Re: 0x04 Password on ASA5505 - typo during password recovery

djmartin67 · ‎08-09-2012

Hi,

I was following http://ezinearticles.com/?Password-Recovery-on-the-Cisco-ASA-Security-Appliance&id=664795 and on step 8 I have managed to mistype the password I wanted to configure so I dont know what it is now.

I did manage to reset the password on the Confreg 0x01 following this article http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/trouble.html#wp1049302

The problem is now I want to restore the Cisco ASA 5505 to factory defaults - but I can't complete the operation because I think I need the password for Confreg 0x04 which because I mistyped I dont know what it is.

As I have access to 0x01 can I reset the password on 0x04?

Thanks

Donald

Ramraj Sivagnanam Sivajanam · ‎08-19-2012

Hi Bro

Could you refer to this Cisco document (Password recovery section) and let me know if it works for you

http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/trouble.html#wp1049302

Warm regards,
Ramraj Sivagnanam Sivajanam

djmartin67 · ‎08-20-2012

Hi,

The link you posted is the link I refer to in my post - as I said I followed this article and was able to reset the password on the running configuration registar 0x01 - my password issue is now with the default configuration registar 0x04 for which I dont know the password.

So the article refers how to change the password on the 0x01 confreg - is there a way I can apply the same principle but change the password in the 0x04 confreg?

Cheers

Donald

Ramraj Sivagnanam Sivajanam · ‎08-20-2012

Hi Bro
Have you tried the steps shown below;

Plug in your serial console,
reboot the ASA
press 'ESC' when its booting

# Now get into configuration management
rommon #0> confreg

# Record this next line we'll need it later.
Current Configuration Register: 0x00000001
Configuration Summary:
boot default image from Flash

Do you wish to change this configuration? y/n [n]: Y
enable boot to ROMMON prompt? y/n [n]:n
enable TFTP netboot? y/n [n]:n
enable Flash boot? y/n [n]:n
select specific Flash image index? y/n [n]:n
disable system configuration? y/n [n]: Y

go to ROMMON prompt if netboot fails? y/n [n]:n
enable passing NVRAM file specs in auto-boot mode? y/n [n]:n
disable display of BREAK or ESC key prompt during auto-boot? y/n [n]:n

Current Configuration Register: 0x00000040
Configuration Summary:
boot ROMMON
ignore system configuration

Update Config Register (0x40) in NVRAM...
#now lets load the clean settings
rommon #2> boot

hostname# copy startup-config running-config
hostname# configure terminal
hostname(config)# password password
hostname(config)# enable password cisco123

hostname(config)# username admin password cisco123

# Remember that line I asked you to record
hostname(config)# config-register 0x00000001
hostname(config)# copy running-config startup-config

# Reset to factory settings
config term
config factory-default

# Hit spacebar when the ‘more’ thing happens.
(Optional) reload save-config noconfirm

Warm regards,
Ramraj Sivagnanam Sivajanam

dj · ‎08-28-2012

Hi Ramraj,

Sorry for late reply I have been away.

I tried your last post and it worked - I now have the factory defaults and the passwords configured.

Thanks alot and cheers

Donald

Ramraj Sivagnanam Sivajanam · ‎08-28-2012

I'm glad all is good. Please helpt to rate all the post, nicely :-) and click on the button that says "correct answer"... so that the others could learn from your experience too...

Warm regards,
Ramraj Sivagnanam Sivajanam

dj · ‎08-29-2012

Happy to but dont have a button showing "correct answer" - all I have is "report abuse" and "reply" at the top it say this question is not answered. And I was trying to give 5 stars on each post but the 2nd last can only give 3 although I've clicked on the 5th star?

Let me know if there's a way to set this post to answered.

Thanks again

Donald

Ramraj Sivagnanam Sivajanam · ‎08-29-2012

No worries bro

Warm regards,
Ramraj Sivagnanam Sivajanam