Password Recovery 609 Password Recovery This section explains several password-recovery techniques for Cisco routers and Catalyst switches. You can perform password recovery on most of the platforms without changing hardware jumpers, but all platforms require that the router be rebooted. Password recovery can be done only from the console port (physically attached to the router). Overview of Password Recovery Three ways exist for restoring access to a router when the password is lost. You can view the password, change the password, or erase the configuration and start over as if the box was new. Each procedure follows these basic steps: Step 1 Configure the router to start up without reading the configuration mem- ory (NVRAM). This is done from what sometimes is called test system mode, ROM mode, or boot mode. Step 2 Reboot the system. Step 3 Access enable mode (which can be done without a password if you set the configuration register correctly in Step 1). Step 4 View or change the password, or erase the configuration. Step 5 Reconfigure the router to boot up and read the NVRAM as it normally does. Step 6 Reboot the system. Some password recovery requires a terminal to issue a BREAK signal; you must be familiar with how your terminal or PC terminal emulator issues this signal. In Pro- Comm, for example, the keys Alt-B generate the BREAK signal by default; in Windows HyperTerminal, you press Break or Ctrl-Break. Windows HyperTerminal also enables you to define a function key as BREAK. From the terminal window, select Function Keys and define one as Break by filling in the characters ^$B (Shift-6, Shift-4, and uppercase B). Several free terminal-emulation packages also are available for down- load on the Internet, which you might find preferable. The following sections contain detailed instructions for specific Cisco routers. Locate your product at the beginning of each section to determine which technique to use. 1102.book Page 609 Tuesday, May 20, 2003 2:53 PM 610 Chapter 12: Router Configuration Password Recovery Technique 1 The following are the relevant devices for this technique: ■ Cisco 2500 series ■ Cisco 3000 series ■ Cisco 7000 series running Cisco IOS Software Release 10.0 or later in ROMs This technique can be used on the Cisco 7000 and Cisco 7010 series only if the router has Cisco IOS Software Release 10.0 ROMs installed on the Route Processor (RP) card. It might be booting Flash Cisco IOS Software Release 10.0, but it needs the actual ROMs on the processor card as well. The following steps outline password recovery technique 1: Step 1 Attach a terminal or PC with terminal emulation to the console port of the router. To connect a PC to the console port, attach a null modem adapter (Tandy Null Modem Adapter No. 26-1496 has been tested) to the console port, and then attach a straight-through modem cable to the null modem adapter. Step 2 Type show version and record the setting of the configuration register. It is usually 0x2102 or 0x102. If you do not get the router prompt to do a show version, look on a similar router to obtain the configuration regis- ter number, or try using 0x2102. Step 3 Power-cycle the router. Step 4 Press the Break key on the terminal within 60 seconds of the power-up. You should see the > prompt with no router name. If you don’t see this, the terminal is not sending the correct BREAK signal. In that case, check the terminal or terminal emulation setup. Step 5 Type o/r 0x42 at the > prompt to boot from Flash memory, or type o/r 0x41 to boot from the boot ROMs. (Note that this is the letter o, not the numeral zero.) If you have Flash memory and it is intact, 0x42 is the best setting because it is the default. Use 0x41 only if the Flash memory is erased or is not installed. If you use 0x41, you can either view or erase the configuration. You cannot change the password. Step 6 Type i at the > prompt. The router reboots but ignores its saved configu- ration. Step 7 Answer no to all the setup questions, or press Ctrl-C. Step 8 Type enable at the Router> prompt. You’re then in enable mode and can see the Router# prompt. 1102.book Page 610 Tuesday, May 20, 2003 2:53 PM Password Recovery 611 Step 9 Choose one of the following three options: ■ To view the password, type show start. ■ To change the password (in case it is encrypted, for example), do the following: a. Type copy start run to copy the NVRAM into memory. b. Type show run. c. If you have the enable secret password set, perform the following: Type config term and make the changes. Type enable secret new_password. Press Ctrl-Z. d. If you do not have enable secret xxxx, type enable password new_password and press Ctrl-Z. e. Type copy run start to commit the changes. ■ To erase the config, type erase start. Step 10 Type config term at the prompt. Step 11 Type config-register 0x2102, or whatever value you recorded in Step 2. Step 12 Press Ctrl-Z to return to privileged EXEC mode. Step 13 Type reload at the prompt. You do not need to write memory. Password Recovery Technique 2 Use this procedure to recover lost passwords on the following routers: ■ Cisco 1003 ■ Cisco 1600 series ■ Cisco 2600 series ■ Cisco 3600 series ■ Cisco 4500 series ■ Cisco 7100 series ■ Cisco 7200 series ■ Cisco 7500 series ■ IDT Orion-based routers ■ AS5200 and AS5300 platforms 1102.book Page 611 Tuesday, May 20, 2003 2:53 PM 612 Chapter 12: Router Configuration To recover a password using procedure 2, perform the following steps: Step 1 Attach a terminal or PC with terminal-emulation software to the console port of the router. Step 2 Enter show version and record the setting of the configuration register. It is usually 0x2102 or 0x102. The configuration register value is on the last line of the display. Note whether the configuration register is set to enable Break or disable Break. The factory-default configuration register value is 0x2102. Notice that the third digit from the left in this value is 1, which disables Break. If the third digit is not 1, Break is enabled. Step 3 Turn off the router and then turn it on again. Step 4 Press the Break key on the terminal within 60 seconds of turning on the router. The rommon> prompt appears. If it does not appear, the terminal is not sending the correct Break signal. If the prompt does not appear, check the terminal or terminal emulation setup. Step 5 Enter confreg at the rommon> prompt. The following prompt appears: Do you wish to change configuration [y/n]? Step 6 Enter yes and press Return. Step 7 Enter no to subsequent questions until the following prompt appears: ignore system config info [y/n]? Step 8 Enter yes. Step 9 Enter no to subsequent questions until the following prompt appears: change boot characteristics [y/n]? Step 10 Enter yes. The following prompt appears: enter to boot: Step 11 At this prompt, either enter 2 and press Enter if booting from Flash mem- ory, or, if Flash memory is erased, enter 1. If Flash memory is erased, the Cisco 4500 must be returned to Cisco for service. If you enter 1, you can only view or erase the configuration; you cannot change the password. 1102.book Page 612 Tuesday, May 20, 2003 2:53 PM Password Recovery 613 A configuration summary is displayed and the following prompt appears: Do you wish to change configuration [y/n]? Step 12 Enter no and press Return. The following prompt appears: rommon> Step 13 Enter reset at the privileged EXEC prompt or, for Cisco 4500 series and Cisco 7500 series routers, power-cycle the router. Step 14 As the router boots, enter no to all the setup questions until the following prompt appears: Router> Step 15 Enter enable to enter enable mode. The Router# prompt appears. Step 16 Choose one of the following options: ■ To view the password, if it is not encrypted, enter more nvram:startup-config. ■ To change the password (if it is encrypted, for example), enter the following commands: Router# configure memory Router# configure terminal Router(config)# enable secret 1234abcd Router(config)# ctrl-z Router# write memory The enable secret command provides increased security by storing the enable secret password using a nonreversible cryptographic function; however, you cannot recover a lost password that has been encrypted. Step 17 Enter configure terminal at the prompt. Step 18 Type config-register and whatever value you recorded in Step 2. Step 19 Press Ctrl-Z to quit the configuration editor. Step 20 Enter reload at the prompt and enter write memory to save the configuration. Lab Activity Password-Recovery Procedures In this lab, you gain access to a router when the password is unknown. 1102.book Page 613 Tuesday, May 20, 2003 2:53 PM 614 Chapter 12: Router Configuration Summary This chapter summarized the key points in configuring a router: ■ The router has several modes: — User mode — Privileged mode — Global configuration mode — Other configuration modes ■ The command-line interface (CLI) is used to change configurations, including doing the following: — Setting the host name — Setting passwords — Configuring interfaces — Modifying configurations — Showing configurations ■ Interface descriptions include important information to help network adminis- trators understand and troubleshoot their networks. ■ Login banners and messages of the day provide users with information upon login to the router. ■ Host name resolutions translate names to IP addresses to allow the router to quickly convert names to addresses. ■ Three ways exist for restoring access to a router when the password is lost: — You can view the password. — You can change the password. — You can erase the configuration and start over as if the box was new. ■ Configuration standards are key elements in the success of any organization in maintaining an efficient network. Configuration backup and documentation is extremely important to keep a network operating smoothly. To supplement all that you’ve learned in this chapter, refer to the chapter-specific Videos, PhotoZooms, and e-Lab activities on the CD-ROM accompanying this book. 1102.book Page 614 Tuesday, May 20, 2003 2:53 PM Check Your Understanding 615 Key Terms CLI (command-line interface) An interface that enables the user to interact with the operating system by entering commands and optional arguments. global configuration mode Used for one-line commands and commands that make global changes to the router configuration. interface Connection between two systems or devices. In routing terminology, a net- work connection. NVRAM (Nonvolatile RAM) RAM that retains its contents when a unit is powered off. privileged mode Used for copying and managing entire configuration files. TFTP (Trivial File Transfer Protocol) Simplified version of FTP that allows files to be transferred from one computer to another over a network, usually without the use of client authentication (for example, username and password). Check Your Understanding Complete all the review questions to test your understanding of the topics and con- cepts in this chapter. Answers are listed in Appendix C, “Check Your Understanding Answer Key.” 1. What is a standard? A. A formal description of a set of rules and conventions that govern how devices on a network exchange information B. A set of rules or procedures that are either widely used or officially specified C. A way in which network devices access the network medium 2. A description on an interface does what? A. Welcomes users to the router B. Warns users not to enter the router C. Displays a comment about the interface 3. A good example of a login banner is what? A. Welcome everyone B. Everyone please log in C. Authorized access only 1102.book Page 615 Tuesday, May 20, 2003 2:53 PM 616 Chapter 12: Router Configuration 4. What is host name resolution? A. The process of associating a name with a network location B. The process of displaying a login message C. The process of displaying a description on a router 5. Configuration backup and documentation is necessary to an organization to maintain an efficient network. True or false? A. True B. False 6. Backup of configuration files is not necessary. True or false? A. True B. False 7. A TFTP server is the only location where backup files can be stored. True or false? A. True B. False 8. If you are planning to configure an interface, what prompt should be on the router? A. router(config)# B. router(config-in)# C. router(config-intf)# D. router(config-if)# 9. Which of the following is the correct order for the process of configuring a router? (Assume that you have already made router changes in configuration mode.) A. Save changes to backup, decide whether the changes are your intended results, examine the results, and examine the backup file. B. Examine the results, decide whether the changes are your intended results, save the changes to backup, and examine the backup file. C. Decide whether the changes are your intended results, examine the backup file, save the changes to backup, and examine the results. D. Examine the results, save the changes to backup, decide whether the changes are your intended results, and examine the backup file. 1102.book Page 616 Tuesday, May 20, 2003 2:53 PM Check Your Understanding 617 10. Which of the following is a command that can be used to save router configura- tion changes to a backup? A. Router# copy running-config tftp B. Router# show running-config C. Router# config mem D. Router# copy tftp running-config 11. Which of the following correctly describes password configuration on routers? A. All passwords are established in user EXEC mode. B. All passwords alter the password character string. C. A password can be established on all incoming Telnet sessions. D. The enable password command restricts access to user EXEC mode. 12. Which of the following does not describe password configuration on routers? A. Passwords can be established in every configuration mode. B. A password can be established on any console terminal. C. The enable secret password uses an encryption process to alter the password character string. D. All password establishment begins in global configuration mode. 13. What is used for one-line commands that change the entire router? A. Global configuration mode B. Privileged mode C. User EXEC mode D. Interface mode 14. What does the exit command do in a configuration mode with the prompt Router(config-if)#? A. It quits the current configuration interface mode. B. It reaches the privileged EXEC prompt. C. It exits the router. D. It switches to the user EXEC prompt. 1102.book Page 617 Tuesday, May 20, 2003 2:53 PM 618 Chapter 12: Router Configuration 15. What are the major elements of a typical router configuration? A. Passwords, interfaces, routing protocols, DNS B. Boot sequence, interfaces, TFTP server, NVRAM C. NVRAM, ROM, DRAM, interfaces D. Interfaces, routing protocols, configuration register, Flash memory 16. In a password-recovery procedure, immediately after issuing a Ctrl-Break upon router startup, what should be the config register setting? A. 0x2102 B. 0x2142 C. 0x0000 D. 0x10F 17. In a password-recovery procedure, just before saving the running config and after you have enabled a new secret password, what should be the config register setting? A. 0x2102 B. 0x2142 C. 0x0000 D. 0x10F 1102.book Page 618 Tuesday, May 20, 2003 2:53 PM . 710 0 series ■ Cisco 720 0 series ■ Cisco 7500 series ■ IDT Orion-based routers ■ AS 520 0 and AS5300 platforms 11 02. book Page 611 Tuesday, May 20 , 20 03 2: 53 PM 6 12 Chapter 12 : Router Configuration To. running config and after you have enabled a new secret password, what should be the config register setting? A. 0x 21 0 2 B. 0x 21 4 2 C. 0x0000 D. 0x10F 11 02. book Page 618 Tuesday, May 20 , 20 03 2: 53 PM . enter 1, you can only view or erase the configuration; you cannot change the password. 11 02. book Page 6 12 Tuesday, May 20 , 20 03 2: 53 PM Password Recovery 613 A configuration summary is displayed and