Cisco CCNA Exam Tutorial: Password Recovery ProceduresPage: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 or Go To our Certification Articles Section
It might happen on your CCNA exam, it might happen on your
production network - but sooner or later, you're going to
have to perform password recovery on a Cisco router or switch.
This involves manipulating the router's configuration register,
and that is enough to make some CCNA candidates and network
administrators really nervous!
It's true that setting the configuration register to the
wrong value can damage the router, but if you do the proper
research before starting the password recovery process, you'll
be fine.
Despite what some books say, there is no "one size fits
all" approach to Cisco password recovery. What works
on a 2500 router may not work on other routers and switches.
There is a great master Cisco document out on the Web that
you should bookmark today. Just put "cisco password recovery"
in your favorite search engine and you should find it quickly.
The following procedure describes the process in recovering
from a lost password on a Cisco 2500 router. As always, don't
practice this at home. It is a good idea to get some practice
with this technique in your CCNA / CCNP home lab, though!
The password recovery method examined here is for 2500 routers.
An engineer who finds themselves locked out of a router can
view and change the password by changing the configuration
register.
The router must first be rebooted and a “break”
performed within the first 60 seconds of the boot process.
This break sequence can also vary depending on what program
is used to access the router, but is the usual key combination.
The router will now be in ROM Monitor mode. From the rom
monitor prompt, change the default configuration register
of 0x2102 to 0x2142 with the o/r 0x2142 command. Reload the
router with the letter i. (As you can see, ROM Monitor mode
is a lot different than working with the IOS!)
This particular config register setting will cause the router
to ignore the contents of NVRAM. Your startup configuration
is still there, but it will be ignored on reload.
When the router reloads, you’ll be prompted to enter
Setup mode. Answer “N”, and type enable at the router>
prompt.
Be careful here. Type configure memory or copy start run.
Do NOT type write memory or copy run start!
Enter the command show running-config. You’ll see the
passwords in either their encrypted or unencrypted format.
Type config t, then use the appropriate command to set a
new enable secret or enable password.
Don’t forget to change the configuration register setting
back to the original value! The command config-register 0x2102
will do the job. Save this change with write memory or copy
run start, and then run reload one more time to restart the
router.
This process sounds hard, but it's really not. You just have
to be careful, particularly when you're copying the startup
config over the running config. You don't want to get that
backwards! So take your time, check the online Cisco documentation
before starting, get some practice with this procedure with
lab equipment, and you'll be ready for success on the CCNA
exam and in your production network!
About the Author:
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage,
home of free CCNA and CCNP tutorials, The Ultimate CCNA Study
Package, and Ultimate CCNP Study Packages.
For a FREE copy of his latest e-books, “How To Pass
The CCNA” and “How To Pass The CCNP”, visit
the website and download your free copies. You can also get
FREE CCNA and CCNP exam questions every day! Get your CCNA
study guide with The Bryant Advantage!
Page: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 or Go To our Certification Articles Section
|
