Guest

Cisco CSS 11000 Series Content Services Switches

Cisco CSS 11000 and CSS 11500 Content Services Switch

Cisco - Password Recovery Procedure for the Cisco CSS 11000 and CSS 11500 Content Services Switch

Document ID: 7811

Updated: Nov 30, 2005

   Print

Introduction

This document describes how to recover a password on Cisco CSS 11000 and CSS 11500 Series content services switches.

The steps in this document explain how to change the default administrator password if you have forgotten it, or if it was changed and superuser rights were not assigned to it when you used the username command-line interface (CLI) command.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

The information in this document is based on these software and hardware versions:

  • CSS 11503

  • Console cable

    Note: You cannot do this procedure via Telnet or Secure Shell Protocol [SSH].

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Access the Offline Diagnostic Monitor Menu

To recover your password, use the Offline Diagnostic Monitor menu (Offline DM menu). The CSS pauses the boot process for 5 seconds to enable you to press any character after the prompt (or press Y) to display the Offline DM menu.

  1. Connect and configure a console cable to the console port on the CSS.

    Note: The 11000 series has a special connector. The 11500 series does not need this.

    Configure the console to these default values:

    • 9600 baud

    • no parity

    • 8 data bits

    • 1 stop bit

    • flow control set to none

  2. Power on the CSS.

    After the CSS begins to boot (approximately 15 seconds), it displays either of these messages:

    Press any key to access the Offline Diagnostic Monitor menu
    
    Would you like to access the Offline Diagnostic Monitor? (Y)

    At this point in the boot sequence, take either of these actions:

    • Take no action and let the CSS continue to boot automatically with the default boot configuration.

    • Press any key (or press Y) and press Enter in order to halt the boot process and display the Offline DM menu.

      Note: Select this option in order to change the password.

Password Recovery Procedure

This section shows the steps to recover a lost password.

  1. Boot the CSS and observe this output:

    BootRom...booting
    Copyright (1998-2002), Cisco Systems, Inc
    
    Locked boot flash.
    Validating operational boot flash, please wait...
    Operational boot flash valid. Jumping to operational boot flash.
    Copyright (1998-2002), Cisco Systems, Inc
    
    Operational boot flash.
    Attaching interrupt handlers...Done.
    Master SCM.
    Built Mar 22 2005 @ 16:05:54
    Version 07.50.0.04
    Press <ESC> to enter the Diagnostic Monitor
    * * * * * * * * * * * * * * * * * * * * * * *
    Ran 1 times, 23 tests. Detected 0 errors.
    
    Booting OffDm @ 0xbfd60000
    
    SCM:MASTER Other:NOT-PRESENT
    
    InitialiCSS5-SCM-2GE Offline Diagnostic Monitor menu (OffDM)
    Reading configuration records...OK
    Version: 07.50.0.04
    Would you like to access the Offline Diagnostic Monitor? (Y)
  2. Press Y and then press Enter.

    Note: Some WebNS versions may require you to “Press any Key” instead.

    You see this output:

    CSS5-SCM-2GE Offline Diagnostic Monitor menu (OffDM)
    
    Version: 07.50.0.04
    
    M A I N M E N U
    
    Enter the number of a menu selection:
    
    1* Set Boot Configuration
    2. Show Boot Configuration
    3* Advanced Options
    4. Reboot System
    
    >

    Note: An asterisk (*) indicates that there are submenus under the indicated menu item.

  3. Press 3 and then press Enter.

    You see this output:

    CSS5-SCM-2GE Offline Diagnostic Monitor menu (OffDM)
    
    Version: 07.50.0.04
    
    A D V A N C E D O P T I O N S
    
    Enter the number of a menu selection:
    
    1. Delete a Software Version
    2* Security Options
    3* Disk Options
    4. Set MSD Mapping
    r. Return to previous menu
    
    >
  4. Press 2 and then press Enter.

    You see this output:

    CSS5-SCM-2GE Offline Diagnostic Monitor menu (OffDM)
    
    Version: 07.50.0.04
    
    S E C U R I T Y O P T I O N S
    
    Enter the number of a menu selection:
    
    1. Set Password Protection for Offline Diagnostic Monitor
    2. Set Administrative Username and Password
    r. Return to previous menu
    
    >
  5. Press 2 and then press Enter.

    You see this output:

    Enter <administrator> username (Minimum 4 characters):
  6. Enter admin and then press Enter.

  7. Enter and confirm the password.

    Note: You return to the Security Options menu (Step 3) after you confirm the password and press Enter.

  8. Press r twice in order to return to the main menu (Step 2).

  9. Press 4 and press Enter in order to reboot the system.

  10. When you see the prompt Are you sure you want to reboot? (y/n), press y and then press Enter.

    After the CSS reboots, you can log in as admin with the new password that you just entered.

Troubleshoot

If you are unable to log in with the newly-created administrator password, there is probably an admin username and password configured in the startup configuration (startup-config) that the switch is using. When the CSS boots, it loads whatever users are in the startup-config. If an admin user exists, its password replaces the password that you just configured.

When this happens, enter the Offline DM menu again and create a new administrator username and password.

Enter <administrator> username (Minimum 4 characters): tempadmin
Enter <administrator> password:
Confirm <administrator> password:

Note: In some versions of the CSS, the switch does not overwrite if you use “admin” as the username. If you try this and it fails to reset the password, use another name.

Once the switch reboots again, log in to the switch with the new username and password that you created. Once you are logged in to the switch, you can use the username command in order to change the administrator password that is configured in the startup-config. Here is an example:

#config
(config)#username admin password 'new_password' superuser

Note: The switch always looks to the startup-config first for the username and password. If the admin username is not configured in the switch, the switch looks to NVRAM for the username and password.

If you have configured the switch with an Offline DM menu password and have forgotten it, or if your CSS has a password-protected Offline DM menu and that password is lost as well, contact Cisco Technical Support by one of these methods:

Related Information

Updated: Nov 30, 2005
Document ID: 7811