Firewall – Cisco ASA 5505 – Reload WITHOUT resetting to default config

ciscocisco-asafirewall

Twice now I've ran the 'reload' command on console on my ASA 5505 ver. 9.1(3), and it's completely wiped my config and reset to factory defaults. I've made sure I 'wr mem' before reloading.

I saw an article about having to change the config-register to 0x1 in order not to wipe everything, but that seems extremely counterintuitive that I'd have to manually change an obscure register value in order to save all my hard work. Surely ASA's are not configured to wipe everything by default…

I really feel like I'm missing something here. How do I properly reboot an ASA 5505 with IOS 9.1?

Best Answer

So looked up the reset password for the ASA device and found that the register 0x41 tells the router to ignore the startup configuration. You need to do the following to get the startup-config back in place and the register changed:

Step 11 Access the privileged EXEC mode by entering the following command:

hostname# enable

Step 12 When prompted for the password, press Enter.

The password is blank.

Step 13 Load the startup configuration by entering the following command:

hostname# copy startup-config running-config

Step 14 Access the global configuration mode by entering the following command:

hostname# configure terminal

Step 15 Change the passwords, as required, in the default configuration by entering the following commands:

hostname(config)# password password

hostname(config)# enable password password

hostname(config)# username name password password

Step 16 Load the default configuration by entering the following command:

hostname(config)# no config-register

The default configuration register value is 0x1. For more information about the configuration register, see the Cisco ASA 5500 Series Command Reference.

Step 17 Save the new passwords to the startup configuration by entering the following command:

hostname(config)# copy running-config startup-config

Related Topic