FWSM – Reset passwords and AAA

Security 2 Minutes

Password recovery on a router is easy, and it is even easier to find the steps if you dont know.

What if you forget the login and enable passwords, or you created a lockout situation because of AAA settings on a FWSM (Firewall Switch Module) blade inside a Cisco 6500 or Cisco 7600?

You have two options.

  1. The Cisco way
  2. The Alternative way (as always)

The Cisco way is not hard but needs understanding of the hardware. The FWSM has a 128-MB Flash memory card that stores the operating system, configurations, and other data. The Flash memory includes six partitions, referenced as ‘cf:n‘.

  • Maintenance partition (cf:1) — Contains the maintenance software.
  • Network configuration partition (cf:2) — Contains the network configuration of the maintenance software.
  • Crash dump partition (cf:3) — Stores the crash dump information.
  • Application partitions (cf:4 and cf:5)—Stores the application software image, system configuration, and ASDM. By default, the FWSM boots off and installs the IOS images on cf:4. You can use cf:5 as a test/backup partition. The contents of this partition (cf:4) is seen with the command ‘dir flash:’
  • Security context partition (cf:6)—64 MB are dedicated to this partition, which stores security context configurations (if desired) and RSA keys in a navigable file system. The contents of this partition is seen with the command ‘dir disk:’

Step-1 : Determine the module number you FWSM is plugged into. Either look at the chassis or use the command:

show module

Step-2 : From the 6500/7600 CLI, you must boot the FWSM into the maintenance partition (cf:1) with the command:
hw-module module {MOD-NUMBER} reset cf:1

Step-3 : Session into the FWSM as usual
session slot {MOD-NUMBER} processor 1

Step-4 : To log into the maintenance partition Login is ‘root’ and default password is ‘cisco’
Login: root
Password: cisco

Step-5 : To clear the login and enable passwords, as well as the aaa authentication console and aaa authorization command commands, enter the following command:
clear passwd cf:4

Step-6 : Follow the screen prompts by going yes and yes

fwsm-clear

Step-7 : Then Reload the FWSM and login as normal

OR

Since you working with a 6500 or 7600 with 2 ‘Compact Flash’ slots, power down the FWSM blade from the CLI with the command:
hw-module module {MOD-NUMBER} shutdown

Slide out the FWSM blade, remove the Compact Flash and insert it into the second compact flash slot of the RP (Route Processor):

fwsm

Then from the CLI you can now choose to either the delete the Management Context file on the disk with the command:
delete disk2:{man-context.cfg)

Or you can TFTP/FTP that .cfg file to a computer where you can edit it, change whatever details you want to and restore it back to the disk.

Advertisement

Published by Ruhann

Just another Network Engineer.

Published

Please leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.