|
It's true that setting the configuration register to the wrong value can damage the router, but if you do the proper research before starting the password recovery process, you'll be fine.
Despite what some books say, there is no "one size fits all" approach to Cisco password recovery. What works on a 2500 router may not work on other routers and switches. There is a great master Cisco document out on the Web that you should bookmark today. Just put "cisco password recovery" in your favorite search engine and you should find it quickly.
The following procedure describes the process in recovering from a lost password on a Cisco 2500 router. As always, don't practice this at home. It is a good idea to get some practice with this technique in your CCNA / CCNP home lab, though!
The password recovery method examined here is for 2500 routers.
An engineer who finds themselves locked out of a router can view and change the password by changing the configuration register.
Business Continuity and Disaster Recovery - A Business Not a Technology Issue
Hackers, hurricanes, fires, flooding, power outages, denial of service attacks, application failures, employee error, sabotage and now terrorism are helping companies to focus on the necessity of a business continuity plan.
Through the late 1990s as companies prepared for Y2K, many IT executives, risk managers, CFOs and corporate managers realized that recovering computing systems, networks and data was not enough. As Y2K approached, it became more apparent that a disciplined approach was needed to recover not only data and systems, but also business processes, facilities and manpower to res ..
The router must first be rebooted and a break performed within the first 60 seconds of the boot process. This break sequence can also vary depending on what program is used to access the router, but is the usual key combination.
The router will now be in ROM Monitor mode. From the rom monitor prompt, change the default configuration register of 0x2102 to 0x2142 with the o/r 0x2142 command. Reload the router with the letter i. (As you can see, ROM Monitor mode is a lot different than working with the IOS!)
This particular config register setting will cause the router to ignore the contents of NVRAM. Your startup configuration is still there, but it will be ignored on reload.
When the router reloads, youll be prompted to enter Setup mode. Answer N, and type enable at the router> prompt.
Be careful here. Type configure memory or copy start run. Do NOT type write memory or copy run start!
Business Continuity and Disaster Recovery - Risk Analysis and Control
In the risk evaluation phase, there are a number of key areas that must be covered. One of the most important is to understand probable threats. In an ideal world, which most of us have noticed does not exist, we would identify and protect ourselves against all threats to ensure that our business continues to survive. Obviously, we are constrained by other factors such as budgets, time and priorities and need to apply cost benefit analysis to ensure we are protecting the most critical business functions.
A second important step is to identify all probable threats and prioritize them. Threats ..
Enter the command show running-config. Youll see the passwords in either their encrypted or unencrypted format.
Type config t, then use the appropriate command to set a new enable secret or enable password.
Dont forget to change the configuration register setting back to the original value! The command config-register 0x2102 will do the job. Save this change with write memory or copy run start, and then run reload one more time to restart the router.
This process sounds hard, but it's really not. You just have to be careful, particularly when you're copying the startup config over the running config. You don't want to get that backwards! So take your time, check the online Cisco documentation before starting, get some practice with this procedure with lab equipment, and you'll be ready for success on the CCNA exam and in your production network!
About the Author:
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage (http://www.thebryantadvantage.com" target="_blank"> http://www.thebryantadvantage.com ), home of free CCNA and CCNP tutorials, and The Ultimate CCNA and CCNP Study Packages. For a copy of his FREE "How To Pass The CCNA" or "CCNP" ebook, visit the website and download your copies!
Source: http://www.isnare.com
Chris BryantCisco CCNA Exam Tutorial: Password Recovery Procedures
|
