Firewalling

Cisco ASA – Full recovery

René Jorissen on May 24, 2011 1 Comment • Tags: #asa #cisco #full #password #recovery

While trying to perform a password recovery on a Cisco ASA, I noticed that the password recovery feature was disabled on the appliance. Without the password recovery feature enabled, you can recover the Cisco ASA, but the file system will be wiped completely.

During the boot of the Cisco ASA you need to press ESC to enter rommon and you will receive the following warning.

WARNING:  Password recovery and ROMMON command line access has been
disabled by your security policy.  Choosing YES below will cause ALL
configurations, passwords, images, and files systems to be erased.
ROMMON command line access will be re-enabled, and a new image must be downloaded via ROMMON.

Erase all file systems? y/n [n]: y

Permanently erase Disk0: and Disk1:? y/n [n]: y

All data from disk0: will be erased after which you will gain access to the rommon of the appliance. To perform the full recovery you need to enter the following commands:

rommon #0> interface <interface id>
rommon #1> address <IP address>
rommon #2> file <image name>
rommon #3> server <IP address TFTP server>
rommon #4> tftp

The new image will be loaded to the Cisco ASA appliance and the appliance will boot with its default configuration. After the Cisco ASA is booted you have the format disk0:. When you issue the show disk0: command before the format, you will notice that there is no free space on the disk. After the format you need to upload the appropriate ASA and ASDM image.

Be aware that after performing a full recovery the previous VPN-3DES-AES activation keys and other licenses will be lost. You can get a new activation key at http://www.cisco.com/go/license.

The following two tabs change content below.

René Jorissen

Co-owner and Solution Specialist at 4IP Solutions
René Jorissen works as Solution Specialist for 4IP in the Netherlands. Network Infrastructures are the primary focus. René works with equipment of multiple vendors, like Cisco, Aruba Networks, FortiNet, HP Networking, Juniper Networks, RSA SecurID, AeroHive, Microsoft and many more. René is Aruba Certified Edge Expert (ACEX #26), Aruba Certified Mobility Expert (ACMX #438), Aruba Certified ClearPass Expert (ACCX #725), Aruba Certified Design Expert (ACDX #760), CCNP R&S, FCNSP and Certified Ethical Hacker (CEF) certified. You can follow René on Twitter and LinkedIn.

Latest posts by René Jorissen (see all)

  1. Angie Sharpe says:

    Looking for powerful online marketing that has no per click costs and will get you new customers fast? I apologize for sending you this message on your contact form but actually that was kinda the point. We can send your advertising text to sites via their contact forms just like you’re getting this ad right now. You can specify targets by keyword or just execute bulk blasts to websites in any country you choose. So let’s assume you need to blast a message to all the contractors in the USA, we’ll scrape websites for just those and post your advertisement to them. As long as you’re advertising a product or service that’s relevant to that type of business then you’ll get awesome results!

    Shoot me a reply to alfred3545will@gmail.com to get info and prices

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.