Chapter 43
Troubleshooting the Security Appliance
•
Recovering Passwords for the ASA 5500 Series Adaptive Security Appliance
To recover passwords for the ASA 5500 Series adaptive security appliance, perform the following steps:
Connect to the adaptive security appliance console port according to the instructions in
Step 1
Command-Line Interface" section on page
Power off the adaptive security appliance, and then power it on.
Step 2
After startup, press the Escape key when you are prompted to enter ROMMON mode.
Step 3
To update the configuration register value, enter the following command:
Step 4
rommon #1> confreg 0x41
Update Config Register (0x41) in NVRAM...
Step 5
To set the adaptive security appliance to ignore the startup configuration, enter the following command:
rommon #1> confreg
The adaptive security appliance displays the current configuration register value, and asks whether you
want to change it:
Current Configuration Register: 0x00000041
Configuration Summary:
boot default image from Flash
ignore system configuration
Do you wish to change this configuration? y/n [n]: y
Step 6
Record the current configuration register value, so you can restore it later.
At the prompt, enter Y to change the value.
Step 7
The adaptive security appliance prompts you for new values.
Accept the default values for all settings. At the prompt, enter Y.
Step 8
Reload the adaptive security appliance by entering the following command:
Step 9
rommon #2> boot
Launching BootLoader...
Boot configuration file contains 1 entry.
Loading disk0:/asa800-226-k8.bin... Booting...Loading...
The adaptive security appliance loads the default configuration instead of the startup configuration.
Step 10
Access the privileged EXEC mode by entering the following command:
hostname> enable
When prompted for the password, press Enter.
Step 11
The password is blank.
Access the global configuration mode by entering the following command:
Step 12
hostname# configure terminal
Change the passwords, as required, in the default configuration by entering the following commands:
Step 13
hostname(config)# password password
OL-12172-03
Resetting the Password on the SSM Hardware Module, page 43-10
2-4.
Cisco Security Appliance Command Line Configuration Guide
Performing Password Recovery
"Accessing the
43-7