07-08-2019 09:03 PM - edited 07-08-2019 09:18 PM
Hi
our ASA 5515x password expired due to password Expiry limitation and unfortunately no service password-recovery command is enabled. is there any way we can recover password ? with or without losing existing configuration
when we login on ASA it shows Password Expired
or do we have to contact with TAC ?
do password-policy lifetime command also expires Console password or it just work for username/password ? if we connect console on ASA then Enable password will still work ?
Regards
Solved! Go to Solution.
07-08-2019 10:38 PM
Ability to use the console connection depends on whether or not you had configured it to also require the local username for authentication.
If both the ssh and console (and ASDM) logins required authentication with local username AND that credential is expired AND the no service password-recovery feature is enabled then you will have to rebuild the configuration from scratch.
07-08-2019 10:38 PM
Ability to use the console connection depends on whether or not you had configured it to also require the local username for authentication.
If both the ssh and console (and ASDM) logins required authentication with local username AND that credential is expired AND the no service password-recovery feature is enabled then you will have to rebuild the configuration from scratch.
07-08-2019 10:50 PM
Hi Marven,
Thanks for your Reply
i found this guide in witch it says Users from console are never locked down due to Password Expiration
Password-Policy lifetime days
(Optional) Sets the interval in days after which passwords expire for remote users (SSH, Telnet, HTTP); users at the console port are never locked out due to password expiration. Valid values are between 0 and 65536 days. The default value is 0 days, a value indicating that passwords will never expire.
7 days before the password expires, a warning message appears. After the password expires, system access is denied to remote users. To gain access after expiration, do one of the following:
I'll try it from console if not then it'll be a issue, you are right it might depends whether console login required local username/password database or not
07-09-2019 12:53 AM
07-10-2019 12:35 AM
Hi
We are able to access via Console ( it did not ask about username/passswrod and only enable password was sufficient.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide