Lab Objective:
The objective of this lab exercise is for you to learn how to perform password recovery on a Cisco IOS router.
Lab Purpose:
Sometimes by mistake you can lose access to your Cisco device for something as simple as forgetting your credentials, so it’s important to know how to overcome this specific issue by performing password recovery. As a Cisco engineer, as well as in the Cisco CCNA exam, you will be expected to know how to perform password recovery on your Cisco IOS router.
Certification Level:
This lab is suitable for CCENT certification exam preparation.
Lab Difficulty:
This lab has a difficulty rating of 5/10.
Readiness Assessment:
When you are ready for your certification exam, you should complete this lab in no more than 10 minutes.
Lab Topology:
Please use the following topology to complete this lab exercise:
Task 1:
You are trying to log in to R1 via the console port but keep getting an error when entering your username/password, so you will perform password recovery. Reboot R1.
Task 2:
Press Ctrl+Break as soon as you receive a prompt showing the boot process.
Task 3:
Once you are in rom monitor mode, instruct the router to bypass the running-configuration bootup by changing the configuration register to 0x2142. After changing this configuration register, reset the router so you can boot up and finalize password recovery.
Task 4:
Once you are in, copy the startup configuration to the running configuration and make changes to the username and passwords that you are having issues with (Enable, AAA database, etc.).
Task 5:
Finally, change the configuration register to the default of 0x2102, save the configuration, and reboot the router.
Note: Your procedure may differ due to platform differences, so Google “Cisco password recovery” for your model. Cisco switches usually follow a different recovery procedure altogether.
Configuration and Verification
Task 1:
Reboot the router manually (i.e., disconnect power from the unit).
Task 2:
System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. TAC:Home:SW:IOS:Specials for info PC = 0xfff0a530, Vector = 0x500, SP = 0x680127c8 C2600 platform with 65536 Kbytes of main memory program load complete, entry point: 0x80008000, size: 0xf54134 PC = 0xfff0a530, Vector = 0x500, SP = 0x83fffe68 Press <Ctrl + Break> as the router boots. monitor: command “boot” aborted due to user interrupt rommon 1 >
Task 3:
rommon 1>confreg 0x2142 You must reset or power cycle for new config to take effect rommon 2>reset
Task 4:
Router>enable Router#copy startup-config running-config Destination filename [running-config]? (hit enter) Building configuration... [OK] R1#configure terminal R1(config)#enable password cisco R1(config)#enable secret enter R1(config)#line console 0 R1(config-line)#password ccna R1(config-line)#exit R1(config)#username ccna-labs privilege 15 secret ccna
Or you could just use the no enable secret and no username commands.
Task 5:
R1#configure terminal R1(config)#config-register 0x2102 R1(config)#exit R1#copy running-config startup-config R1#reload