Problem with several 4221s

veggetvettyu · ‎01-15-2025

I teach netacad at the HS level & we have several 4221s. About 4 have started asking for username & password, even when not configured with them. I have tried using rommon to switch registries, but still popping up with the request. We got into one with admin - admin, but the next time we consoled in, that combo didn't work. Still pretty new to networking but everywhere I have looked/asked does not address this behavior. Ideas?

Flavio Miranda · ‎01-15-2025

@veggetvettyu

How are you connecting to the router? CLI using SSH/Telnet or console cable? Or Web interface?

In any case, you can recoery/change the password.

https://www.youtube.com/watch?v=FBuMI1JWYao

MHM Cisco World · ‎01-15-2025

This happened when you run

Aaa new model

Without first config username-password and enable password.

To solve this issue try reboot.

If you already reboot then use password recovery.

So from now never add aaa new model without password.

MHM

liviu.gheorghe · ‎01-15-2025

Hello @veggetvettyu ,

is it possible that one of your students configured aaa new-model or login local on the tty lines?

Try accessing the routers using the console port and see if you can get in.

If that doesn't work, then password recovery like suggested by @Flavio Miranda and @MHM Cisco World is the only option you have to get in the routers again.

Hope this helps.

Regards, LG
*** Please Rate All Helpful Responses ***

Richard Burts · ‎01-15-2025

I agree with my colleagues that if the router is prompting for user name and password that something has changed in the configuration. Perhaps it is aaa new-model or perhaps something else. If attempts to access using console, or telnet, or SSH are all not successful then password recovery is what you will need to do.

If you do password recovery it would be interesting to do show startup-config and look to see what is causing the request for username.

Do students access the routers via console? Or just telnet/SSH? It might be a good idea to add a user name and password to your standard configuration and to be sure that the console uses that so that you would not get locked out from accessing the router.

HTH

Rick

Leo Laohoo · ‎01-15-2025

Wait ... Is the router asking to enter a username & password or just a password?

vishalbhandari · ‎01-17-2025

@veggetvettyu It sounds like your routers might have a default or residual configuration causing this behavior. First, try booting into ROMMON and setting the configuration register to bypass startup-config (confreg 0x2142), then reload the router. This skips the saved configuration and lets you access the device without login prompts. Once in, check the running configuration (show running-config) for any unexpected username/password settings or AAA configurations. If no issues are found, erase the startup-config (write erase), reset the config register to normal (confreg 0x2102), and reload. If the issue persists after a factory reset, it could indicate a hardware or firmware problem. Updating the IOS firmware might help resolve it.

Richard Burts · ‎01-17-2025

@vishalbhandari

Your suggestions are mostly a more detailed version of what I suggested with one important difference: if they set the config register to 0x2142 and reboot then running config is only the standard default config and will not have information to understand the existing problem. They need to check startup-config to find clues to what was causing the behavior.

HTH

Rick