August 5, 2010

371 words 2 mins read

Erase the configuration on Cisco 2600/3600 Routers

A bit back I decided that I should investigate following the Cisco Certification path.  The lower levels aren’t hard, but all things considered, you really need to have a “test lab” of equipment to play with.  So a few weeks ago I was offered a pair of old Cisco 2600 series routers on the cheap, and decided to pick them up.  Around that time I also acquired myself a number other old Cisco devices including some PIX, switches, and a 3600 series router.  The problem is, they all had passwords and I didn’t know any of them.  Turns out it is super easy to reset routers in the 2600, 2800, 3600, and 3800 series back to the factory default.

The instructions listed below are “shortcuts” to completely nuke the Cisco 2600/2800/3600/3800 routers back to default.  If you want to keep the configuration, but reset the password, it is just a few more steps.  You can find the official documentation for the

2600/2800 series and the 3600/3800 series on Cisco’s site.  Though the steps are exactly the same for both.

Before you start, you’re going to need to connect to the serial (Console) port on the routers.  If you don’t have the cables already, I like the StarTech RJ45 to DB9 cable, and the Startech USB to Serial DB9 adapter, since none of my computers have serial ports any more.  Once you’ve got both of those, the fix is easy:

  • Plug your computer into the console port
  • Launch your terminal of choice (I like PuTTY)
  • Turn on the router
  • Right as the boot process starts, Press Ctrl+Break
  • You will be dumped into “rommon”, type in: confreg 0x2142
  • reset
  • When it reboots and asks “Would you like to enter the initial configuration dialog? [yes/no]:” enter “no
  • enable
  • To verify the router is blank: show running-config
  • configure terminal
  • config-register 0x2102
  • exit
  • write mem

As soon as you enter “write mem”, the blank configuration will be written to the flash (as is Cisco standard behavior).  You can now reconfigure the routers as you see fit.  You can set a new enable password, should you like.  In my test environment, I leave them without password (one less thing to forget and need to reset — AGAIN).