Categories
Cisco Firepower

Cisco Firepower | Reset Management Center (FMC) Web and CLI Admin Password

Let’s face it, sometimes we just forget passwords, or something mysterious happens and the password magically changes whilst you’re asleep – yeah, that’s totally what happened here…

I booted up my FMCv in the lab I run on my home PC and tried to log into the CLI but..

Login Incorrect ..what?

Login Incorrect ..erm

Login Incorrect ..

Agh! I’d lost access to the FMC! I swear it’s the right password, I use no other in my lab environments. Dreading the thought of having to start all over again and format the FMC, luckily I learnt there is an easy method to reset the default Admin password!

You will need a console/KVM connection onto the FMC in order to reset the password on a physical appliance. This was performed using a virtual FMC instance running 6.3.0 on VMware Workstation 15, using the built-in console.

Note for production environments, this does involve downtime of the FMC (which I’ve never found to be an issue as it does not affect FTD traffic).

The below process is for resetting the CLI Admin password (the web Admin password is NOT the same account). To see how to reset the web Admin password, go to the bottom of this article.

Once you are at the console, reboot the FMC. You will then see a red LILO boot menu. Press any key to interrupt the boot sequence. At the prompt, type the version of the FMC (6.3.0 in my case) followed by ‘single’ and hit return.

FMC_6-3-0-2019-08-21-17-02-23

Once the FMC boots up into single user mode you should see the # prompt, proceed to type passwd admin to bring up the reset password prompt for the Admin user. Enter a new password and then again for confirmation. As this is my lab, I am using a basic password of ‘cisco’ (see, how could I forget that!). I will receive an ERROR stating the password is BAD because it does not meet complexity requirements…

Yes.. it is a bad password, but the FMC will accept it anyway (at least in my version). You should always use secure passwords, definitely in production environments, but I don’t have to tell you that.

Once your new password is set, you must then reboot the FMC again. Let it boot normally this time and do not interrupt like you did previously, once at the login prompt you should then be able to login using the newly set password.

To reset the web Admin password, you must first gain Admin access to the shell (remember, it’s a separate account).

At the prompt enter sudo usertool.pl -p ‘admin password’ (where password is the new password) like the below.

Note: you may have to enter expert mode first by typing ‘expert’, depending on the version of FMC you are working with.

Now go back to the web GUI and login using your new password, this time don’t forget it 🙂

6 replies on “Cisco Firepower | Reset Management Center (FMC) Web and CLI Admin Password”

Minor steps are missing.
Please Modify the instruction for Web recovery.
User must activate EXPERT mode after logging in through the CLI . Followed up with your instruction above.

Cheers,

Hi Trey,

Thanks for noting this, I never had to do that in my example but I have updated the article. Perhaps this is a version thing, as I have logged into a physical 2100 FMC and I do not need to enter Expert mode in order to reset the web password (v6.2.2)

Thanks again

I have a Cisco FMC 1000 and I am currently dealing with the same issue, but I am connecting just with Monitor and USB port from the back of the FMC, to get this prompt to change the password should I be connected to the console port in the front? does it make a difference?

Hello Pedro,

I don’t believe it makes a difference, as long as you have a monitor and keyboard attached to the FMC, you should be able to reboot the appliance and press any key at the LILO menu to interrupt the boot process.

Hope this helps!

Leave a Reply

Your email address will not be published. Required fields are marked *