Solved

Password recovery, Command authorization failed.

Posted on 2004-08-19
3
1,229 Views
Last Modified: 2008-01-09
I got a 2610 router and trying to do a password recovery.  I recycle the router and do a CTRL-Break on it, then I do a confreg 0x2142
Next, I do ENABLE
Then, I do copy star run
From there, I'm at the Privleged Mode and should be able to do configure terminal, so I can clear out the enable password.  This is what happens.


CATHKMR01R1#conf t
Command authorization failed.

CATHKMR01R1#

Why is this?  Is there anyway besides clearing out the startup config to recovery the password?  I don't want to clear out my current config that's in there now.
0
Comment
Question by:Pentrix2
  • 2
3 Comments
 
LVL 50

Accepted Solution

by:
Don Johnston earned 500 total points
ID: 11840061
Looks like the startup config that you're copying to running config contains Tacacs configuration commands. Without the username/password setup on the Tacacs server, you won't be able to do much.

Either get a username/password, or don't load the startup-config.

-Don
0
 
LVL 9

Author Comment

by:Pentrix2
ID: 11840086
You're absolutely correct, it does have a TACACS server on it.  I'll just have to clear out the startup config then.  Thanks donjohnston!!
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 11846672
It just occured to me that there is a way to recover the configuration...

Once you've used the password recovery process to get into priviliged mode, get an ethernet interface configured. Setup a TFTP server off the ethernet interface and issue a "copy startup tftp". Once the file is on the TFTP server, open it and remove the TACACS commands, save it and then copy it back to NVRAM (copy tftp start).

-Don
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
pfSense IP Helper 4 140
My laptop is getting both a valid IP address and the broadcast address on this network 8 77
The purpose of using BGP 33 71
BGP Code 12 41
While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is a…
I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now