Cisco Router Password Recovery (or Bypassing the Enable Password) and Uploading the Router IOS in ROMMON Mode

So, I bought another router off of Ebay.  A week later, I had to pick it up at the local USPS from where I live.  When I got home, I started the router to test it, and I was prompted with a Username and Password.  I was like “damn it”.

Anyways, I had to bypass the password, so that I can log into the router.  Bypassing the router’s password is pretty easy.  First, you have to reset the router; and when the router boots up, send a break sequence.  You will send the break sequence when the router started to uncompress the ios.  This is where you will see a series of # signs.  After you send the break, you should be at the Rom Monitor mode.  The prompt should look like this:

rommon 1 >

From here type in confreg 0x2142 this command will skip the startup configuration of the router.  Then you will get a prompt to reset the router:

rommon 1 > confreg 0x2142

You must reset or power cycle for new config to take effect
rommon 2 > reset

The router should boot up normally (From here you can check the startup configuration using the show startup-config and make some changes. )

In my case, I had to delete the the startup config, so I deleted it.   Now, you have to change back the configuration register to 0x2102:

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#config-register 0x2102

Then save the new configuration to NVRAM.

Router#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...

Then reload the router.  Once the router boots up again, you should not get the username and password prompt.

Now, uploading the router’s ios in rommon mode from scratch.  You will do this if the router does not have an IP address.  Okay, so back to Rom Monitor mode, we need to give the router an IP Address, Subnet mask, Default Gateway, the IP Address of the TFTP server and the IOS filename.  The TFTP server can be your PC and make sure that you have a TFTP application running.  I use the tftpd32

Also, the PC and the router got to be in the same network or subnet.

rommon 1 > IP_ADDRESS=
rommon 2 > IP_SUBNET_MASK=
rommon 4 > TFTP_SERVER=
rommon 5 > TFTP_FILE=c2600-is-mz.123-26.bin
rommon 6 > tftpdnld

           TFTP_FILE: c2600-is-mz.123-26.bin

Invoke this command for disaster recovery only.
WARNING: all existing data in all partitions on flash will be lost!
Do you wish to continue? y/n:  [n]:  y

If everything goes well, the router should start downloading the ios from the tftp server (your PC).  You know this because you will see a series of ! signs.  Once its done, use the command reset and that should boot the new ios.


About networkshinobi

My name is Karlo, I work as a Network Engineer. A little about myself. I started as a PC gamer back when I was in high school. PC gaming became my addiction and pushed me to learn more about computers. Slowly got my some certifications and landed an IT Tier 1 Helpdesk job. This job opened the door for me to work to push further on my certifications and going deeper into the IT world. My goal was to get my Cisco CCIE Routing and Switching, but my journey for CCIE has changed due to I always ended up working on non-Cisco network appliances. Therefore, I have to pivot and decided to jump to the dark side and go with Juniper. Hopefully, I would get my JNCIE in the near future. All the entries/post I made are based on my views, opinion and for educational purposes only. If you see some mistakes, feel free to drop some comments. I would appreciate all the helpful comments. Thanks
This entry was posted in CCNA Security, CCNA Wireless, CCNP, Misc., My CCNA Studies and tagged , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s