Resetting the password on a Cisco Catalyst 2940 Switch - (Hint: It doesn't involve sending a break)

I recently got frustrated with the crappy "smart" switches in my network so I replaced them with second-hand Cisco hardware. Because no one got fired for buying Cisco, right? 

It turns out I don't need 1Gb/s to things like VoIP phones and my Blu Ray player, so I could get away with older models with 100Mb/s ports and a single 1Gb/s uplink, like the WS-C2940-8TT-S which are available for £25 and fan-less, with something beefier as the "core".

Whilst I was getting it configured I figured I should probably have a go at performing the password reset. For some reason I had it stuck in my head this entailed sending a break signal whilst it was booting to get into ROMMON, and then changing the configuration-register to ignore the config stored in the NVRAM when it booted. After desperately sending break signals, swapping console cables and generally swearing at the thing I got around to RTFM and realised I was doing it wrong... it seems the whole break into ROMMON thing is the procedure for another router I own, but not the Cisco 2940. Doh!

There's 1000s of guides on resetting Cisco switches. I'm mostly just writing this to commit it to memory and so I can look back on it next time I waste an hour send break signals to a switch.

The following instructions assume that the password-recovery mechanism is enabled.
  1. Connect a console cable to the console port
  2. Power down the switch
  3. Press the mode button on the left hand side
  4. Release the Mode button after approximately 5 seconds when the Status (STAT) LED goes out. When you release the Mode button, the SYST LED blinks amber.
  5. You should see a "switch:" prompt on the switch.
  6. Initialise the flash by entering the command: flash_init
  7. Load the helper by entering: load_helper
  8. View the contents of the flash with: dir flash: (Don't forget the colon)
  9. Rename the original config file: rename flash:config.text flash:config.old
  10. Then boot the switch: boot
  11. The switch should then boot up into the factory default configuration, without any passwords or authentication.
  12. Press n to skip the initial configuration, followed by enable
  13. Rename the backed up config: rename flash:config.old flash:config.text
  14. Load the startup-config as the running config: copy flash:config.text system:running-config
  15. Overwrite required passwords and configuration, such as the enable password.
  16. Finally, save the edited configuration to the flash: write mem
The original instructions are available on the Cisco Website 

No comments:

Post a Comment