How to Recover Cisco 2500 Router’s Password
Cisco Routers – 2500 Series
When would you need this: When you loose the secret, enable, or onsole password of a 2500 Cisco Router.
1. Interrupt the router booting operation. This is done by pressing
(Ctrl+Break) keys simultaneously as soon as you turn on the router. This step will get you to the ROM monitor mode (rommon). You will have the following:
System Bootstrap, Version 11.0(10c), SOFTWARE
Copyright (c) 1986-1996 by cisco Systems
2500 processor with 14336 Kbytes of main memory
Abort at 0×1098FEC (PC)
>
The “>”prompt is for the ROM monitor mode. If you are having a problem interrupting the boot sequence of the router, you might be interested in this procedure to simulate break key sequence .
2. Now you should change the value of the configuration register in order to make the router neglect the contents of the NVRAM in the next boot up. This is achieved using the following command:
> o/r 0×2142
This command will change the sixth bit (originally the configuration register is 0×2102) to one. By doing so, the router will act as new in the next boot, i.e., the router will not look for the startup-config in the NVRAM.
3. Perform a restart to the router using the following command:
> i
The (i) stands for (initialize).
4. The router now will restart and ask you if you want to use the setup mode and of course you will say no. Now, in order not to loose the configuration that you already have in the router, you should go to the USER privileged mode and perform:
Router#copy start run
This will get you back your old configuration but with one exception, you already are in the privileged mode without having to know the password..!!!!
Now you put a new password or passwords if you may:
Router(config)#enable secret blahblah
And you can also put new console and telnet passwords if you like.
5. To get things going back to normal, change the value of the configuration register to its original form (0×2102) using the following global configuration command:
Router(config)#config-register 0×2102
6. Now you should save the configuration including the new passwords that you know:
Router#copy run start
7. Now reload and you are good to go:
Router#reload
========================
configuration registry hex values to know!
========================
In summary these Boot Registers are quite handy:
* The value range is from 0×0 to 0xFFFF.
* 0×2102 is the factory-default configuration register value.
* 0×2142 boots from flash without using NVRAM contents good for password recovery.
* 0×2101 boots from boot prom image (not flash), good for upgrading image on flash.
* 0×2141 boots from boot prom and ignores NVRAM contents.
* 0×141, which disables the Break key, ignores the NVRAM configuration, and
boots the default system image from ROM.
