Cisco 2504 Password reset

Discussion in 'Cisco' started by Kristian Davies, Nov 13, 2003.

  1. I have a 2504 router, that is password protected.

    How do I reset this, not worried about keeping config data.

    Any advice appreciated.

    Kristian Davies, Nov 13, 2003
    1. Advertisements

  2. :I have a 2504 router, that is password protected.

    :How do I reset this, not worried about keeping config data.

    Search for 2500 password reset
    and you should find complete instructions (probably involving
    a connection to the serial port, a power cycle, sending break
    within a few seconds, changing the config register, that sort
    of stuff.)
    Walter Roberson, Nov 13, 2003
    1. Advertisements

  3. Kristian Davies

    Fred Guest

    type "password recovery procedure 2503" in the search field of
    Fred, Nov 13, 2003
  4. Kristian Davies, Nov 14, 2003
  5. M.C. van den Bovenkamp, Nov 14, 2003
  6. Kristian Davies

    Piotr.Derda Guest


    here you have little copy&paste from Cisco pages...

    Attach a terminal or PC with terminal emulation to the console port of the
    router. Use the following terminal settings:

    9600 baud rate
    No parity
    8 data bits
    1 stop bit
    No flow control
    The required console cable specifications are described in the Cabling
    Guide for RJ-45 Console and AUX Ports(Cisco 1000 Series, 2500 Series, and

    Note: Password recovery procedures cannot be done using telnet

    Using the power switch, turn the router off and then turn it back on.

    Send a break sequence from the terminal keyboard within 60 seconds of the
    power-up to put the router into ROMMON. The break sequence depends on your
    Operating System/Terminal Emulator. See Standard Break Key Sequence
    Combinations During Password Recovery for different key combinations.

    Type o and press Enter at the > prompt, and record the current value of
    the configuration register (usually 0x2102, or 0x102):
    !--- Shows the configuration register option settings

    Configuration register = 0x2102 at last boot
    Bit# Configuration register option settings:
    15 Diagnostic mode disabled
    Type o/r 0x2142 and press Enter at the > prompt to boot from Flash without
    loading the configuration.

    Type i at the > prompt and press Enter.

    The router reboots, but ignores its saved configuration.

    Type no after each setup question or press Ctrl-C to skip the initial
    setup procedure.

    Type enable at the Router> prompt.

    You'll be in enable mode and see the Router# prompt.

    Type configure memory or copy startup-config running-config to copy the
    NVRAM into memory. Do not type write memory or copy running

    Type write terminal or show running-config.

    The show running-config and write terminal commands show the configuration
    of the router. In this configuration you see under all the interfaces the
    shutdown command, which means all interfaces are currently shutdown. Also,
    you can see the passwords either in encrypted or unencrypted format.

    Type configure terminal and make the changes.

    The prompt is now:

    Type enable secret <password>.

    Issue the no shutdown command on every interface that is used. If you
    issue a show ip interface brief command after you exit configuration mode,
    every interface that you want to use should be "up up".

    Type config-register 0x2102, or the value you recorded in step 4.

    This causes the router to load the Cisco IOS software from the Flash with
    the configuration from NVRAM at the next reload.

    Press Ctrl-z to leave the configuration mode.

    The prompt is now:

    Type write memory or copy running-config startup-config to commit the

    Type Reload to restart the router with the Cisco IOS software booting from
    the Flash.

    I hope that will help you.

    Kind regards,

    Piotr Derda
    Piotr.Derda, Nov 14, 2003
  7. Kristian Davies

    Juergen Ilse Guest


    Password-Recovery is similar on nearly all Cisco-Routers (switches
    have a different method for Password-Recovery):

    Start the router and send a "break-character" to console while the
    machine tries to boot. If this operation was successful, you are
    now in the boot-monitor. Here, you can set the confuration-register
    to the value 0x142 (the method to set this register is different,
    depending of the version of the boot-monitor and maybe the type of
    the router). When you reboot the machine with this value in the
    configuration register, it does *not* load the configuration from
    nvram, i.e. you have now a totally unconfigured router (with no
    enable password and no enable secret). You can go to "enable mode",
    copy the "startup-config" to the "running-config", set a new enable
    password (or enable secret), write the configuration back to NVRAM
    and reboot the machine. To restore the original value of the confi-
    guration register, you have to send a break to the console while the
    machine is booting to get in the boot-monitor, ...

    The value of the configuration register is displayed when you type
    the (unprivileged) command "show version", but in most cases a value
    of 0x2102 should be usable (in case, you missed to write down the
    original value *before* setting the config-register to 0x142).

    Juergen Ilse ()
    Juergen Ilse, Nov 14, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.