Password recovery is a very handy feature if you have worked with Cisco products for some time. Every now and then you will run into a device that was configured by someone else who is no longer with the organization and you will be stuck with it.
I will try to describe how to recover a password on a Cisco ASA 5500.
- Login to your Cisco ASA using the Serial CAble aka Blue Cable.
- Go ahead and reboot the Cisco ASA
- During the bootup process, hit the Escape key to enter into the ROMMON mode.
- Enter the following command so Cisco ASA will ignore the startup configuration at next reload.
rommon #0> confreg
- You will see the following output that shows the current configuration register value.
Current Configuration Register: 0×00000011
Configuration Summary:boot TFTP image, boot default image from Flash on netboot failure
Do you wish to change this configuration? y/n [n]:
- Make a note of your current configuration register value
- At the prompt, enter Y to change this value
- Accept the default values for all settings, except for the “disable system configuration?” value; at that prompt, enter Y.
- Reload the Cisco ASA 5500 by entering the following command.
- rommon #1> boot
- At this point Cisco ASA 5500 will boot into the default configuration instead of startup configuration.
- Enter privileged EXEC mode by typing enable
At this point you can either load the startup configuration OR just start fresh. I didn’t have any configuration to lose so I went ahead and started fresh.
Don’t forget to change the configuration registration value back .
hostname(config)# config-register 0×00000011
Save the configuration and you are good to go!