Link to home
Get AccessLog in
Avatar of jpletcher1
jpletcher1Flag for United States of America

asked on

Cisco ASA reset enable password by using an account with priv level 15?

I have a 5510 ASA device that I don't know the enable password to.  I can get in and work on it with an account that has level 15 priv.  Can I reset/change the enable password since I have an account with priv 15?  Or do I have to do through the typical process to recover the enable password?
Avatar of avilov
avilov
Flag of United States of America image

enable password <newpassword>

changes enable password. don't forget to save running config _after_ you verified that new password works
Avatar of sysreq2000
sysreq2000

Try it. 8)
Avatar of jpletcher1

ASKER

That's what I tried first, and it seems to let me change it, but when I log out and back in it doesn't accept that when I try to go into enable mode.  I am sure I'm typing in the right password as I've tried several times.  So either it's not applying it in the background or there's something preventing me from loging in with it.

If I try to change it in ASDM, it wants the old password along with the new one.  If I type what I think the old password is and then for the new one I type in the same thing, it says no changes were made, as if I'm typing in the same thing for old and new password.  It's kind of odd.
can you list all your aaa commands here?
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
aaa authorization command LOCAL
aaa authentication secure-http-client
check that doc. it explains your setup and why you have that "problem"

http://www.dslreports.com/faq/15989

I read through it, but must be missing something.  Can you clarify?  Thanks for your help.
Hi

Do you have

aaa-server LOCAL protocol local

in the config.
I don't see it listed when I do a show run, but I do see it when I look in ASDM, so not sure if it is something that is implied and therefore not listed in the running config or how that works.
I take that back rochey2009, it is listed in ASDM but not "enabled".
Hi,

Ok. try enabling it.

or in cli

aaa-server LOCAL protocol local
ASKER CERTIFIED SOLUTION
Avatar of jpletcher1
jpletcher1
Flag of United States of America image

Link to home
membership
This content is only available to members.
To access this content, you must be a member of Experts Exchange.
Get Access
The issue was my keyboard.  Sorry all for the trouble..