I'm after inheriting a cisco 2950 switch in my new job and I do not know the enable password for it. I went about following the "password recovery procedure" but am getting nowhere.
I have tried connecting to the switch after powering it up but cannot open a session over the console port. I've tried using both COM ports on my laptop with all the variations of the flow control setting but no joy.
I took a look at an old config file that was saved on the network for the switch and found this at the end:
LINE CON 0
TRANSPORT INPUT NONE
Is this stopping me from completing the password reset when the switch is booting up??? All advice welcomed.
You need this process for the switch model you have.
HI Paddy, [Pls Rate if HELPS]
"Transport Input None" command will prevent you from accessing the Device.
Refer link below for CISCO 2950 Swtich Password Recovery Procedure Document:
Refer step by step procedure (quick ref):
1. Unplug the power cable
2. Hold down the mode button while replugging the power cable
3. Type flash_init over the console
4. Type load_helper
5. Type Dir flash:
//make sure to type the semi-colons
6. Type rename flash:config.tdt flash:config.old
//the password is contained in the config.txt fil.e
7. Type boot
//this reboots the system
8. Type n to skip the initial setup config
9. Type enable
//this takes you to the enable mode
10. Type rename flash:config.old flash:config.txt
11. Save config.txt to system
#copy flash:config.txt system:running-config
12. Enter config mode and change the password
#no enable secret
//this applies only if the enable secret password was created
13. Finally write the changes to memory
PLS RATE if HELPS
Guru Prasad R
Thanks Prasad R,
Is TRANSPORT INPUT NONE stopping me completely from connecting via the console port? Please clarify as I was not able to open a console session using Hyperterminal yesterday evening after powering on the router whilst holding down the MODE button.
Thanks in advance,
HI Paddy, [Pls RATE if HELPS]
YES. "Transport Input none" is interface specific commands.
Since you have issued the command under "line console 0" it will block you in accessing the Device via Console port.
"Transport input < > command is basically used for security purpose. Consider if your organization wanted to access the Router via "ssh" only means you can use this command as "transport input ssh"
-->This will allow only ssh access to the Devices. INFO: Donot Use Transport Input none command over all interfaces, if issued by mistake means then you need to go for ROMMON Mode to recover the access to Router.
Whereas now you can access the Router via Telnet / AUX port to remove the command from the configuration under line console 0.
PLEASE RATE if HELPS
Guru Prasad R
Thanks, but how is this config applicable when powering on whilst holding down the MODE button? Surely the config does not get loaded until a full boot has completed normally.
But, now you should be able to telnet to the Switch / connect via AUX port to edit the configuration.
Else, refer my previous posts (provided with link) for recovery procedure.
DO RATE ALL HELPFUL POSTS.
Guru Prasad R
You said that is an old code snippet, it is possible they may have changed the console speed. You mentioned only changing the flow control setting (hardware software etc). Try changing the speed to 115200 and work your way down. The other person may have changed the port speed to do an xmodem transfer from rommon.
The steps illustrated by Guru will let you recover the switch, you can change the password and remove the transport input none on the console, you'll have to reload the switch and keep pressing the mode button until you get the "switch:" prompt then release it "Release the Mode button after approximately 5 seconds when the Status (STAT) LED goes out. When you release the Mode button, the SYST LED blinks amber" and then go on with the steps Guru has illustrated earlier:
Flow control will not prevent you seeing anything on your terminal window, you may just get a few wrong or missing characters but 99.9% of the display will be correct.
Even the wrong baud rate will still send output to your terminal session, albeit a bunch of garbage.
It sounds to me like you just don't have the right serial cable or port configuration working on your laptop. Please identify what you are using (exactly) to connect the switch console port to your laptop.
Are you using a built-in DB-9 serial port or a USB adapter?
The correct settings for a Cisco Catalyst console port is 9600 baud, 8 data bits, parity none, 1 stop bit, flow-control none or xon/xoff.
Hyperterminal is junk, you may want to use (free) putty or (not free) securecrt...
I believe the console port is always 9600 baud when you hold down the *MODE* button while powering on the switch (during password recovery). Note that you need to hold the button down until the *STAT* led goes off which may take 5-10 secs.
Please reply if you are still having an issue.
Just one of those dumb little things that I've run into a lot: Make sure scroll lock is off if you are using hyperterm. It's happened to me in the past and I know I have seen it plenty of times.
Cheers for all the responses, I've been on training courses for the last two weeks but will try again when I return to the office next week.