Fixed catalyst switches includes layer 2 switches 2900XL/3500XL, 2940, 2950/2955, 2960 and 2970 series as well as layer 3 switches 3550, 3560, and 3750 switches. Layer 2 switches means they are not capable of layer 3 functionality such as routing and mainly used for switching functionality. Fixed switches mean that the devices are not modular unlike the big boxes which has different kinds of modules you can insert into.
Procedure for password recovery
1. Attach a PC/laptop with hyperterminal to the switch through its console port and set the hyperterminal settings into default.
2. Unplug the power cable.
3. Power the switch while holding down the mode button located at the left side of the front panel while you reconnect the power cable to the switch in order to bring it into the switch: prompt. Please use the guide below for releasing the mode button
LED Behavior and Mode Button Release Action
For 2900XL, 3500XL, 3550
Release the Mode button when the LED above Port1x goes out.
For 2940, 2950
Release the Mode button after approximately 5 seconds when the Status (STAT) LED goes out. When you release the Mode button, the SYST LED blinks amber.
For 2960, 2970
Release the Mode button when the SYST LED blinks amber and then turns solid green. When you release the Mode button, the SYST LED blinks green.
For 3560, 3750
Release the Mode button after approximately 15 seconds when the SYST LED turns solid green. When you release the Mode button, the SYST LED blinks green.
4. Wait until the switch boots into the switch: prompt
5. Issue the flash_init command to initialize the flash memory.
6. Issue the load_helper command to activate basic commands.
7. Issue the dir flash: command and look for a file named config.text. This file contains the running configuration of the switch.
8. Issue the command, “rename flash:config.text flash:config.old” to rename the config.text file so we can boot the system using the renamed file without asking us for the password.
9. Next command is to issue “boot”. This will reboot the switch.
10. When the question appears that says “Continue with configuration dialog?” Enter No so this won’t lead us to a “question and answer” type of configuration.
11. Notice now that the switch goes into the familiar switch> prompt and when you go to the enable prompt it won’t ask you for the password simply because we did not load the running config. But depending on which password you’re trying to recover (telnet, console, secret or enable password) Try to do a show run and you won’t see the configuration there.
12. Next thing we have to do is to rename the config.old back to config.text “rename flash:config.old flash:config.text”
13. Copy the configuration file into memory. “Switch#copy flash:config.text system:running-config”. Now the configuration file is reloaded. You can check it via show run and you can see the difference.
14. At this point we can now, change the password and be sure to know which password you would have to change, the enable password, telnet,secret pass, console etc. as to not redo the recovery process.
15. Sw1# conf t
16. Sw1(config)#enable secret
17. Sw1(config)#enable password
18. Sw1(config)#line vty 0 15
19. Sw1(config-line)#password
20. Sw1(config-line)#login
21. Sw1(config-line)#line con 0
22. Sw1(config-line)#password
23. Sw1#write memory
24. Building configuration...
25. [OK]
26. Sw1#
27. Be sure to save the configuration because if you don’t, then good luck, you would have to redo the whole process again, my friend.
Saturday, February 6, 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment