Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco 2610 'Password Recovery is Disabled' 1

Status
Not open for further replies.
KoronaAxe02

KoronaAxe02

Vendor
Jul 10, 2008
6
0
0
I have 2 Cisco 2610 routers with the password recovery disabled. I've tried all the solutions Cisco's website has offered, or that I could find. Here is the link I found:


When I send the break command after I see "Image text-base", I answer the prompts but it doesn't reset the unit to the factory defaults....both routers go straight back to being password protected with no Rommon access. Am I screwed? or is there another way around this?

I'm most likely going to return these units anyway for reasons other than the recovery problem, but I'd still like to know if anyone can help...just in case they won't take the units back and for future reference. Thanks for reading, any help would be greatly appreciated!
 
Sort by date Sort by votes
VCutrone,
I'm sorry, I guess I didn't explain the problem enough. I can't access Rommon AT ALL, therefore the classic password recovery doesn't work. Sending a break command doesn't give me a rom prompt, it asks me this:

PASSWORD RECOVERY IS DISABLED
Do you want to reset the router to factory default
configuration and proceed [y/n] ?

Answering 'yes' gives me a short readout and then the router asks:

Are you sure you want to continue [y/n]?

Answering yes or no produces the same result, I don't get a Rommon or Router prompt, just a screen saying that I've entered a secured sovereign bank system (a previous owner) and then a password prompt. Of course, I don't have the passwords so I'm pretty much stuck :(
 
Upvote 0 Downvote
Factory defaults have a given username and password, like cisco and cisco...don't know them though...google it. I have seen this once, a similar deal, where the router was configured to authenticate to aaa...I'll see if I can look up my notes on it...that's a good one...

Burt
 
Upvote 0 Downvote
Burt,

Thanks for replying, I've tried looking up default usernames and passwords for 2600's without much luck. I tried cisco, Cisco, admin, Admin, Cisco admin, 123cisco123, and everything else I can think of and nothing has worked. If you find something in your notes, please let me know!

 
Upvote 0 Downvote
You are screwed. Ship them back to Cisco. Or get another NVRAM chip and install that. However, that will cost more than the routers are worth.
 
Upvote 0 Downvote
Tad---how does a router become like that? Can someone set a router to disable password recovery? Why is his like that?

Burt
 
Upvote 0 Downvote
daffymd,
Thanks for replying but that link takes you to the same page I cited in my first post.

Cluebird,
I had a few older NVRAM chips that I tried installing with no luck, granted they were from units I had listed as 'bad' that I wasn't sure what their problems were. I'm sending the units back today.

Thanks to everyone who replied and tried to help, this forum is great!

 
Upvote 0 Downvote
Burt,

As eurobadger states: no service password-recovery

It is one of the "hidden" IOS commands that is now talked about. Where this is used is in locations where you can't provide physical security to the router and you want to prevent someone from doing a password recovery on the box and compromising the network. (I've seen so many small networks or college campuses that use unlocked janitor closets as IDFs...Any Cisco Academy student or CCNA wannabe can practice password recoveries if they are ethically challenged!) Also, if they rip off the box and try to sell on e-bay, the box is useless.

As Cisco says, if you disable the password-recovery mechanism, your choices are limited if you can't remember your passwords so make sure you have some way to access the box (passwords or AAA servers available or such).

Some routers will clear the NVRAM when you remove the chip from the motherboard. However, the 2600 uses EEPROMs that won't reset.
 
Upvote 0 Downvote
What about ultraviolet light, like an EEPROM program burn machine? Also, are there no jumpers to reset NVRAM?
I remember having to deal with one from AT&T, but it was a bit different---it was set to authenticate to AAA, and I had to do some little trick to get it to do password recovery. Why, then, when KoronaAxe02 was asked by the router if he wanted to reset to factory defaults, did the router not accept cisco/cisco? Aren't they initially set up like
username cisco priv 15 password cisco
???

Burt
 
Upvote 0 Downvote
Where is the NVRAM on a 2620, physical location on the board? I see the boot ROM, and I know where the flash and DRAM are, of course, and I see the reset jumperpins (just reloads the router), and the DUART pins to set console speed...but where is the NVRAM chip?

Burt
 
Upvote 0 Downvote
I don't have a diagram available and am too lazy to rip open my 2600s and take a picture, but the NVRAM chip is next to the ROM chip on the motherboard. If you look from the back end of the router with the case off (the end with the interfaces and power supply), there are two removable chips by the flash. The left one is the ROM and the right one is the NVRAM.

Most of Cisco's diagrams don't specifically show exact locations of the various chips. And TAC won't send detailed schematics for some strange reason?

Or you can just de-solder everything from the motherboard...(evil laughter...)
 
Upvote 0 Downvote
So it's socketed, and so therefore it CAN be replaced...

Burt
 
Upvote 0 Downvote
I have a 2500 series router, how do I clear the previously configured memory to start again, as I cannot remeber the access password???

M Steele
Network+
CCENT
 
Upvote 0 Downvote
First off, you're piggybacking on this thread. Second, you can easily google "password recovery cisco 2500". Third, to start, send a break and in rom monitor, ...

rommon1>o/r 0x2142
rommon2>reset

Then copy start run, and change the passwords.

Burt
 
Upvote 0 Downvote
Figured out a good fix (risky) for this...

Took out NVRAM chip, powered router on, let it load all the way, then did

router>en
router#wr
It said that the config had been previously written with a different IOS, blablabla, do you want to continue? (confirm)

Here's the risky part...

With power on, I reseated the NVRAM chip, the hit enter to confirm---it saved the default config to NVRAM, but changed the config register on reload to 2122 (19200 BAUD). But it worked. Yay.

After reloading, it warned me that "this will disable the password recovery mechanism, blablabla...Are you sure?"

This is the output you get when you initially do the command "no service password-recovery". I said "n", and it was as if everything was reset to factory defaults. The config register may have been set to 2122 because I loaded the router without NVRAM...

Burt
 
Upvote 0 Downvote
I would have thought changing the config register in rommon to not use the start-up config would have gotten around the problem.

[the other] Bill
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pbxcomm
  • Locked
  • Question
CISCO VG450
Replies
1
Views
118
bdk76
bdk76
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
101
madwok
madwok
Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
117
Jared R
Jared R
Hayden09
  • Locked
  • Question
Cisco Sg-300 Flapping?
Replies
0
Views
103
Hayden09
Hayden09
JMarine0811
  • Locked
  • Question
CISCO VG450 Factory reset
Replies
1
Views
135
whykap
whykap

Part and Inventory Search

Sponsor

Back
Top