Scribd
Upload
14 views

Cisco Router Password Recovery

Uploaded by

Muhammad
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
14 views

Cisco Router Password Recovery

Uploaded by

Muhammad
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Cisco Router Password Recovery

Introduction

Password recovery is a fairly frequently used procedure for administrators and engineers. Even
though we usually stack our passwords in some word, excel or text file, it's very easy to forget to
update them when changes occur. The end result is you find yourself locked out of the device,
wondering what on earth could be the password.

Accessing a Cisco router requires certain privileges. Depending on the router's configuration,
you might be required to firstly log into the router and then enter the popular 'enable' password to
elevate your access to privileged mode, from where you can issue configuration commands.

This article will show you how you can gain full administrator access to a Cisco router,
bypassing all security passwords. The password recovery process, however, can be rendered
useless if the administrator has previously configured the router not to allow this process to take
place. In this case, the router will warn the user and, if he proceeds, all configurations will be
erased, so there will be nothing to recover!

Example Scenario:

Consider we have a Cisco router (2610 for our example - this procedure is the same for all
routers) and we are unable to access it due to a lost password. Console and VTY (telnet)
sessions ask for a password which we do not have:

Even if we were able to successfully log into the router, but couldn't provide the router with the
correct 'enable' password, we would still need to perform a password recovery procedure.

To initiate the password recovery procedure, connect the rollover cable to the console port, then
power the router off and back on. As soon as you receive a prompt showing the boot process, hit
Ctrl-Break:
You'll immediately see the 'rommon' prompt, indicating we are in 'rom monitor' mode. This is a
mini-IOS that allows you to perform very specific tasks in order to recover your router.

Now, to skip our password-protected configuration, we instruct the router to by-pass the
configuration located in NVRAM during bootup, and reset the router:

The router will now reset and start its normal bootup process, however, the current configuration will
be ignored. When the bootup is complete, you will be prompted to 'enter the initial configuration
dialog', answer 'no':

Next step is to enter 'Privileged Mode' and load the router's configuration from nvram. Then reset the
'enable' or 'secret' password. To be sure, we're showing how to reset both, but we'll only need to use
the 'secret' password. In addition, we are going to reset the console port's password:
If you use the 'login local' command you'll need to reset the user account of the password you
have lost (in our example, it's 'admin').

Lastly, we need to change the 'configuration register' so the router will load the newly modified
configuration next time it reboots, save our settings and reboot the router:

The router will now reload and use the new configuration that contains the newly set passwords.

When the router reboots, log in and check your configuration. If you find any interfaces in the
'shutdown' state, you'll need to use the 'no shutdown' command to bring them back up.

Again, don't forget to save your configuration once all changes are complete!

Prepared by

Mohammed Hasik S

You might also like