[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

How to retrieve a  password from a Cisco Catalyst 2970 (Switch)?!

Posted on 2005-05-16
10
Medium Priority
?
2,829 Views
Last Modified: 2008-02-20
Hi Guys,
So I have a classic case of lost Cisco password that was set by a previous Ex Sys Admin… 
It’s a Cisco Catalyst 2970 switch, I found an article in cisco.com on how to reset/retrieve the password by change the register. Will it work? If not do you have another idea?

Also, to avoid down time, I have a brand new Cisco 2970 , so I thought I will take the running-config from the active one, but then again I don’t have the password… so is there still away to take the running config, put it on the new one, and meanwhile reset the locked one?

Any help will be greatly appreciated,
WT.
0
Comment
Question by:wtango
10 Comments
 
LVL 12

Accepted Solution

by:
Heem14 earned 375 total points
ID: 14015409
without the password, you won't be able to get in to get the config. Do the password reset on cisco's website. it does work.

Have you gone through the previous admins files and such? Most admins keep a text copy of their running config (do this once you get up and running!) Perhaps if your company has a home drive on a server or something you can get access to what was his, or perhaps restore his files from a backup taken while he was employed.
0
 
LVL 10

Expert Comment

by:neteducation
ID: 14015435
I basically agree with Heem14, about the password reser on the cisco page... I did it on some routers and it worked just fine. However I think you loose the config that way (not sure... it's been quite a while since I last did it)

if you are really lucky (and the old sysadmin was a little lazy not deactevating it) then the cisco switch is trying to fetch his config over tftp at system startup. You could give hiim over tftp a config file that consists only of the password, which may override the oe that is stored on the system.
0
 
LVL 7

Expert Comment

by:CajunBill
ID: 14015499
Unfortunately, Heem14 and neteducation may be making the error of assuming that all Cisco "password recovery" procedures work the same.  But, for the 2970, the ability to recover the running config will depend on what the previous sys admin did, according to some comments from the Cisco website:
"The default switch configuration allows an end user with physical access to the switch to recover from a lost password by interrupting the boot process while the switch is powering up and then entering a new password. The password recovery disable feature allows the system administrator to protect access to the switch password by disabling part of this functionality and allowing the user to interrupt the boot process only by agreeing to set the system back to the default configuration. With password recovery disabled, the user can still interrupt the boot process and change the password, but the configuration file (config.text) and the VLAN database file (vlan.dat) are deleted."

See
http://www.cisco.com/en/US/products/hw/switches/ps5206/products_command_reference_chapter09186a00802b58fd.html
HTH
CajunBill
0
Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

 

Author Comment

by:wtango
ID: 14019786
Excellent comments guys! Thank you very much.

Here is what I am going to do, I am going to take the backup 2970 I have next to me, run some test on it and see how it reacts, if all goes well, AND hopefully the previous sys admin didn’t disable the password recovery feature. I will head to our data center and reset the register on the production switch.

Stay tuned friends, and thank you again for you prompt response.

WT.
0
 

Author Comment

by:wtango
ID: 14019949
Quick question! Do you guys know what the default unpreviliaged password is in the 2970?
I am trying to access it using the configmaker and I am stuck on the unprivileged password. I don’t think it was ever set.

Thanks,
WT.
0
 
LVL 7

Expert Comment

by:CajunBill
ID: 14022012
Have you already tried using this as a password:
cisco

0
 

Author Comment

by:wtango
ID: 14027948
I found the Password Recovery procedure on the Cisco website: http://www.cisco.com/warp/public/474/
And was able to successfully reset it, with out losing the data.

Many thanks for all your help,
WT.
0
 

Author Comment

by:wtango
ID: 14030158
Wait up guys!!! Weird phenomena – I cannot ping the switch anymore, and it happened after I reset the password. I used to be able to ping its IP 209.xxx.xxx.222 but not anymore. Ping from it doesn’t work as well. Here is the config file:

Using 2507 out of 524288 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname xxxxxxxxxx
!
enable secret 5 xxxxxxxxxx
enable password 7 xxxxxxxxxxxx
!
ip subnet-zero
!
!
errdisable recovery cause gbic-invalid
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface GigabitEthernet0/1
 no ip address
 no mdix auto
!
interface GigabitEthernet0/2
 no ip address
 duplex full
 speed 100
 no mdix auto
!
interface GigabitEthernet0/3
 no ip address
 no mdix auto
!
interface GigabitEthernet0/4
 no ip address
 no mdix auto
!
interface GigabitEthernet0/5
 no ip address
 no mdix auto
!
interface GigabitEthernet0/6
 no ip address
 no mdix auto
!
interface GigabitEthernet0/7
 no ip address
 no mdix auto
!
interface GigabitEthernet0/8
 no ip address
 no mdix auto
!
interface GigabitEthernet0/9
 no ip address
 no mdix auto
!
interface GigabitEthernet0/10
 no ip address
 no mdix auto
!
interface GigabitEthernet0/11
 no ip address
 no mdix auto
!
interface GigabitEthernet0/12
 no ip address
 no mdix auto
!
interface GigabitEthernet0/13
 no ip address
 no mdix auto
!
interface GigabitEthernet0/14
 no ip address
 no mdix auto
!
interface GigabitEthernet0/15
 no ip address
 no mdix auto
!
interface GigabitEthernet0/16
 no ip address
 no mdix auto
!
interface GigabitEthernet0/17
 no ip address
 no mdix auto
!
interface GigabitEthernet0/18
 no ip address
 no mdix auto
!
interface GigabitEthernet0/19
 no ip address
 no mdix auto
!
interface GigabitEthernet0/20
 no ip address
 no mdix auto
!
interface GigabitEthernet0/21
 no ip address
 no mdix auto
!
interface GigabitEthernet0/22
 no ip address
 no mdix auto
!
interface GigabitEthernet0/23
 no ip address
 no mdix auto
!
interface GigabitEthernet0/24
 no ip address
 no mdix auto
!
interface GigabitEthernet0/25
 no ip address
!
interface GigabitEthernet0/26
 no ip address
!
interface GigabitEthernet0/27
 no ip address
!
interface GigabitEthernet0/28
 no ip address
!
interface Vlan1
 ip address 209.xxx.xxx.222 255.255.255.0
 no ip route-cache
 shutdown
!
ip default-gateway 209.xxx.xxx.1
ip http server
snmp-server community xxxx RO
snmp-server community xxxx RW
snmp-server community xxxx RW
snmp-server manager
snmp ifmib ifalias long
!
line con 0
 exec-timeout 0 0
line vty 0 4
 password 7 xxxxxxxx
 login
line vty 5 15
password 7 xxxxxxxxxxxxxxxxxx
 login
!
end



Also, would you care to explain to two vty entry’s? The 0 and 5, why two?

Cheers,
WT.
0
 
LVL 7

Expert Comment

by:CajunBill
ID: 14033787
WT,
the VLAN1 interface is in "shutdown".
To fix that, get into config mode and remove the shutdown.
Then you should be able to ping the device, and ping from it.

About the vty entrys - the first one is for vty 0 through vty 4, and the second is for vty 5 through vty 15
It looks like there are different passwords for the two groups.
CajunBill
0
 

Author Comment

by:wtango
ID: 14037685
Great! It worked CajunBill! I wonder how it got to no shutdown in the first place..... How weird!
I wonder if that was caused by the password recovery procedure...

I downloaded the CNA, its pretty cool, I was finally able to access it and look at its configuration.

Many thanks,
WT.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question