05-26-2017 06:44 AM - edited 03-08-2019 10:44 AM
Hi,
I tried to break the password but it still asks for password.
I followed the step with these links but it still doesn't work.
I will very appreciate if you can help me to resolve the issue!
Thanks!
05-26-2017 08:11 AM
Hi,
So, when you say "it still doesn't work" can you explain what steps you can do and works and what steps don't.
HTH
05-26-2017 08:22 AM
Thank you for the reply.
As I reboot it, I hit contrl +C to issue confreg command
rommon 1 > confreg
Configuration Summary :
=> load ROM after netboot fails
=> console baud: 9600
=> autoboot from: commands specified in 'BOOT' environment variable
do you wish to change the configuration? y/n [n]: y
enable "diagnostic mode"? y/n [n]: n
enable "use net in IP bcast address"? y/n [n]: n
disable "load ROM after netboot fails"? y/n [n]: n
enable "use all zero broadcast"? y/n [n]: n
enable "break/abort has effect"? y/n [n]: n
enable "ignore system config info"? y/n [n]: y
change console baud rate? y/n [n]: n
change the boot characteristics? y/n [n]: n
rommon 1 >confreg 0x2142
rommon 2 > reset
and it still asks for typing old username and password.
1. I also tried just confreg 0x2102 and confreg (without 0x2142) and reset which didn't work.
2. Tried 'boot' instead of 'reset' at the end but still not working..
05-26-2017 08:50 AM
Hi,
After making above changes and before you issue "rest" can you verify that the changes are taking effect by using the "set" command?
Also, did you save the config before "reset"
do you wish to save this configuration? y/n [n]: y You must reset or power cycle for new configuration to take effect
It maybe that someone has disabled password recovery on the device but lets try a few things before calling Cisco.
05-26-2017 09:29 AM
Hi,
Thanks for your reply. So should I type 'set' before 'reset' command to verify that the changes? I will do that.
I saved the config before reset.
I didn't know there was a option to disable password recovery. How could you do that?
05-26-2017 09:59 AM
Hi,
Thanks for your reply. So should I type 'set' before 'reset' command to verify that the changes? I will do that.
Yes, to make sure the config register is actually 0x2142
I didn't know there was a option to disable password recovery. How could you do that?
See this link;
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cfg/configuration/15-sy/sec-usr-cfg-15-sy-book/sec-no-svc-pw-recvry.html#GUID-5C387826-455E-41E4-88C2-F6D6412FA9BA
This command may not be available in every IOS and platform.
HTH
05-26-2017 10:26 AM
Hi,
Is there a way to verify the command that disables password recovery where I'm at now?
So only admin who set the command can break the password?
And as it rebooted, I saw confreg was 0x2142.
05-26-2017 10:52 AM
Hi,
No, I don't think there is a way to see it at rommon. You can only see it if the box reboot all the way with the IOS.
Can you capture the entire process (from the beginning) and post it here?
05-26-2017 11:20 AM
Hi,
I'm not on the switch now but if I don't see 0x2142, what should I do?
Thanks
05-26-2017 11:28 AM
After applying the command
rommon 1 >confreg 0x2142
and saving the config
Can you issue "set" if the config is saved you should see
0x2142
if not you still see
0x2102
Can you post the output?
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide