username / password on existing network 2

[msstrang]

Hey All,
I'm an electrical engineer posing as a network engineer at the moment...

i've inhereted an existing network that uses a cisco 1721 router. i'm working on a much larger scope project, but before i can proceed i need to access the CLI.

i can connect to it using hyperterminal no problem, but i've got the "username:" & "passcode:" prompts.

problem is i don't know either.

i've looked at some of the password recover protocols, but am worried that it might negatively alter the current setup?

is this a valid concern?
if not, is this the path i should be travelling?
what's the best password/username recover protocol?
is there something else i should be doing instead (besides engineering some electricals)?

 

[CiscoGuy33]

msstrang,

If you do not have the password, then you will have to use the password recover to get into privledged mode.

YOU ARE VERY RIGHT THAT YOU "might negatively alter the current setup" you need to understand what you are doing and I would - as soon as you are into privleged mode - copy the startup config to a TFTP server in case you do screw something up.

Once you are in (and if you do not know ANYTHING that I am saying get at least a Cisco Networking for Dummies book and read it) using the password break procedure you will be in a router with no config running (router ignored it) You can get to priv mode by typing "ena" and you should see router# - now you can do DAMAGE - be very carefull!

While in priv mode you can do the command "copy start run" (DO NOT DO COPY RUN START) this will "load" all the configs into memory/DRAM that you told it to ignore with the password break procedure.

You are STILL in priv mode and router is back to normal, before you leave you need to change the password to something YOU know, change the config-register back that you changed to "break the password" and then run "copy run start" to save all the old stuff with the new password changes.

Hope this helps!

E.A. Broda
CCNA, CCDA, CCAI, Network +

 

[CiscoGuy33]

msstrang,

ONE MORE THING - before you do this check this post for any other help that might be offered

If I am not wrong - then when you do the "copy start run" since the routers interfaces were all down from the start with "password break procedure" then all the interfaces will be shutdown! You will also need to go to each interface and do a "no shut" to bring them all back up!

Your best bet - find a buddy who is a CCNA and give him a case of suds to "stand by" with you while you are learning

Good luck !

Just some thought!

E.A. Broda
CCNA, CCDA, CCAI, Network +

 

[brianinms]

Instead of copy start run, I find it easier to tell people to use the command "config mem

 

[burtsbees]

Interesting...I posted the complete password recovery process, but I guess it never "showed up". Also interesting is config mem---never knew that. Thanks!
Here it is again...
Connect via HyperTerminal,, turn the router off, then back on. After about 10 seconds of it being turned on again, initiate a break sequence (shift-pause/break or ctrl-pause/break), and you get the
rommon1>
prompt. Then, do this...
rommon1>confreg 2142
rommon2>reset
After the router reboots, answer no to the first question and yes to the second question. You will then be at the
router>
prompt. Then, do this...
router>en
router#copy start run
router#conf t
router(config)#line con 0
router(config-line)#password bla
router(config-line)#login
router(config-line)#exit
router(config)#line vty 0 4
router(config-line)#password bla
You can use a different password for the virtual-terminal lines 0 thru 4 (vty 0 4), but I always use the same as the console myself...the vty 0 4 lines are for telnet and such.
router(config-line)#login
router(config-line)#exit
router(config)#config-register 0x2102
router(config)#enable password bla
This will have to be done for all passwords, so if you use a different password for line vty 0 4, ...
router(config)#exit
router#wr
There ya have it. Let me know if you need to know how to back up the config in a text document and to a tftp server, as well as the IOS image. I do this with all my Cisco devices, for disaster recovery of them.

Burt

 

[msstrang]

First off, much thanks burtsbees & ciscoguy33 & brianinms, this looks like some good information.

If I follow the steps that burtsbees lays out, will I have to worry about ciscoguy33's warning about needing "to go to each interface and do a "no shut" to bring them all back up"? If so can anyone give me a brief explanation of how to do this?

Also, in burtsbee's steps, where is the username declared (it looks like nowhere and I think maybe there's something here I'm not clear with 100%). Also is the password "bla" or is that a CLI command?

And yes, I would really appreciate your showing me how to back up the config.

 

[plshlpme]

the username should be near the top of the config..

username xxxx password xxx

if there are no local usernames defined their may be tacacs configured on the router which will have all the usernames stored on an authentication server at some other location..

 

[burtsbees]

If you have usernames like that, then the command
router(config)#username joe priv 15 pass blow
needs to be added. The "joe" and "blow", as well as "bla" are made up---substitute them for real passwords. You should not have to do a "no shut" on the interfaces, but in case you do, then do this...
router(config)#int fa0
router(config-if)#no shut
Like that. Do a
router#sh ver
to get the interface names...

Burt

 

[CiscoGuy33]

brianinms,

Thanks for the "config mem" command - MUCH BETTER and no chance of getting the run and start in the wrong order I had totally forgot "config m" - always doing "config t".

Burt,

I added the "no shut" info because to test this out I just ran the password recovery on a fully configed Cisco 2611 in my lab, it is connected by serial cable to 2610s on both sides as well as the 2 Ethernets - a CAT 1924 switch and a Cisco Fast400 hub - all interfaces were back to fully configured but were ALL shut down after the "config mem"!

Might be an IOS thing - I think these are 12.1 build 16. - something like that!

Hope this all helps!




E.A. Broda
CCNA, CCDA, CCAI, Network +

 

[burtsbees]

Could be...I have an older 2503 at home...i'll play around with all my routers and let you know. I just acquired a 30-day guaranteed Cat2924XL for $30 on Ebay! YAY!

Burt

 

[msstrang]

Hey, one more thing...
CiscoGuy33 & and a couple of other pages on the internet show that after exiting (config) mode that I need to enter the "copy run start" to copy to RAM, but it's not mentioned in Burts post...

router(config)#exit
?router# copy run start?
router#wr

 

[burtsbees]

wr is the same thing

Burt

 

[burtsbees]

The full command is write memory, but wr or wr mem works. Does the same as copy run start, which is copy running-configuration startup-configuration

Burt

 

[msstrang]

thanks for all the help guys..
now i'm looking for a convenient time to implement these steps.

i have 16 people here in the office connected to this router. will the down time only consist of the time break mode is entered until the "router#wr" command?

 

[plshlpme]

since you have to reload the router there will be some downtime involved..
you actually have to reboot it twice.. so bet for about 30 mins downtime to give yourself a little window...

maybe do it at the end of the day or at lunch so the users wont notice as much..

 

[hummer3331973]

Before doing anything, try using "cisco" and "password" first. You'll never believe how many people are using that

 

[burtsbees]

Very true hummmer! I have run across that! Of course, I buy my stuff on Ebay, and perhaps people that I have gottem them from have used them for Cisco training. I even bought one called Orlando!

Burt