Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco Catalyst 4000 Series Switches

Password Recovery Procedure for the Catalyst WS-X4232-L3 Router Module

Downloads

Document ID: 22424


Contents

Introduction
Prerequisites
      Requirements
      Conventions
Step-by-Step Procedure
Related Information

Introduction

This document describes the procedure for recovering an enable password or enable secret password for the WS-X4232-L3 Layer 3 (L3) services module for the Catalyst 4000. These passwords are used to protect access to privileged EXEC and configuration modes. The enable password can be recovered, but the enable secret password is encrypted and can only be replaced with a new password using the following procedure.

Prerequisites

Requirements

There are no specific requirements for this document.

Conventions

For more information on document conventions, see the Cisco Technical Tips Conventions.

Step-by-Step Procedure

Follow these instructions for password recovery.

  1. This procedure requires that the 4232-L3 module be reset and for you to break into ROM Monitor mode (ROMmon). You can not issue the reload command on the L3 module because this can only be done from the router enable prompt (Router#), and that requires the missing enable password, as shown in the following example:

    Router>enable 
Password: 
Password: 
Password: 
% Bad secrets

!-- The output after three failed attempts to enter the correct password.

    This means you must either reset the module from the switch (preferred method), or physically reseat the L3 module, which is more involved. For this reason, it is recommended that you have both of the following:

    • a console connection or Telnet session to the Catalyst 4000 supervisor engine.

    • a console connection to the L3 module.

    Attach a terminal or PC with terminal emulation to the console port of the 4232-L3 router module. Either attach a console cable to the Catalyst 4000 supervisor engine, or telnet to it.

    Use the following terminal settings for the console connections:

    • 9600 bps

    • No parity

    • Eight data bits

    • One stop bit

    • No flow control

    For more information on the required console cable specifications, refer to the following document:

  2. If you still have access to the Router> prompt, issue the show version command and record the setting of the configuration register, as shown in the following example. It is usually 0x2102 or 0x102, as shown in the following example:

    Router>show version
 
Cisco Internetwork Operating System Software 
IOS (tm) L3 Switch/Router Software (CAT4232-IN-M), Version 12.0(18)W5(22b) REL 
Copyright (c) 1986-2002 by cisco Systems, Inc. 
Compiled Fri 08-Feb-02 11:40 by integ 
Image text-base: 0x60010928, data-base: 0x60616000 

ROM: System Bootstrap, Version 12.0(7)W5(15b) RELEASE SOFTWARE 

Router uptime is 4 days, 23 hours, 4 minutes 
System restarted by power-on 
Running default software 

cisco Cat4232L3 (R5000) processor with 57344K/8192K bytes of memory. 
R5000 processor, Implementation 35, Revision 2.1 
Last reset from power-on 
1 FastEthernet/IEEE 802.3 interface(s) 
4 Gigabit Ethernet/IEEE 802.3z interface(s) 
123K bytes of non-volatile configuration memory. 

16384K bytes of Flash internal SIMM (Sector size 256K). 

Configuration register is 0x2102

  3. If you do not have access to the Router> prompt (because of a lost login or TACACS password), you can safely consider that your configuration register is set to 0x2102.

  4. Assuming you have a console connection or Telnet session to the supervisor as recommended previously, you can now issue the show module command to determine the slot number of the L3 module, followed by a reset < x >, where < x > is the slot number.

    Switch> (enable) show module
Mod Slot Ports Module-Type               Model               Sub Status
--- ---- ----- ------------------------- ------------------- --- --------
1   1    2     1000BaseX Supervisor      WS-X4013            no  ok
2   2    34    10/100/1000 Ethernet      WS-X4232-GB-RJ      no  OK
3   3    34    Router Switch Card        WS-X4232-L3         no  OK

Mod Module-Name         Serial-Num
--- ------------------- --------------------
1                       JAB043300MG
2                       JAE042921NV
3                       JAB054306MQ

Mod MAC-Address(es)                        Hw     Fw         Sw
--- -------------------------------------- ------ ---------- -----------------
1   00-02-fd-4c-52-00 to 00-02-fd-4c-55-ff 1.2    5.4(1)     6.1(3a)
2   00-02-4b-a0-78-7e to 00-02-4b-a0-78-9f 2.3
3   00-07-0e-b5-4c-3c to 00-07-0e-b5-4c-5d 1.7    12.0(7)W5( 12.0(18)W5(22b)
 
Switch> (enable) reset 3
This command will reset module 3.
Do you want to continue (y/n) [n]? y
2002 Apr 05 15:55:40 %SYS-5-MOD_RESET:Module 3 reset from Console//
Resetting module 3...
Switch> (enable)

    Now, either move the cable over to the L3 module console port, or if you already have a separate connection to the L3 module console port, proceed directly to the next step.

    Note: If for some reason you do not have Telnet or console access to the supervisor, you will have to establish a console connection to the L3 module, physically unscrew the captive installation screws, pull back the ejector levers to unseat it, push back in the L3 module, and tighten it back down. This will also cause the module to reset. However, be aware that no access to the Catalyst 4000 supervisor could indicate a more serious problem with the switch. For more information on troubleshooting procedures, refer to the following document:

  5. Press Break on the terminal keyboard within 60 seconds of the power-up to put the router into ROMmon, as shown in the following example:

    
!-- The 4232-L3 was just reset from the switch, and during bootup a 
!-- break sequence was sent to the 4232-L3. 


! 

*** System received an abort due to Break Key *** 
  

signal= 0x3, code= 0x500, context= 0x813ac158 

PC = 0x802d0b60, Vector = 0x500, SP = 0x80006030

    If the break sequence does not work, refer to the following document for other key combinations:

  6. Issue the confreg 0x2142 command at the rommon 1> prompt to boot from Flash without loading the configuration, as in the following example:

    rommon 1> confreg 0x2142

  7. Issue the reset command at the rommon 2> prompt. The 4232-L3 reboots, but ignores its saved configuration, as in the following example:

    rommon 2> reset 
  
  
ROMMON: Entered init 
ROMMON: Cold Reset frame @0x00000000 
ROMMON: Reading reset reason register 
ROMMON: Valid NVRAM config 

System Bootstrap, Version 12.0(7)W5(15b) RELEASE SOFTWARE 
Copyright (c) 2000 by cisco Systems, Inc. 

ROMMON: Initializing exceptions 
ROMMON: Initializing TLB 
ROMMON: Initializing cache 
ROMMON: Sizing and zeroing main memory ... 64 MBytes 
ROMMON: Sizing nonvolatile memory ... 128 KBytes 
ROMMON: Exiting init 

Catalyst-4232 platform with 65536 Kbytes of main memory 
  

Self decompressing the image : ################################################[OK] 
  
  

Inside platform_power_on_main() 
Inside platform_main() 

Initializing GT64120 and FX1000 Subsystem ... done. 
Downloading TCAM FPGA ... done. 
Initializing Temperature Monitoring Subsystem ... done. 
Self decompressing the image : ################################################[OK] 
Inside platform_power_on_main() 
Inside platform_main() 
  

 Restricted Rights Legend 
  
  

Use, duplication, or disclosure by the Government is 

subject to restrictions as set forth in subparagraph 

(c) of the Commercial Computer Software - Restricted 

Rights clause at FAR sec. 52.227-19 and subparagraph 

(c) (1) (ii) of the Rights in Technical Data and Computer 

Software clause at DFARS sec. 252.227-7013. 
  
  

 cisco Systems, Inc. 

 170 West Tasman Drive 

 San Jose, California 95134-1706 
  
  

Cisco Internetwork Operating System Software 
IOS (TM) L3 Switch/Router Software (CAT4232-IN-M), Version 12.0(18)W5(22b) REL 
Copyright (c) 1986-2002 by cisco Systems, Inc. 
Compiled Fri 08-Feb-02 11:40 by integ 
Image text-base: 0x60010928, database: 0x60616000 
  

Initializing GT64120 and FX1000 Subsystem ... done. 
Downloading TCAM FPGA ... done. 
Initializing Switch Fabric Driver Subsystem ... done. 
Initializing Temperature Monitoring Subsystem ... done. 
cisco Cat4232L3 (R5000) processor with 57344K/8192K bytes of memory. 
R5000 processor, Implementation 35, Revision 2.1 
Last reset from power-on 
1 FastEthernet/IEEE 802.3 interface(s) 
4 Gigabit Ethernet/IEEE 802.3z interface(s) 
123K bytes of nonvolatile configuration memory. 

16384K bytes of Flash internal SIMM (Sector size 256K). 
  
  

--- System Configuration Dialog ---

  8. Type no after the initial configuration question, as in the following example:

    Would you like to enter the initial configuration dialog? [yes/no]: no

Force linkup done for GigabitEthernet4 
Force linkup done for GigabitEthernet3 

Press RETURN to get started! 

00:00:06: %LINK-3-UPDOWN: Interface FX1000, changed state to up 
00:00:06: %LINEPROTO-5-UPDOWN: Line protocol on Interface Controller5, changed p 
00:00:07: %LINK-3-UPDOWN: Interface FastEthernet1, changed state to up 
00:00:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface FX1000, changed statep 
00:00:08: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1, changep 
00:00:55: %SYS-5-RESTART: System restarted -- 
Cisco Internetwork Operating System Software 
IOS (TM) L3 Switch/Router Software (CAT4232-IN-M), Version 12.0(18)W5(22b) REL 
Copyright (c) 1986-2002 by cisco Systems, Inc. 
Compiled Fri 08-Feb-02 11:40 by integ 
00:00:57: %LINK-5-CHANGED: Interface FastEthernet1, changed state to administran 
00:00:58: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1, changen 
00:01:12: WARNING: This will force the link-up with 1000Mbps and Full Duplex se. 
00:01:12:          Make sure the partner port is also forced link up. 

00:01:12: WARNING: This will force the linkup with 1000Mbps and Full Duplex se. 
00:01:12:          Make sure the partner port is also forced link up. 

00:01:14: Shifting IPC's over to fx1000 

00:01:16: %LINK-3-UPDOWN: Interface GigabitEthernet4, changed state to up 
00:01:16: %LINK-3-UPDOWN: Interface GigabitEthernet3, changed state to up 
00:01:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet4, chap 
00:01:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet2, chan 
00:01:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet3, chap 
00:01:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1, chan 

Router>

  9. Issue the enable command at the Router> prompt. You will be in enable mode and see the Router# prompt, as in the following example.

    Note: Issue the configure memory or copy startup-config running-config commands to copy the Nonvolatile RAM (NVRAM) into memory. Do not issue the configure terminal command.

    Router>enable 
Router#copy startup-config running-config 
Destination filename [running-config]? 

1324 bytes copied in 2.35 secs (662 bytes/sec) 
  

GigabitEthernet3 added as member-1 to port-channel1 

GigabitEthernet4 added as member-2 to port-channel1 
 1153 bytes copied in 0.432 secs 
Router# 
00:02:10: %AUTOSTATE-6-SHUT_DOWN: Putting interface Port-channel1.99 into Autose 
Router# 
00:02:12: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up 
00:02:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changep 
Router#

  10. Issue the write terminal or show running-config commands. These commands show the configuration of the router. In the following configuration you see the shutdown command under most of the interfaces, which means these interfaces are currently shutdown. The Gig 3 and Gig 4 interfaces on the 4232-L3 are the internal gig ports to the switch backplane and are up by default.

    Also, you can see the passwords such as enable password, enable secret, vty, and console passwords either in encrypted or unencrypted format. The unencrypted passwords can be reused, but the encrypted ones will have to be changed with a new one.

    Router#show run 
Building configuration... 
Current configuration: 
! 
version 12.0 
no service pad 
service timestamps debug uptime 
service timestamps log uptime 
no service password-encryption 
! 
hostname Router 
! 
enable secret 5 $1$pNhP$nbIOeznhCqoGaFnymkqru/ 
! 
ip subnet-zero 
! 
! 
! 
interface FastEthernet1 
 no ip address 
 no ip directed-broadcast 
 shutdown 
! 
interface GigabitEthernet1 
 no ip address 
 no ip directed-broadcast 
 shutdown 
! 
interface GigabitEthernet2 
 no ip address 
 no ip directed-broadcast 
 shutdown 
! 
interface GigabitEthernet3 
 no ip address 
 no ip directed-broadcast 
 no negotiation auto 
! 
interface GigabitEthernet4 
 no ip address 
 no ip directed-broadcast 
 no negotiation auto 
! 
ip classless 
! 
! 
line con 0 
 transport input none 
line aux 0 
line vty 0 4 
! 
end 

Router#

  11. Issue the configure terminal command and make the changes. Issue the enable secret <password> command to change the enable secret password, as in the following example:

    Router#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z. 
Router(config)#enable secret < password > [Choose a strong password with at least one capital letter, one number, and one special character.] 
Router(config)#^Z 
00:01:54: %SYS-5-CONFIG_I: Configured from console by console

  12. Issue the no shutdown command on every interface that is used. If you issue a show ip interface brief command, every interface that you want to use should be "up up."

    Router#show ip interface brief
Interface                 IP-Address      OK? Method Status                Protocol
FX1000:1                  unassigned      YES unset  up                    up
 
FastEthernet1             unassigned      YES unset  administratively      down down
 
GigabitEthernet1          unassigned      YES unset  administratively      down down

GigabitEthernet2          unassigned      YES unset  administratively      down down

GigabitEthernet3          unassigned      YES unset  up                    up

GigabitEthernet4          unassigned      YES unset  up                    up

Controller5               unassigned      YES unset  up                    up

Router#


Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface GigabitEthernet 1
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#interface GigabitEthernet 2
Router(config-if)#no shutdown

Router(config-if)#

00:02:14: %LINK-3-UPDOWN: Interface GigabitEthernet1, changed state to up

00:02:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface Interface 
GigabitEthernet1, changed state to up
00:02:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface Interface 
GigabitEthernet1, changed state to up

Router(config-if)#^Z

Router#

00:02:35: %SYS-5-CONFIG_I: Configured from console by console

  13. Issue the config-register 0x2102 command, or the value you recorded in Step 2 of this document, as in the following example:

    Router#show version 
Cisco Internetwork Operating System Software 
IOS (TM) L3 Switch/Router Software (CAT4232-IN-M), Version 12.0(18)W5(22b) REL 
Copyright (c) 1986-2002 by cisco Systems, Inc. 
Compiled Fri 08-Feb-02 11:40 by integ 
Image text-base: 0x60010928, database: 0x60616000 

ROM: System Bootstrap, Version 12.0(7)W5(15b) RELEASE SOFTWARE 

Router uptime is 50 minutes 
System restarted by power-on 
Running default software 

cisco Cat4232L3 (R5000) processor with 57344K/8192K bytes of memory. 
R5000 processor, Implementation 35, Revision 2.1 
Last reset from power-on 
1 FastEthernet/IEEE 802.3 interface(s) 
4 Gigabit Ethernet/IEEE 802.3z interface(s) 
123K bytes of nonvolatile configuration memory. 

16384K bytes of Flash internal SIMM (Sector size 256K). 
Configuration register is 0x2142 

Router#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z. 
Router(config)#config-register 0x2102 
Router(config)#

  14. Press Ctrl-z or End to leave the configuration mode. Issue the write memory or copy running-config startup-config commands to commit the changes, as in the following example:

    Router(config)#^Z 
00:03:20: %SYS-5-CONFIG_I: Configured from console by console 
Router#copy running-config startup-config
 
Destination filename [startup-config]? 
 
Building configuration... 

[OK] 

Router#show version 

Cisco Internetwork Operating System Software 
IOS (TM) L3 Switch/Router Software (CAT4232-IN-M), Version 12.0(18)W5(22b)  REL 
Copyright (c) 1986-2002 by cisco Systems, Inc. 
Compiled Fri 08-Feb-02 11:40 by integ 
Image text-base: 0x60010928, database: 0x60616000 

ROM: System Bootstrap, Version 12.0(7)W5(15b) RELEASE SOFTWARE 

Router uptime is 50 minutes 
System restarted by power-on 
Running default software 

cisco Cat4232L3 (R5000) processor with 57344K/8192K bytes of memory. 
R5000 processor, Implementation 35, Revision 2.1 
Last reset from power-on 
1 FastEthernet/IEEE 802.3 interface(s) 
4 Gigabit Ethernet/IEEE 802.3z interface(s) 
123K bytes of nonvolatile configuration memory. 

16384K bytes of Flash internal SIMM (Sector size 256K). 
Configuration register is 0x2142 (will be 0x2102 at next reload) 

Router#

Related Information

Updated: Apr 10, 2006 Document ID: 22424