How to Break In, Initialize, and Configure a Cisco 2000/2500/2600/3000/4000 Series Router

Before reading further, the real answer, from Cisco, is at: http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00801746e6.shtml

The following sequence will work on the 2000, 2500, 2600, 3000, and 4000 series of Cisco routers. With some limitations, you could use it on other Cisco models. You will need to pay very close attention to the hex pattern used in the config-register command!

Also note that password recovery on a Cisco Catalyst switch is entirely different!

Yes, Cisco commands can be abbreviated. My personal taste is to type enough of them to be unique, then use the tab key to cause the IOS to complete the command. This gives me feedback that I'm really doing what I think that I'm doing, and it should make this explanation a bit more clear. Also remember that you can always press "?" while typing a command, and the IOS will show you the possible choices.

When I show router commands, the router prompt will be non-bold, and what you type will be bold. You can get away with pressing less keys by using the tab key.

The following assumes that you have a TFTP server holding a valid configuration file on a LAN to which the router can be connected. If necessary, use a cross-over cable between a router Ethernet port and a PC running Linux.

1. Connect a serial terminal to the console port. This could be a dumb terminal, or a terminal emulator like Seyon (Unix) or ProComm or HyperTerm (Windows).
2. Power on the router.
3. Send a break character within the first 30 to 60 seconds. Your terminal emulator should be able to do this.
4. Record the current value of the configuration register, usually 0x2102 or 0x102, possibly 0xFFFF2102.

   > o

5. Reset the router configuration to its defaults by overwriting a register and initializing (booting):

   > o/r 0x2142
   > initialize

6. Do not enter the initial configuration dialog when asked.
7. Connect one interface of the router to the LAN where the TFTP server is located.
8. Do a minimal configuration of one interface "by hand". Change the interface name as appropriate, pick an appropriate netmask, and use some free IP address. Note that the prompt changes to reflect whether you are in enabled (privileged) mode or not, and to show at what level you are configuring it.

   Router> enable
   Router# configure terminal
   Router(config)# interface ethernet 0
   Router(config-if)# ip address 1.2.3.4 255.255.255.0
   Router(config-if)# no shutdown
   Router(config-if)# exit
   Router(config)# config-register 0x2102
   Router(config)# exit
   Router# 

9. Copy over a configuration file

   Router# copy tftp startup-config

10. Specify the IP address address of the TFTP server and the name of the file. Do not attempt to use the DNS name of the server (the router will have no idea what to do with that).
11. Depending on the revision of your IOS, the above two steps might have been possible as the following single command, the server IP address and pathname adjusted as needed:

    Router# copy tftp://1.2.3.24/configfilenamehere startup-config

12. Reboot the router

    Router# reload

There are other ways of configuring the router once you have it re-initialized:

• Create the configuration file with a text editor on a machine running Unix or Windows, then use the terminal emulator to cut-and-paste the text file into the router console.
• Do the same thing, but use the "Send File" option of the terminal emulator.
• Do the heroic thing and type it all into the router console by hand.

I have no hope of creating a "just-enough" guide to the Cisco IOS commands here! You can find references at http://www.cisco.com/, and in particular: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/index.htm (or whatever is the current version by the time you see this). Or, check out the Cisco ConfigMaker tool.

© Bob Cromwell Jul 2008. Created with /bin/vi, hosted on OpenBSD with Apache.    Root password available here