This document describes how to recover a password on a Cisco ASA 5500 Series Content Security and Control Security Services Module (CSC-SSM) or the Advanced Inspection and Prevention Security Services Module (AIP-SSM) without the need to re-image the device.
A list of additional files that you need for the recovery procedure is required. This includes an explanation of how and where to get the files and any processing that needs to happen before the recovery procedure begins.
Cisco ASA 8.x and later software provides a mechanism to reset the passwords of the SSM modules (CSC or AIP) without the need to re-image the device.
Note: The CSC and AIP modules must run version 6.0 in order for the feature to work. There is no option for password recovery in version 5.0 for the AIP-SSM or CSC-SSM, because this feature is not introduced until version 6.0.
This password recovery procedure can be used for any of these products:
Advanced Inspection and Prevention Security Services Module (AIP-SSM)
Content Security and Control Security Services Module (CSC-SSM)
Refer to Cisco Technical Tips Conventions for more information on document conventions.
This step is necessary in order to complete the password recovery.
Issue the hw-module module <module_num> password-reset command from the Cisco ASA CLI. For the AIP module, this command sets the configuration register in ROMMON to cause a boot of the password reset image and then power cycles the module. For the CSC module, this command sends the session 1 do reset-password command to the module.
ciscoasa(config)#hw-module module 1 password-reset Reset the password on module in slot 1? [confirm]
This procedure shows how to recover the password with the Cisco Adaptive Security Device Manager (ASDM).
For the AIP-SSM, click Tools on the main menu, and select IPS Password Reset.
For the CSC-SSM, click Tools on the main menu, and select CSC Password Reset.
The Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers.
Refer to Cisco Technical Tips Conventions for information on conventions used in this document.