* '''Step 11''' Load the startup configuration by entering the following command:
-hostname# copy startup-config running-config
-'''Step 12''' Enter global configuration mode by entering the following command:
-hostname# configure terminal
+ hostname# copy startup-config running-config
-'''Step 13''' Change the passwords in the configuration by entering the following commands, as necessary:
+* '''Step 12''' Enter global configuration mode by entering the following command:
-hostname(config)# password password
+ hostname# configure terminal
-hostname(config)# enable password password
+* '''Step 13''' Change the passwords in the configuration by entering the following commands, as necessary:
-hostname(config)# username name password password
+ hostname(config)# password <password>
+ hostname(config)# enable password <password>
+ hostname(config)# username <username> password <password>
-'''Step 14''' Change the configuration register to load the startup configuration at the next reload by entering the following command:
+* '''Step 14''' Change the configuration register to load the startup configuration at the next reload by entering the following command:
-hostname(config)# config-register value
+ hostname(config)# config-register <value>
-Where value is the configuration register value you noted in Step 5. 0×1 is the default configuration register. For more information about the configuration register, see the Cisco Security Appliance Command Reference.
+Where ''<value>'' is the configuration register value you noted in Step 5. 0×1 is the default configuration register. For more information about the configuration register, see the Cisco Security Appliance Command Reference.
-'''Step 15''' Save the new passwords to the startup configuration by entering the following command:
+* '''Step 15''' Save the new passwords to the startup configuration by entering the following command:
-hostname(config)# copy running-config startup-config
+ hostname(config)# copy running-config startup-config

Difference between revisions of "Password Recovery for Cisco ASA 5500 Series"

Latest revision as of 14:40, 12 January 2012

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools