This topic is to discuss the following lesson:
When you login to a router or switch how can you tell if someone applied the confreg 0x2142 command,but didn’t set the device back to the config-register 0x2102?
Hello Jack.
Using the show version command, you can see what the current configuration of the config register is. It’s usually the very last line in the output of the command. Take a look at the attached image that shows the output of the command.
I hope this has been helpful!
Laz
Is it possible to perform password recovery without losing configurations?
Alexis,
Yes, the standard procedure for recovering a password does not cause you to lose your startup configuration information. The exact procedure differs slightly for different products, so I will use a 2900 series router as an example below.
A high level overview of the process is:
-Attach the terminal cable to the console port
-Reboot the router and issue a BREAK during the boot
-Change the configuration register so that the device boots to ROMMON (usually 0x2142)
-Issue the Reset command at the rommon> prompt
*******************
Important Step for your Question:
-Copy startup configuration to running configuration (make sure you do NOT reverse this!!). This step loads your saved configuration into active memory, but since you are already in the privileged mode, you have essentially bypassed any security associated with the startup config.
*******************
-Set the passwords that were lost
-Change your config-register back to the default (probably 0x2102)
-Issue a Write Memory to save your password and config register changes
-Reboot the device
Here is a more detailed Cisco Article:
http://www.cisco.com/c/en/us/support/docs/routers/2800-series-integrated-services-routers/112033-c2900-password-recovery-00.html
Hi,
So it is correct that once we reboot the router in ROMMON mode - start-up config will be intact ?
Thanks
Abhishek
Hello Abhishek.
Yes, that is correct. The startup-config remains intact when you boot the router in ROMMON mode.
Laz
Hello Rene,
Could you please provide the steps to recover the switch password?
Thank you.
Swapnil
Hello Swapnil
You can take a look at this lesson for the recovery of a password from an IOS router. The procedure is very similar for a switch.
You can also look at this Cisco documentation for more information.
I hope this has been helpful!
Laz
Hello Sirs!
Can you tell me that how to reset the password of Cisco 3850 series?
Thanks in advance for the help in this regard.
Regards
Ajmal
Hello Ajmal
You can follow the steps found in this lesson:
This is for routers, but can also be applied to switches. The only difference is how you enter rommon mode. You can take a look at this post from the Cisco community as well:
I hope this has been helpful!
Laz
Thank you Liz Sir.
Regards
Ajmal
1 Like
Can i recover the password in user mode if i have forgotten the username and password…
one more thing is as rene run the command copy startup-config to runnig config , if i don’t do it , is that mean i will loose my startup configuration ??
Hello Narad
In the example in the lesson, the problem is that the enable password has been forgotten. However, this process can also be used to recover the username and password used to log in to user mode as well. Once you go through the same process, as soon as you issue the copy startup-config running-config command, you have full access to modify anything you like, including username and passwords to the local database.
If you don’t issue this command, you won’t lose your startup-config. The startup-config will still be safely stored in the NVRAM. However, by issuing this command, you are reverting the device to the configuration stored there. In other words, the startup-config is moved into RAM and is the currently active config.
I hope this has been helpful!
Laz
Hello Friends,
How to reset cisco switch password without losing configuration.
Hello Ajeet
The password recovery process for Cisco IOS switches and routers are very similar. Take a look at this lesson below that will take you through the process.
If you have any further questions, please feel free to ask!
I hope this has been helpful!
Laz
Hello Everyone !
I Bought a router cisco 4321 from ebay for 35 Pounds but there is one issue with it , Its Locked up properly and my knowledge does not let me brake it into it, below I attached booting screen , if there is not an option to break it thru its fine ,psu cost more than all together I get it another one not big deal , sorry for picture but I recommend you to open it in separated window .
Thanks for Help.
Hello Maciej
It looks like you purchased a device that was used on a production network, and they didn’t even bother to clear the configuration!! If the device truly belonged to British Telecom (BT PLC), then it is greatly negligent of them to keep their config intact. Best practice dictates that you should always erase all configurations before reselling such devices to prevent potential malicious users from discovering passwords, IP addresses, and other confidential company information.
In any case, if you want to recover the device, you simply need to perform the password recovery procedure shown in this lesson:
I hope this has been helpful!
Laz
After typing reset, all my configuration gone! i imagine this happen in the production. Is there a way to reset the password and keep the startup config ?
Hello Joel
When you issue the reset ROMMON command in the process described in the lesson, you are essentially causing the router to boot up again by bypassing the configuration. So you will find that your running configuration is gone. But not your startup configuration. That still remains intact! If you continue on in the lesson, you will see that once you have privilege executive mode access using the enable command, you can copy that startup config back to the running config, change the enable password, and you’re all set!
So the startup config remains intact, but it is the running config that is gone. Does that make sense?
I hope this has been helpful!
Laz