Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1942
Views
0
Helpful
5
Replies

Decommissioning an ASA 5505?

linnkubler
Level 1
Level 1

‎09-27-2016 09:03 AM

Hi,

I am thinking of donating my old ASA 5505 but would like to wipe it's brain first, set it back to the original factory settings.  The recipient wants to use it to practice and learn how to configure Cisco gear but I don't want him learning all our networking secrets.

What would be the best way to reset to factory defaults and not allow restore from any internal backups that might exist?  Deleting any such backups, if they exist, would be preferable.

Thanks in advance,

Linn

Labels:
0 Helpful
5 Replies 5

linnkubler
Level 1
Level 1

‎09-27-2016 10:20 AM

Hi,

So I found instructions online to run the command 'Config factory-default' and did that.  It said it completed successfully but now I don't know the Enable password.  I thought the factory default for enable was 'cisco' but that isn't working, neither is 'blank' (no password).

When I plug in a network cable and try to run ASDM it tells me 'Unable to launch device manager from 192.168.1.1', which I thought was the default IP address too.

What am I missing here?

Thanks,

Linn

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to linnkubler

‎09-27-2016 11:23 AM

Linn,

"configure factory-default" is the right command. A factory-default configuration should have a configuration as listed here:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/start.html#wp1054582

From that, we observe that one needs to connect to any interface on VLAN 1 (Eth0/1 - 0/7) and should get an IP address.

Your ASDM may be failing due to the lack of the necessary binary image (or image matching what the default expects).

The username and password should be blank in a factory default configuration.

0 Helpful

linnkubler
Level 1
Level 1
In response to Marvin Rhoads

‎09-29-2016 08:30 AM

Hi Marvin,

I am connected to the ASA via serial port to the console.  I run putty and can get the default prompt, but when I enter 'ena' it prompts me for a password.  I've tried leaving it blank, entering 'cisco' and 'Cisco' but it just tells me "Invalid password".

What am I missing?  Shouldn't I be able to access it via the console or do I have to connect up a computer to one of the ports?

Thanks,

Linn

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to linnkubler

‎09-29-2016 08:46 AM

You should be able to access it via the console.

If you ran "configure factory-default" earlier the enable password should indeed be blank.

You can perform a password recovery by rebooting while connected to console.

Detailed instructions are here:

http://www.tunnelsup.com/how-to-do-a-password-recovery-on-a-cisco-asa-firewall

0 Helpful

linnkubler
Level 1
Level 1
In response to Marvin Rhoads

‎09-29-2016 10:36 AM

I figured out that the password wasn't reset, even after doing the factory default configure.  But I gave the procedure in the article you gave me a try and while the initial enable password was blank, after running the 'copy startup-config running-config' it was reset to my original password.  Not what I wanted.

So I re-ran the procedure and stopped before restoring the original config.

Think I'll leave it there.

Thanks,

Linn

0 Helpful
Customers Also Viewed These Support Documents