Subject: Reconfiguring Cisco ISR C1111-4P Router

Author: Mr. Turritopsis Dohrnii Teo En Ming (TARGETED INDIVIDUAL)
Country: Singapore
Date: 7 March 2022 Monday Singapore Time

Type of Publication: Plain Text
Document Version: 20220307.01

START OF GUIDE
===============

This is the guide which I followed to reset the password on the Cisco ISR C1111-4P router because nobody knows the password to login.

Reference guide: How to Recover Password on Cisco IOS Router?
Link: https://blog.router-switch.com/2014/09/how-to-recover-password-on-cisco-ios-router/

The following section shows the configuration BEFORE I reconfigured the Cisco ISR C1111-4P router.

-----BEGIN OF ORIGINAL ROUTER CONFIG-----

Using 2887 out of 33554432 bytes
!
! Last configuration change at 04:25:10 UTC Tue Jun 9 2020 by admin
!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname Teo-En-Ming-Cisco-C1111-4P-Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip name-server 165.21.83.88 165.21.100.88
no ip domain lookup
ip domain name teo-en-ming-corp.com
!
!
!
login on-success log
!
!
!
!
!
!
!
subscriber templating
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-608216465
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-608216465
 revocation-check none
 rsakeypair TP-self-signed-608216465
!
crypto pki trustpoint TP-self-signed-2987554221
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2987554221
 revocation-check none
 rsakeypair TP-self-signed-2987554221
!
crypto pki trustpoint TP-self-signed-191796919
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-191796919
 revocation-check none
 rsakeypair TP-self-signed-191796919
!
!
crypto pki certificate chain TP-self-signed-608216465
 certificate self-signed 01 nvram:IOS-Self-Sig#1.cer
crypto pki certificate chain TP-self-signed-2987554221
crypto pki certificate chain TP-self-signed-191796919
!
license udi pid C1111-4P sn <snipped>
no license smart enable
!
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
!
username admin privilege 15 secret 5 encrypted-password
!
redundancy
 mode none
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
interface GigabitEthernet0/0/0
 description Wan
 ip address A.B.C.174 255.255.255.252
 ip nat outside
 speed 1000
 no negotiation auto
!
interface GigabitEthernet0/0/1
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet0/1/0
!
interface GigabitEthernet0/1/1
!
interface GigabitEthernet0/1/2
!
interface GigabitEthernet0/1/3
!
interface Vlan1
 description Lan
 ip address 192.168.11.1 255.255.255.0 secondary
 ip address 192.168.10.4 255.255.255.0 secondary
 ip address X.Y.Z.49 255.255.255.240
 ip nat inside
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip nat inside source static 192.168.11.4 X.Y.Z.50
ip nat inside source static 192.168.11.3 X.Y.Z.51
ip nat inside source static 192.168.11.2 X.Y.Z.52
ip nat inside source list 110 interface GigabitEthernet0/0/0 overload
ip route 0.0.0.0 0.0.0.0 A.B.C.173
ip route X.Y.Z.48 255.255.255.240 A.B.C.173
!
!
ip access-list extended 110
 permit ip 192.168.11.0 0.0.0.255 any
!
!
!
!
control-plane
!
!
line con 0
 logging synchronous
 login local
 transport input none
 stopbits 1
line vty 0 3
 privilege level 15
 login local
line vty 4
 privilege level 15
 login local
 transport input telnet
!
!
!
!
!
!
end

-----END OF ORIGINAL ROUTER CONFIG-----

The following section shows the final configuration AFTER I have reconfigured the Cisco ISR C1111-4P router.

-----BEGIN OF FINAL ROUTER CONFIG-----

Building configuration...


Current configuration : 4286 bytes
!
! Last configuration change at 04:44:17 UTC Thu Mar 3 2022 by teo-en-ming
!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname Teo-En-Ming-Cisco-C1111-4P-Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip name-server 165.21.83.88 165.21.100.88
no ip domain lookup
ip domain name teo-en-ming-corp.com
!
!
!
login on-success log
!
!
!
!
!
!
!
subscriber templating
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-608216465
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-608216465
 revocation-check none
 rsakeypair TP-self-signed-608216465
!
crypto pki trustpoint TP-self-signed-2987554221
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2987554221
 revocation-check none
 rsakeypair TP-self-signed-2987554221
!
crypto pki trustpoint TP-self-signed-191796919
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-191796919
 revocation-check none
 rsakeypair TP-self-signed-191796919
!
!
crypto pki certificate chain TP-self-signed-608216465
 certificate self-signed 01
<---snipped--->
        quit
crypto pki certificate chain TP-self-signed-2987554221
crypto pki certificate chain TP-self-signed-191796919
!
license udi pid C1111-4P sn <snipped>
no license smart enable
!
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
!
username teo-en-ming privilege 15 secret 5 encrypted-password
!
redundancy
 mode none
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
interface GigabitEthernet0/0/0
 description Wan
 ip address A.B.C.174 255.255.255.252
 speed 1000
 no negotiation auto
!
interface GigabitEthernet0/0/1
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet0/1/0
!
interface GigabitEthernet0/1/1
!
interface GigabitEthernet0/1/2
!
interface GigabitEthernet0/1/3
!
interface Vlan1
 description Lan
 ip address X.Y.Z.49 255.255.255.240
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 A.B.C.173
!
!
!
!
!
!
control-plane
!
!
line con 0
 logging synchronous
 login local
 transport input none
 stopbits 1
line vty 0 3
 privilege level 15
 login local
line vty 4
 privilege level 15
 login local
 transport input telnet
!
!
!
!
!
!
end

-----END OF FINAL ROUTER CONFIG-----

Mr. Turritopsis Dohrnii Teo En Ming, 44 years old as of 7 March 2022, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.




REFERENCES
===========

[1] https://pastebin.com/raw/p5sXyV4r