PASSWORD RECOVERY ON CISCO ASA FIREWALL

Many times, Network and security administrators forget the password of Cisco ASA firewall and it becomes a headache to remember them especially when in multinational companies having security policy to change the device password every quarter or even month.

So, below password recovery procedure is quite a handy guide for IT guys –

To recover passwords, perform the following steps:

  • Console into the ASA.
  • Reboot the ASA
  • Press the escape key during reboot to enter ROMMON.
  • configure the firewall to ignore the startup config on next reload:

rommon #1>

confreg

The following will be displayed:

Current Configuration Register: 0x00000011

Configuration Summary:

boot TFTP image, boot default image from Flash on netboot failure

Do you wish to change this configuration? y/n [n]:

  • Note down the config register value for later use
  • Enter y to say yes.
  • Hit enter at each prompt to accept the default. When you get to “disable system configuration” hit y.
  • Reboot the ASA

rommon #2>

boot

At this point the ASA should reload and completely bypass the configuration.

  • When the firewall reboots it will not prompt a console user for a username and the enable password is blank. Go into enable mode.
  • Restore the old config

copy startup-config running-config

  • Enter config mode and reset the password

configure terminal

password NEW_PASSWORD

enable password NEW_PASSWORD

username USER password NEW_PASSWORD

  • Restore the config registry to where it was to begin with. This is the number you wrote down earlier.

config-register 0x0000###

  • Save your config

copy running-config startup-config

Now, you have gained access to the firewall and restored the config file and registry to where it before the password reset.

Please follow and like us:

Related Post

Add Comment

Social Media Auto Publish Powered By : XYZScripts.com
Select your currency