For starters, here's a list of what I consider as Fixed Catalyst Switches or Small Boxes:
- Cisco Catalyst 2900XL / 3500XL
- Cisco Catalyst 2950
- Cisco Catalyst 3500
- Cisco Catalyst 2940
- Cisco Catalyst 2960
- Cisco Catalyst 2970
- Cisco Catalyst 3560
- Cisco Catalyst 3750
- Power off the Catalyst Switch.
- Hold down the MODE button before powering up again.
- Go to switch: prompt.
- Initialize the flash memory.
- Rename the configuration file.
- Manually boot up the IOS image.
- Skip initial configuration dialog.
- Go to Privileged EXEC (or enable) mode.
- Restore the old configuration file name.
- Restore the configuration to the Catalyst Switch.
- Change or remove configured passwords.
- Save configuration changes.
Note: It is assumed that you are already connected to the switch thru console cable, and seeing console output from a terminal emulator application like HyperTerminal in Windows.On a more detailed manner, the Catalyst switch can be powered off by unplugging the power cable. Then, hold down the MODE button before reconnecting the power cable to the Catalyst Switch again. You can release MODE button only when the STAT LED or the first port LED stops blinking or goes out. From the CLI (thru HyperTerminal), you shoud see switch: prompt.
In switch: prompt, initialize the internal flash memory of the by issuing flash_init command. Afterwards, issue load_helper command. You can then check the content of the flash memory by issuing dir flash: command, and look for the configuration file - config.text. Just type rename flash:config.text flash:config.old to change the name of the configuration file. This step is to ensure that the Catalyst Switch won't recognize any saved or startup configuration upon boot up.
In Fixed Switches, although there's still a start-up configuration file on the NVRAM, the actual configuration is saved on the flash memory with the default name, config.text. You can actually change the default name to something else thru the global configuration mode when the Catalyst Switch is properly booted up.
After the renaming, issue boot command to boot the first image in the flash memory. Or specify an image name by using boot flash:(image name) command instead. After boot up, the System Configuration Dialog will show up. Just type No when asked if you want to continue with the initial configuration dialog. Then, issue enable command. This is the actual point of bypassing the password. Wherein if the configuration is loaded (and there's a password applied), you cannot actually go to the Privileged EXEC or enabled mode.
You can then restore the original name of the configuration file by typing rename flash:config.old flash:config.text. Then, type copy flash:config.text system:running-config to restore the configuration to the running configuration of the Catalyst Switch. You can actually use a shortcut to do both steps with a singe command. You can use copy flash:config.old system:running-config instead.
Note: Be sure that you use copy flash:config.text system:running-config command (or copy startup-config running-config) and not the reverse, which is copy system:running-config flash:config.text (or copy running-config startup-config). If you do the reverse, you'll be overwriting the original configuration that leads to a bigger problem.To change or remove the password configurations, issue configure terminal command to go to the global configuration mode, and then type enable secret
For telnet:
Switch(config)#line vty 0 15
Switch(config-line)#password
Switch(config-line)#login
For console:
Switch(config-line)#line con 0
Switch(config-line)#password
Switch(config-line)#login
Lastly, issue write memory or copy run start to save the configuration with new passwords. And we’re done! =)
Next time, we’ll do Password Recovery on Modular Switches Running CatOS.
No comments:
Post a Comment