Recover Cisco Catalyst 3650 Switch Password

From ITCwiki
Revision as of 01:33, 4 September 2019 by BenFranske (talk | contribs)
Jump to navigation Jump to search

Recover Cisco Catalyst 3650 Switch Password

1. Connect to the console port of the switch a PC with terminal emulating software like TeraTerm or PuTTY. The terminal settings are as follows:

◦Bits per second (baud): 9600 
◦Data bits: 8 
◦Parity: None 
◦Stop bits: 1 
◦Flow Control: Xon/Xoff 

2. Power down the switch by unplugging the power cord.

3. Hold down the mode button on the front left side of the switch and plug in the power cord. Do not release the mode button until you see the SYST and ACTV LEDs turn amber. BEFORE that happens the SYST LED will go from a slow blink to a fast blink. It will take more than 15 seconds for this to happen. AFTER the SYST and ACTV LEDs turn amber release the mode button and SYST LED should start to blink again. The switch should now be in switch: mode.

4. Enter the flash_init command at the switch: prompt.

switch: flash_init
Initializing Flash...

6. Enter the dir flash: command

switch: dir flash:
Directory of flash:/

Output omitted.

4    -rwx  1131      <date>               config.text

This is the configuration file.

5    -rwx  109       <date>               info
6    -rwx  389       <date>               env_vars
7    drwx  640       <date>               html
18   -rwx  109       <date>               info.ver
403968 bytes available (3208704 bytes used)
switch:

7. Rename the configuration file by entering rename flash:config.text flash:config.old. The config.text file is the file that contains the password definition.

switch: rename flash:config.text flash:config.old
switch:

8. Reboot the switch by entering the boot command.

switch: boot
Loading "flash:...

9. When the switch is done reloading the ---System Configuration Dialog---' will appear in the output. Answer no or press ctrl-c to leave the system configuration dialog.

--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Continue with configuration dialog? [yes/no]: n 
Press RETURN to get started.
Switch>

10. Enter enable to go into enable mode on the switch.

Switch>enable
Switch#

11. Rename the configuration file back to its orginal name by entering rename flash:config.old flash:config.text and press enter when the message appears Destination filename [config.text].

Switch#rename flash:config.old flash:config.text
Destination filename [config.text] 

12. Copy the configuration file into memory by entering copy flash:config.text system:running-config. Press enter to verify.

Switch#copy flash:config.text system:running-config
Destination filename [running-config]? 

Now the old configuration is loaded into RAM.

13. At this point you can reassign all of the passwords you don't know by entering global configuration mode and entering the following commands:

Sw1# conf t
Sw1(config)#enable secret <new_secret_password>
Sw1(config)#enable password <new_enable_password>
Sw1(config)#line vty 0 15
Sw1(config-line)#password <new_vty_password>
Sw1(config-line)#login
Sw1(config-line)#line con 0
Sw1(config-line)#password <new_console_password>

14. Save the running configuration to the startup configuration by entering either write memory or copy running-config startup-config.

Sw1#write memory
Building configuration...
[OK]
Sw1#

You have reset your passwords without losing your configuration.