Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Not sure what I did

Status
Not open for further replies.

cdtech9198

IS-IT--Management
Feb 14, 2008
48
US
I recently got my hands on two cisco asa 5510. I have successfully reset the first one back to factory defaults. The second one I must have screwed up a step.

The ASA won't get past this see below
Code:
CISCO SYSTEMS
Embedded BIOS Version 1.0(11)2 01/25/06 13:21:26.17

Low Memory: 631 KB
High Memory: 256 MB
PCI Device Table.
Bus Dev Func VendID DevID Class              Irq
 00  00  00   8086   2578  Host Bridge
 00  01  00   8086   2579  PCI-to-PCI Bridge
 00  03  00   8086   257B  PCI-to-PCI Bridge
 00  1C  00   8086   25AE  PCI-to-PCI Bridge
 00  1D  00   8086   25A9  Serial Bus         11
 00  1D  01   8086   25AA  Serial Bus         10
 00  1D  04   8086   25AB  System
 00  1D  05   8086   25AC  IRQ Controller
 00  1D  07   8086   25AD  Serial Bus         9
 00  1E  00   8086   244E  PCI-to-PCI Bridge
 00  1F  00   8086   25A1  ISA Bridge
 00  1F  02   8086   25A3  IDE Controller     11
 00  1F  03   8086   25A4  Serial Bus         5
 00  1F  05   8086   25A6  Audio              5
 02  01  00   8086   1075  Ethernet           11
 03  01  00   177D   0003  Encrypt/Decrypt    9
 03  02  00   8086   1079  Ethernet           9
 03  02  01   8086   1079  Ethernet           9
 03  03  00   8086   1079  Ethernet           9
 03  03  01   8086   1079  Ethernet           9
 04  02  00   8086   1209  Ethernet           11
 04  03  00   8086   1209  Ethernet           5

Evaluating BIOS Options ...
Launch BIOS Extension to setup ROMMON

Cisco Systems ROMMON Version (1.0(11)2) #0: Thu Jan 26 10:43:08 PST 2006

Platform ASA5510
Management0/0
Link is UP

MAC Address: 001b.d554.4d4b


Use ? for help.
rommon #0>

The working ASA continues on

with Cisco Systems ROMMON Version (1.0(11)2) #0: Thu Jan 26 10:43:08 PST 2006

Platform ASA5510

Use BREAK or ESC to interrupt boot.
Use SPACE to begin boot immediately.

Launching BootLoader...
Default configuration file contains 1 entry.

Searching / for images to boot.

Loading /asa707-k8.bin... Booting...


etc.


What is rommon? Can I recover this back to factory defaults again?

Thank you in advance.
 
do you get this every time you reboot the device?? what do you see when you type set at the rommon #0> prompt??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Yes I was. I found a tutorial online that resolved the issue. I am not sure what all this means below, but it did work.

Code:
1. Power-cycle your security appliance by removing and re-inserting the power plug at the power strip.

2. When prompted, press Esc to interrupt the boot process and enter ROM Monitor mode. You should immediately see a rommon prompt (rommon #0>).

3. At the rommon prompt, enter the confreg command to view the current configuration register setting: rommon #0>confreg

4. The current configuration register should be the default of 0x01 (it will actually display as 0x00000001). The security appliance will ask if you want to make changes to the configuration register. Answer no when prompted.

5. You must change the configuration register to 0x41, which tells the appliance to ignore its saved (startup) configuration upon boot: rommon #1>confreg 0x41

6. Reset the appliance with the boot command: rommon #2>boot

7. Notice that the security appliance ignores its startup configuration during the boot process. When it finishes booting, you should see a generic User Mode prompt: ciscoasa>

8. Enter the enable command to enter Privileged Mode. When the appliance prompts you for a password, simply press (at this point, the password is blank): ciscoasa>enable Password: ciscoasa#

9. Copy the startup configuration file into the running configuration with the following command: ciscoasa#copy startup-config running-config Destination filename [running-config]?

10. The previously saved configuration is now the active configuration, but since the security appliance is already in Privileged Mode, privileged access is not disabled. Next, in configuration mode, enter the following command to change the Privileged Mode password to a known value (in this case, we'll use the password system): asa#conf t asa(config)#enable password system

11. While still in Configuration Mode, reset the configuration register to the default of 0x01 to force the security appliance to read its startup configuration on boot: asa(config)#config-register 0x01

12. Use the following commands to view the configuration register setting: asa(config)#exit asa#show version

13. At bottom of the output of the show version command, you should see the following statement: Configuration register is 0x41 (will be 0x1 at next reload)

14. Save the current configuration with the copy run start command to make the above changes persistent: asa#copy run start Source filename [running-config]

15. Reload the security appliance: asa# reload System config has been modified. Save? [Y]es/[N]o:yes

Cryptochecksum: e87f1433 54896e6b 4e21d072 d71a9cbf

2149 bytes copied in 1.480 secs (2149 bytes/sec) Proceed with reload? [confirm]

When your security appliance reloads, you should be able to use your newly reset password to enter privileged mode.
source:
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top