Guest

Cisco Security Modules for Security Appliances

Password Recovery Procedure for the ASA Security Services Modules AIP-SSM and CSC-SSM

Document ID: 82109

Updated: Jun 25, 2007

   Print

Introduction

This document describes how to recover a password on a Cisco ASA 5500 Series Content Security and Control Security Services Module (CSC-SSM) or the Advanced Inspection and Prevention Security Services Module (AIP-SSM) without the need to re-image the device.

Prerequisites

Requirements

A list of additional files that you need for the recovery procedure is required. This includes an explanation of how and where to get the files and any processing that needs to happen before the recovery procedure begins.

Cisco ASA 8.x and later software provides a mechanism to reset the passwords of the SSM modules (CSC or AIP) without the need to re-image the device.

Note: The CSC and AIP modules must run version 6.0 in order for the feature to work. There is no option for password recovery in version 5.0 for the AIP-SSM or CSC-SSM, because this feature is not introduced until version 6.0.

Related Products

This password recovery procedure can be used for any of these products:

  • Advanced Inspection and Prevention Security Services Module (AIP-SSM)

  • Content Security and Control Security Services Module (CSC-SSM)

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Step-by-Step Procedure

This step is necessary in order to complete the password recovery.

Issue the hw-module module <module_num> password-reset command from the Cisco ASA CLI. For the AIP module, this command sets the configuration register in ROMMON to cause a boot of the password reset image and then power cycles the module. For the CSC module, this command sends the session 1 do reset-password command to the module.

ciscoasa(config)#hw-module module 1 password-reset
Reset the password on module in slot 1? [confirm]

Sample Procedure

This procedure shows how to recover the password with the Cisco Adaptive Security Device Manager (ASDM).

  1. For the AIP-SSM, click Tools on the main menu, and select IPS Password Reset.

    asa-serv-mod-pw-rec-1.gif

  2. For the CSC-SSM, click Tools on the main menu, and select CSC Password Reset.

    asa-serv-mod-pw-rec-2.gif

Related Information

Updated: Jun 25, 2007
Document ID: 82109