Catalyst 2900 XL switch "Command authorization failed"

Answered Question
Apr 9th, 2008
User Badges:

I am trying to reset my password on my Catalyst 2900 XL switch. I followed these instructions:


http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml


and I can successfully "reload the configuration file" in step 12 and reach step 13.


But once I type in "configure terminal" it tells me this:


"Command authorization failed."


So it won't let me into configuration mode to actually change the password and I have no clue why? So basically at this point my switch is useless to me... Any ideas?

Correct Answer by mattcalderon about 9 years 2 months ago

Do this instead. do you see the step where your switch name is Switch# ? This means that your password recovery was successful and the config has been wiped out. Dont worry about renaming the config back because that brings the old configuration back to the switch. you have a unique configuration there that prohibits you from going to config mode based on some type of AAA configuration on there. From that prompt go to config t, and create a password. Then do a "copy run start" Then you will have a switch that you can do whatever you want with.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
smothuku Thu, 04/10/2008 - 01:01
User Badges:
  • Silver, 250 points or more

Hi ,


CAn you paste "sh run" of the switch.I think AAA is congured on the switch which is not permitting the commands...


Is it in the network ?


Thanks,

Satish

southminder Thu, 04/10/2008 - 05:09
User Badges:

mcrp4s1c1#sh run

Command authorization failed.


mcrp4s1c1#show ver

Command authorization failed.


mcrp4s1c1#conf t

Command authorization failed.

mattcalderon Thu, 04/10/2008 - 05:24
User Badges:
  • Silver, 250 points or more

Seeing that you still have a host name on your switch tells me that there is a config still on there. You need to double check the password recovery and verify you wiped the config.

southminder Thu, 04/10/2008 - 05:35
User Badges:

I never wiped the config, I've never been able to. This is the way that it was when I first got it, so I've been trying to reset the password ever since so that I can start fresh. Unfortunately it seems to be well password protected and I'm not having any luck. Is there a way I can somehow wipe the config without trying to gain access first or is there some other way to reset the password to gain access? This switch is not in business use.

mattcalderon Thu, 04/10/2008 - 06:17
User Badges:
  • Silver, 250 points or more

You have followed this step from the document?


copy flash:config.text system:running-config

southminder Fri, 04/11/2008 - 19:32
User Badges:

yes of course:


Switch#copy flash:config.text system:running-config

Destination filename [running-config]?

Cannot open logging port to 132.183.99.18

7378 bytes copied in 20.861 secs (368 bytes/sec)

mcrp4s1c1#conf

Command authorization failed.


mcrp4s1c1#

Correct Answer
mattcalderon Sat, 04/12/2008 - 04:42
User Badges:
  • Silver, 250 points or more

Do this instead. do you see the step where your switch name is Switch# ? This means that your password recovery was successful and the config has been wiped out. Dont worry about renaming the config back because that brings the old configuration back to the switch. you have a unique configuration there that prohibits you from going to config mode based on some type of AAA configuration on there. From that prompt go to config t, and create a password. Then do a "copy run start" Then you will have a switch that you can do whatever you want with.

Actions

This Discussion