Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
422
Views
0
Helpful
5
Replies

FMC Managed FTD Device CLI Password

Go to solution
Lee Dress
Level 1
Level 1

‎05-13-2024 06:46 AM

I have an FTD device that is managed through FMC and working properly.

I'm trying to log in to the console port as "admin" but the passwords we use here are not working.

the default Admin123 also does not work.

is there any direction someone can point me to figure out what the reason is, or how to recover?

the device works fine and is not having any management issues, but if I need the CLI for some reason, it would be good to know the admin password.

 

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-14-2024 07:05 AM

If you have working FMC-based management, you could add external authentication (RADIUS), making sure to select to use it for ssh access. Then an externally-authenticated account with admin access could log in and change the local admin password.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎05-13-2024 10:49 AM

Hope you have not setup AAA

then you may try reset as below guide :

https://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118631-technote-firesight-00.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Lee Dress
Level 1
Level 1

‎05-13-2024 10:59 AM

For FTD devices run on Firepower 1000/2100/3100, you must reimage the device. See the Cisco FXOS Troubleshooting Guide for the Firepower 1000/2100 Series Running Firepower Threat Defense for the Reimage Procedure on these platforms.

That's not doable.  I'll have to live without CLI/Console access if that's the case. the device is in production.

 

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-14-2024 07:05 AM

If you have working FMC-based management, you could add external authentication (RADIUS), making sure to select to use it for ssh access. Then an externally-authenticated account with admin access could log in and change the local admin password.

0 Helpful

Go to solution
Lee Dress
Level 1
Level 1

‎05-14-2024 07:24 AM

Thanks Marvin,

I'll give that a shot.  I can build a Radius server in the environment.

a little less intrusive than a reimage

 

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to Lee Dress

‎05-14-2024 07:29 AM

Add to that you can not access via SSH using local username/password as I know.

You need external server for any access via SSH.

What make me more sure a point this point in fmc platform you can config ssh port and ip can access via ssh but not password.

MHM

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card