Catalyst 2900 XL switch "Command authorization failed"

Answered Question
Apr 9th, 2008

I am trying to reset my password on my Catalyst 2900 XL switch. I followed these instructions:

http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml

and I can successfully "reload the configuration file" in step 12 and reach step 13.

But once I type in "configure terminal" it tells me this:

"Command authorization failed."

So it won't let me into configuration mode to actually change the password and I have no clue why? So basically at this point my switch is useless to me... Any ideas?

I have this problem too.
0 votes
Correct Answer by mattcalderon about 8 years 8 months ago

Do this instead. do you see the step where your switch name is Switch# ? This means that your password recovery was successful and the config has been wiped out. Dont worry about renaming the config back because that brings the old configuration back to the switch. you have a unique configuration there that prohibits you from going to config mode based on some type of AAA configuration on there. From that prompt go to config t, and create a password. Then do a "copy run start" Then you will have a switch that you can do whatever you want with.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
smothuku Thu, 04/10/2008 - 01:01

Hi ,

CAn you paste "sh run" of the switch.I think AAA is congured on the switch which is not permitting the commands...

Is it in the network ?

Thanks,

Satish

southminder Thu, 04/10/2008 - 05:09

mcrp4s1c1#sh run

Command authorization failed.

mcrp4s1c1#show ver

Command authorization failed.

mcrp4s1c1#conf t

Command authorization failed.

mattcalderon Thu, 04/10/2008 - 05:24

Seeing that you still have a host name on your switch tells me that there is a config still on there. You need to double check the password recovery and verify you wiped the config.

southminder Thu, 04/10/2008 - 05:35

I never wiped the config, I've never been able to. This is the way that it was when I first got it, so I've been trying to reset the password ever since so that I can start fresh. Unfortunately it seems to be well password protected and I'm not having any luck. Is there a way I can somehow wipe the config without trying to gain access first or is there some other way to reset the password to gain access? This switch is not in business use.

mattcalderon Thu, 04/10/2008 - 06:17

You have followed this step from the document?

copy flash:config.text system:running-config

southminder Fri, 04/11/2008 - 19:32

yes of course:

Switch#copy flash:config.text system:running-config

Destination filename [running-config]?

Cannot open logging port to 132.183.99.18

7378 bytes copied in 20.861 secs (368 bytes/sec)

mcrp4s1c1#conf

Command authorization failed.

mcrp4s1c1#

Correct Answer
mattcalderon Sat, 04/12/2008 - 04:42

Do this instead. do you see the step where your switch name is Switch# ? This means that your password recovery was successful and the config has been wiped out. Dont worry about renaming the config back because that brings the old configuration back to the switch. you have a unique configuration there that prohibits you from going to config mode based on some type of AAA configuration on there. From that prompt go to config t, and create a password. Then do a "copy run start" Then you will have a switch that you can do whatever you want with.

Actions

This Discussion