Using Rommon - Cisco IPS-4255-K9 - Intrusion Protection Sys 4255 Installation Manual

Chapter A Troubleshooting
To recover the password on appliances, follow these steps:
Reboot the appliance to see the GRUB menu.
Step 1
GNU GRUB version 0.94 (632K lower / 523264K upper memory)
-------------------------------------------
0: Cisco IPS
1: Cisco IPS Recovery
2: Cisco IPS Clear Password (cisco)
-------------------------------------------
Press any key to pause the boot process.
Step 2
Choose
Step 3
password the next time you log in to the CLI.

Using ROMMON

For the IPS 4240 and the IPS 4255 you can use the ROMMON to recover the password. To access the
ROMMON CLI, reboot the sensor from a terminal server or direct connection and interrupt the boot
process.
To recover the password using the ROMMON CLI, follow these steps:
Reboot the appliance.
Step 1
To interrupt the boot process, press ESC or Control-R (terminal server) or send a BREAK command
Step 2
(direct connection).
The boot code either pauses for 10 seconds or displays something similar to one of the following:
•
•
Enter the following commands to reset the password.
Step 3
confreg 0x7
boot
Sample ROMMON session:
Booting system, please wait...
CISCO SYSTEMS
Embedded BIOS Version 1.0(11)2 01/25/06 13:21:26.17
...
Evaluating BIOS Options...
Launch BIOS Extension to setup ROMMON
Cisco Systems ROMMON Version (1.0(11)2) #0: Thu Jan 26 10:43:08 PST 2006
Platform IPS 4240-K9
Use BREAK or ESC to interrupt boot.
Use SPACE to begin boot immediately.
Boot interrupted.
Management0/0
Link is UP
OL-18504-01
Use the ^ and v keys to select which entry is highlighted.
Press enter to boot the selected OS, 'e' to edit the
Commands before booting, or 'c' for a command-line.
Highlighted entry is 0:
2: Cisco IPS Clear Password (cisco)
Evaluating boot options
Use BREAK or ESC to interrupt boot
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0
. The password is reset to cisco. You can change the
Recovering the Password
A-9