Password Recovery procedure for Cisco ASA 5505 Security Appliance.
1. Power-cycle your security appliance by unpluggin and pluggin the power cable.
2. Press Esc to interrupt the boot process and enter ROM Monitor mode.
You will see a rommon prompt (rommon #0>).
3. Enter the confreg command to view the current configuration register setting:
rommon #0>confreg4. The current configuration register should be the default of 0x01 (it will actually display as 0x00000001). The security appliance will ask if you want to make changes to the configuration register. Answer no when prompted.
5. Change the configuration register to 0x41, which tells the appliance to ignore its saved (startup)configuration upon boot:
rommon #1>confreg 0x41
6. Reset the appliance with the boot command:
rommon #2>boot
7. The security appliance ignore the saved configuration and once it boot up following User Mode prompt will appear:
ciscoasa>
8. Enter the enable command to enter Privileged Mode. When the appliance prompts you for a password, simply press:
ciscoasa>enable
Password:
ciscoasa#
9. Copy the startup configuration file into the running configuration with the following command: ciscoasa#copy startup-config running-config
10. Enter the following command to change the Privileged Mode password:
asa#conf t
asa(config)#enable password abcd
11. Change configuration register to the default of 0x01 so that ASA read its startup configuration on boot: asa(config)#config-register 0x01
12. Verify the configuaration change:
asa(config)#exit
asa#show version
Note: At bottom of the output of the show version command, you should see the following statement: Configuration register is 0x41 (will be 0x1 at next reload)
13. Save the current configuration
asa#copy run start Source filename [running-config]
14. Reload the security appliance:
asa# reload
System config has been modified. Save? [Y]es/[N]o:yes
Cryptochecksum: XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
2149 bytes copied in 1.480 secs (2149 bytes/sec)
Proceed with reload? [confirm]
1. Power-cycle your security appliance by unpluggin and pluggin the power cable.
2. Press Esc to interrupt the boot process and enter ROM Monitor mode.
You will see a rommon prompt (rommon #0>).
3. Enter the confreg command to view the current configuration register setting:
rommon #0>confreg4. The current configuration register should be the default of 0x01 (it will actually display as 0x00000001). The security appliance will ask if you want to make changes to the configuration register. Answer no when prompted.
5. Change the configuration register to 0x41, which tells the appliance to ignore its saved (startup)configuration upon boot:
rommon #1>confreg 0x41
6. Reset the appliance with the boot command:
rommon #2>boot
7. The security appliance ignore the saved configuration and once it boot up following User Mode prompt will appear:
ciscoasa>
8. Enter the enable command to enter Privileged Mode. When the appliance prompts you for a password, simply press:
ciscoasa>enable
Password:
ciscoasa#
9. Copy the startup configuration file into the running configuration with the following command: ciscoasa#copy startup-config running-config
10. Enter the following command to change the Privileged Mode password:
asa#conf t
asa(config)#enable password abcd
11. Change configuration register to the default of 0x01 so that ASA read its startup configuration on boot: asa(config)#config-register 0x01
12. Verify the configuaration change:
asa(config)#exit
asa#show version
Note: At bottom of the output of the show version command, you should see the following statement: Configuration register is 0x41 (will be 0x1 at next reload)
13. Save the current configuration
asa#copy run start Source filename [running-config]
14. Reload the security appliance:
asa# reload
System config has been modified. Save? [Y]es/[N]o:yes
Cryptochecksum: XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
2149 bytes copied in 1.480 secs (2149 bytes/sec)
Proceed with reload? [confirm]
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.