Recover admin password for Cisco ISE CLI

This post describes the different methods for password recovery for cisco Identity Service Engine (ISE) CLI and GUI  based on the type of appliance being used. To recover admin password in Cisco ISE CLI, you need to download the latest Cisco ISE version ISO file. ISE .iso will be used during the boot sequence to reset the password.
Admin passwords can be different for CLI and GUI. If your password is different for CLI and GUI and just want to reset the password for Cisco GUI then you don’t need to reset the password for Cisco CLI.

  1. Reset or recover admin password for Cisco ISE SNS 3695/3655/3615 Appliance cli.
  2. To reset or recover password for Cisco ISE GUI 

There are two methods to recover admin password on Cisco ISE SNS 3600 Series appliances:

  • Password recovery  using Cisco integrated management Controller (CIMC)
  • Password recovery using bootable USB

Password recovery using CIMC

This Password Recovery method requires CIMC configuration setup on 36XX series hardware. Refer Configuring CIMC to know more about CIMC configuration steps.

Step 1. Download the latest ISE version ISO file from the Cisco software download site and upload it to the virtual machine’s datastore.

Download from Cisco Website
https://software.cisco.com/download/home/283801620/type/283802505/release/3.0.

Step 2. Login to the CIMC portal by entering username and pasword.

Step 3. Click Launch KVM Console.

Step 4. Click the Virtual Media tab.

Step 5. Click Activate Virtual Devices and select the current ISE version ISO from on your client browser.

Step 6. Click on Map CD/DVD and select the Cisco ISE ISO.

map cd/dvd to cisco ise

Step 7. Choose Macros > Ctrl-Alt-Del to boot the Cisco ISE appliance using the ISO image.

Step 8. Enter F6 to bring up the boot menu. A similar screen appears as shown in this image.

reset cisco ise cli password

Step 9. Select the CD/DVD that is mapped and press Enter. The message is displayed here.

Welcome to the Cisco ISE 2.x Recovery
Available boot options:

[1] Cisco Secure ISE Installation (Keyboard/Monitor)
[2] Cisco Secure ISE Installation (Serial Console)
[3] System Utilities (Keyboard/Monitor 
[4] System Utilities (Serial Console)
<Enter> Boot existing OS from hard disk. Enter boot option and press <Enter> boot:

Step 10. Select option 3 or option 4 (enter 3 for keyboard and video monitor connected to the appliance, or enter 4 if accessing through a local serial console port connection):

how to reset cisco ise cli password

Select Option 1 from the screen here and proceed.

Cisco-ISE-Password-Recovery-12

Step 11 . Select the required username from the list and press enter to reset the password.

The console displays:

Admin username:
[1]:admin
[2]:admin2
[3]:admin3
[4]:admin4
Enter number of admin for password recovery:2
Password:
Verify password:
Save change and reboot? [Y/N]:y

Password reset is completed.

Password recovery using bootable USB

Before You Begin 

Create a bootable USB drive. See Creating a Bootable USB Drive.


Step 1. Power on the Cisco SNS-3600 appliance.

Step 2. Plugin the bootable USB drive that has the bootable Cisco Secure ISE ISO image into the USB port.

Step 3. Restart SNS-35XX appliance and go to the BIOS mode on console

Step 4. In the BIOS mode, choose boot from USB.

Step 5. Exit from the BIOS mode and click Save.

Step 6.  Restart ISE appliance and boot from USB.

The message is displayed here.

Welcome to the Cisco ISE 2.x Recovery
To boot from hard disk press <Enter>
Available boot options:
[1] Cisco Secure ISE Installation (Keyboard/Monitor)
[2] Cisco Secure ISE Installation (Serial Console)
[3] System Utilities (Keyboard/Monitor
[4] System Utilities (Serial Console)
<Remove USB key and reboot to boot existing Hard Disk>
Please enter boot option and press <Enter>
boot: 3

Step 7. Select option 3 or option 4 (enter 3 if connected through keyboard and a video monitor or enter 4 for a local serial console port connection):

Step 8. Select option 1 to start the administrator password recovery menu.

Cisco-ISE-Password-Recovery-12

Step 9. Select the correct username from the list and press enter to reset the password.

Admin username:
[1]:admin
[2]:admin2
[3]:admin3
[4]:admin4
Enter number of admin for password recovery:2
Password:
Verify password:
Save change and reboot? [Y/N]:y
 
Password reset is completed.

Leave a Comment