You are locked out of your Cisco ASA and need to reset the ‘enable’ password.
To do this, you need to plug a serial cable into the ASA. This can not be done remotely.
- Reboot the ASA
- Press the ESCAPE button on the boot process when the screen gives you the 9 second count down before it loads the IOS.
- Once you complete step 2, you will be in ROMMON mode.
- Once in ROMMON mode, type confreg
- Once in CONFREG mode, type yes for the first answer and accept the default answers for the next questions, except “disable system configuration?”, select Yes for this.
- Once it completes, type boot, at the ROMMON mode prompt and the ASA will reboot.
- Let it load and you will be at the enable prompt where you can log into the ASA without a password.
- Once in Privledge exec mode, type copy start run, (So that the startup configuration can be placed back into the running configuration).
- Once you have your running configuration back, go and change the passwords that you need from the configuration terminal mode.
- To get from Privledge exec mode to configuration terminal mode type configuration terminal.
- Once you have changed all necessary passwords, change your confreg setting back to there normal status by using the this command: config-register (Your Register number) “usually 0x0000001 by default.
- Write to memory and reboot, then you are all done.