Cisco 2600 Series Password Reset

Real World Application

The Cisco 2600 Series routers are by far the most popular routers used in Lab environments and many still exist today in production as many business have the moto “if it works then Don’t fix it.”

Recovering passwords or sanitizing the NVRAM contents on a Cisco router rather it be the 2600 series or newer generation routers is a very common procedure and should be known by any CCNA without referring to documentation.

Lab Prerequisites

Lab Objectives

Lab Instruction

As shown below is a Cisco 2651XM router that has a console password on the device. With such a password you cannot access exec mode without authenticating this password correctly. When buying routers used, you may commonly be faced with scenario.

Router con0 is now available

Press RETURN to get started.

User Access Verification

Password:

Step 1 – Power cycle the router or power on the router initially. While the router is booting you’ll need to break the boot sequence to boot the router into bootrom, you do this by holding down CTRL and pressing PAUSE BREAK. Do this repeatedly till you are placed at the bootrom prompt.

System Bootstrap, Version 12.2(8r) [cmong 8r], RELEASE SOFTWARE (fc1)
Copyright (c) 2003 by cisco Systems, Inc.
C2600 platform with 262144 Kbytes of main memory

monitor: command "boot" aborted due to user interrupt
rommon 1 >

Step 2 – Change the configuration register so that the router will ignore the contents of the NVRAM when booting into Cisco IOS. Set the configuration register to 0x2142 and boot the router.

rommon 1 >confreg 0x2142
rommon 2 >reset

Step 3a – (Option 1 – Reset Password) – After the router has booted into Cisco IOS, you’ll be prompted by the initial configuration dialog, type n here and press enter and you’ll be placed into user mode. Now you’re able to place your self into privileged mode by typing enable. Once in privileged mode you can copy the start-up configuration to the running configuration and then change the passwords manually then saved the configuration by to NVRAM by typing copy run start.

         --- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: n


Press RETURN to get started!

Router>enable
Router#copy start run
Destination filename [running-config]? 
506 bytes copied in 3.868 secs (168 bytes/sec)
IMAROUTER#configure terminal
IMAROUTER(config)#enable secret NEWENABLEPASSWORD
IMAROUTER(config)#line con 0
IMAROUTER(config-if)#password NEWPASSWORD
IMAROUTER(config-if)#end
IMAROUTER#copy run start
Destination filename [startup-config]? 
Building configuration...
[OK]
IMAROUTER#

Step 3b – (Option 2 – Factory Reset) – After the router has booted into Cisco IOS, you’ll be prompted by the initial configuration dialog, type n here and press enter and you’ll be placed into user mode. Now you’re able to place your self into privileged mode by typing enable. Once in privileged mode you can erase the contents of NVRAM by issuing the write erase command.

By issuing the write erase command it will erase the startup configuration which is stored in NVRAM and reset the router back to the factory default. This will remove ALL configuration from the router. If you just want erase the configuration on a Cisco Router or Switch, using the write erase command followed by reload will complete the task.

         --- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: n


Press RETURN to get started!

Router>enable
Router#write erase
Erasing the nvram filesystem will remove all files! Continue? [confirm]
[OK]
Erase of nvram: complete
Router#

Step 4. Once you’ve performed a password reset or NVRAM sanitation, you’ll need to set the configuration register back to 0x2102 so the router will boot normally and load the NVRAM contents upon a reboot or power failure.

Router#configure terminal
Router(config)#config-register 0x2102
Router(config)#end