phirebird

Cisco router password reset / recovery

Posted by on June 3, 2009 · Leave a Comment 

This is something that I’ve commited to memory now (sad, I know) but here it is – the password recovery procedure (tested on 800, 1700, 1800, 2600, 3600  series routers – you get the idea – most of them!).

Get a console cable rigged up and your favourite terminal application. Make sure this works first and then turn on / reboot the router.

When the router is ‘Self decompressing the image’ hit CTRL+C. If nothing seems to happen – check your terminal app for keyboard mappings, etc (I know that PuTTY needs a bit of playing with. HyperTerminal works with the defaults)

The next stage is to alter the config register to make it ‘ignore’ the startup-config on next boot (which is where your passwords are stored). You should check what your original config register is before you change it – but if you know what it was, you probably wouldn’t be reading this!! It’s usually safe to assume anyway that you want to set the config register to 0×2142. So, at the prompt:

rommon 1> confreg 0×2142
rommon 2> reset

The router should now be resetting itself as if it didn’t have any config – and start to run through the ‘Initial Setup’. Hit CTRL+C and you’ll drop to the prompt. The trick is to get yourself into priviledged mode, copy over your startup config to ‘running’ and then set your new password(s). So:

Router> en
Router# copy startup-config running-config
phbrouter#

Note that you’ll see your interfaces being brought up, and other status messages to signify the router is/has been configured. What you do at this point depends entirely on your configuration. Chances are that you’ll want to set a new enable password, but you may also want to reset local user passwords, console passwords, etc. I’ll show you how to reset the enable secret (but make sure to do a ‘sh run’ to check for others):

phbrouter# conf term
phbrouter(config)# enable secret <new password>
phbrouter(config)# exit
phbrouter#

Issue a quick ‘wr mem’ and your new config will be written. Finally, you’ll need to set your config register back to 0×2102 (to tell the router to no longer ignore your startup-config):

phbrouter# conf t
phbrouter(config)# config-register 0×2102
phbrouter(config)# exit
phbrouter# wr mem

Done! Reboot and you should be able to use your new password(s).  Note that on some IOS images, I’ve noticed that the interfaces adopt the shutdown state. Easily rectified by going into configuration mode, and issuing a ‘no shutdown’ for each interface.

 

Are you looking to learn more about Cisco equipment? Well, here’s a selection of a few books that I’ve found useful over the years:


Cisco: A Beginner’s Guide		  
CCNA – Cisco Certified Network Associate Study Guide		  
Cisco Networking for Dummies		  
Cisco IOS in a Nutshell – O’Reilly

 

Filed under Cisco · Tagged with ,

phirebird