Cisco 2600 lockout

We implemented Radius(IAS) and now we are unable to do anything on one of our routers.  We can login but with limited access.  We are unable to do sh run or config t.  We get Command Authorization Failed.  The router is outside the Pix and I don't believe the router was ever communicating with the IAS because we were prompted for 2 passwords and only allowed to get to the # prompt with the enable login not the IAS domain login.  So, needless to say we are basically locked out.  How can we get back in to remove the aaa configurations in the router?
JelonetAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cyclops3590Commented:
Do you have physical access to the router?

You can console in and do a password recovery procedure.
Just turn off the router, turn it back on, hit ctrl-break.
I believe for the 2600 you type
confreg 0x2102
to bypass the startup config
then type
reload
go into enable and global mode
run copy start run
redo the lines you need, copy run start
then in global mode type (check on it, because I can't remember the exact syntax)
config-register 0x2142
then reload
you should be good again
0
JelonetAuthor Commented:
Is ther a way I can recover the current config/IOS image? Do I have to completley reconfigure the router after the reload or just change/deleted the aaa stuff
0
Cyclops3590Commented:
the after you change the register the router uses to boot, it just skips over the config loading process. so your entire config is still in nvram unaltered.  Its just that since its not loaded, there is no password you need to enter to get to enable and global modes.  Just make sure that when you alter the config you are in configure terminal global mode and as soon as the show run looks right, commit it to nvram, change the register to boot to and reload the router.

If you want more specific steps, which I recommend getting, google cisco 2600 password recovery procedure.  You should be able to sub 2600 with your exact model number to find the specific one, but all 2600's should use the same procedure.  You should be able to find a cisco.com page there that will tell you step by step what to do.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JelonetAuthor Commented:
It is a 2600 and I'll give it a shot.  If it don't work I'll just have to reconfigure it.  Thanks for your help.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.