This article outlines the procedure to recover a lost password to gain access to a 2500 series Cisco Router by modifying and reviewing the Configuration Register

Procedure

• Power off then on the Router (this would be the only option if a password is lost)
• Within 60 seconds of reboot hit CTRL BREAK keys, this will take you into a prompt of: > Which is the ROM monitor

NOTE: The key sequence used will be dependant on the emulation software in use on the PC

• At the prompt Type: O/R 0×2142 Then press Enter. This command will overwrite the original register value of 0×2102 and reset bit 6.

• Type: INITIALIZE This will reboot the Router and use the new register value assigned

The router will now reboot ignoring its saved configuration. The Router will now enter Setup Mode and the following question will then be asked on reboot:

“Would you like to enter the initial configuration dialog?” [yes/no] -

• Answer the question by typing N or NO

• Hit the Enter key when prompted - “Press RETURN to get started” - This will take you to User Exec mode prompt: ROUTER >

To remove the existing password configuration we will need to enter Privileged Exec mode

• Type: ENABLE - No passwords will be asked for and the prompt will change to: ROUTER#

• Copy the non-volatile RAM (NVRAM) into memory (RAM). This is acheived by typing:

COPY STARTUP-CONFIG RUNNING-CONFIG

• Then type: SHOW RUNNING-CONFIG -This will show the current configuration of the router, including any passwords

NOTE: All passwords will either be displayed in encrypted or non-encrypted form

The configuration register has been reset to 0×2142 this can be viewed using the SHOW VERSION command typed at the ROUTER# prompt

• To remove any existing passwords enter Global Configuration. Type: CONFIGURE TERMINAL the prompt will change to: ROUTER(CONFIG)#

• At this prompt type:

NO ENABLE SECRET - This will remove the Privileged Exec mode encrypted password

NO ENABLE PASSWORD - This will remove the Privileged Exec mode non - encrypted password

NOTE: If other passwords were set up you would remove these or enter new ones.

• At the prompt enter: CONFIG-REGISTER 0×2102 - This will reset the configuration register so that the Router will look for the startup configuration file in NVRAM (the original setting). Then hit the Enter key.

NOTE: The original Startup configuration file needs to be overwritten

• Return to the Privileged Exec mode by hitting the: CTRL Z keys and copy the running configuration file from RAM to the startup configuration file in NVRAM by typing:

COPY RUNNING-CONFIG STARTUP-CONFIG - Then hit the Enter key to save the changes. Then Reboot the device

• Reboot the Router by typing: RELOAD

On restart the new startup configuration file with the original passwords removed will be executed, allowing access to the Router for further configuration