RouterGod Technical Solutions

Cisco Psychic TAC Hotline: Password Recovery
Or, how to banish Satan from a Cisco 2620...

The staff here at RouterGod Online Magazine are always looking for upcoming trends in Cisco networking.  After much research we have learned that not every client can afford Cisco's SmartNet tech support service.  In fact, while SmartNet and Cisco's Technical Assistance Center provide sound solutions to network problems, often they are at a loss to explain how these problems started in the first place.  Cisco will solve your problem but they will never tell you how your equipment became cursed or offer to cast a spell to prevent future curses from harming your equipment.  Cisco does not employ any witches or Voodoo priests, yet it is no secret that 50% of all Juniper employees are certified in black magic.  As much as we love Cisco, they have clearly dropped the ball on this one.  So as a public service, the selfless, virtuous and altruistic staff at RouterGod Online Magazine have hired world famous psychic Madame Rommon to answer your technical support questions, all for only $5 per minute!



Madame Rommon
knows Cisco!

The Phone Rings. Ring! Ring!

Madame Rommon (answers psychic hotline)

Hello my dear, this is Madame Rommon, how may I help you?

Caller

Uh..it's my router.  It has a problem...

Madame Rommon

Oh, yes!  But first, I need your credit card number.

Caller

Of course. it's 5XXX-XXXX-XXXX-XXXX and it expires 08/02, please Madam Rommon, can you help me?

Madame Rommon

Do not worry my child, Madam Rommon knows all and sees all.  Your router has come under the influence of a malevolent spirit.  Your router is possessed by Satan!

Caller

Yes!  Yes!  That's what I told my boss, but he wouldn't believe me!  Everything has been fine until today, I tried to modify the configuration of this 2620 and suddenly the router will not accept my password.

Madame Rommon

Your router is harboring a secret, a bad secret...

Caller

How did you know!  Yes!  It says "Bad Secrets"!  Oh my God!  I can't believe you knew that!  My boss said I needed to perform password recovery, but when I saw "Bad Secrets" on the screen, I knew that it was more serious than that.  Please Madame Rommon, tell me what to do!

Madame Rommon

Sweet Child, we must perform an exorcism.  Do not be afraid.  We must type some sacred commands into the router.  These are very special commands, so special that I will need to charge your credit card an additional $750...Do you authorize this charge?

Caller

Oh Yes!  It's my boss's personal MasterCard, he told me to fix the router, so I know it's ok.

Madame Rommon

Marvelous, for an extra $1000 I can say a prayer for your router, do you authorize that charge?

Caller

Yes!  Yes!  Please, I'll pay anything!  Just help me!

Madame Rommon

Do not fret, plug your console cable into the router and cycle the power switch, when the router reboots, Satan will want to load the startup-config, so you must stop Satan from loading the config.  Do you understand?

Caller

Yes, stop Satan from loading the config, how do I do that?

Madame Rommon

You must hit the BREAK key within 60 seconds of the router booting up, you will know that you have stopped Satan if you see a " > " prompt with no router name to the left of it.

Caller

Yes! I see the > prompt, now what should I do?

Madame Rommon

OK, here is the sacred command, enter: confreg 0x2142

Caller

So far so good, now what?

Madame Rommon

Now you must must cause the router to reboot itself, so enter the following sacred letter: i

Caller

Wow, the router rebooted and now it's asking if I want to enter the initial configuration dialog, what do I do?

Madame Rommon

Your router has rebooted without loading the the startup-config, the startup-config is where the old password was stored, Your router now has a clear running-config, but your old config remains safe, we just told the router not to load it.  Say "No".  Now enter Privileged Exec mode by entering the command: enable.  Now you are in enable mode and you didn't need a password.  The next step is to load the existing startup-config from NVRAM into your running-config, enter the command: copy start run


Madame Rommon gives CCNP Diane
Foster an Anti-Hacker mantra at
Networkers convention.


Madame Rommon demonstrates palm
reading machine for use in Network Operation Centers. 
If this machine detects bad karma, it will not unlock the door.  Enterprise version is SNMP capable.

Caller

Oh, I see, we changed the config register so that when we rebooted the router using the "i" command, it loaded IOS but did not load the config.  Next we entered Priv Exec mode and loaded the config into memory using the copy start run command, now what do we do?

Madame Rommon

Now my child you must change the password, so to global config mode by typing: conf t.  Now enter the command: enable secret followed by your new password.  Now reset the config register so that the next time the machine boots, it will load the startup-config.  Do this now, enter the command: config-reg 0x2102. 

Caller

OK, I entered a new password and set the config-register to load NVRAM, now what?

Madame Rommon

Save the config, enter: copy run start.  Now reboot you router using the command: reload.  When your router reboots, you can use your new password to get into Enable mode!

Caller

Madame Rommon, you're a life saver!

 

Steps to password recovery:

  1. Power cycle the router.

  2. Banish Satan by sending a BREAK within 60 seconds.

  3. From ROM mode, change config register to 2142.

  4. Reboot router.

  5. Get into Priv Exec (enable) mode.

  6. Load up config with "copy start run".

  7. Change password and reset config-register to 2102.

  8. Save config with "copy run start" and reload.

Consultants: Never charge less than $300
to perform password recovery!

Back to RouterGod Online Magazine

Copyright 1999 - 2005 RouterGod Online Magazine