ASR1006-X: Enable password removed. Cannot SSH to remote router

MichaelJohnson23319 · ‎01-11-2024

The enable and secret password was removed from my router remotely and now I cannot enter enable mode for the router from a SSH session. Is there a way to reenable the enable password remotely? I can log into the router I just cannot enter the priv exec mode to enter command and receive "% Error in authentication". My device is across the country so I do not have the ability to console in.

balaji.bandi · ‎01-11-2024

you need go password recovery physically (no remote option) - you may need some one to go onsite and use Teams to give console access.

https://www.cisco.com/c/en/us/td/docs/routers/asr1000/install/guide/asr1routers/asr-1000-series-hig/asr-hig-tbl.html#task_1043898

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Leo Laohoo · ‎01-11-2024

Console or use SNMP to inject the command back into the router.

Georg Pauwen · ‎01-12-2024

@Leo Laohoo Interesting suggestion. I remember using:

snmpset -v:2c -c <community_string> <router_IP> <OID> s "NEW_PASSWORD"

to do this, but the problem was to find the right OID. Maybe an snmpwalk:

snmpwalk -v2c -c <community_string> <router_IP> <MIB_tree>

can reveal that ?

johnlloyd_13 · ‎01-11-2024

hi,

with such a big router, you should have AAA in place.

as others suggested, try to physically console and hopefully you can directly login to privilege exec mode.

if no luck, then you'll have to perform a router password recovery.

then deal with who removed the PW later on and change it to avoid being compromised.

Georg Pauwen · ‎01-12-2024

Another 'option' would be to ask someone to turn off the power and turn it back on. Maybe you are lucky and the changes (password removal) were not saved to memory, and the router boots with the original config...