Apr 2023

While trying to reset the password on some Cisco switches, where I did not know the password, I tried to follow several guides online, and they all had some mis information or missing information. So I have put this together from a multitude of sources to hopefully provide something that means you won’t have to go on the journey that I did.

What this guide will show you is how to reset a cisco 3560g or 3560x (and maybe other Cisco switches) password without losing the config. If you don’t care about the existing configuration then at some point in this guide I will tell you to stop using the guide and start using the on screen Cisco prompts.

The steps are very simple, you need to be physically in front of the Cisco switch, connected to the Console port with the blue Cisco cable or in the case of the 3560x you have the option to use the USB console at the front (as well as the blue RJ45 at the rear)

1. Connect the Cisco to your computer serial port, and establish a connection using: 8bit, no stop, 9600 baud. This way as soon as the switch starts to boot you will see it on your console.

2. Ensure that the switch is powered down.

3. With the switch in the powered down state, press and hold the MODE button (top left at the front for 3560x and bottom left at the front for 3560G) you need to hold this button in for 60 seconds.



4. If you held the button long enough, you should see the following on your console:

Using driver version 1 for media type 2 Base ethernet MAC Address: ac:f2:c5:c1:17:00 Xmodem file system is available. The password-recovery mechanism is enabled.

The system has been interrupted prior to initializing the flash filesystem. The following commands will initialize the flash filesystem, and finish loading the operating system software:

flash_init
boot

switch:

This text tells you that you have successfully interrupted the switch boot process.

5. At the switch: console enter the command flash_init

switch: flash_init
Initializing Flash…
mifs[2]: 10 files, 1 directories
mifs[2]: Total bytes : 2097152
mifs[2]: Bytes used : 612352
mifs[2]: Bytes available : 1484800
mifs[2]: mifs fsck took 2 seconds.
mifs[3]: 0 files, 1 directories
mifs[3]: Total bytes : 4194304
mifs[3]: Bytes used : 1024
mifs[3]: Bytes available : 4193280
mifs[3]: mifs fsck took 4 seconds.
mifs[4]: 5 files, 1 directories
mifs[4]: Total bytes : 524288
mifs[4]: Bytes used : 9216
mifs[4]: Bytes available : 515072
mifs[4]: mifs fsck took 0 seconds.
mifs[5]: 5 files, 1 directories
mifs[5]: Total bytes : 524288
mifs[5]: Bytes used : 9216
mifs[5]: Bytes available : 515072
mifs[5]: mifs fsck took 1 seconds.
mifs[6]: 490 files, 11 directories
mifs[6]: Total bytes : 57671680
mifs[6]: Bytes used : 19659776
mifs[6]: Bytes available : 38011904
mifs[6]: mifs fsck took 56 seconds.
…done Initializing Flash.

switch:

This takes around 60 seconds, please be patient and wait for the 'switch:' prompt to appear. If the switch goes past this, then it is booting and you need to start this process again.

6. You will be back at the switch: console prompt, enter the following:
rename flash:config.text flash:config.old (there is no text return for this command)

7. Again, from the switch: console prompt, enter:
boot - to start the switch booting up.

8. You should see an output on the console that starts like this:
Loading “flash:/c3560e-universalk9-mz.122-55.SE5/c3560e-universalk9-mz.122-55.SE5.bin”…@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

9. Eventually you will see the following prompt:

Would you like to enter the initial configuration dialog? [yes/no]:

This is where you have a choice, if you do not care about the switch configuration, then you can say ‘yes’ and enter the Cisco Switch Configuration wizard.

However, if you need to keep the existing switch configuration and just change the password, then you need to enter ‘no’ at this point and carry on with this guide.

10. From the switch: prompt, enter:
en (for enable mode)

11. From the switch: prompt, enter:
rename flash:config.old flash:config.text

When you see this message Destination filename [config.text]? Just press enter.

12. From the switch: prompt, enter:
copy flash:config.text system:running-config

When you see this message Destination filename [running-config]? Just press enter.

Remember, at this point you have loaded the original cisco config, so the prompt name might change.

13. From the switch: prompt, enter:
conf t (configure terminal)

14. The switch: prompt will now be switch(config) prompt, from here we can change the password with: enable password cisco

I am using ‘cisco’ as the password, you can use what you like, just don’t forget it.

15. From the switch(config) prompt, type:
exit

To get back to the top level of the cisco menu, might have to do this twice.

16. To save the configuration enter:
wr mem
Now when you try to enter the switch with:
en
You should be prompted for a password.