01-25-2024 02:49 AM
Hi All
I am hoping someone out there can help me. I have been battling for 4 days to try and recover the ASA password with out any success.
I am currently running a Cisco 5516-X and when trying to access the ASDM I get a message that the password has expired. There is no option allowing me to reset/change it even though I have the current password.
After searching the internet I have tried several option to reset the password via the rommon menu.
confreg
Do you wish to change the configuration? y/n [n]: y
Accept the defaults for all except the question, enable "ignore system configuration"? y/n [n]: y
rommon2 > boot -> here I get an error, that I don't fully understand and not sure if it is related to my original password problem.
rommon 10 > boot
Located '.boot_string' @ cluster 37890.
#
Directory asa981-lfbff-k8.SPA not found
Unable to load asa981-lfbff-k8.SPA
boot: error executing "boot"
If I use the "reload" command the system reboots into 0x41 anyway.
rommon 11 > reload
Resetting .......
Once it is finished booting I am able to enter the privilege mode with the "enable" command with no password [enter]
I can then copy the startup-config to the running-config.
Enter the configuration menu with command "conf t"
I then reset the password with command "enable password new_password" and save settings with " wr mem" command.
I then change the config registisry back to 0x01 from 0x41 with command "config-register 0x01".
Verify that my next reload will boot from the correct registry with "show version" command.
exit out of conf menu
For good measure I save the current setting to make changes persistent "copy run start"
"reload" the system.
Once up again the password that I have just set does not work!
ciscoasa> en
Password: *************
Invalid password
Password: ************
Invalid password
Password:
Invalid password
Access denied.
I attempt to connect to the ASDM and get the same error about password expired.
I have tried a couple of other options in the rommon prompt
disabling the aaa authentication
Using commands "show run aaa"
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
aaa authentication login-history
then "no aaa authentication enable console LOCAL" for each of the above
no aaa authentication http console LOCAL
no aaa authentication ssh console LOCAL
no aaa authentication login-history
Get the same result, that the new password still fails.
I have also done a factory reset and then restored from our latest backup. Straight after factory reset I was able to access the ASDM application using default credentials, and used it to do a restore from backup file, but as soon as I restore the backup I have the same issue, when I need to re-authenticate .... password expired.
Does any one know how I can reset the password for the admin user that is used to access the ASDM?
Solved! Go to Solution.
01-26-2024 10:00 AM
Hi All
I have managed to resolve this on my own.
Resolution Steps for anyone else who gets caught out in the future.
Whether this is right or not, it is what worked for me and got me back online, after more hours than I would like to admit of battling.
01-25-2024 02:53 AM
Can i see all asa config
MHM
01-26-2024 10:00 AM
Hi All
I have managed to resolve this on my own.
Resolution Steps for anyone else who gets caught out in the future.
Whether this is right or not, it is what worked for me and got me back online, after more hours than I would like to admit of battling.
01-26-2024 10:37 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide