I cannt login into the switch at the moment, since i am prompted for username/password at both console and telnet session because i enaled aaa authentication using command "login authentication " on line con and line vty 0-4. [This authentication method turns out does NOT work, unfortunately i did not define one fall back method should ACS fails:(]

I tried password recovery, but it didn't remove the console&telnet aaa authentication.

Another way i can connect to switch 3560 is through http(to be honest, i never used it), however it requires username/password, does anyone know the default username/password for http access to 3560? Thank you.

Mao

I do not believe that there is any default username/password on the 3560.

I am not entirely clear from the original description whether you have configured a local userID and whether you have configured an enable password/secret? If you have configured both a user ID and an enable password/secret, then you should try to point your web browser at the address of the 3560. Assuming that you are prompted, then enter the user ID that you configured and the enable password/secret.

If that does not work, then I would like to understand better what it means when you said that you tried password recovery but it didn't remove the console & tlenet aaa authentication. If password recovery works, then it should leave the 3560 with no config (especially no aaa authentication), and if you copied the startup config into running config then you should have been in a position to remove the aaa authentication.

HTH

Rick

If you have set the password by recovery method, then you should be able to login to the router provided the ACS server is disconnected from network or you remove this routers entry from ACS. In absence of communication with ACS, router permits to login with locally assigned username & password even with aaa commands under telnet & console.

Password recovery will definitely work. We have people leave their configs like this (aka rack idiots who don't clean off their rack after use) on our remote rental racks on a regular basis. You need to power-cycle the switch, hold done the mode button, and boot to no config. Copy over the startup config to the running config, and make your AAA config modifcations. Then save your config to NVRAM.

-brad

www.ccbootcamp.com

(please rate the post if this helps!)

ccbootcamp,

your solution is so close to solve my issue,however password recover failed on me, maybe because "booting manually" is enabled on my 3560.

I managed to login into 3560 via http, however very limited configuration you can do through http. You can not even reset switch to factory default through http. Is there any hidden way to reset the switch to factory default?

Thank you.

yes, you need to follow the instructions with pressing the mode button upon plugging in the power. follow the instructions here:

http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml

-brad

www.ccbootcamp.com

(please rate the post if this helps!)