Cisco CCNA Packet Tracer Ultimate labs: Switch and Router Password Recovery. Answer Part 3

Cisco CCNA Packet Tracer Ultimate labs: Switch and Router Password Recovery. Answer Part 3

Packet Tracer file (PT Version 7.1) : https://goo.gl/tmRBKB
Get the Packet Tracer course for only $10 by clicking here: https://goo.gl/vikgKN
Get my ICND1 and ICND2 courses for $10 here: https://goo.gl/XR1xm9 (you will get ICND2 as a free bonus when you buy the ICND1 course).

Can you perform a password recovery and restore the device configurations?

Details of the Password Recovery Procedure
Perform the following steps to recover or replace a lost enable, enable secret, or console login password:

Troubleshooting Guide for the Cisco 4000 Series Integrated Services Router:
https://www.cisco.com/c/en/us/td/docs/routers/access/4400/troubleshooting/guide/isr4400trbl/isr4400trbl02.html

Catalyst 3560 Software Configuration Guide, Release 12.2(52)SE:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_52_se/configuration/guide/3560scg/swtrbl.html#wp1021182

Transcription:

This link here explains how to reset passwords on a Cisco 3560 switch.

So how do we recover a lost or forgotten password on a 3560 switch?
There are two options: One, when password recovery is enabled and one when it’s disabled.

In our example we have a default configuration where password recovery is permitted. So we need to connect to the console of the device.

Now in packet tracer we can either do that by dragging a PC into the topology and then connecting it via a console cable. So I could connect to the console of the switch and have a look. At the switch directly through the console password here is unknown. I’m not going to do it that way. I’m simply going to click on the device which gives me a console connection anyway.

But please be aware that in the real world, you need to physically connect a PC to the console of your switch or router when doing password recovery.

Now the next step is to make sure that you’re using 9,600 bits per second in your terminal emulation software, that’s the default in packet tracer. We need to power the off the switch and then reconnect the power cord and then within 15 seconds press the mode button while the system LED is still flashing green. Continue pressing the mode button until the system LED turns briefly amber and then solid green and then release the mode button.

Now in my example, I can’t physically unplug the power through packet tracer. So I’m going to power cycle the devices that power cycles all the devices but I’ve already reset the configuration of my routers so that’s fine. I’m going to press the mode button on the switch which then allows me to access ROM on under the switch.

And now some tips, if that doesn’t work, power cycle device and then click the mode button two or three times, to get packet tracer to take you to ROM monitor mode.

So notice now that the boot process was terminated, question mark enter shows me that I’m in ROM monitor mode. Now that we’ve got into ROM monitor mode, we need to use the command flash in it, so here’s the command flash init

We’re told that the flash is already initialized so be aware that packet tracer may be a little bit different to the real world. This command as an example is not required and is not supported in packet tracer. So the next command is to look at flash.

So dir flash
there’s the contents of flash on the switch.

We’re told to rename the config text file as config text old. So there’s our config text file.

So rename flash:config.text flash:config text.old
Before I press enter, let’s verify that. That’s what we’re told do, so that looks right, press enter

dir flash

The file has been renamed, so that was the original name, this is the new name.
Now in the real world, when you boot to the switch it will take you to the initial configuration dialog. So boot, let’s see if that actually works in packet tracer. What we should be able to do is now bypass the configuration and type enable and then rename the config back to what it was.

Copy the configuration, reset passwords and save the configuration and then reload the switch. So for the real world, have a look at the Cisco documentation for your relevant device.

In packet tracer however, the original configuration has been applied so that doesn’t work entirely. So what I’m going to do is erase the startup configuration we do have the startup configuration in flash. We can’t see that here but if I go back to the physical device view and power cycle the device and press the mode button, notice in flash I can see the original configuration.

So I could use that to replace the running config on the switch. So what I’m going to do is boot the switch and then once it’s booted, I’ll be able to erase the NVRAM.

Switch has now booted up again, enable doesn’t work,I’m going to erase the NVRAM that actually has taken me directly to privilege mode in packet tracer that wouldn’t happen in the real world.

subscribe