CISCO SWITCH PASSWORD RECOVERY
Step-by-Step Procedure
Follow the password recovery procedure below.
1. Attach a terminal or PC with terminal emulation (for example, Hyper Terminal) to the console port of the switch.
· Use the following terminal settings:
· Bits per second (baud): 9600
· Data bits: 8
· Parity: None
· Stop bits: 1
· Flow Control: Xon/Xoff
2. POWER CYCLE SWITCH
3. Power the switch and bring it to the switch: prompt:
For 2900XL, 3500XL, 2940, 2950, 2960, 2970, 3550, 3560, and 3750 series switches, do this: Hold down the mode button located on the left side of the front panel, while you reconnect the power cable to the switch.
Catalyst Switch Series | LED Behavior and Mode Button Release Action |
2900XL, 3500XL, 3550 | Release the Mode button when the LED above Port1x goes out. |
2940, 2950 | Release the Mode button after approximately 5 seconds when the Status (STAT) LED goes out. When you release the Mode button, the SYST LED blinks amber. |
2960, 2970 | Release the Mode button when the SYST LED blinks amber and then turns solid green. When you release the Mode button, the SYST LED blinks green. |
3560, 3750 | Release the Mode button after approximately 15 seconds when the SYST LED turns solid green. When you release the Mode button, the SYST LED blinks green. |
4. Issue the flash_init command.
switch: flash_init
Initializing Flash...
flashfs[0]: 82 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 7741440
flashfs[0]: Bytes used: 5983744
flashfs[0]: Bytes available: 1757696
flashfs[0]: flashfs fsck took 7 seconds.
...done initializing flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
5. Issue the load_helper command.
Issue the load_helper command.
switch: load_helper
switch:
Note: Make sure to type a colon ":" after the dir flash.
switch: dir flash:
Directory of flash:/
2 -rwx 2980731 <date> c2950-i6q4l2-mz.121-19.EA1c.bin
3 -rwx 269 <date> env_vars
4 -rwx 796 <date> vlan.dat
5 -rwx 1478 <date> config.old
6 -rwx 5 <date> private-config.text
7 -rwx 110 <date> info
8 drwx 2432 <date> html
85 -rwx 110 <date> info.ver
1757696 bytes available (5983744 bytes used)
!--- This output is from a 2950 switch. Output from
!--- other switches will vary slightly.
switch: rename flash:config.text flash:config.old
switch:
!--- The config.text file contains the password
!--- definition.
Note: Make sure to type a colon ":" after the dir flash.
The switch file system is displayed:
switch: dir flash:
2 -rwx 2980731 <date> c2950-i6q4l2-mz.121-19.EA1c.bin
3 -rwx 269 <date> env_vars
4 -rwx 796 <date> vlan.dat
5 -rwx 1478 <date> config.old
6 -rwx 5 <date> private-config.text
7 -rwx 110 <date> info
8 drwx 2432 <date> html
85 -rwx 110 <date> info.ver
!--- This output is from a 2950 switch. Output from
!--- other switches will vary slightly.
9. Issue the boot command.
switch: boot
switch: boot
Loading "flash:/c2950-i6q4l2-mz.121-19.EA1c.bin"...##################################################################################################################################################################################################################################################################################################
10. Issue the no command at the initial dialog prompt
Enter "n" at the prompt to abort the initial configuration dialog.
--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Continue with configuration dialog? [yes/no]: n
!--- Type "n" for no.
Press RETURN to get started.
!--- Press Return or Enter.
Switch>
!--- The Switch> prompt is displayed.
At the switch prompt, type en to enter enable mode.
Switch>en
Switch#
IF YOU WANT YOUR OLD CONFIG BACK THEN FOLLOW STEPS 11 ONWARDS OTHERWISE YOU ARE NOW DONE!
11. Issue the rename flash:config.old flash:config.text command at the initial dialog prompt
Type rename flash:config.old flash:config.text to rename the configuration file with its original name.
Switch#rename flash:config.old flash:config.text
Destination filename [config.text]
!--- Press Return or Enter.
Switch#
Copy the configuration file into memory.
12. Issue the copy flash:config.text system:running-config command at the initial dialog prompt
Switch#copy flash:config.text system:running-config
Destination filename [running-config]?
!--- Press Return or Enter.
1131 bytes copied in 0.760 secs
Sw1#
The configuration file is now reloaded.
Overwrite the current passwords that you do not know. Choose a strong password with at least one capital letter, one number, and one special character.
Note: Overwrite the passwords which are necessary. You need not overwrite all of the mentioned passwords.
Sw1# conf t
!--- To overwrite existing secret password
Sw1(config)#enable secret <new_secret_password>
!--- To overwrite existing vty password
Sw1(config)#line vty 0 15
Sw1(config-line)#password <new_vty_password>
Sw1(config-line)#login
!--- To overwrite existing console password
Sw1(config-line)#line con 0
Sw1(config-line)#password <new_console_password>
Sw1#write memory
Building configuration...
[OK]
Sw1#
