Cisco IPS-4255-K9 Installation Guide - Page 293
Verifying the State of Password Recovery, Troubleshooting Password Recovery
UPC - 746320951096
View all Cisco IPS-4255-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 293 highlights
Chapter A Troubleshooting Recovering the Password Disabling Password Recovery Using IDM or IME To disable password recovery in IDM or IME, follow these steps: Step 1 Step 2 Step 3 Log in to IDM or IME using an account with administrator privileges. Choose Configuration > sensor_name > Sensor Setup > Network. To disable password recovery, uncheck the Allow Password Recovery check box. Verifying the State of Password Recovery Use the show settings | include password command to verify whether password recovery is enabled. To verify whether password recovery is enabled, follow these steps: Step 1 Step 2 Step 3 Log in to the CLI. Enter service host submode. sensor# configure terminal sensor (config)# service host sensor (config-hos)# Verify the state of password recovery by using the include keyword to show settings in a filtered output. sensor(config-hos)# show settings | include password password-recovery: allowed sensor(config-hos)# Troubleshooting Password Recovery When you troubleshoot password recovery, pay attention to the following: • You cannot determine whether password recovery has been disabled in the sensor configuration from the ROMMON prompt, GRUB menu, switch CLI, or router CLI. If you attempt password recovery, it always appears to succeed. If it has been disabled, the password is not reset to cisco. The only option is to reimage the sensor. • You can disable password recovery in the host configuration. For the platforms that use external mechanisms, such as the AIM IPS and the NME IPS bootloader, ROMMON, and the maintenance partition for the IDSM2, although you can run commands to clear the password, if password recovery is disabled in the IPS, the IPS detects that password recovery is not allowed and rejects the external request. • To check the state of password recovery, use the show settings | include password command. • When performing password recovery on the IDSM2, you see the following message: Upgrading will wipe out the contents on the storage media. You can ignore this message. Only the password is reset when you use the specified password recovery image. OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 A-15