Dineshrv's Blog

My Contribution for World Wide Web

Cisco 7206 Router Password recovery April 10, 2010

Filed under: Technical- Cisco NW — dineshrv @ 6:15 pm
Tags: , , , , ,

What to do If I forgot Password of Cisco Router :-

Step 1 If you can log in to the router, enter the show version command to determine the existing configuration register value.
Step 2 Press the Break key to get to the bootstrap program prompt (ROM monitor). You might need to reload the system image by power cycling the router.
Step 3 Change the configuration register so the following functions are enabled:
a. Break
b. Ignore startup configuration
c. Boot from Flash memory
Note The key to recovering a lost password is to set the configuration register bit 6 (0×0040) so that the startup configuration (usually in NVRAM) is
ignored. This allows you to log in without using a password and to display the startup configuration passwords.
Step 4 Power cycle the router by turning power off and then back on.
Step 5 Log in to the router and enter the privileged EXEC mode.
Step 6 Enter the show startup-config command to display the passwords.
Step 7 Recover or replace the displayed passwords.
Step 8 Change the configuration register back to its original setting.
Note To recover a lost password if the Break function is disabled on the router, you must have physical access to the router.
Details of the Password Recovery Procedure
Complete the following steps to recover or replace a lost enable, enable secret, or console login password:
Step 1 Attach an ASCII terminal to the console port on your Cisco 7206.
Step 2 Configure the terminal to operate at 9600 baud, 8 data bits, no parity, and 2 stop bits.
Step 3 If you can log in to the router as a nonprivileged user, enter the show version command to display the existing configuration register value. Note the
value for use later and proceed to Step 6. If you cannot log in to the router at all, go to the next step.
Step 4 Press the Break key or send a Break from the console terminal. If Break is enabled, the router enters the ROM monitor, indicated by the ROM monitor
prompt (rommon1>). Proceed to Step 6. If Break is disabled, power cycle the router (turn the router off or unplug the power cord, and then restore power).
Then proceed to Step 5.
Step 5 Within 60 seconds of restoring the power to the router, press the Break key or send a Break. This action causes the router to enter the ROM monitor
and display the ROM monitor prompt (rommon1>).
Step 6 Set the configuration register using the configuration register utility; enter the confreg command at the ROM monitor prompt as follows:
rommon1> confreg
Answer yes to the enable “ignore system config info?” question and note the current configuration register settings.
Step 7 Initialize the router by entering the reset command as follows:
rommon2> reset
The router initializes the configuration register that is set to 0×142, and the router boots the system image from Flash memory and enters the system
configuration dialog (setup) as follows:
— System Configuration Dialog –
Step 8 Enter no in response to the system configuration dialog prompts until the following message is displayed:
Press RETURN to get started!
Step 9 Press Return. The user EXEC prompt is displayed as follows:
Router>
Step 10 Enter the enable command to enter privileged EXEC mode. Then enter the show startup-config command to display the passwords in the configuration file
as follows:
Router# show startup-config
Step 11 Scan the configuration file display looking for the passwords (the enable passwords are usually near the beginning of the file, and the console login
or user EXEC password is near the end). The passwords displayed will look something like this:
enable secret 5 $1$ORPP$s9syZt4uKn3SnpuLDrhuei
enable password 23skiddoo
.
.
line con 0
password onramp
The enable secret password is encrypted and cannot be recovered; it must be replaced. The enable and console login passwords may be encrypted or clear text.
Proceed to the next step to replace an enable secret, console login, or enable password. If there is no enable secret password, note the enable and console
login passwords, if they are not encrypted, and proceed to Step 16.
Caution Do not execute the next step unless you have determined you must change or replace the enable, enable secret, or console login passwords. Failure to
follow the steps as shown may cause you to erase your router configuration.
Step 12 Enter the configure memory command to load the startup configuration file into running memory. This action allows you to modify or replace passwords
in the configuration.
Router# configure memory
Step 13 Enter the privileged EXEC command configure terminal to enter configuration mode:
Hostname# configure terminal
Step 14 Change all three passwords using the following commands:
Hostname(config)# enable secret newpassword1
Hostname(config)# enable password newpassword2
Hostname(config)# line con 0
Hostname(config-line)# password newpassword3
Change only the passwords necessary for your configuration. You can remove individual passwords by using the no form of the above commands. For example,
entering the no enable secret command removes the enable secret password.
Step 15 You must configure all interfaces to be not administratively shut down as follows:
Hostname(config)# interface fastethernet 0/0
Hostname(config-int)# no shutdown
Enter the equivalent commands for all interfaces that were originally configured. If you omit this step, all interfaces will be administratively shut down
and unavailable when the router is restarted.
Step 16 Use the config-register command to set the configuration register to the original value noted in Step 3 or Step 7, or to the factory default value
0×2102 as follows:
Hostname(config)# config-register 0×2102
Step 17 Press Ctrl-Z (hold down the Control key while you press Z) or enter end to exit configuration mode and return to the EXEC command interpreter.
Caution Do not execute the next step unless you have changed or replaced a password. If you skipped Step 12 through Step 15, skip to Step 19. Failure to
observe this caution will cause you to erase your router configuration file.
Step 18 Enter the copy running-config startup-config command to save the new configuration to NVRAM.
Step 19 Enter the reload command to reboot the router.
Step 20 Log in to the router with the new or recovered passwords.
This completes the steps for recovering or replacing a lost enable, enable secret, or console login password.

Step 1 If you can log in to the router, enter the show version command to determine the existing configuration register value.
Step 2 Press the Break key to get to the bootstrap program prompt (ROM monitor). You might need to reload the system image by power cycling the router.
Step 3 Change the configuration register so the following functions are enabled:
a. Break
b. Ignore startup configuration
c. Boot from Flash memory
Note The key to recovering a lost password is to set the configuration register bit 6 (0×0040) so that the startup configuration (usually in NVRAM) is
ignored. This allows you to log in without using a password and to display the startup configuration passwords.
Step 4 Power cycle the router by turning power off and then back on.
Step 5 Log in to the router and enter the privileged EXEC mode.
Step 6 Enter the show startup-config command to display the passwords.
Step 7 Recover or replace the displayed passwords.
Step 8 Change the configuration register back to its original setting.
Note To recover a lost password if the Break function is disabled on the router, you must have physical access to the router.Details of the Password Recovery Procedure
Complete the following steps to recover or replace a lost enable, enable secret, or console login password:
Step 1 Attach an ASCII terminal to the console port on your Cisco 7206.
Step 2 Configure the terminal to operate at 9600 baud, 8 data bits, no parity, and 2 stop bits.
Step 3 If you can log in to the router as a nonprivileged user, enter the show version command to display the existing configuration register value. Note the
value for use later and proceed to Step 6. If you cannot log in to the router at all, go to the next step.
Step 4 Press the Break key or send a Break from the console terminal. If Break is enabled, the router enters the ROM monitor, indicated by the ROM monitor
prompt (rommon1>). Proceed to Step 6. If Break is disabled, power cycle the router (turn the router off or unplug the power cord, and then restore power).
Then proceed to Step 5.
Step 5 Within 60 seconds of restoring the power to the router, press the Break key or send a Break. This action causes the router to enter the ROM monitor
and display the ROM monitor prompt (rommon1>).
Step 6 Set the configuration register using the configuration register utility; enter the confreg command at the ROM monitor prompt as follows:
rommon1> confreg
Answer yes to the enable “ignore system config info?” question and note the current configuration register settings.
Step 7 Initialize the router by entering the reset command as follows:
rommon2> reset
The router initializes the configuration register that is set to 0×142, and the router boots the system image from Flash memory and enters the system
configuration dialog (setup) as follows:
— System Configuration Dialog –

Step 8 Enter no in response to the system configuration dialog prompts until the following message is displayed:
Press RETURN to get started!

Step 9 Press Return. The user EXEC prompt is displayed as follows:
Router>

Step 10 Enter the enable command to enter privileged EXEC mode. Then enter the show startup-config command to display the passwords in the configuration file
as follows:
Router# show startup-config

Step 11 Scan the configuration file display looking for the passwords (the enable passwords are usually near the beginning of the file, and the console login
or user EXEC password is near the end). The passwords displayed will look something like this:
enable secret 5 $1$ORPP$s9syZt4uKn3SnpuLDrhuei enable password 23skiddoo . . line con 0  password onramp

The enable secret password is encrypted and cannot be recovered; it must be replaced. The enable and console login passwords may be encrypted or clear text.
Proceed to the next step to replace an enable secret, console login, or enable password. If there is no enable secret password, note the enable and console
login passwords, if they are not encrypted, and proceed to Step 16.Caution Do not execute the next step unless you have determined you must change or replace the enable, enable secret, or console login passwords. Failure to
follow the steps as shown may cause you to erase your router configuration.
Step 12 Enter the configure memory command to load the startup configuration file into running memory. This action allows you to modify or replace passwords
in the configuration.
Router# configure memory

Step 13 Enter the privileged EXEC command configure terminal to enter configuration mode:
Hostname# configure terminal

Step 14 Change all three passwords using the following commands:
Hostname(config)# enable secret newpassword1 Hostname(config)# enable password newpassword2 Hostname(config)# line con 0 Hostname(config-line)# password newpassword3

Change only the passwords necessary for your configuration. You can remove individual passwords by using the no form of the above commands. For example,
entering the no enable secret command removes the enable secret password.
Step 15 You must configure all interfaces to be not administratively shut down as follows:
Hostname(config)# interface fastethernet 0/0 Hostname(config-int)# no shutdown

Enter the equivalent commands for all interfaces that were originally configured. If you omit this step, all interfaces will be administratively shut down
and unavailable when the router is restarted.
Step 16 Use the config-register command to set the configuration register to the original value noted in Step 3 or Step 7, or to the factory default value
0×2102 as follows:
Hostname(config)# config-register 0×2102

Step 17 Press Ctrl-Z (hold down the Control key while you press Z) or enter end to exit configuration mode and return to the EXEC command interpreter.Caution Do not execute the next step unless you have changed or replaced a password. If you skipped Step 12 through Step 15, skip to Step 19. Failure to
observe this caution will cause you to erase your router configuration file.
Step 18 Enter the copy running-config startup-config command to save the new configuration to NVRAM.
Step 19 Enter the reload command to reboot the router.
Step 20 Log in to the router with the new or recovered passwords.
This completes the steps for recovering or replacing a lost enable, enable secret, or console login password.

About these ads
 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
Follow

Get every new post delivered to your Inbox.