Cisco CCNA Certification - The Config Register and Password Recovery
Whether you're preparing for the CCNA certification exam or not, you must be
prepared for the following question:
"Hey, I reloaded this router and it wants an enable password. Do you know it?"
Because if you don't, and there's no one available who does, you need to perform
a password recovery technique on the router - without erasing the current
configuration. This involves manipulating the config register, and a misstep
here can be fatal to the router's chances of recovery!
Obviously, that can make you pretty nervous about changing the config register,
CCNA or not. Different Cisco routers and switches have different techniques for
password recovery, so the following discussion is limited to the 2500 series. If
you need to do this for another model, do a quick search engine check for
"password recovery cisco" and you should quickly find a document for the Cisco
router you're working with.
For the 2500 series, you start by reloading the router and sending a BREAK
signal during the first 60 seconds of the reload. Depending on the terminal
program you're using, this can be the hardest part of the entire process! For
most, just press CTRL-BREAK during this one-minute period. If this doesn't work,
you may need to check Help in your terminal program to find out how to send this
As a result of the break sequence, the router will go into ROM Monitor mode. The
commands here are totally different than the ones you're used to working with in
the router's IOS. Use the command o/r 0x2142 to change the config register
setting, and reload the router by entering the letter "i".
This config register setting doesn't erase anything, but it does make the router
ignore the contents of NVRAM. This means that you'll be prompted to go into the
dreaded Setup Mode, which you do NOT want to do. Simply press "N" and type
"enable" when you're at the router prompt. (If you do go into Setup Mode, you
can always get out with CTRL-C, a handy command to know for the CCNA exam and
for real life, as you can see!)
Be very careful with the next step. You want to enter the command "configure
memory" or "copy start run" at this point - don't enter "write memory" or "copy
run start". Success on the CCNA exam and in working with real-world networks is
all about the details, and this is a very important detail.
At this point, you can look at the running configuration and see the passwords,
and change them if you wish. However, we're not done. The config register needs
to be set back to its default of 0x2102, and you do so with the global command
"config-register 0x2102". Now you want to save your config with "write memory"
or "copy run start", and reload the router. The router will now boot as it
Knowing how to recover from a lost password is a vital skill for both the Cisco
CCNA certification exam and for success in real-world networks. It's not something
we have to do every day, but when the time calls for it, we have to do it correctly
and completely - and that includes that final config-register change!
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free
The Ultimate CCNA Study Package, and Ultimate CCNP
Study Packages. For a FREE copy of his latest e-books, "How To Pass The CCNA"
and "How To Pass The CCNP", visit the website and download your free copies. You
can also get FREE CCNA and CCNP exam questions every day! Pass the
with The Bryant Advantage!