Password Recovery For The Pix 500 Series Security Appliance - Cisco FirePOWER ASA 5500 series Configuration Manual

Performing Password Recovery
Step 14 Change the configuration register to load the startup configuration at the next reload by entering the
following command:
hostname(config)# config-register value
Where value is the configuration register value you noted in
register. For more information about the configuration register, see the Cisco Security Appliance
Command Reference.
Save the new passwords to the startup configuration by entering the following command:
Step 15
hostname(config)# copy running-config startup-config

Password Recovery for the PIX 500 Series Security Appliance

Performing password recovery on the security appliance erases the login password, enable password,
and aaa authentication console commands. To erase these commands so you can log in with the default
passwords, perform the following steps:
Download the PIX password tool from Cisco.com to a TFTP server accessible from the security
Step 1
appliance. See the link in the "Password Recovery Procedure for the PIX" document at the following
URL:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a0080
09478b.shtml
Step 2 Connect to the security appliance console port according to the
Interface" section on page
Step 3 Power off the security appliance, and then power it on.
Step 4 Immediately after the startup messages appear, press the Escape key to enter monitor mode.
Configure the network settings for the interface that accesses the TFTP server by entering the following
Step 5
commands:
monitor> interface interface_id
monitor> address interface_ip
monitor> server tftp_ip
monitor> file pw_tool_name
monitor> gateway gateway_ip
Download the PIX password tool from the TFTP server by entering the following command:
Step 6
monitor> tftp
If you have trouble reaching the server, you can enter the ping address command to test the connection.
At the "Do you wish to erase the passwords?" prompt, enter Y.
Step 7
You can now log in with the default login password of "cisco" and the blank enable password.
The following example shows the PIX password recovery with the TFTP server on the outside interface:
monitor> interface 0
0: i8255X @ PCI(bus:0 dev:13 irq:10)
1: i8255X @ PCI(bus:0 dev:14 irq:7 )
Cisco Security Appliance Command Line Configuration Guide
43-8
2-4.
Chapter 43 Troubleshooting the Security Appliance
Step 5. 0x1 is the default configuration
"Accessing the Command-Line
OL-10088-01