Many times, Network and security administrators forget the password of Cisco ASA firewall and it becomes a headache to remember them especially when in multinational companies having security policy to change the device password every quarter or even month.
So, below password recovery procedure is quite a handy guide for IT guys.
How to Recover Password on Cisco ASA Firewall?
To recover passwords, perform the following steps:
- Console into the ASA.
- Reboot the ASA
- Press the escape key during reboot to enter ROMMON.
- configure the firewall to ignore the startup config on next reload:
The following will be displayed:
Current Configuration Register: 0x00000011
Configuration Summary:
boot TFTP image, boot default image from Flash on netboot failure
Do you wish to change this configuration? y/n [n]:
- Note down the config register value for later use
- Enter y to say yes.
- Hit enter at each prompt to accept the default. When you get to “disable system configuration” hit y.
- Reboot the ASA
Related: Cisco ASA 5505 Firewall Factory Reset Through Console
At this point the ASA should reload and completely bypass the configuration.
- When the firewall reboots it will not prompt a console user for a username and the enable password is blank. Go into enable mode.
- Restore the old config
copy startup-config running-config
- Enter config mode and reset the password
configure terminal
password NEW_PASSWORD
enable password NEW_PASSWORD
username USER password NEW_PASSWORD
- Restore the config registry to where it was to begin with. This is the number you wrote down earlier.
config-register 0x0000###
- Save your config
copy running-config startup-config
Now, you have gained access to the firewall and restored the config file and registry to where it before the password reset.
Continue Reading:
Enable Jumbo Frame on Juniper ScreenOS Firewall
ABOUT THE AUTHOR
I am here to share my knowledge and experience in the field of networking with the goal being – “The more you share, the more you learn.”
I am a biotechnologist by qualification and a Network Enthusiast by interest. I developed interest in networking being in the company of a passionate Network Professional, my husband.
I am a strong believer of the fact that “learning is a constant process of discovering yourself.”
– Rashmi Bhardwaj (Author/Editor)
