Forget the console or enable password(s) to your Catalyst Switch? Not a problem. This lab will discuss and demonstrate how to reset the password(s) on Cisco fixed configuration Catalyst series switches
In all actuality, people forget passwords everyday but forgetting the password(s) on a Cisco Catalyst series switch can be frustrating. Unlike a Cisco Router, you actually have to be at the console of the switch rather it be remote desktop to a PC with a console cable to the switch or physically near the switch. However the Frustrating part is that in order to boot into the SWITCH ROM, you need someone physically at the switch to unplug it and press in the MODE button on the front of the switch and hold it down while the power is plugged back in.
This lab will discuss resetting and/or clearing the password(s) for the Cisco Catalyst LAN Switches including but not limited to the 2900XL, 2950, 3500XL, 3550, 3560, 3750 Series switches.
For this very reason forgetting switch passwords can be quite frustrating. As a network engineer that holds the CCNA certification you’re expected to know how perform this procedure without referencing any Cisco documentation.
Step 1 – Boot the switch into SWITCH ROM by holding down the MODE button on the front left hand side of the switch and plugging the power into the switch. Note that different switches require you to hold the MODE button for different periods of time.
Shown below is a table showing the time you’re required to hold down the MODE button after powering plugging in the power to the switch;
Cisco Catalyst Switch Series | LED Behavior and Mode Button Release Action |
---|---|
2900XL, 3500XL, 3550 | Release the Mode button after the LED above port FastEthernet0/1 goes out. |
2940, 2950 | Release the Mode button after approximately 5 seconds when the Status (STAT) LED goes out. When you release the Mode button, the SYST LED blinks amber. |
2960, 2970 | Release the Mode button when the SYST LED blinks amber and then turns solid green. When you release the Mode button, the SYST LED blinks green. |
3560, 3750 | Release the Mode button after approximately 15 seconds when the SYST LED turns solid green. When you release the Mode button, the SYST LED blinks green. |
Step 2 – Once you’ve successfully booted into SWITCH ROM, you’ll see the following dispatch;
Boot Sector Filesystem (bs) installed, fsid: 2 Base ethernet MAC Address: 00:14:f2:d2:41:80 Xmodem file system is available. The password-recovery mechanism is enabled. The system has been interrupted prior to initializing the flash filesystem. The following commands will initialize the flash filesystem, and finish loading the operating system software: flash_init boot switch:
Step 3 – Once your at the SWITCH ROM prompt you’ll need to initialize the flash by typing the flash_init command.
switch:flash_init
Initializing Flash...
flashfs[0]: 5 files, 1 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 15998976
flashfs[0]: Bytes used: 12282368
flashfs[0]: Bytes available: 3716608
flashfs[0]: flashfs fsck took 10 seconds.
...done Initializing Flash.
switch:
Step 4 – List the files stored in flash to view the avaliable configuration text files. By default the configuration file name is config.text;
switch:dir flash: Directory of flash:/ 1 -rwx 10573494c3560-advipservicesk9-mz.122-44.SE6.bin 2 -rwx 684 vlan.dat 3 -rwx 1938 private-config.text 4 -rwx 1654 config.text 5 -rwx 3096 multiple-fs 3716608 bytes available (10508886 bytes used) switch:
Step 5 – You’ll see in the given example above the config.text file which is 1654 bytes, rename this file to config.old
If you wish to just erase the configuration instead of resetting the password you can use the delete flash:config.text command.
switch:rename flash:config.text flash:config.old
Step 6 – After you’ve renamed the config.text file to config.old verify that the file was indeed renamed correctly by doing the dir flash: command. Once you’ve verified that the config file has been renamed boot the switch with the boot command.
Step 7 – Once the switch has booted you will be prompted by the initial configuration setup prompt, disregard this to gain user mode access.
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: n
Switch>
Step 8 – OPTIONAL – If you do not intend to reset the password as stated by the NOTE in step 5, you can stop now. If you wish to reset the password on the previous configuration continue to step 9.
Step 9 – Change to privileged mode and copy the contents of the old start-up configuration to the running config using the command copy flash:config.old run
Switch>enable Switch#copy flash:config.old run Destination filename [running-config]? 1654 bytes copied in 9.647 secs (171 bytes/sec) ARSCORESW1#
Step 10 – After you’ve loaded the old configuration file as the running configuration and you’re in privileged mode you’ll be able to change the passwords such as enable secret or line passwords. Once you’ve changed these passwords you can save the configuration by issuing the copy run start command.
Switch#configure terminal Switch(config)#enable password NEWENABLEPASSWORD Switch(config)#line con0 Switch(config-line)#password NEWCONSOLELINEPASSWORD Switch(config-line)#end Switch#copy run start Destination filename [startup-config]? Building configuration... [OK] 0 bytes copied in 1.309 secs (0 bytes/sec) Switch#