What if you’ve forgotten the administrator password for the Cisco 2960 Switch, and you’ve tried diligently to recall it, typing various passwords, but none of them work? This post will come to the rescue when you need to recover the password without losing the running configuration.
Step-by-Step Guide
Let’s Start!
- Connect your console cable to the switch and open the terminal emulator software e.g. Putty on the machine (as shown below). Please make sure the correct COM Port is mentioned in the Serial Line box below.
- You can check the COM Port of your laptop/desktop (where you have connected the Serial Cable) through Device Manager. Keep the speed and other settings to default and click Open.
- Once you click on ‘Open‘, a Command Shell will open. Since you do not have the password to log on to the switch, keep the same console screen open and press and hold the ‘Mode’ button on the switch until you see the ‘switch:‘ prompt.
- It takes approximately 20-25 seconds, but keep holding the ‘Mode’ button, and you will then see a bunch of messages on the screen and, finally, the ‘switch:’ prompt.
- You will find a message on the screen ‘The password-recovery mechanism is enabled‘ (as shown in the screenshot below) before you reach the ‘switch:‘ prompt”.
- At the ‘switch:‘ prompt, type ‘flash_init‘ to initialize the flash, and then enter ‘dir flash:‘ to check the contents of the ‘flash:‘ drive. Take note of the files that are showing as .renamed.
- At the ‘Switch:‘ prompt, enter the ‘boot‘ command, as shown below. It will take some time to boot until you see the ‘System Configuration‘ dialog, and then you will see the ‘Switch>‘ prompt. In the system configuration dialog boxes, enter no“.
- Would you like to enter the initial configuration dialog ? [yes/no]: no
- Type en at the Switch> prompt to enter privileged mode (Switch#).
- Next, enter the ‘sh flash:‘ command. You will see files with the .renamed extension.
- Your task is to rename these files and remove the .renamed extension. For example, ‘private-config.text.renamed’ will become ‘private-config.text’.
- Renaming the Files:
- Confirm that the ‘.renamed‘ extension has been removed from the file extensions by using the ‘sh flash:‘ command.
- Copy ‘config.text‘ to ‘running-config‘ using the command ‘copy flash:config.text running-config‘ After doing this, you will notice that the switch name has been changed.
- You can also review the running configuration of the switch and make any necessary updates, such as modifying configurations, removing the enable password, or creating a login. Be sure to save the configuration changes before reloading the switch.
- It’s important to note that if you have an enable password or users created, and you don’t know their passwords, reloading the switch will result in the same situation where you won’t be able to log in. Therefore, please ensure that you thoroughly review the running configuration, make the desired changes, save the configuration, and then proceed with reloading the switch.
- When the switch reloads and comes back online. You can use the passwords you configured in the running configuration in step 8.
That’s it! You have successfully reset the password of the Cisco 2960 switch.
All the Commands Used in resetProcess (in Sequence)
Switch:flash_init
Switch:dir flash:
Switch:boot
Would you like to enter the initial configuration dialog? [yes/no]: no
Switch>en
Switch#sh flash:
Switch#rename flash:vlan.dat.renamed flash:vlan.dat
Switch#rename flash:config.text.renamed flash:config.text
Switch#rename flash:private-config.text.renamed flash:private-config.text
Switch#sh flash:
Switch#copy flash:config.text running-config
unknown08d09fa285c0#conf t
unknown08d09fa285c0(config)#enable secret class
unknown08d09fa285c0(config)#line console 0
unknown08d09fa285c0(config)#password Ci!sCo213
unknown08d09fa285c0(config)#login
unknown08d09fa285c0(config)#line vty 0 15
unknown08d09fa285c0(config)#password Ci!sCo213
unknown08d09fa285c0(config)#login
unknown08d09fa285c0(config)#end
unknown08d09fa285c0(config)#copy running-config startup-config
unknown08d09fa285c0(config)#reload