This document describes the password recovery procedure for the Cisco
Catalyst Layer 2 fixed configuration switches 2900XL/3500XL, 2940, 2950/2955,
2960, and 2970 Series, as well as the Cisco Catalyst Layer 3 fixed
configuration switches 3550, 3560, and 3750 Series.
Power the switch and bring it to the
switch: prompt:
For 2900XL, 3500XL, 2940, 2950, 2960, 2970, 3550, 3560, and
3750 series switches, do this:
Hold down the mode button located on the left side of the front
panel, while you reconnect the power cable to the switch.
Catalyst Switch Series
LED Behavior and Mode Button Release Action
2900XL, 3500XL, 3550
Release the Mode button when the LED above
Port1x goes out.
2940, 2950
When the Status (STAT) LED goes out (after
approximately 5 seconds), release the Mode button. When you release the Mode
button, the SYST LED blinks amber.
2960, 2970
When the SYST LED blinks amber and then
turns solid green, release the Mode button. When you release the Mode button,
the SYST LED blinks green.
3560, 3750
When the SYST LED turns solid green (after
approximately 15 seconds), release the Mode button. When you release the Mode
button, the SYST LED blinks green.
Note: LED position may vary slightly depending on the model.
Catalyst 3524XL
Catalyst 2950-24
For 2955 series switches only:
The Catalyst 2955 series switches do not use an external mode
button for password recovery. Instead the switch boot loader uses the break-key
detection to stop the automatic boot sequence for the password recovery
purposes. The break sequence is determined by the terminal application and
operating system used. Hyperterm running on Windows 2000 uses Ctrl +
Break. On a workstation running UNIX, Ctrl-C is the
break key. For more information, refer to
Standard
Break Key Sequence Combinations During Password Recovery.
The example below uses Hyperterm to break into
switch: mode on a 2955.
C2955 Boot Loader (C2955-HBOOT-M) Version 12.1(0.0.514), CISCO DEVELOPMENT TEST
VERSION
Compiled Fri 13-Dec-02 17:38 by madison
WS-C2955T-12 starting...
Base ethernet MAC Address: 00:0b:be:b6:ee:00
Xmodem file system is available.
Initializing Flash...
flashfs[0]: 19 files, 2 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 7741440
flashfs[0]: Bytes used: 4510720
flashfs[0]: Bytes available: 3230720
flashfs[0]: flashfs fsck took 7 seconds.
...done initializing flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
*** The system will autoboot in 15 seconds ***
Send break character to prevent autobooting.
!--- Wait until you see this message before
!--- you issue the break sequence.
!--- Ctrl+Break is entered using Hyperterm.
The system has been interrupted prior to initializing the flash file system to finish
loading the operating system software:
flash_init
load_helper
boot
switch:
Note: Make sure to type a colon ":" after the dir
flash.
The switch file system is displayed:
switch: dir flash:
Directory of flash:/
2 -rwx 1803357 <date> c3500xl-c3h2s-mz.120-5.WC7.bin
!--- This is the current version of software.
4 -rwx 1131 <date> config.text
!--- This is the configuration file.
5 -rwx 109 <date> info
6 -rwx 389 <date> env_vars
7 drwx 640 <date> html
18 -rwx 109 <date> info.ver
403968 bytes available (3208704 bytes used)
switch:
!--- This output is from a 3500XL switch. Output from
!--- other switches will vary slightly.
switch: boot
Loading "flash:c3500xl-c3h2s-mz.120-5.WC7.bin"...###############################
################################################################################
######################################################################
File "flash:c3500xl-c3h2s-mz.120-5.WC7.bin" uncompressed and installed, entry po
int: 0x3000
executing...
!--- Output suppressed.
!--- This output is from a 3500XL switch. Output from other switches
!--- will vary slightly.
Enter "n" at the prompt to abort the initial
configuration dialog.
--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Continue with configuration dialog? [yes/no]: n
!--- Type "n" for no.
Press RETURN to get started.
!--- Press Return or Enter.
Switch>
!--- The Switch> prompt is displayed.
At the switch prompt, type en to enter enable
mode.
Switch#copy flash:config.text system:running-config
Destination filename [running-config]?
!--- Press Return or Enter.
1131 bytes copied in 0.760 secs
Sw1#
The configuration file is now reloaded.
Overwrite the current passwords that you do not know. Choose a
strong password with at least one capital letter, one number, and one special
character.
Note: Overwrite the passwords which are necessary. You need not
overwrite all of the mentioned passwords.
Sw1# conf t
!--- To overwrite existing secret password
Sw1(config)#enable secret <new_secret_password>
!--- To overwrite existing enable password
Sw1(config)#enable password <new_enable_password>
!--- To overwrite existing vty password
Sw1(config)#line vty 0 15
Sw1(config-line)#password <new_vty_password>
Sw1(config-line)#login
!--- To overwrite existing console password
Sw1(config-line)#line con 0
Sw1(config-line)#password <new_console_password>
Write the running configuration to the configuration file with the
write
memory command.
Sw1#write memory
Building configuration...
[OK]
Sw1#