Filter
Top Products
17-4
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 17 Administrative Tasks for the Sensor
Recovering the Password
Step 3 Choose 2: Cisco IPS Clear Password (cisco). The password is reset to cisco. Log in to the CLI with
username cisco and password cisco. You can then change the password.
Using ROMMON
For the IPS 4240, IPS 4255, IPS 4345, IPS 4360, IPS 4510, and IPS 4520, you can use the ROMMON
to recover the password. To access the ROMMON CLI, reboot the sensor from a terminal server or direct
connection and interrupt the boot process.
Note After recovering the password, you must reset the confreg to 0, otherwise, when you try to upgrade the
sensor, the upgrade fails because when the sensor reboots, it goes to password recovery (confreg 0x7)
rather than to the upgrade option.
To recover the password using the ROMMON CLI, follow these steps:
Step 1 Reboot the appliance.
Step 2 To interrupt the boot process, press ESC or Control-R (terminal server) or send a BREAK command
(direct connection). The boot code either pauses for 10 seconds or displays something similar to one of
the following:
• Evaluating boot options
• Use BREAK or ESC to interrupt boot
Step 3 Enter the following commands to reset the password:
confreg 0x7
boot
Sample ROMMON session:
Booting system, please wait...
CISCO SYSTEMS
Embedded BIOS Version 1.0(11)2 01/25/06 13:21:26.17
...
Evaluating BIOS Options...
Launch BIOS Extension to setup ROMMON
Cisco Systems ROMMON Version (1.0(11)2) #0: Thu Jan 26 10:43:08 PST 2006
Platform IPS-4360-K9
Use BREAK or ESC to interrupt boot.
Use SPACE to begin boot immediately.
Boot interrupted.
Management0/0
Link is UP
MAC Address:000b.fcfa.d155
Use ? for help.
rommon #0> confreg 0x7
Update Config Register (0x7) in NVRAM...
rommon #1> boot
Step 4 Enter the following command to reset the confreg value to 0:
confreg 0