11.2.5.10 lab - researching password recovery procedures

7/25/2019 11.2.5.10 Lab - Researching Password Recovery Procedures

1/3

2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1of 3

Lab Researching Password Recovery Procedures

Objectives

Part 1: Research the Configuration Register

Part 2: Document the Password Recovery Procedure for a Specific Cisco Router

Background / Scenario

The purpose of this lab is to research the procedure for recovering or resetting the enable password on aspecific Cisco router. The enable password protects access to privileged EXEC and configuration mode onCisco devices. The enable password can be recovered, but the enable secret password is encrypted andwould need to be replaced with a new password.

In order to bypass a password, a user must be familiar with the ROM monitor (ROMMON) mode, as well asthe configuration register setting for Cisco routers. ROMMON is basic CLI software stored in ROM that can beused to troubleshoot boot errors and recover a router when an IOS is not found.

In this lab, you will begin by researching the purpose and settings of the configuration register for Ciscodevices. You will then research and detail the exact procedure for password recovery for a specific Ciscorouter.

Required Resources

Device with Internet access

Part 1: Research the Configuration Register

To recover or reset a password, a user will utilize the ROMMON interface to instruct the router to ignore thestartup configuration when booting. When booted, the user will access the privileged EXEC mode, overwritethe running configuration with the saved startup configuration, recover or reset the password, and restore therouters boot process to include the startup configuration.

The routers configuration register plays a vital role in the process of password recovery. In the first part of thislab, you will research the purpose of a routers configuration register and the meaning of certain configurationregister values.

Step 1: Navigate to Cisco Website.

At the time of writing this lab, the Use of Configuration Register on All Cisco Routers page can be foundathttp://www.cisco.com/c/en/us/support/docs/routers/10000-series-routers/50421-config-register-use.html onthe Cisco Website.

Navigate to the aforementioned web page or use a search engine to answer the questions in following steps.

Step 2: Describe the purpose of the configuration register.

What is the purpose of the configuration register?

What command changes the configuration register in configuration mode?

The configuration register can be used to change router behavior in several ways, such as:how the router boots (into ROMmon, NetBoot)options while booting (ignore configuration, disable boot messages)console speed (baud rate for a terminal emulation session)

config-register
http://www.cisco.com/c/en/us/support/docs/routers/10000-series-routers/50421-config-register-use.htmlhttp://www.cisco.com/c/en/us/support/docs/routers/10000-series-routers/50421-config-register-use.htmlhttp://www.cisco.com/c/en/us/support/docs/routers/10000-series-routers/50421-config-register-use.htmlhttp://www.cisco.com/c/en/us/support/docs/routers/10000-series-routers/50421-config-register-use.html


2/3



What command changes the configuration register in the ROMMON interface?

Step 3: Determine configuration register values and their meanings.

Research and list the router behavior for the following configuration register values.

0x2102

0x2142

What is the difference between these two configuration register values?

Part 2: Document the Password Recovery Procedure for a Specific Cisco

Router

For Part 2, you will describe the exact procedure for recovering or resetting a password from a specific Ciscorouter and answer questions based on your research. Your instructor will provide you with the exact routermodel to research.

Step 1: Navigate to the Cisco website.

At the time of writing this lab, the Password Recovery Procedures page can be found athttp://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-121-mainline/6130-

index.htmlon the Cisco Website.Navigate to the aforementioned web page or use a search engine to answer the questions in following steps.

Step 2: Detail the process to recover a password on a specific Cisco router.

Research and list the steps and commands that you need to recover or reset the enable or enable secretpassword from your Cisco router. Summarize the steps in your own words.

confreg

Ignores breakBoots into ROM if initial boot fails9600 console baud rate default value for most latforms

Ignores breakBoots into ROM if initial boot fails9600 console baud rate

0x2142 Ignores the contents of Non-Volatile RAM

Attach a terminal or PC with terminal emulation to the console port of the routeAccess routerType show version and record the configuration register setting. It can safely assume that the configurationregister is set to 0x2102.Use the power switch in order to turn off the router, and then turn the router back onPress Break on the terminal keyboard within 60 seconds of power up in order to put the router into ROMmonType confreg 0x2142 at the rommon 1> prompt in order to boot from FlashType reset at the rommon 2> promptType no after each setup question, or press Ctrl-C in order to skip the initial setup procedureType enable at the Router> promptType configure memory or copy startup-config running-config in order to copy the nonvolatile RAM (NVRAM)into memoryType show running-configType configure terminalType enable secret in order to change the enable secret passwordIssue the no shutdown command on every interface that it useType config-register . Where configuration_register_setting is either the
http://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-121-mainline/6130-index.htmlhttp://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-121-mainline/6130-index.htmlhttp://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-121-mainline/6130-index.htmlhttp://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-121-mainline/6130-index.htmlhttp://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-121-mainline/6130-index.html


3/3



Step 3: Answer questions about the password recovery procedure.

Using the process for password recovery, answer the following questions.

Describe how to find the current setting for your configuration register.

Describe the process for entering ROMMON.

What commands do you need to enter to bypass the startup configuration while in the ROMMON mode?

What message would you expect to see when the router boots? And how should you answer the message?

Why is it important to load the startup configuration into the running configuration?

Why is it important to change the configuration register back to the original value after recovering thepassword?

Reflection

Why is it of critical importance that a router be physically secured to prevent unauthorized access?

Type show version

Press Break on the terminal keyboard within 60 seconds of power up in order to put the router into ROMmon

Type confreg 0x2142 at the rommon 1> prompt in order to boot from Flash

program load complete

to load the settings into the router

to boot next time with original configuration register

with physical access a router it possible to access data stored inside and modify setings

11.2.5.10 lab - researching password recovery procedures

Documents