Hardening ASA

Unanswered Question
Sep 19th, 2008


IS there steps on cisco site on

How to harden ASA and avoid password recovery..

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marwan ALshawi Fri, 09/19/2008 - 18:59

hi there

Cisco ASA can disable the password recovery process, This ensures that even if an unauthorized user gets access to the console port, they should not be able to compromise the device or configuration settings

Use the:

no service password-recovery

command to disable password recovery from configuration mode

this is how to enter the command and the warring will apear:

ASA(config)# no service password-recovery

WARNING: Executing "no service password-recovery" has disabled the password recovery

mechanism and disabled access to ROMMON. The only means of recovering from lost or

forgotten passwords will be for ROMMON to erase all file systems including

configuration files and images. You should make a backup of your configuration and

have a mechanism to restore images from the ROMMON command line

good luck

if helpful Rate


This Discussion