Password Recovery on a Cisco ASA 5505 Firewall


To recover passwords, perform the following steps:

  • Console into the ASA.

  • Reboot the ASA

  • Press the escape key during reboot to enter ROMMON.

  • Tell the firewall to ignore the startup config on next reload:
    rommon #1> confreg

The following will be displayed:

Current Configuration Register: 0x00000011
Configuration Summary:
boot TFTP image, boot default image from Flash on netboot failure
Do you wish to change this configuration? y/n [n]:

  • Jot down the config register value for later.

  • Enter y to say yes.

  • Hit enter at each prompt to accept the default. When you get to “disable system configuration” hit y.

  • Reboot the ASA
    rommon #2> boot

At this point the ASA should reload and completely bypass the configuration.

  • When the firewall reboots it will not prompt a console user for a username and the enable password is blank. Go into enable mode.

  • Restore the old config
    copy startup-config running-config

View original post 69 more words


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s