Escolar Documentos
Profissional Documentos
Cultura Documentos
Objectives
Part 1: Research the Configuration Register
Part 2: Document the Password Recovery Procedure for a Specific Cisco Router
Background / Scenario
The purpose of this lab is to research the procedure for recovering or resetting the enable password on a
specific Cisco router. The enable password protects access to privileged EXEC and configuration mode on
Cisco devices. The enable password can be recovered, but the enable secret password is encrypted and
would need to be replaced with a new password.
In order to bypass a password, a user must be familiar with the ROM monitor (ROMMON) mode, as well as
the configuration register setting for Cisco routers. ROMMON is basic CLI software stored in ROM that can be
used to troubleshoot boot errors and recover a router when an IOS is not found.
In this lab, you will begin by researching the purpose and settings of the configuration register for Cisco
devices. You will then research and detail the exact procedure for password recovery for a specific Cisco
router.
Required Resources
The configuration register can be used to change router behavior in several ways, such as:
how the router boots (into ROMmon, NetBoot)
options while booting (ignore configuration, disable boot messages)
console speed (baud rate for a terminal emulation session)
config-register
2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 1 of 3
confreg
Ignores break
Boots into ROM if initial boot fails
9600 console baud rate default value for most platforms
0x2142
Ignores break
Boots into ROM if initial boot fails
9600 console baud rate
What
is the
theseRAM
two configuration
register
values?
Ignores
the difference
contents ofbetween
Non-Volatile
(NVRAM) (ignores
configuration)
0x2142 Ignores the contents of Non-Volatile RAM
Attach a terminal or PC with terminal emulation to the console port of the route
Access router
Type show version and record the configuration register setting. It can safely assume that the configuration
register is set to 0x2102.
Use the power switch in order to turn off the router, and then turn the router back on
Press Break on the terminal keyboard within 60 seconds of power up in order to put the router into ROMmon
Type confreg 0x2142 at the rommon 1> prompt in order to boot from Flash
Type reset at the rommon 2> prompt
Type no after each setup question, or press Ctrl-C in order to skip the initial setup procedure
Type enable at the Router> prompt
Type configure memory or copy startup-config running-config in order to copy the nonvolatile RAM (NVRAM)
into memory
Type show running-config
Type configure terminal
Type enable secret <password> in order to change the enable secret password
Issue the no shutdown command on every interface that it use
Type config-register <configuration_register_setting>. Where configuration_register_setting is either the
value you recorded in step 2 or 0x2102
2015
CiscoCtrl-z
and/or or
its affiliates.
All rights
This
document is Cisco
Public.
Page 2 of 3
Press
end in order
to reserved.
leave the
configuration
mode
Type write memory or copy running-config startup-config in order to commit the changes
Press Break on the terminal keyboard within 60 seconds of power up in order to put the router into ROMmon
What commands do you need to enter to bypass the startup configuration while in the ROMMON mode?
Type confreg 0x2142 at the rommon 1> prompt in order to boot from Flash
What message would you expect to see when the router boots? And how should you answer the message?
Why is it important to load the startup configuration into the running configuration?
Reflection
Why is it of critical importance that a router be physically secured to prevent unauthorized access?
with physical access a router it possible to access data stored inside and modify setings
2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 3 of 3