There are two password recovery procedures. They involve the following basic steps:
NOTE
Some password recovery requires that a console terminal issue a Break signal, so you must be familiar with how your terminal or PC terminal emulator issues this signal. For example, ProComm uses the keys Alt-B by default to generate the Break signal. Windows HyperTerminal requires that you press Ctrl-Break.
The HyperTerminal program that ships on Microsoft platforms might not send a Break signal with the Ctrl-Break sequence for all platforms (for example, Windows NT 4 and Windows 2000). To have HyperTerminal send the proper Break sequence, you should upgrade to Private Edition. You can obtain HyperTerminal Private Edition from Hilgraeve at http://www.hilgraeve.com/htpe/index.html.
Use this first password recovery procedure to recover lost passwords on the following Cisco routers:
Cisco 2000 series
Cisco 2500 series
Cisco 3000 series
Cisco 4000 series with 680x0 Motorola CPU
Cisco 7000 series running Cisco IOS Software Release 10.0 or later in ROMs installed on the RP card. The router can be booting Cisco IOS Software Release 10.0 in Flash memory, but it needs the actual ROMs on the processor card, too.
IGS series running Cisco IOS Software Release 9.1 or later in ROMs
To recover an enable password using Procedure 1, follow these steps:
wg_ro_a# show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-JS-L), Version 12.0(3), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1999 by Cisco Systems, Inc. Compiled Mon 08-Feb-99 18:18 by phanguye Image text-base: 0x03050C84, data-base: 0x00001000 ROM: System Bootstrap, Version 11.0(10c), SOFTWARE BOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), RELEASE SOFTWARE (fc1) wg_ro_a uptime is 20 minutes System restarted by reload System image file is "flash:c2500-js-l_120-3.bin" --More-- Configuration register is 0x2102The factory default configuration register value is typically 0x2102. Copy this value. You will need it again later during the process.
NOTE
The bits of the configuration register are explained in greater detail in Appendix E, "Configuration Register Settings."
NOTE
The number that references the location of the configuration register might change from platform to platform. Check your specific product documentation for the exact number to be used.
NOTE
The setting 0x2141 works only for devices that have boot ROM chips with an IOS subset. The Cisco 3600 series routers do not have subset images in boot ROM chips. A setting of 0x2141 on that device puts you in Rommon mode.
Note
In o/r, the first character before the slash is the letter o, not the numeral zero. If you have Flash memory and it is intact, 0x2142 is the best setting. Use 0x2141 only if the Flash memory is erased or not installed.
Note
If you normally use the boot network command, or if you have multiple images in Flash memory and you boot a nondefault image, the image in Flash might be different.
Press RETURN to get started!
Router # copy startup-config running-config Router # configure terminal Router(config)# enable secret 1234abcd
Router(config)# interface ethernet 0 Router(config-if)# no shutdown
Router(config-if)# ctrl-z Router # copy running-config startup-config
NOTE
The enable secret command provides increased security by storing the enable secret password using a nonreversible cryptographic function; however, you cannot recover a lost password that has been encrypted.
NOTE
Every time you enter configuration mode on a router, a flag is set to check and make sure configurations have been saved before the router is reloaded. When you change the configuration register, there is no need to save the configuration, but the router prompts you to do so when you issue a reload. Answer no when asked if you want to save the configuration.
Use this second instance of the password recovery procedure to recover lost passwords on the following Cisco routers:
Cisco 1003
Cisco 1600 series
Cisco 2600 series
Cisco 3600 series
Cisco 4500 series
Cisco 7200 series
Cisco 7500 series
IDT Orion-based routers
AS5200 and AS5300 platforms
To recover a password using Procedure 2, follow these steps:
Do you wish to change configuration[y/n]?
ignore system config info[y/n]?
change boot characteristics[y/n]?
enter to boot:
Do you wish to change configuration[y/n]?
rommon>
NOTE
Note that you can shorten Steps 4 through 11 by issuing the command confreg 0x2142 at the rommon> prompt.
Router>
Router # copy startup-config running-config Router # configure terminal Router(config)# enable secret 1234abcd
Router(config)# interface ethernet 0/0 Router(config-if)# no shutdown
Router(config-if)# ctrl-z Router # copy running-config startup-config
NOTE
The enable secret command provides increased security by storing the enable secret password using a nonreversible cryptographic function; however, you cannot recover a lost password that has been encrypted.
NOTE
Every time you enter configuration mode on a router, a flag is set to check and make sure configurations have been saved before the router is reloaded. When you change the configuration register, there is no need to save the configuration, but the router prompts you to do so when you issue a reload. Answer no when asked if you want to save the configuration.