Techie Tips

Tips, Tutorials, Software and Reviews

Reset / Recover Cisco 1800 Series router enable password

Submitted: Mon, 08/02/2010 - 09:02 -- guvnor
Last Updated: Thu, 08/05/2010 - 16:21
If you have forgotten the enable password to a Cisco 1800 series router you will need to recover it. This document discusses how to do that.

Requirements

Physical access to the router A PC with a Serial Port A Cisco rollover / console cable (the blue type) A copy of Hyper-terminal or Putty. Hyper-terminal comes with windows and putty is a free download. For this article I will use putty.

Plug in the Console Cable

Plug the Cisco console cable from your PC's serial port to the console port of the Cisco 1800.

Open a serial session to the router

Open a serial connection to the router via Putty (or Hyper-terminal) Start Putty and select the serial radio button. This should automatically fill in the correct serial settings. You may have to change the com port depending on how many com ports your PC has. NOTE!For your info the settings are 9600 baud rate No parity 8 data bits 1 stop bit No flow control Serial Putty

Send a "Break" Signal to the router

Turn the router on and as it boots you will see some start up commands. Before 60 secods has elapsed cliick on "Settings" then click "Break". putty break This will send a break signal to the router. If all goes well you will be prompted by the rommon mode.

Set a configuration setting to boot the router without the configuration

This setting will make the router boot up into IOS without loading the configuration and therefore the password. This means you can access or reset the password.
confreg 0x2142
conf reg The router will prompt you that it needs a reset or a power cycle to take the configuration change. Type
reset

Boot with no running configuration

The router will now reboot. It won't have any running configuration so you be prompted to configure the router. Say "no" to this.
         --- System Configuration Dialog ---
 
Would you like to enter the initial configuration dialog? [yes/no]: Installed image archive
Enter No then pres Return You will then be shown router> prompt As the router has loaded up without any saved configuration the password will be set as default - which is no password. This means you can now enter enable mode. So go ahead and do that en you will go straight into enable mode and you won't be prompted for a password. So now we want to reset the password that is loaded when the router starts up with the stored configuration. Currently we have access to the router but it has not got it's normal configuration loaded.

Reset the password

Depending on what type of password you have set there are two different ways of resetting the password. The two choices are the older "enable" password which is not encrypted and you can read it or the "secret" enable password which is hashed and you can't read it.

Enable Password (Not Encrypted)

Simply type "show startup"
Router#show startup
This will output the configuration that is loaded on start-up. You will see the enable password listed.

Secret Password (Encrypted)

You will know if your router is using a secret enable password because you will see something like this enable secret 5 $1$iUjJ$cfghDZ03KKGh7mHfX2RSbDqP. in your configuration when you run the command.
show startup
Load the start up config into running config so you may edit it then re-save it.
copy startup-config running-config
Change the secret password to something of your choosing, I have used IL1KEC1sc0!! as a password.
configure terminal
enable secret IL1KEC1sc0!!
exit
Now save the config with the new password to the startup config. This will ensure your password is used next time the router reboots.
copy running-config startup-config
Now set the router to use this configuration next time it starts
configure terminal
config-register 0x2102
write memory
Now your router will use the configuration with the new password next time is reboots