Passwort-Recovery für Cisco ASA Firewall: Anleitung

Password Recovery

To recover passwords, perform the following steps:

  • Console into the ASA.
  • Reboot the ASA
  • Press the escape key during reboot to enter ROMMON.
  • Tell the firewall to ignore the startup config on next reload:
    rommon #1> confreg

The following will be displayed:

Current Configuration Register: 0x00000011

Configuration Summary:
boot TFTP image, boot default image from Flash on netboot failure
Do you wish to change this configuration? y/n [n]:

  • Jot down the config register value for later.

  • Enter y to say yes.

  • Hit enter at each prompt to accept the default. When you get to “disable system configuration” hit y.

  • Reboot the ASA
    rommon #2> boot

At this point the ASA should reload and completely bypass the configuration.

  • When the firewall reboots it will not prompt a console user for a username and the enable password is blank. Go into enable mode.
    enable

  • Restore the old config
    copy startup-config running-config

  • Enter config mode and reset the password
    configure terminal
    password NEW_PASSWORD
    enable password NEW_PASSWORD
    username USER password NEW_PASSWORD

  • Restore the config registry to where it was to begin with. This is the number you wrote down earlier.
    config-register 0x0000###

  • Save your config copy startup-config running-config

At this point you have regained access to the firewall and restored the config file and registry to where it before the password reset.

Suchbegriffe

Cisco switch, Cisco administration, Passwort, Revovery, ASA, Cisco, Firewall

  24-09-2014
  21-04-2023
  mawa-solutions