Solved: Cisco ASA 5510 Security policy disabled password and rommon

paul dungey · ‎11-09-2012

Hello,

I'm trying to remove the password from the Cisco ASA 5510, from the output below the "security policy" has disabled myself from Rommon and password recovery, the customer has removed the flash card from the back of the unit how do i go about removing the password, I've got an other 37 Cisco ASA 5510 with exactly the same problem. the customer requires the configuration on each unit wiped to factory defaults.

Booting system, please wait...

CISCO SYSTEMS

Embedded BIOS Version 1.0(11)5 08/28/08 15:11:51.82

Low Memory: 631 KB

High Memory: 256 MB

PCI Device Table.

Bus Dev Func VendID DevID Class Irq

00 00 00 8086 2578 Host Bridge

00 01 00 8086 2579 PCI-to-PCI Bridge

00 03 00 8086 257B PCI-to-PCI Bridge

00 1C 00 8086 25AE PCI-to-PCI Bridge

00 1D 00 8086 25A9 Serial Bus 11

00 1D 01 8086 25AA Serial Bus 10

00 1D 04 8086 25AB System

00 1D 05 8086 25AC IRQ Controller

00 1D 07 8086 25AD Serial Bus 9

00 1E 00 8086 244E PCI-to-PCI Bridge

00 1F 00 8086 25A1 ISA Bridge

00 1F 02 8086 25A3 IDE Controller 11

00 1F 03 8086 25A4 Serial Bus 5

00 1F 05 8086 25A6 Audio 5

02 01 00 8086 1075 Ethernet 11

03 01 00 177D 0003 Encrypt/Decrypt 9

03 02 00 8086 1079 Ethernet 9

03 02 01 8086 1079 Ethernet 9

03 03 00 8086 1079 Ethernet 9

03 03 01 8086 1079 Ethernet 9

04 02 00 8086 1209 Ethernet 11

04 03 00 8086 1209 Ethernet 5

Evaluating BIOS Options ...

Invalid Key: 001A

Invalid Key: 001B

Invalid Key: 001A

Launch BIOS Extension to setup ROMMON

Cisco Systems ROMMON Version (1.0(11)5) #0: Thu Aug 28 15:23:50 PDT 2008

Platform ASA5510

PASSWORD RECOVERY FUNCTIONALITY IS DISABLED

Use BREAK or ESC to interrupt boot.

Use SPACE to begin boot immediately.

Boot interrupted.

Management0/0

Ethernet auto negotiation timed out.

Interface-4 Link Not Established (check cable).

Default Interface number-4 Not Up

WARNING: Password recovery and ROMMON command line access has been

disabled by your security policy. Choosing YES below will cause ALL

configurations, passwords, images, and files systems to be erased.

ROMMON command line access will be re-enabled, and a new image must be

downloaded via ROMMON.

Erase all file systems? y/n [n]: Boot

regards

Paul

Jennifer Halim · ‎11-09-2012

When you go to the last question, you should answer "y" instead of "n". That would erase all the configuration, passwords, images and files systems.

Erase all file systems? y/n [n]: y

That would erase everything from the ASA as i believe that is what your customer would like to do, right?

You would however need to upload a new ASA image via ROMMON mode.

View solution in original post

Jennifer Halim · ‎11-09-2012

When you go to the last question, you should answer "y" instead of "n". That would erase all the configuration, passwords, images and files systems.

Erase all file systems? y/n [n]: y

That would erase everything from the ASA as i believe that is what your customer would like to do, right?

You would however need to upload a new ASA image via ROMMON mode.

paul dungey · ‎11-12-2012

Hi Jennifer,

Just to say thank you for your support the Firewall is now erased.

regards

Paul

Jennifer Halim · ‎11-12-2012

Excellent and thanks for the update and rating.