01-26-2012 09:04 AM - edited 03-11-2019 03:19 PM
Hey all,
When you wr erase and reload an ASA, you are greeted with the following when the reboot is finished:
Pre-configure Firewall now through interactive prompts [yes]?
Firewall Mode [Routed]:
Enable password []:
Allow password recovery [yes]?
Clock (UTC):
Year [2011]:
Month [Jul]:
Day [11]:
Time [03:35:43]:
Inside IP address:
Address required
Inside IP address: 192.168.2.1
Inside network mask:
Mask required
Inside network mask: 255.255.255.0
Host name:
Name required
Host name: ciscoasa
Domain name:
Name required
Domain name: gomjabbar.com
IP address of host running Device Manager:
The following configuration will be used:
Enable password:
Allow password recovery: yes
Clock (UTC): 03:35:43 Jul 11 2011
Firewall Mode: Routed
Inside IP address: 192.168.2.1
Inside network mask: 255.255.255.0
Host name: ciscoasa
Domain name: gomjabbar.com
Use this configuration and write to flash?
My question to the group is more out of convenience. Is there a way to interrupt this line of questioning and return to the to the ciscoasa> prompt?
The reason I need to know is I have an ASA training lab that calls for many wr erase/reload commands. But when returning to the console after the reload, often the first key people press is enter which picks the default of yes, choosing to enter the pre-configuration interactive prompts. I haven't found a way to easily cancel/exit from the prompts, so I figured I would bring this to the forum.
Is there a way to exit out of these interactive prompts? Or is there a way to prevent this from even being an option after reboot?.
Any help would be appreciated. Thank you.
Solved! Go to Solution.
01-27-2012 04:45 PM
I think you are looking for Ctrl-z (Control and the Z keys)
01-26-2012 09:22 AM
I might suggest that instead of write erase + reload that you add an intermediate step of "copy url startup-config" with the url being a basic configuration that sets up the basic script that would otherwise result from the steps above.
I'm not positive but you might also be able to use "configure factory-default" plus a reload.
01-27-2012 10:38 AM
I'm afraid configure factory-default wouldn't work. Although I appreciate the suggestion. Here is what I found:
ciscoasa(config)# enable password CHANGEME
ciscoasa(config)# passwd CHANGEME
ciscoasa(config)# show run enable
enable password 5Db5cau6UDXqmaqY encrypted
ciscoasa(config)# show run passwd
passwd 5Db5cau6UDXqmaqY encrypted
ciscoasa(config)# write erase
Erase configuration in flash memory? [confirm]
[OK]
ciscoasa(config)# reload noconfirm
[--- Reload Text Removed --]
ciscoasa> en
Password:
ciscoasa# show run enable
enable password 8Ry2YjIyt7RRXU24 encrypted
ciscoasa# show run passwd
passwd 2KFQnbNIdI.2KYOU encrypted
Results: write erase/reload will reset all passwords -- This is the behavior I am trying to match. However, two additional methods below didn't prove the same luck.
ciscoasa(config)# enable password CHANGEME
ciscoasa(config)# passwd CHANGEME
ciscoasa(config)#
ciscoasa(config)# show run enable
enable password 5Db5cau6UDXqmaqY encrypted
ciscoasa(config)# show run passwd
passwd 5Db5cau6UDXqmaqY encrypted
ciscoasa(config)#
ciscoasa(config)#
ciscoasa(config)# clear configure all
ciscoasa(config)#
ciscoasa(config)# show run enable
enable password 5Db5cau6UDXqmaqY encrypted
ciscoasa(config)# show run passwd
passwd 2KFQnbNIdI.2KYOU encrypted
ciscoasa(config)#
Results: clear configure all resets the passwd, but not the enable password
ciscoasa(config)# enable password CHANGEME
ciscoasa(config)# passwd CHANGEME
ciscoasa(config)# show run enable
enable password 5Db5cau6UDXqmaqY encrypted
ciscoasa(config)# show run passwd
passwd 5Db5cau6UDXqmaqY encrypted
ciscoasa(config)#
ciscoasa(config)#
ciscoasa(config)# configure factory-default
[--- Factory-Default Text Removed --]
Factory-default configuration is completed
ciscoasa(config)#
ciscoasa(config)# show run enable
enable password 5Db5cau6UDXqmaqY encrypted
ciscoasa(config)# show run passwd
passwd 2KFQnbNIdI.2KYOU encrypted
ciscoasa(config)#
Results: configure factory-default resets the passwd, but not the enable password
I don't know of another "reset all" method that can be done from the configuration itself, but testing these three it seems only the write erase/reload method will do what I need. But that has the annoying side effect of the interactive prompts when the reload is finished.
Does anyone know of a method to interrupt those prompts? Maybe even a configuration register to bypass the interactive prompts? Anything at all? Any help would be greatly appreciated.
Thanks.
-Eddie
01-27-2012 12:42 PM
Just documenting this here since I was playing with it. The default passwords for the enable and passwd:
ciscoasa# show run passwd
passwd 2KFQnbNIdI.2KYOU encrypted
ciscoasa# show run enable
enable password 8Ry2YjIyt7RRXU24 encrypted
ciscoasa# conf t
ciscoasa(config)# enable password cisco
ciscoasa(config)# show run enable
enable password 2KFQnbNIdI.2KYOU encrypted
ciscoasa(config)# exit
So in the end, the following passwords correspond to the following hashs:
2KFQnbNIdI.2KYOU cisco
8Ry2YjIyt7RRXU24
And the default username is..... pix.
Anyways, still looking for a solution. Just thought this might be helpful if anyone ends up finding this post on a search engine or something.
01-27-2012 04:45 PM
I think you are looking for Ctrl-z (Control and the Z keys)
01-30-2012 09:31 AM
That did the trick. Thanks matt.goff. I'm a bit emabarssed that I didn't try that combination myself.
Thanks again.
-Eddie
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide