Cisco Catalyst 8500 and 8500L Series Edge Platforms Software Configuration Guide

PDF

Factory reset

Updated: February 6, 2026

Want to summarize with AI?

Log in

Overview

Explains the process of clearing configurations and personal data to restore the device to a functional default state. Use this feature when decommissioning, repurposing, or recovering a compromised router.

About factory reset

Factory Reset is a process of clearing the current running and start-up configuration information on a device, and resetting the device to an earlier, fully-functional state.

The factory reset process uses the factory-reset all command to take backup of existing configuration, and then reset the router to an earlier, fully functional state. The duration of the factory reset process is dependent on the storage size of the router. It can vary between 30 minutes on a C8500 consolidated platform, and up to 3 hours on a high availability setup.

From Cisco IOS XE Bengaluru 17.6 release and later, you can use the factory-reset all secure command to reset the router and securely clear the files stored in the bootflash memory.

Table 1. Data erased or retained during Factory Reset
Command Name Data Erased Data Retained
factory-reset all secure

Non-volatile random-access memory (NVRAM) data

Data from remote field-replaceable units (FRUs).

OBFL (Onboard Failure Logging) logs

Value of configuration register

From Cisco IOS XE 17.14.1a, the value of the configuration register can be erased using the factory-reset all secure command on C8500L-8S4X.

Licenses

Contents of USB

User data, startup, and running configuration

Credentials (Secure Unique Device Identifier [SUDI] certificates, public key infrastructure (PKI) keys, and FIPS-related keys)

ROMMON variables

All writeable file systems and personal data.

Note

If the current boot image is a remote image or stored on a USB, NIM-SSD, or such, ensure that you take a backup of the image before performing factory reset.
factory-reset keep-licensing-info

  • License Boot level configuration

  • Throughput level configuration

  • Smart license transport type

  • Smart license URL data

  • Real User Monitoring (RUM) Reports (open/unacknowledged license usage report)

  • Usage reporting details (last ACK received, next ACK scheduled, last/next report push)

  • Unique Device Identification (UDI) trust codes

  • Customer policy received from CSSM

  • SLAC, SLR authorization codes return codes

  • Factory installed purchase information

After the factory reset process is complete, the router reboots to ROMMON mode. If you have the zero-touch provisioning (ZTP) capability setup, after the router completes the factory reset procedure, the router reboots with ZTP configuration.

Software and hardware support for factory reset

This feature is supported on all Cisco Catalyst 8500 and 8500L Series Edge Platforms. Factory Reset process is supported on standalone routers as well as on routers configured for high availability.

Prerequisites for performing factory reset

Ensure that these prerequisites are met before performing a Factory Reset.

  • Ensure that all the software images, configurations and personal data is backed up before performing factory reset.

  • Ensure that there is uninterrupted power supply when factory reset is in progress.

  • The factory reset process takes a backup of the boot image if the system is booted from an image stored locally (bootflash or hard disk). If the current boot image is a remote image or stored on an USB, NIM-SSD or such, ensure that you take a backup of the image before performing factory reset.

  • The factory-reset all secure command erases all files, including the boot image, even if the image is stored locally. If the current boot image is a remote image or stored on a USB, NIM-SSD, or such, ensure that you take a backup of the image before performing secure factory reset.

  • Ensure that ISSU/ISSD (In- Service Software Upgrade or Downgrade) is not in progress before performing factory reset.

Restrictions for performing a factory reset

These are some of the restrictions to know before you perform a Factory Reset.

  • Any software patches that are installed on the router are not restored after the factory reset operation.

  • If the factory reset command is issued through a Virtual Teletype (VTY) session, the session is not restored after the completion of the factory reset process.

When to perform factory reset

This topics outlines some of the scenarios when you can perform a Factory Reset.

  • Return Material Authorization (RMA): If a router is returned back to Cisco for RMA, it is important that all sensitive information is removed.

  • Router is compromised: If the router data is compromised due to a malicious attack, the router must be reset to factory configuration and then reconfigured once again for further use.

  • Repurposing: The router needs to be moved to a new topology or market from the existing site to a different site.

How to perform a factory reset

Procedure

1.

Log in to a Cisco Catalyst 8500 or 8500L device.

If the current boot image is a remote image or is stored in a USB or a NIM-SSD, ensure that you take a backup of the image before starting the factory reset process.
2.

This step is divided into two parts (a and b). If you need to retain the licensing information while performing the factory-reset command, follow step 2. a. If you do not need to retain the licensing information and want all the data to be erased, perform step 2. b.

  1. Execute factory-reset keep-licensing-info command to retain the licensing data.

    The system displays the following message when you use the factory-reset keep-licensing-info command:

    Router# factory-reset keep-licensing-info
    The factory reset operation is irreversible for Keeping license usage. 
Are you sure? [confirm]
This operation may take 20 minutes or more. Please do not power cycle.

Dec 1 20:58:38.205: %PMAN-5-EXITACTION: R0/0: pvp: Process manager is exiting: process exit with
reload chassis code
/bootflash failed to mount
Dec 01 20:59:44.264: Factory reset operation completed.
Initializing Hardware ...

Current image running: Boot ROM1

Last reset cause: LocalSoft

ISR4331/K9 platform with 4194304 Kbytes of main memory
rommon 1

  2. Execute the factory-reset all secure 3-pass command to securely erase all data.

    The system displays the following message when you use the factory-reset all secure 3-pass command:

    Router# factory-reset all secure 3-pass

    
The factory reset operation is irreversible for securely reset all. 
Are you sure? [confirm]
This operation may take hours. Please do not power cycle.

*Jun 19 00:53:33.385: %SYS-5-RELOAD: Reload requested by Exec. 
Reload Reason: Factory Reset.Jun 19 00:53:42.856: %PMAN-5-EXITACTION:

Enabling factory reset for this reload cycle
  Jun 19 00:54:06.914: Factory reset secure operation. Write 0s. 
Please do not power cycle.
 
  Jun 19 02:40:29.770: Factory reset secure operation completed.
Initializing Hardware ....
3.

Enter confirm to proceed with the factory reset.

Note

The duration of the factory reset process depends on the storage size of the router. It can extend between 30 minutes and up to 3 hours on a high availability setup. If you want to quit the factory reset process, press the Escape key.

What happens after a factory reset

After the factory reset is successfully completed, the router boots up. However, before the factory reset process started, if the configuration register was set to manually boot from ROMMON, the router stops at ROMMON.

After you configure Smart Licensing, execute the #show license status command, to check whether Smart Licensing is enabled for your instance.

Note

If you had Specific License Reservation enabled before you performed the factory reset, use the same license and enter the same license key that you received from the smart agent.