IOS release 12.3T (and 12.4) introduced a great security feature: the ability to disable password recovery (using the well-known break key sequence) with the no service password-recovery global configuration command. However, once you configure this feature on some routers, you might have no means whatsoever to get it under control if you forget the password.
The IOS documentation states that you should be able to erase NVRAM (thus losing the config, but protecting the password integrity) if you press the break key a few seconds after the Image text-base: 0x........, data-base: 0x........ message appears. Unfortunately, that does not work on the router I've been doing my tests on (2811 with c2800nm-advipservicesk9-mz.124-6.T.bin and ROMMON Version 12.4(1r)). There was simply no way to erase NVRAM, so the router would remain locked up if I had really forgotten the enable password.
Note: After my tests, I was told that pressing the break key as soon as the router is powered up might work.
Moral of the story: test whether you can recover the router with your particular combination of IOS/ROMMON versions before disabling password recovery (and forgetting the password).
- When the router is reloaded, ROMMON reads the router configuration and tries to start the required image
- If ROMMON cannot load the image specified in the boot system command, it starts the default image (usually whatever is stored in on-board flash)
- When the first IOS image loads (after being copied and decompressed in most cases), it discovers that it's not the correct image
- The now-operational IOS image loads the new image in RAM (in our case from usbflash1:), decompresses it and transfers the control to it
A while ago we were faced with a 2800-series router with no software in its CF card. As all 2800-series routers have USB slots, I started investigating whether you could boot the IOS image from an USB flash token. The product documentation states you can't, but as always, reality changes quicker than documentation in Ciscosphere.
To support IOS boot from USB token, you need a newer version of 2800-series ROMMON which you'll get from the ROMMON download page (registered CCO users only). You need ROMMON release 12.4(13r)T (description: C2800 ROMMON Upgrade; adds boot from usb flash drive capability).