Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 370
  • Last Modified:

CCNA Practice: How to recover The password for "secret"?

Hi,

1) I have a Switch (Cisco Catalyst 2900 XL)
2) This Switch has got the configuration by Copying from the "latest configuration's file"
3) The hostname of the Switch is "SW2"
4) When the Switch is booting up, it appears like this:
SW2>
- I type in "enable"
- But it asks the "password"
5) I remember that the "password" for the "secret" is password1
- When i type "password1", it does not pick it up

6) Now, i can not do anything with the Switch
7) My question: i) How to recover the password for "secret"?, ii) Is there any "default password" for the "secret"?, iii) What should i do now?
8) Thank you

tjie
0
tjie
Asked:
tjie
  • 7
  • 6
  • 4
2 Solutions
 
Istvan KalmarCommented:
0
 
Istvan KalmarCommented:
you not able to recover secret password, only simple passwords whit this:

http://www.ibeast.com/content/tools/CiscoPassword/index.asp

Best regards,
Istvan
0
 
gtdriver94Commented:
Unfortunately you might not be able to save the current configuration if you do this, but the easiest way is to perform the reset procedure.

It basically has you modify the ROM to boot into a utility mode and change the boot path so the switch is not loading the current configuration (on flash storage). You can then create a configuration from scratch.
http://www.cisco.com/en/US/products/hw/switches/ps607/products_tech_note09186a00800c4546.shtml

It may be possible to gain access using this procedure and then copy the saved configuraiton via TFTP to a workstation using a TFTP client like SolarWinds. By doing this the full configration including passwords will be copied.
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_tech_note09186a008020260d.shtml
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
tjieAuthor Commented:
1)I have not yet given the IP address to the Switch (SW2)
2) So How i can connect or communicate the TFTP at a Workstation to the Switch?; it seems this option will not be  working here
3) So the only option is following the steps suggested by Ikalmar above? right?
4) Any other option?
5) Thanks

tjie
0
 
Istvan KalmarCommented:
if you don't knows  the passwords you not able to get enable mode, so first of all you need password recovery procedure...
0
 
tjieAuthor Commented:
1) FYI
2) The current configuration of the Switch is working very well
     *The PCs at VLAN 10 could ping the PCs at VLAN 20 and vice versa
3) But i can not do "anything" with the Switch anymore
0
 
Istvan KalmarCommented:
ok if you want to configure something you  must do password recovery procedure, if not use the switch....
0
 
gtdriver94Commented:
tjie

So you want to keep the current config. You just want access to the switch.

You will NEED to run the recovery procedure to gain access if you do not know the password. I've found another tutorial that explains how to just change the password which may better suit your needs:
http://www.petri.co.il/csc_how_to_recover_lost_password_on_cisco_switch.htm
0
 
gtdriver94Commented:
edit-

This is more of a password reset procedure than a recovery procedure - it stops the config from loading at startup, once you are loaded with a blank config (with full access as there is no password), you load the saved config. Since you are already logged in, you have full access and you are inside the saved config. You then set your own passwords.
The link again:
http://www.petri.co.il/csc_how_to_recover_lost_password_on_cisco_switch.htm
0
 
tjieAuthor Commented:
1) Yes, it is correct
- I want to keep the current Configuration of the Switch
- I just want to access to the Switch

2) I follow the above tutorial suggested by ikalmar and qtdriver94; but i could not get the "outcome" as mentioned in the Tutorial

- I use a PC with terminal emulation to the console of the switch
- The suggested terminal settings (Per tutorial)
  * 9600 baud rate (Yes, i can get this setting)
  * No Parity (Yes, I can get this setting)
  * 8 data bits (Yes, I can get this setting)
  * No Stop bit (NO, I CAN NOT this setting; the options of this settings are "1", "1.5" and "2"; NO option for "No Stop bit"

3) I follow "unplug the power cable"
4) I follow "Hold down the mode button ........" etc
5) But, The system would not give me to get:
Flash_Init
Load_helper
Boot
6) So, it will appear as before :
SW2>
7)I still can not RECOVER the PASSWORD
8) Any solution ?
9) Thanks

tjie
0
 
Istvan KalmarCommented:
Type rename flash:config.old flash:config.text to rename the configuration file with its original name.  on rommon mode....
0
 
gtdriver94Commented:
Ok so you can get a terminal connection ok when the switch is running and you get the prompt SW>.
So we know the console connection and your terminal settings are OK.
I'm using this article BTW:
http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml

So after you've gotten the terminal connection up and you are at the SW> prompt, then you unplug the switch (with the terminal connection still active) and then plug it back in while holding the MODE button, then release the Mode button when the LED above Port1x goes out, what comes up on the terminal screen? If it is blank, hit enter. Then what comes up? Anything?
0
 
tjieAuthor Commented:
qtdriver94,
1) I get the terminal connection
2)i get SW2> prompt
3) I unplug the Switch (with the terminal connection still alive)
4) I plug the power back in (while holding the Mode button)
-then release the mode button when the LED above port1x goes out
5) Then comes up on the terminal screen
-It is loading flash
-It is iniliasizing ...
-Many test: passed ...passed, etc
-Press Return to get started ....etc
- The final one: Compiled Mon 03-Apr-00 by Swati
6) What do you think?

tjie
0
 
tjieAuthor Commented:
ikalmar,

****Type rename flash:config.old flash:config.text to rename the configuration file with its original name.  on rommon mode....****

Comments:
- I do not have a chance to go here
- As told above that i could not get or could not see these:
Flash_Init
Load_helper
Boot

What do you think?

tjie
0
 
tjieAuthor Commented:
qtdriver94 & ikalmar:

1) I tried many things (as suggested by the tutorial)
2) First try: (assume for model: 2900, 3500XL, etc)
- I release Mode Button after the 1xport LED goes out (and it does not solve the problem)
3) Second Try: (assume for model 2940 0r 2950)
- I release Mode Button after the Stat light goes out (same result)(does not work)
4) Third Try: (assume for model 2955)
-Press break key (Ctrl-Break on Window) when i see the message that the switch will autoboot (also does not work)

5) My Conclusion:
- Something wrong with the "Mode button"
- I try to press it hard, and seems "nothing" or "no effect" (I open the cover, and try to press it; and seems it does not "any effect" at all whether you press it  or you do not press it) (i bought this switch from "ciscokits" and i have to complain it to them)

6) So Any suggestion from both of you to make this Switch working? I do not care about the Current Configuration; we could erase it at all; how to RESET this Switch so it can work as normal which i can interact? Post it back please

7) Thank you

tjie
0
 
Istvan KalmarCommented:
Hi,

CTRL-Break isn't working on 29xx series....
Please PUSH the BUTTON when you rebooting, and the rommode it will becomes... Please Plug/Unplug the power cable!!
0
 
tjieAuthor Commented:
The solution does not solve my problem; i still could not EDIT my switch
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 7
  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now