Troubleshooting guide
(DRAFT LABEL) FINAL DRAFT - CISCO CONFIDENTIAL 2/13/02
B-6
ATM and Layer 3 Switch Router Troubleshooting Guide
OL-1969-01
Appendix Troubleshooting TACACS+ and Recovering Passwords
Recovering a Lost Password
All of the procedures for recovering lost passwords depend on changing the configuration register of the
switch router. This is done by reconfiguring the switch router software.
More recent Cisco platforms run from Flash memory or are netbooted from a network server and can
ignore the contents of nonvolatile random-access memory (NVRAM) when booting. By ignoring the
contents of NVRAM, you can bypass the configuration file (which contains the passwords) and gain
complete access to the switch router. You can then recover the lost password or configure a new one.
Note If your password is encrypted, you cannot recover it. You must configure a new password.
Follow these steps to recover a password:
Step 1 Beginning in the privileged executive mode, enter the show version command and the configuration
register value. The default value is 0x2102.
Step 2 Power cycle the switch router.
Step 3 Within 60 seconds of turning the switch router On, press the Break key sequence or send a break signal,
which is usually ^]. If you do not see the
> prompt with no switch router name, the terminal is not
sending the correct Break signal. In that case, check the terminal or terminal emulation setup.
Step 4 Enter the confreg command at the > prompt.
Step 5 Answer yes to the Do you wish to change configuration [y/n]? prompt.
Step 6 Answer no to all the questions that appear until you reach the Ignore system config info [y/n] prompt.
Answer yes.
Step 7 Answer no to the remaining questions until you reach the Change boot characteristics [y/n]? prompt.
Answer yes.
Step 8 At the enter to boot: prompt, enter 2.
Step 9 Answer no to the Do you wish to change configuration [y/n]? prompt.
Step 10 Enter the reset command at the rommon> prompt.
Step 11 Enter the enable command at the Switch> prompt. You'll be in enable mode and see the Switch# prompt.
Step 12 Enter the show startup-config command to view your password.
Step 13 If your password is clear text, proceed to Step 16.
or
If your password is encrypted, continue with Step 14.
Step 14 If your password is encrypted, enter the configure memory command to copy the NVRAM into
memory.
Step 15 Enter the copy running-config startup-config command.
Step 16 Enter the configure terminal command.
Step 17 Enter the enable secret password command.
Step 18 Enter the config-register value command, where value is whatever value you entered in Step 1.
Step 19 Enter the exit command to exit configuration mode.
Step 20 Enter the copy running-config startup-config command.
Step 21 Enter the reload command at the prompt.