Passwort-Recovery für Cisco ASA Firewall: Anleitung

Passwort-Recovery für Cisco ASA Firewall: Anleitung

Password Recovery

To recover passwords, perform the following steps:

  • Console into the ASA.
  • Reboot the ASA
  • Press the escape key during reboot to enter ROMMON.
  • Tell the firewall to ignore the startup config on next reload:
    rommon #1> confreg

The following will be displayed:

Current Configuration Register: 0x00000011

Configuration Summary:
boot TFTP image, boot default image from Flash on netboot failure
Do you wish to change this configuration? y/n [n]:

  • Jot down the config register value for later.

  • Enter y to say yes.

  • Hit enter at each prompt to accept the default. When you get to “disable system configuration” hit y.

  • Reboot the ASA
    rommon #2> boot

At this point the ASA should reload and completely bypass the configuration.

  • When the firewall reboots it will not prompt a console user for a username and the enable password is blank. Go into enable mode.

  • Restore the old config
    copy startup-config running-config

  • Enter config mode and reset the password
    configure terminal
    password NEW_PASSWORD
    enable password NEW_PASSWORD
    username USER password NEW_PASSWORD

  • Restore the config registry to where it was to begin with. This is the number you wrote down earlier.
    config-register 0x0000###

  • Save your config copy startup-config running-config

At this point you have regained access to the firewall and restored the config file and registry to where it before the password reset.


  21-04-2023 10:36
Cisco switch, Cisco administration, Passwort, Revovery, ASA, Cisco, Firewall


Copyright 2024 mawa-solutions GmbH. Alle Rechte vorbehalten.
You are using an outdated browser. The website may not be displayed correctly. Close