To perform password recovery on most Cisco devices, you will need console access to it. The same goes with the Cisco ACE Service Modules as well. If the ACE is not local to you or if you cannot establish a console connection for any other reason, and if you are required to gain admin access to the module, use the following procedure to recover the admin password.
This document describes the procedure to perform password recovery on ACE SM using the Catalyst6500 platform's EOBC Channel, but can also be used for ACE on 7600 Routing Platform. (More about EOBC at the end of this document).
NOTE: If you have console access and if you need to recover ACE SM password, please follow this link.
Step-1: Login to the Catalyst 6500 Switch where the ACE module is slotted.
Step-2: From the CAT65K, issue command "hw-module module x boot rom-monitor" to force the ACE module in slot x to boot into ROMMON.
In this example, the module is in slot 7of the Catalyst 6500 switch.
Cat6K#hw-module module 7 boot rom-monitor Boot option for module 7 is set to 3 Cat6K#
Step-3: Login to the console of the supervisor engine of the CAT65k switch.
Cat6K#remote login switch Trying Switch ... Entering CONSOLE for Switch Type "^C^C^C" to end this session
Step-4: From the supervisor console, establish remote console to the ACE module. (You should wait long enough for the module to shutdown and then boot into ROMMON - from Step-2)
NOTE: For this console to work, the module has to be in ROMMON mode. If not, the switch will return "Card in slot X is not in ROMMON" message.
Cat6K-sp#svclc console 7 Entering svclc ROMMON of slot 7 ...
Type "end" to end the session.
Step-5: Once you get in to the ACE module’s ROMMON, you can issue the command "confreg", and go with options y, y, n, n for the prompts. By doing this we are trying to bypass the start-up configuration.
do you wish to change the configuration? y/n [n]: y enable "ignore system config info"? y/n [n]: y change the boot characteristics? y/n [n]: n Configuration Summary (Virtual Configuration Register: 0x1) enabled are: console baud: 9600 boot: the file specified in BOOT variable
do you wish to change the configuration? y/n [n]: n
Step-6: Now boot the module into the ACE software that is stored stored on disk by issuing "boot" command.
rommon 2 > boot End of tunneling command.
Step-7: The module should boot into the ACE software stored on the disk, but it will bypass the startup configuration. Once the module boots up you can login with default (admin/admin) credentials.
Cat6K#session slot 7 processor 0 The default escape character is Ctrl-^, then x. You can also type 'exit' at the remote prompt to end the session
Trying 127.0.0.70 ... Open
switch login: admin Password:
Step-8: Copy the startup-config from NVRAM to running-config and change the Admin credentials.
switch/Admin# copy startup-config running-config
NOTE: Processing has started for applied config
ACE/Admin# ACE/Admin# configure Enter configuration commands, one per line. End with CNTL/Z. ACE/Admin(config)# username admin password ? 0 Password for the user (clear text) 5 Strongly encrypted password <WORD> Password for the user (clear text) (Max Size - 64)
EOBC (Ethernet Out-Of-Band Channel)
EOBC is a type of control bus used more for administrative communication between supervisors and line cards / service modules. It is used for Line Control Processor (LCP) code download and communication between the Network Management Processor (NMP) and LCP's. Serial Control Protocol (SCP) is used for supervisor and line cards communication over this channel while Serial Link Protocol (SLP) is used for communication between redundant supervisors.
- Santhosh S
To receive the latest information on Cisco online tools, certifications, support documentation, insights from Cisco experts and peers, and upcoming events, check out the Cisco Technical Services Newsletter today.
Hi, I am not able re-sequence the ACL on Nexus 7000.Getting below error.---------------------------------------resequence ip access-list testACLin 11 2ERROR: This operation is not allowed when user session is active Please help.
Hello Team,We have a typical requirement from business to avoid outage at our datacenter.For your reference i am attaching a visio about current and future setup planning.We have man links between our data centers currently 2 X 10 Gig links running on por...
We recently have purchased Nexus 93180YC-EX switches and require to use 100Mb port speed with the GLC-TE transceivers. The data sheet doesn't mention this switch can support 100Mb port. However another cisco discussion indicates it may be supported? ...
Hi!Today i've tried to configure up a ISL port-channel between an older Nexus 5548 and a brand new MDS 9148t. Now, the issue/problem is that on one fabric, everything works perfectly, and the port-channel is up and running with it's 2 members. O...