Solved

Cisco ASA reset enable password by using an account with priv level 15?

Posted on 2011-02-15
13
1,381 Views
Last Modified: 2012-05-11
I have a 5510 ASA device that I don't know the enable password to.  I can get in and work on it with an account that has level 15 priv.  Can I reset/change the enable password since I have an account with priv 15?  Or do I have to do through the typical process to recover the enable password?
0
Comment
Question by:jpletcher1
  • 7
  • 3
  • 2
  • +1
13 Comments
 
LVL 9

Expert Comment

by:avilov
ID: 34901365
enable password <newpassword>

changes enable password. don't forget to save running config _after_ you verified that new password works
0
 
LVL 11

Expert Comment

by:sysreq2000
ID: 34901372
Try it. 8)
0
 

Author Comment

by:jpletcher1
ID: 34901435
That's what I tried first, and it seems to let me change it, but when I log out and back in it doesn't accept that when I try to go into enable mode.  I am sure I'm typing in the right password as I've tried several times.  So either it's not applying it in the background or there's something preventing me from loging in with it.

If I try to change it in ASDM, it wants the old password along with the new one.  If I type what I think the old password is and then for the new one I type in the same thing, it says no changes were made, as if I'm typing in the same thing for old and new password.  It's kind of odd.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 9

Expert Comment

by:avilov
ID: 34901558
can you list all your aaa commands here?
0
 

Author Comment

by:jpletcher1
ID: 34901598
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
aaa authorization command LOCAL
aaa authentication secure-http-client
0
 
LVL 9

Expert Comment

by:avilov
ID: 34901710
check that doc. it explains your setup and why you have that "problem"

http://www.dslreports.com/faq/15989

0
 

Author Comment

by:jpletcher1
ID: 34901862
I read through it, but must be missing something.  Can you clarify?  Thanks for your help.
0
 
LVL 17

Expert Comment

by:rochey2009
ID: 34901953
Hi

Do you have

aaa-server LOCAL protocol local

in the config.
0
 

Author Comment

by:jpletcher1
ID: 34906971
I don't see it listed when I do a show run, but I do see it when I look in ASDM, so not sure if it is something that is implied and therefore not listed in the running config or how that works.
0
 

Author Comment

by:jpletcher1
ID: 34906984
I take that back rochey2009, it is listed in ASDM but not "enabled".
0
 
LVL 17

Expert Comment

by:rochey2009
ID: 34918429
Hi,

Ok. try enabling it.

or in cli

aaa-server LOCAL protocol local
0
 

Accepted Solution

by:
jpletcher1 earned 0 total points
ID: 34918456
Well this is going to sound crazy, but it was the keyboard that I was using.  Some of the special characters that I was using in the password were not working or the output was goofy.  Sorry to lead everyone on a wild goose chase here.  This has happened to me in another scenario many years ago too, so I should have thought of it.  Thanks all for your help!
0
 

Author Closing Comment

by:jpletcher1
ID: 34949736
The issue was my keyboard.  Sorry all for the trouble..
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Lync - CUCM Integration Question 2 26
configure ASA Vlan Interface 14 59
2 Gateways (bandwidth) - One domain 7 73
NAT Public IP through a VPN 17 36
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now