Cisco ASA 5505 - Reload WITHOUT resetting to default config

Question

Twice now I've ran the 'reload' command on console on my ASA 5505 ver. 9.1(3), and it's completely wiped my config and reset to factory defaults. I've made sure I 'wr mem' before reloading.

I saw an article about having to change the config-register to 0x1 in order not to wipe everything, but that seems extremely counterintuitive that I'd have to manually change an obscure register value in order to save all my hard work. Surely ASA's are not configured to wipe everything by default...

I really feel like I'm missing something here. How do I properly reboot an ASA 5505 with IOS 9.1?

did you buy it used? did you or someone else need to reset the password? — Jacob Evans, Jan 12 '17 at 17:20
Yes I bought it used, but doesn't the command 'configure factory-default' reset everything to factory default, including whatever register values were changed before? — Willman, Jan 12 '17 at 18:10

score 2 · Accepted Answer · edited Jan 12 '17 at 18:28

2

So looked up the reset password for the ASA device and found that the register 0x41 tells the router to ignore the startup configuration. You need to do the following to get the startup-config back in place and the register changed:

Step 11 Access the privileged EXEC mode by entering the following command:

hostname# enable

Step 12 When prompted for the password, press Enter.

The password is blank.

Step 13 Load the startup configuration by entering the following command:

hostname# copy startup-config running-config

Step 14 Access the global configuration mode by entering the following command:

hostname# configure terminal

Step 15 Change the passwords, as required, in the default configuration by entering the following commands:

hostname(config)# password password

hostname(config)# enable password password

hostname(config)# username name password password

Step 16 Load the default configuration by entering the following command:

hostname(config)# no config-register

The default configuration register value is 0x1. For more information about the configuration register, see the Cisco ASA 5500 Series Command Reference.

Step 17 Save the new passwords to the startup configuration by entering the following command:

hostname(config)# copy running-config startup-config

edited Jan 12 '17 at 18:28

jscott

24,484
8
79
100

answered Jan 12 '17 at 18:22

So every time I reload, it brings up whatever the startup-config is? If so, that means I have to copy my running-config to startup-config every time I wr mem? I know that can't be right... – Willman Jan 12 '17 at 18:27
@Willman42 - The command wr mem (write memory) automatically copies the running- config to the startup-config. I had the exact same problem recently, and FarmhouseNetworking's answer is correct; it is a configuration register issue. – B00TK1D Jan 12 '17 at 18:30
Ok thanks @KernelStearns that clarifies. So if I "no" the config-register, will that disable it entirely (won't be read on boot) or will it just reset it to 0x1? Or is that the same thing? – Willman Jan 12 '17 at 18:38
@Willman42 - Uh... No. the command `no config-register` resets the configuration register, it doesn't disable it. Essentially, you are telling the ASA to undo any changes that have been made to the configuration register. It is not possible to disable the configuration register, because if you did that the ASA could not boot. – B00TK1D Jan 12 '17 at 18:49

Cisco ASA 5505 - Reload WITHOUT resetting to default config

1 Answers1