cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
33722
Views
5
Helpful
11
Replies

Password recovery on a Catalyst 3850 switch

kelayrel_
Level 1
Level 1

Hi,

Forgive the newbie question, but I'm trying to do password recovery on a Catalyst 3850 switch, and I can't figure out what I have to actually *do*.

I've read the section in this: http://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/security/configuration_guide/b_sec_1501_3850_cg_chapter_011.html#concept_8DD2D3858A774C2798D30927F5761C66

where it says that I need to have physical access to the switch (I do), and that I reset the password if I issue a break command and interrupt the boot procedure. I've tried to do that... it gives me the "switch:" prompt, so I think I've interrupted the boot procedure successfully, but, what do I do next?

I've successfully done recoveries on Catalyst 2950s, 3550s & 3560s, but the procedure for this one, if I'm reading the link above right, sounds like it's completely different.

There's no config on this switch, at least, nothing that can't be wiped if it needs to be.

Thanks for the help!
-Jen

11 Replies 11

mfurnival
Level 4
Level 4

Have you tried the usual password recovery method?

switch: flash_init

switch: load_helper

switch: rename flash:config.text flash:config.old

switch: boot

I have... there doesn't appear to be a "config.text" file in the flash: directory, and it's giving me an unknown cmd error on load_helper.

Just reading up on this and realised it is XOS. Can you do a dir flash: ?

I was trying to find info for password recovery on XOS and there does not seem to be much out there!

I've noticed! *lol* What I've found about resetting passwords seems to assume you're in priveledged EXEC already - which would be part of the problem, really.

I can do a dir flash:. This is what I get:

54209  drwx  4096       .

    2  drwx  4096       ..

54210  -rw-  2097152    nvram_config

54211  -rw-  74410468   cat3k_caa-base.SPA.03.02.00SE.pkg

54212  -rw-  2773680    cat3k_caa-drivers.SPA.03.02.00.SE.pkg

54213  -rw-  32478044   cat3k_caa-infra.SPA.03.02.00SE.pkg

54214  -rw-  30393116   cat3k_caa-iosd-universalk9.SPA.150-1.EX.pkg

54215  -rw-  18313952   cat3k_caa-platform.SPA.03.02.00.SE.pkg

54216  -rw-  63402700   cat3k_caa-wcm.SPA.10.0.100.0.pkg

54217  -rw-  1218       packages.conf

54218  -rw-  556        vlan.dat

54219  -rw-  57         express_setup.debug

Not sure if that helps at all.

It might be the "nvram_config" that you need to rename. This is guesswork on my part though - if it goes wrong and your switch bursts into flames I assume no responsibility.

Was worth a shot... unfortunately, it won't let me copy/rename that file as it's read only, apparently. The permissions don't look like that... but when I do this, I get the following error:

switch: copy flash:nvram_config flash:nvram_config.old

flash:nvram_config.old: read only file system

Assuming I did that right to begin with (did I mention I'm pretty new to all of this? Heh.), do you know of any way I can work around that and try to do it anyway?

Can you do a "?" at the switch: prompt to see what commands are available?

I am assuming that you did the "flash_init" before trying the rename command?

I did. Flash was already initialized. I get the same error when I do a rename flash:nvram_config flash:nvram_config.old, as well. Read only file system.

When I do a ?, the command list it gives me is this:

switch: ?

           ? -- Present list of available commands

         arp -- Show arp table or arp-resolve an address

        boot -- Load and boot an executable image

         cat -- Concatenate (type) file(s)

        copy -- Copy a file

      delete -- Delete file(s)

         dir -- List files in directories

emergency-install -- Initiate Disaster Recovery

  flash_init -- Initialize filesystem(s)

      format -- Format a filesystem

        fsck -- Check filesystem consistency

        help -- Present list of available commands

   mgmt_init -- initialize management port

       mkdir -- Create dir(s)

        more -- Concatenate (display) file(s)

        ping -- Send ICMP ECHO_REQUEST packets to a network host

      rename -- Rename a file

       reset -- Reset the system

       rmdir -- Delete empty dir(s)

         set -- Set or display environment variables

      set_bs -- Set attributes on a boot sector filesystem

   set_param -- Set system parameters in flash

        type -- Concatenate (type) file(s)

       unset -- Unset one or more environment variables

     version -- Display boot loader version

Any thoughts?

set_bs looks interesting. So does emergency-install...

I am just guessing now...

FWLIW, the "emergency-install tftp://ip/IOSImageName.bin" seems to erase flash, load a minimal image (like the old load_helper) and then pull down the entire image ... this became important for me recovering from a dead-in-the-water 3850 ... HTH!

/TJ

kelayrel_
Level 1
Level 1

My god, I actually managed to find it! Yay internet!

For those who may be looking for help on password recovery for the 3850 switch in the future, I'll post what I found. I ended up resetting the switch because, well, easier.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3850/hardware/quick/guide/cat3850_gsg.html#wp46478 - reset procedures found here

http://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/system_management/configuration_guide/b_sm_32se_3850_cg_chapter_010001.html#concept_6E610BCFF5174E498454F09CB6489799

-this has a password recovery procedure that... sort of worked for me (but not completely, thus my choosing to reset rather than fiddle with it).

Hope that's helpful to someone else down the line!

-Jen

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: