01-04-2013 03:10 PM - edited 03-11-2019 05:43 PM
We just took on a new client and they do not have the username or password for their ASA 5505. Unless anyone has any ideas, we need to reset to factory defaults. I have read some instructions online how to do this, but they require the password. How do we do it without the password?
Bob
01-04-2013 03:18 PM
Hi,
Here is the guide to recovering lost password from Cisco
Basicly to my understanding it interrupts the normal ASA boot and lets the ASA boot without configuration. When the ASA has booted you will load the configuration to the ASA (as you have already accessed its CLI) and you change the AAA information to what you like and save the configuration.
Step 1 Connect to the adaptive security appliance console port according to the instructions in "Accessing the Command-Line Interface" section.
Step 2 Power off the adaptive security appliance, and then power it on.
Step 3 After startup, press the Escape key when you are prompted to enter ROMMON mode.
Step 4 To update the configuration register value, enter the following command:
rommon #1> confreg 0x41Update Config Register (0x41) in NVRAM...Step 5 To set the adaptive security appliance to ignore the startup configuration, enter the following command:
rommon #1> confregThe adaptive security appliance displays the current configuration register value, and asks whether you want to change it:
Current Configuration Register: 0x00000041Configuration Summary:boot default image from Flashignore system configurationDo you wish to change this configuration? y/n [n]: yStep 6 Record the current configuration register value, so you can restore it later.
Step 7 At the prompt, enter Y to change the value.
The adaptive security appliance prompts you for new values.
Step 8 Accept the default values for all settings. At the prompt, enter Y.
Step 9 Reload the adaptive security appliance by entering the following command:
rommon #2> bootLaunching BootLoader...Boot configuration file contains 1 entry.Loading disk0:/asa800-226-k8.bin... Booting...Loading...The adaptive security appliance loads the default configuration instead of the startup configuration.
Step 10 Access the privileged EXEC mode by entering the following command:
hostname> enableStep 11 When prompted for the password, press Enter.
The password is blank.
Step 12 Access the global configuration mode by entering the following command:
hostname# configure terminalStep 13 Copy the running configuration to the startup configuration by entering the following command:
hostname(config)# copy running-config startup-configStep 14 Change the passwords, as required, in the default configuration by entering the following commands:
hostname(config)# password passwordhostname(config)# enable password passwordhostname(config)# username name password passwordStep 15 Load the default configuration by entering the following command:
hostname(config)# no config-registerThe default configuration register value is 0x1. For more information about the configuration register, see the Cisco Security Appliance Command Reference.
Step 16 Save the new passwords to the startup configuration by entering the followi