cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
640898
Views
63
Helpful
19
Replies

Cisco switch 2960/3560=> Password recovery and Factory Default with Mode Button

Kuldeep singh
Level 1
Level 1

Hi Experts,

I have some confusion with holding Mode button with cisco 2960/3560 switchs.

I read out many forums and articles but where things are unclear.

somewhere given 3 seconds and somewhere it is given 7 or 10 seconds.

Qus1)  What is exact time to press/hold Mode button to perform two given below tasks:

A. Password recovery ( as per my knowledge 3 secs)  Right or Wrong ?


    Would switch configuration (startup + running) be safe

    after password recovery? Yes or No



B. Factory default   (as per my knowledge 10 secs)    Right or Wrong ?

    I am afraid, bcoz if i press mode button more than 3 seconds then

    it will remove whole configuration from cisco switch. Yes or No

Qus2)  I want to recover password of catalyst 2960/3560 switch without

          loosing Start/Run configuration. this is my main concern.

          plz tell me how to do this, what will be the Mode buttom hold time

          in seconds ?

Qus3)   What does mean of this line

           "If password recovery mechanism is disabled in switch

            then you will lose all the config".

            This Sentence was given on this forum url

            https://supportforums.cisco.com/thread/140848

KS

2 Accepted Solutions

Accepted Solutions

Attach a terminal or PC with terminal emulation (for example, Hyper Terminal) to the console port of the switch.

Use the following terminal settings:

  • Bits per second (baud): 9600


  • Data bits: 8


  • Parity: None


  • Stop bits: 1


  • Flow Control: Xon/Xoff


Note: For additional information on cabling and connecting a terminal to the console port, refer to Connecting a Terminal to the Console Port on Catalyst Switches.


Unplug the power cable.


Power the switch and bring it to the switch: prompt:

For 2900XL, 3500XL, 2940, 2950, 2960, 2970, 3550, 3560, and 3750 series switches, do this:

Hold down the mode button located on the left side of the front panel, while you reconnect the power cable to the switch.


    2960, 2970Release the Mode button when the SYST LED blinks amber and then turns solid green. When you release the Mode button, the SYST LED blinks green.

     

    3560, 3750Release the Mode button after approximately 15 seconds when the SYST LED turns solid green. When you release the Mode button, the SYST LED blinks green.

    The system has been interrupted prior to initializing the flash file system to finish

    loading the operating system software:

    flash_init

    load_helper

    boot

    switch:

    Issue the flash_init command.

    switch: flash_init Initializing Flash... flashfs[0]: 143 files, 4 directories flashfs[0]: 0 orphaned files, 0 orphaned directories flashfs[0]: Total bytes: 3612672 flashfs[0]: Bytes used: 2729472 flashfs[0]: Bytes available: 883200 flashfs[0]: flashfs fsck took 86 seconds ....done Initializing Flash. Boot Sector Filesystem (bs:) installed, fsid: 3 Parameter Block Filesystem (pb:) installed, fsid: 4 switch: !--- This output is from a 2900XL switch. Output from !--- other switches will vary slightly.

    Issue the load_helper command.

    switch: load_helper switch:

    Issue the dir flash: command.

    Note: Make sure to type a colon ":" after the dir flash.

    The switch file system is displayed:

    switch: dir flash: Directory of flash:/ 2    -rwx  1803357                  c3500xl-c3h2s-mz.120-5.WC7.bin !--- This is the current version of software. 4    -rwx  1131                     config.text !--- This is the configuration file. 5    -rwx  109                      info 6    -rwx  389                      env_vars 7    drwx  640                      html 18   -rwx  109                      info.ver 403968 bytes available (3208704 bytes used) switch: !--- This output is from a 3500XL switch. Output from !--- other switches will vary slightly.

    Type rename flash:config.text flash:config.old to rename the configuration file.

    switch: rename flash:config.text flash:config.old switch: !--- The config.text file contains the password !--- definition.

    Issue the boot command to boot the system.

    switch: boot Loading "flash:c3500xl-c3h2s-mz.120-5.WC7.bin"...############################### ################################################################################ ###################################################################### File "flash:c3500xl-c3h2s-mz.120-5.WC7.bin" uncompressed and installed, entry po int: 0x3000 executing... !--- Output suppressed. !--- This output is from a 3500XL switch. Output from other switches !--- will vary slightly.

    Enter "n" at the prompt to abort the initial configuration dialog.

    --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Continue with configuration dialog? [yes/no]: n !--- Type "n" for no. Press RETURN to get started. !--- Press Return or Enter. Switch> !--- The Switch> prompt is displayed.

    At the switch prompt, type en to enter enable mode.

    Switch>en Switch#

    For password recovery


    Type rename flash:config.old flash:config.text to rename the configuration file with its original name.

    Switch#rename flash:config.old flash:config.text Destination filename [config.text] !--- Press Return or Enter. Switch#

    Copy the configuration file into memory.

    Switch#copy flash:config.text system:running-config Destination filename [running-config]? !--- Press Return or Enter. 1131 bytes copied in 0.760 secs Sw1#

    The configuration file is now reloaded.


    Overwrite the current passwords that you do not know. Choose a strong password with at least one capital letter, one number, and one special character.

    Note: Overwrite the passwords which are necessary. You need not overwrite all of the mentioned passwords.

    Sw1# conf t !--- To overwrite existing secret password Sw1(config)#enable secret  !--- To overwrite existing enable password Sw1(config)#enable password  !--- To overwrite existing vty password Sw1(config)#line vty 0 15 Sw1(config-line)#password  Sw1(config-line)#login !--- To overwrite existing console password Sw1(config-line)#line con 0 Sw1(config-line)#password 

    Write the running configuration to the configuration file with the write memory command.

    Sw1#write memory Building configuration... [OK] Sw1#

      For Factory reset:

      dont give below command for factory reset

      Switch#copy flash:config.text system:running-config

      do copy running config to flash,

      Switch#copy running-config flash:

      Destination filename [running-config]?

      Building configuration...

      [OK]

      Switch#copy running-config startup-config

      Destination filename [startup-config]?

      Building configuration...

      [OK]

      Go through the below link for more info

      http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml

      Please rate the helpful posts.

      Regards
      Thanveer
      "Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

      View solution in original post

      Actually i am bit confused with Mode button, everyone saying that Mode button is used for Rommon Mode Only, but when i hold Mode button for more than 3 seconds i.e around 10 seconds then it removes whole switch configuration. why ?

      Why?  Why what?  Like I've said before, I don't understand what you are trying to do.

      Why, if you hold the Mode button for 3 seconds you go into ROMmon?  And why, if you hold the Mode button why it RENAMES the configuration file to "config.text.rename"?

      The answer to your questions are:  That's how it's designed.

      Besides, if you want to do password-recovery, you don't count the number of seconds.  You look at what the console is showing. 

      View solution in original post

      19 Replies 19

      Hi,
      "Is there any Cisco professional " is a very cool question!! For the first instead the mode button is only sending the switch in ROMMON and nothing else. From there on there is the flash initialisation and the rest of the procedure to do. Apart from the method used(ctrl+break in the first 60 seconds in some switches vs. mode button in others), you need to keep in mind you are going to manipulate the registers. Hence the first step will remain entering in ROMMON.

      Question two:

      Once you skip the password you need a simple

      Copy start run

      As first command from privilege mode and a write mem only after verifying your running config is the one you want(show run).

      Question three:

      Some environments require a very high level of security, nearly paranoic.. For that reason you can disable the possibility to recover your password with

      Conf t
      No service password-recovery! Please check the command on the platform you are using ;)

      In this case, you will be still able to access your switch but you will not be able to recover the old configuration.

      Hope this clarifies

      Take care
      Alessio

      Sent from Cisco Technical Support iPad App

      No service password-recovery! Please check the command on the platform you are using

      In this case, you will be still able to access your switch but you will not be able to recover the old configuration.

      You still can do password-recovery when you run that command. 

      Attach a terminal or PC with terminal emulation (for example, Hyper Terminal) to the console port of the switch.

      Use the following terminal settings:

      • Bits per second (baud): 9600


      • Data bits: 8


      • Parity: None


      • Stop bits: 1


      • Flow Control: Xon/Xoff


      Note: For additional information on cabling and connecting a terminal to the console port, refer to Connecting a Terminal to the Console Port on Catalyst Switches.


      Unplug the power cable.


      Power the switch and bring it to the switch: prompt:

      For 2900XL, 3500XL, 2940, 2950, 2960, 2970, 3550, 3560, and 3750 series switches, do this:

      Hold down the mode button located on the left side of the front panel, while you reconnect the power cable to the switch.


        2960, 2970Release the Mode button when the SYST LED blinks amber and then turns solid green. When you release the Mode button, the SYST LED blinks green.

         

        3560, 3750Release the Mode button after approximately 15 seconds when the SYST LED turns solid green. When you release the Mode button, the SYST LED blinks green.

        The system has been interrupted prior to initializing the flash file system to finish

        loading the operating system software:

        flash_init

        load_helper

        boot

        switch:

        Issue the flash_init command.

        switch: flash_init Initializing Flash... flashfs[0]: 143 files, 4 directories flashfs[0]: 0 orphaned files, 0 orphaned directories flashfs[0]: Total bytes: 3612672 flashfs[0]: Bytes used: 2729472 flashfs[0]: Bytes available: 883200 flashfs[0]: flashfs fsck took 86 seconds ....done Initializing Flash. Boot Sector Filesystem (bs:) installed, fsid: 3 Parameter Block Filesystem (pb:) installed, fsid: 4 switch: !--- This output is from a 2900XL switch. Output from !--- other switches will vary slightly.

        Issue the load_helper command.

        switch: load_helper switch:

        Issue the dir flash: command.

        Note: Make sure to type a colon ":" after the dir flash.

        The switch file system is displayed:

        switch: dir flash: Directory of flash:/ 2    -rwx  1803357                  c3500xl-c3h2s-mz.120-5.WC7.bin !--- This is the current version of software. 4    -rwx  1131                     config.text !--- This is the configuration file. 5    -rwx  109                      info 6    -rwx  389                      env_vars 7    drwx  640                      html 18   -rwx  109                      info.ver 403968 bytes available (3208704 bytes used) switch: !--- This output is from a 3500XL switch. Output from !--- other switches will vary slightly.

        Type rename flash:config.text flash:config.old to rename the configuration file.

        switch: rename flash:config.text flash:config.old switch: !--- The config.text file contains the password !--- definition.

        Issue the boot command to boot the system.

        switch: boot Loading "flash:c3500xl-c3h2s-mz.120-5.WC7.bin"...############################### ################################################################################ ###################################################################### File "flash:c3500xl-c3h2s-mz.120-5.WC7.bin" uncompressed and installed, entry po int: 0x3000 executing... !--- Output suppressed. !--- This output is from a 3500XL switch. Output from other switches !--- will vary slightly.

        Enter "n" at the prompt to abort the initial configuration dialog.

        --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Continue with configuration dialog? [yes/no]: n !--- Type "n" for no. Press RETURN to get started. !--- Press Return or Enter. Switch> !--- The Switch> prompt is displayed.

        At the switch prompt, type en to enter enable mode.

        Switch>en Switch#

        For password recovery


        Type rename flash:config.old flash:config.text to rename the configuration file with its original name.

        Switch#rename flash:config.old flash:config.text Destination filename [config.text] !--- Press Return or Enter. Switch#

        Copy the configuration file into memory.

        Switch#copy flash:config.text system:running-config Destination filename [running-config]? !--- Press Return or Enter. 1131 bytes copied in 0.760 secs Sw1#

        The configuration file is now reloaded.


        Overwrite the current passwords that you do not know. Choose a strong password with at least one capital letter, one number, and one special character.

        Note: Overwrite the passwords which are necessary. You need not overwrite all of the mentioned passwords.

        Sw1# conf t !--- To overwrite existing secret password Sw1(config)#enable secret  !--- To overwrite existing enable password Sw1(config)#enable password  !--- To overwrite existing vty password Sw1(config)#line vty 0 15 Sw1(config-line)#password  Sw1(config-line)#login !--- To overwrite existing console password Sw1(config-line)#line con 0 Sw1(config-line)#password 

        Write the running configuration to the configuration file with the write memory command.

        Sw1#write memory Building configuration... [OK] Sw1#

          For Factory reset:

          dont give below command for factory reset

          Switch#copy flash:config.text system:running-config

          do copy running config to flash,

          Switch#copy running-config flash:

          Destination filename [running-config]?

          Building configuration...

          [OK]

          Switch#copy running-config startup-config

          Destination filename [startup-config]?

          Building configuration...

          [OK]

          Go through the below link for more info

          http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml

          Please rate the helpful posts.

          Regards
          Thanveer
          "Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

          Hi all cisco professors,

          I have cisco 2960 switch and I forget my password then I follow all the steps but I got only these two commands;

          flash_init

          boot

          switch:

          but I couldn't get load_helper, I did flash_init then it is initialize then I typed load_helper but it says "not recognize command" then I type boot but it says foot failure so how can I recover my password for cisco 2960 switch? can anyone help to me?

          Regards,

          BINOD

          Hello Mohammed ,

          i know this is an old post but i am having a similar issue. it seems that former engineer mistakenly deleted the image file as there is no file in the flash directory except the environmental variable. The config is shown below

          switch: ?
          ? -- Present list of available commands
          boot -- Load and boot an executable image
          cat -- Concatenate (type) file(s)
          copy -- Copy a file
          delete -- Delete file(s)
          dir -- List files in directories
          flash_init -- Initialize flash filesystem(s)
          format -- Format a filesystem
          fsck -- Check filesystem consistency
          help -- Present list of available commands
          load_helper -- Load and initialize a helper image
          memory -- Present memory heap utilization information
          mkdir -- Create dir(s)
          more -- Concatenate (display) file(s)
          rename -- Rename a file
          reset -- Reset the system
          rmdir -- Delete empty dir(s)
          set -- Set or display environment variables
          set_param -- Set system parameters in flash
          trap -- Cause a software breakpoint to occur
          type -- Concatenate (type) file(s)
          -- MORE --
          unset -- Unset one or more environment variables
          version -- Display boot loader version
          switch: dir

          List of filesystems currently registered:

          flash[0]: (read-write)
          xmodem[1]: (read-only)
          null[2]: (read-write)
          bs[3]: (read-only)

          switch: dir flash:
          Directory of flash:/

          3 -rwx 30 <date> env_vars

          7739904 bytes available (1536 bytes used)
          switch:

           

          could you assist ?

          jawad-mukhtar
          Level 4
          Level 4

          Qus1)  What is exact time to press/hold Mode button to perform two given below tasks:

          For 2960

          Release the Mode button when the SYST LED blinks amber and then turns solid green. When you release the Mode button, the SYST LED blinks green.

          For 3560

          Release the Mode button after approximately 15 seconds when the SYST LED turns solid green. When you release the Mode button, the SYST LED blinks green.

          A. Password recovery ( as per my knowledge 3 secs)  Correct or Wrong ?

              would switch configuration (startup + running)

              after password recovery? Yes or No

          STARTUP-CONFIG will be safe.

          B. Factory default   (as per my knowledge 10 secs)     Correct or Wrong ?

              I am afraid, bcoz if i press mode button more than 3 seconds then

              it will remove whole configuration from cisco switch. Yes or No

          For Factory default you have to use write erasse command.  If this is the scene then any body can hold mode button and can do his work easily :P.

          Mode button is for Rommon Mode Only

          Qus2)  I want to recover password of catalyst 2960/3560 switch without

                    loosing Start/Run configuration. this is my main concern.

                    plz tell me how to do this, what will be the Mode buttom hold time

                    in seconds ?

          You can follow Cisco Documented Steps using below link

          http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml

          Qus3)   What does mean of this line

                     "If password recovery mechanism is disabled in switch

                      then you will lose all the config".

                      This Sentence was given on this forum url

                      https://supportforums.cisco.com/thread/140848

          If u have disabled passwordy recovery by using following command

          no service password-recovery

          Then you access to rommon mode will be disabled to view configuration file or change setting etc.

          If this is the case it will ask u this

          Would you like to reset the system back to the default configuration (y/n)?

          Jawad

          Kuldeep singh
          Level 1
          Level 1

          Hello Experts,

          plz show interest and help me out with exact answers.....

          KS

          plz show interest and help me out with exact answers.....

          I don't know what you want.  Do you want an answer "you want to hear" or do you want an answer that alot of Cisco expert users have SUCCESSFULLY used?

          The easiest way for you to know and learn is get a switch, put a simple username and password and experiment. 

          Hello,

          Actually i am bit confused with Mode button, everyone saying that

          Mode button is used for Rommon Mode Only, but when i hold Mode button

          for more than 3 seconds i.e around 10 seconds then it removes whole

          switch configuration. why ?

          KS

          Actually i am bit confused with Mode button, everyone saying that Mode button is used for Rommon Mode Only, but when i hold Mode button for more than 3 seconds i.e around 10 seconds then it removes whole switch configuration. why ?

          Why?  Why what?  Like I've said before, I don't understand what you are trying to do.

          Why, if you hold the Mode button for 3 seconds you go into ROMmon?  And why, if you hold the Mode button why it RENAMES the configuration file to "config.text.rename"?

          The answer to your questions are:  That's how it's designed.

          Besides, if you want to do password-recovery, you don't count the number of seconds.  You look at what the console is showing. 

          Enrique Soto M
          Level 1
          Level 1

          Hello,

          I have a Catalyst 2960 Series SI switch I don´t have the password for. I will try the suggested options and let you know how it works.

          I have 2 subnets. Switch connects fine to one and provides service in all ports. To the second network it won´t complete connection (port led remains amber).

          Will I better off with modifying a specific parameter or to factory-reset and enable service for any network I connect the switch to?

           

          Thanks in advance.

           

          I was able to reset password.

           

          I know this is a long inactive discussion.

          Will check / open other thread to consult the 2 subnet problem.

           

          Thank you.
           

          jishanali2013
          Level 1
          Level 1

          Its really helpful.

          qasim.saeed1
          Level 1
          Level 1

          Please check below mention quick step to recover switch password and configuration but it is recommended to follow complete process

           

          http://aqlearningcenter.blogspot.com/2017/11/2960-switch-password-recovery-quick.html

           

          Hope document helpful for you

           

          Regards,

          Qasim

           

          Getting Started

          Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: