Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

ASA 5505 and Router 2900 series

Hello my name is Svetoslav

i have one ASA 5505 and Router 2900 series configured by people from Cisco, but i don't know the username and password of the web interfaces of them Can i change the username and password of the ASA 5505 and the Router with the console without loose the configuration made by them? If so can you please give me some guide or something like that.

Thanks.Regards

3 REPLIES

ASA 5505 and Router 2900 series

Hello

Yes you can change the access credentials of these devices from console connection, however you need the existing username and passwords to gain access!Otherwise you will need to perform a password recovery on both the firewall and the router, which entails a reload of each device and then stopping the boot up sequence and manually changng the config-register to gain access.

Although this is a quite simple,process if you are not familiar with cli configuration it can be a bit daunting- but help is available here if you decideto go down that route.

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please don't forget to rate any posts that have been helpful. Thanks.

ASA 5505 and Router 2900 series

Hello, pdriver

i will do the following steps , but i want to be sure that the configuration made by the cisco boys will stay  and only the username and password will be changed Thanks for the replay. Are these steps correct ?

Step 1 Connect to the security appliance console port according to the "Accessing the Command-Line Interface" section on page 2-4.

Step 2 Power off the security appliance, and then power it on.

Step 3 During the startup messages, press the Escape key when prompted to enter ROMMON.

Step 4 To set the security appliance to ignore the startup configuration at reload, enter the following command:

rommon #1> confreg


The security appliance displays the current configuration register value, and asks if you want to change the value:

Current Configuration Register: 0x00000011

Configuration Summary:

  boot TFTP image, boot default image from Flash on netboot failure

Do you wish to change this configuration? y/n [n]:


Step 5 Record your current configuration register value, so you can restore it later.

Step 6 At the prompt, enter Y to change the value.

The security appliance prompts you for new values.

Step 7 Accept the default values for all settings, except for the "disable system configuration?" value; at that prompt, enterY.

Step 8 Reload the security appliance by entering the following command:

rommon #2> boot


The security appliance loads a default configuration instead of the startup configuration.

Step 9 Enter privileged EXEC mode by entering the following command:

hostname> enable


Step 10 When prompted for the password, press Return.

The password is blank.

Step 11 Load the startup configuration by entering the following command:

hostname# copy startup-config running-config


Step 12 Enter global configuration mode by entering the following command:

hostname# configure terminal


Step 13 Change the passwords in the configuration by entering the following commands, as necessary:

hostname(config)# password password

hostname(config)# enable password password

hostname(config)# username name password password


Step 14 Change the configuration register to load the startup configuration at the next reload by entering the following command:

hostname(config)# config-register value


Where value is the configuration register value you noted in Step 5 and 0x1 is the default configuration register. For more information about the configuration register, see the Cisco Security Appliance Command Reference.

Step 15 Save the new passwords to the startup configuration by entering the following command:

hostname(config)# copy running-config startup-config
Silver

ASA 5505 and Router 2900 series

Password recovery for the router is slightly different:

http://www.cisco.com/en/US/products/ps5854/products_password_recovery09186a0080b34901.shtml

If the person who configured "no service password-recovery" on the router you will not be able to break in to rommon in this way. Bear in mind that if this is a managed service and you are "breaking in" to the router you may be in breach of the terms of your contract with the provider.

504
Views
5
Helpful
3
Replies
CreatePlease login to create content