Learn how to recover from a lost password on a Cisco router from Chris Bryant, CCIE #12933.

Cisco CCNA Exam Tutorial: Password Recovery Procedures

Cisco CCNA Exam Tutorial:  Password Recovery ProceduresIt might happen on your CCNA exam, it might happen on your production network - but sooner or later, you're going to have to perform password recovery on a Cisco router or switch. This involves manipulating the router's configuration register, and that is enough to make some CCNA candidates and network administrators really nervous!It's true that setting the configuration register to the wrong value can damage the router, but if you do the proper research before starting the password recovery process, you'll be fine. Despite what some books say, there is no "one size fits all" approach to Cisco password recovery. What works on a 2500 router may not work on other routers and switches. There is a great master Cisco document out on the Web that you should bookmark today. Just put "cisco password recovery" in your favorite search engine and you should find it quickly.The following procedure describes the process in recovering from a lost password on a Cisco 2500 router. As always, don't practice this at home. It is a good idea to get some practice with this technique in your CCNA / CCNP home lab, though!The password recovery method examined here is for 2500 routers.An engineer who finds themselves locked out of a router can view and change the password by changing the configuration register.The router must first be rebooted and a break performed within the first 60 seconds of the boot process. This break sequence can also vary depending on what program is used to access the router, but is the usual key combination. The router will now be in ROM Monitor mode. From the rom monitor prompt, change the default configuration register of 0x2102 to 0x2142 with the o/r 0x2142 command. Reload the router with the letter i. (As you can see, ROM Monitor mode is a lot different than working with the IOS!)This particular config register setting will cause the router to ignore the contents of NVRAM. Your startup configuration is still there, but it will be ignored on reload.When the router reloads, youll be prompted to enter Setup mode. Answer N, and type enable at the router> prompt.Be careful here. Type configure memory or copy start run. Do NOT type write memory or copy run start!Enter the command show running-config. Youll see the passwords in either their encrypted or unencrypted format.Type config t, then use the appropriate command to set a new enable secret or enable password. Dont forget to change the configuration register setting back to the original value! The command config-register 0x2102 will do the job. Save this change with write memory or copy run start, and then run reload one more time to restart the router.This process sounds hard, but it's really not. You just have to be careful, particularly when you're copying the startup config over the running config. You don't want to get that backwards! So take your time, check the online Cisco documentation before starting, get some practice with this procedure with lab equipment, and you'll be ready for success on the CCNA exam and in your production network!

Don't Be Left Behind: The Right Computer Skills Can Make All The Difference


Kelly Dodson knows firsthand why companies value the ability to use computers and software. An administrative assistant in Kansas, Dodson used to keep her CEO's calendar by hand, until one day an important meeting slipped through the cracks. That painful experience compelled her to seek training in the effective use of the company's scheduling software. And today she feels she couldn't do her job as well without it. As early as 1999, the Progressive Policy Institute estimated that 75 percent of employees use computers in their work, and that figure continues to increase as computers make their way into more and more aspects of individuals' lives. Since just about every job today is connected to computers and software in some way, employees who lack the ability to use that information successfully are finding themselves increasingly marginalized. The effects of this evolution for individual workers are real, and they show up most vividly when it comes to the bottom line. Research has shown that workers with the right computer skills can earn 17 percent to 40 percent higher wages than those without, according to the U.S. Bureau of Labor Statistics and California Journal. The U.S. Bureau of Labor Statistics' Office of Productivity and Technology agrees, emphasizing, "It is not merely the employee having a computer on his desk-but rather having complementary computer skills-that causes wages to increase."Commenting on information workers' adoption of technology, Laura Stack, productivity expert and author of "Leave the Office Earlier," said, "The people who succeed are those who take the time to figure it out rather than struggling each time, doing it the hard way, or taking too much time. Employees who self-educate themselves will experience a performance boost from using the full range of available functions."That is to say, whether you're an administrative assistant, auditor or staff attorney, having the right computer skills can make a difference in your career and your paycheck. So what can you do to get those skills? Dodson was lucky enough to develop them on the job, with support from an understanding employer. But without basic computer literacy, it can be tough nowadays to get a job in the first place. The Web offers a myriad of courses and programs on a range of technical skills, from basic computer literacy to complex programming and IT training. "Software training is evolving into a just-in-time approach," Stack said. "Many workers complain about the slow response from the company help desk or lack of available training. It's more efficient for workers to access self-help online resources, such as Microsoft Office Work Essentials, to allow them to find answers to problems they are experiencing in real time."Microsoft Office Work Essentials is a comprehensive resource with occupation-specific tools in programs such as Microsoft Office Excel, Word and PowerPoint. The site has hundreds of free templates, how-to articles, product demonstrations, tip sheets and other resources. Available 24/7 at, it helps professionals in more than 30 occupations-including auditors, project managers, sales managers and human resource professionals-find tools to help them improve their skills."Local computer superstores and community colleges also offer inexpensive courses on many common software packages," Stack said. "The day I spent at Comp USA learning PowerPoint saved me much time and frustration of trying to figure it out myself.

Cisco Certification: The Most Important Study You'll Ever Do Is....

Cisco Certification:  The Most Important Study You

All of us are familiar with the pyramids of Egypt. These magnificent structures have stood for thousands of years, withstanding extreme heat and other factors that would bring down an ordinary structure. When we look at these pyramids, we instinctively look toward the peak. We tend to do the same with the Cisco Learning Pyramid. If you're not familiar with this, Cisco uses a pyramid to illustrate how the CCIE is at the peak of the Cisco certification structure, with the CCNP in the middle and the CCNA at the bottom.I'm often asked how to become a CCIE. My response is always "Become a master CCNA and a master CCNP first". That answer is often followed by a puzzled look, as though I've mentioned some new kind of Cisco certification. But that's not it at all. The reason the pyramids of Egypt are so strong, and the reason they have lasted for thousands of years, is that their foundations are so strong. It's not the well-built peak that allows such a building to last it's the foundation.The same can be said for your Cisco certification studies. As a CCNA candidate, you may not even be thinking about the CCIE yet (although I hope you will!). You may be looking ahead toward the CCNP. You must realize, though, that the skills you will learn in your CCNP and CCIE studies are built upon the studies you do for your CCNA.Indeed, your CCNA studies are the most important studies of your career. Let me repeat that. Your CCNA studies are the most important studies of your career. Look at some of the topics you'll have to master for your CCNP and CCIE, such as OSPF and using binary math. You cannot understand how the many types of OSPF networks work unless you understand how OSPF works in the first place. And how can you possibly use wildcard masks, access control lists, and the many other applications of binary math you'll encounter in your CCNP and CCIE studies if you don't get that fundamental understanding of binary at the CCNA level?I know we work in a field where our customers tend to want things done yesterday. I know that it's hard not to be in a hurry when you're studying for your CCNA - I've been there! Keep in mind, though, that when you're studying for your CCNA, you're not just studying for a certification exam - you're building the foundation for the rest of your Cisco certifications and the rest of your career.

Passing The CCNA and CCNP: Three Myths About Cisco Exams

Passing The CCNA and CCNP:  Three Myths About Cisco Exams

One of the drawbacks to the Internet is that it allows myths and "friend of a friend" stories to spread quickly, and usually the story becomes more exaggerated as it's passed along. Cisco exams are no exception. Here are three often-repeated myths and exaggerations regarding the CCNA and CCNP exams.1. The survey you fill out before the exam determines the questions you'll get. Before you actually start your exam, Cisco presents you with a survey asking how you prepared and how comfortable you feel with certain technologies. It's a little awkward to rate yourself on Frame Relay, ISDN, etc., especially since the exam you're about to take covers those subjects. It's human nature to think that these questions impact your exam, but they do not. I've seen posts on the Net saying that if you rank yourself as "great" in a subject, your exam will have harder questions on that topic, and if you rank yourself lower in that same subject, your exam will be filled with questions on this topic. Cisco has debunked this myth, so get it out of your mind. Don't think too much when you're filling out the survey.2. If you miss a question, the exam keeps asking you about that topic until you get one right. This is known as "adaptive testing", and Cisco does not use this kind of testing in its exams. Your questions are drawn from a large question pool before you start the test. Those of us who remember adaptive testing from Novell exams years ago don't particularly miss this kind of testing! (For those who haven't taken an adaptive exam, you never knew how many questions you were going to get, only that there was a minimum around 15 questions. Your exam could end at any time after that. Nerve-wracking!)3. If you use an extra command in the simulator questions, it'll be marked wrong. The Cisco simulator engine in the CCNA and CCNP exams acts just as a router or switch would. You are not going to be penalized for using an extra command. If the engine doesn't accept a command, you'll be told that when you use it. Just configure it as you would a router or switch.When you walk into the exam room totally prepared with a combination of theoretical knowledge, hands-on experience, and configuration troubleshooting skills, you are ready to pass. Don't let Internet gossip distract you from the task at hand -- passing!

Cisco CCNA / CCNP / BCMSN Exam Review: Trunking And Trunking Protocols

To earn your CCNA or CCNP certification, you've got to understand the basics of trunking. This isn't just a CCNA topic - you must have an advanced understanding of trunking and etherchannels to pass the BCMSN exam and earn your CCNP as well. Before we address those advanced topics, though, you need to master the fundamentals!A trunk allows inter-VLAN traffic to flow between directly connected switches. By default, a trunk port is a member of all VLANs, so traffic for any and all VLANs can travel across this trunk. That includes broadcast traffic!The default mode of a switch port does differ between models, so always check your documentation. On Cisco 2950 switches, every single port is in dynamic desirable mode by default, meaning that every port is actively attempting to trunk. On these switches, the only action needed from us is to physically connect them with a crossover cable. In just a few seconds, the port light turns green and the trunk is up and running. The command show interface trunk will verify trunking.How does the receiving switch know what VLAN the frame belongs to? The frames are tagged by the transmitting switch with a VLAN ID, reflecting the number of the VLAN whose member ports should receive this frame. When the frame arrives at the remote switch, that switch will examine this ID and then forward the frame appropriately.There are two major trunking protocols you must understand and compare successfully, those being ISL and IEEE 802.1Q. Let's take a look at the details of ISL first.ISL is a Cisco-proprietary trunking protocol, making it unsuitable for a multivendor environment. That's one drawback, but there are others. ISL will place both a header and trailer onto the frame, encapsulating it. This increases the overhead on the trunk line. You know that the default VLAN is also known as the "native VLAN", and another drawback to ISL is that ISL does not use the concept of the native VLAN. This means that every single frame transmitted across the trunk will be encapsulated.The 26-byte header that is added to the frame by ISL contains the VLAN ID; the 4-byte trailer contains a Cyclical Redundancy Check (CRC) value. The CRC is a frame validity scheme that checks the frame's integrity.In turn, this encapsulation leads to another potential issue. ISL encapsulation adds 30 bytes total to the size of the frame, potentially making them too large for the switch to handle. (The maximum size for an Ethernet frame is 1518 bytes.)IEEE 802.1q differs substantially from ISL. In contrast to ISL, dot1q does not encapsulate frames. A 4-byte header is added to the frame, resulting in less overhead than ISL. If the frame is destined for hosts residing in the native VLAN, that header isn't added. Since the header is only 4 bytes in size, and isn't even placed on every frame, using dot1q lessens the chance of oversized frames. When the remote port receives an untagged frame, the switch knows that these untagged frames are destined for the native VLAN.Knowing the details is the difference between passing and failing your CCNA and CCNP exams. Keep studying, get some hands-on practice, and youre on your way to Cisco certification success!

Cisco CCNP / BSCI Exam Tutorial: ISIS Router Types

To pass the BSCI exam and earn your CCNP, you've got to know ISIS inside and out. There are many similarities between ISIS and OSPF, but one major difference is that ISIS has three different types of routers - Level 1 (L1), Level 2 (L2), and L1/L2.L1 routers are contained in a single area, and are connected to other areas by an L1/L2 router. The L1 uses the L1/L2 router as a default gateway to reach destinations contained in other areas, much like an OSPF stub router uses the ABR as a default gateway.L1 routers have no specific routing table entries regarding any destination outside their own area; they will use an L1/L2 router as a default gateway to reach any external networks. ISIS L1 routers in the same area must synchronize their databases with each other.Just as we have L1 routers, we also have L2 routers. Anytime we're routing between areas (inter-area routing), an L2 or L1/L2 router must be involved. All L2 routers will have synchronized databases as well. Both L1 and L2 routers send out their own hellos. As with OSPF, hello packets allow ISIS routers to form adjacencies. The key difference here is that L1 routers send out L1 hellos, and L2 routers send out L2 hellos. If you have an L1 router and an L2 router on the same link, they will not form an adjacency.An ISIS router can act as an L1 and an L2 router at the same time; these routers are L1/L2 routers. An L1/L2 router can have neighbors in separate ISIS areas. The L1/L2 router will have two separate databases, though - one for L1 routes and another for L2 routes. L1/L2 is the default setting for Cisco routers running ISIS. The L1/L2 router is the router that makes it possible for an L1 router to send data to another area.In the next part of my ISIS tutorial, we'll take a more detailed look at those ISIS hellos!


Learn how to recover from a lost password on a Cisco router from Chris Bryant, CCIE #12933.