CCNA 7.5.b: Password recovery and configuration register

Overview:

Password recovery is the process used to recover the enable password on a router.  Configuration register can be used to change router behavior in different ways, but usually it's to specify how it boots up.

 

Study Notes:

  • Password recovery procedures can be used to recover the enable password if it is unencrypted in the configuration
  • The enable secret password is always encrypted and cannot be recovered. It must be replaced with a new password
  • Use the following procedure to recover the enable password and replace the enable secret password

 

Password Recovery Procedures

Shut down the router

Remove the compact flash if it is removable

Boot the router into ROMMON mode (Standard Break Key Sequences)

Once the router is on, reinsert the flash

Change the configuration register to 0x2142 at the rommon 1> prompt in order to boot from the IOS image in flash.  This step bypasses the startup configuration, which is the goal since you don't know the enable password contained in the startup configuration

rommon 1> confreg 0x2142

 

Type reset at the rommon 2> prompt.  The router will reboot and ignore the saved configuration

rommon 2> reset

 

Type Ctrl-C to skip initial setup (or type no after each question)

At the Router> prompt enter enable

Router> enable

 

Copy the startup configuration to the running configuration

Router# copy startup-config running-config

 

Show the running-configuration to view the enable password

Router# show running-configuration

 

If the enable password is encrypted and you cannot view the unencrypted password, change it

Router# enable password <password>

 

Reset the enable secret password

Router# enable secret <password>

 

Change the configuration register back to 0x2102

Router# config-register 0x2102

 

Save the running-config to the startup-config

Router#copy running-config startup-config 
Destination filename [startup-config]? 
Building configuration...
[OK]

 

Test the changes by rebooting the router and logging in with the new enable password and new enable secret password

 

 

Configuration Register

Configuration register values can be seen using the confreg command in ROMmon mode

rommon 1> confreg

 

Configuration Register values can be seen using the show version command in User-Exec mode

show version

 

If you know the value of your configuration register, you can determine its meaning.

0x102

  • Ignores break
  • 9600 console baud

 

0x1202

  • 1200 baud rate

 

0x2101

  • Boots into bootstrap
  • Ignores break
  • Boots into ROM if initial boot fails
  • 9600 console baud rate

 

0x2102

  • Ignores break
  • Boots into ROM if initial boot fails
  • 9600 console baud rate default value for most platforms

 

0x2120

  • Boots into ROMmon
  • 19200 console speed

 

0x2122

  • Ignores break
  • Boots into ROM if initial boot fails
  • 19200 console baud rate

 

0x2124

  • NetBoot
  • Ignores break
  • Boots into ROM if initial boot fails
  • 19200 console speed

 

0x2142

  • Ignores break
  • Boots into ROM if initial boot fails
  • 9600 console baud rate
  • Ignores the contents of Non-Volatile RAM (NVRAM) (ignores configuration)

 

0x2902

  • Ignores break
  • Boots into ROM if initial boot fails
  • 4800 console baud rate

 

0x2922

  • Ignores break
  • Boots into ROM if initial boot fails
  • 38400 console baud rate

 

0x3122

  • Ignores break
  • Boots into ROM if initial boot fails
  • 57600 console baud rate

 

0x3902

  • Ignores break
  • Boots into ROM if initial boot fails
  • 2400 console baud rate

 

0x3922

  • Ignores break
  • Boots into ROM if initial boot fails
  • 115200 console baud rate

 

PacketTracer Lab: CCNA-7.5.b-Password-recovery-and-configuration-register.pkt

Subscribe Now for access to the labs!

1 comment
  1. cisco vega
    cisco vega
    August 3, 2021 at 8:38 pm

    i’m in 0x2101 and there no command (no service password-recovery) on it , i’m afraid if change it to 0x2102 it will not reload correctly to apply command (no service password-recovery) , can any one give a help?

Leave a Reply
s2Member®
Built by TrailSix