To perform password recovery on most Cisco devices, you will need console access to it. The same goes with the Cisco ACE Service Modules as well. If the ACE is not local to you or if you cannot establish a console connection for any other reason, and if you are required to gain admin access to the module, use the following procedure to recover the admin password.
This document describes the procedure to perform password recovery on ACE SM using the Catalyst6500 platform's EOBC Channel, but can also be used for ACE on 7600 Routing Platform. (More about EOBC at the end of this document).
NOTE: If you have console access and if you need to recover ACE SM password, please follow this link.
Step-1: Login to the Catalyst 6500 Switch where the ACE module is slotted.
Step-2: From the CAT65K, issue command "hw-module module x boot rom-monitor" to force the ACE module in slot x to boot into ROMMON.
In this example, the module is in slot 7of the Catalyst 6500 switch.
Cat6K#hw-module module 7 boot rom-monitor Boot option for module 7 is set to 3 Cat6K#
Step-3: Login to the console of the supervisor engine of the CAT65k switch.
Cat6K#remote login switch Trying Switch ... Entering CONSOLE for Switch Type "^C^C^C" to end this session
Step-4: From the supervisor console, establish remote console to the ACE module. (You should wait long enough for the module to shutdown and then boot into ROMMON - from Step-2)
NOTE: For this console to work, the module has to be in ROMMON mode. If not, the switch will return "Card in slot X is not in ROMMON" message.
Cat6K-sp#svclc console 7 Entering svclc ROMMON of slot 7 ...
Type "end" to end the session.
Step-5: Once you get in to the ACE module’s ROMMON, you can issue the command "confreg", and go with options y, y, n, n for the prompts. By doing this we are trying to bypass the start-up configuration.
do you wish to change the configuration? y/n [n]: y enable "ignore system config info"? y/n [n]: y change the boot characteristics? y/n [n]: n Configuration Summary (Virtual Configuration Register: 0x1) enabled are: console baud: 9600 boot: the file specified in BOOT variable
do you wish to change the configuration? y/n [n]: n
Step-6: Now boot the module into the ACE software that is stored stored on disk by issuing "boot" command.
rommon 2 > boot End of tunneling command.
Step-7: The module should boot into the ACE software stored on the disk, but it will bypass the startup configuration. Once the module boots up you can login with default (admin/admin) credentials.
Cat6K#session slot 7 processor 0 The default escape character is Ctrl-^, then x. You can also type 'exit' at the remote prompt to end the session
Trying 127.0.0.70 ... Open
switch login: admin Password:
Step-8: Copy the startup-config from NVRAM to running-config and change the Admin credentials.
switch/Admin# copy startup-config running-config
NOTE: Processing has started for applied config
ACE/Admin# ACE/Admin# configure Enter configuration commands, one per line. End with CNTL/Z. ACE/Admin(config)# username admin password ? 0 Password for the user (clear text) 5 Strongly encrypted password <WORD> Password for the user (clear text) (Max Size - 64)
EOBC (Ethernet Out-Of-Band Channel)
EOBC is a type of control bus used more for administrative communication between supervisors and line cards / service modules. It is used for Line Control Processor (LCP) code download and communication between the Network Management Processor (NMP) and LCP's. Serial Control Protocol (SCP) is used for supervisor and line cards communication over this channel while Serial Link Protocol (SLP) is used for communication between redundant supervisors.
- Santhosh S
To receive the latest information on Cisco online tools, certifications, support documentation, insights from Cisco experts and peers, and upcoming events, check out the Cisco Technical Services Newsletter today.
Hello,we have a UCS mini implementation with a pair of FI6324s and we would like to acquire a pair of Nexus switches which will be strictly used for the interconnection between the FIs and 3 Netapp AFF C190 Storage Arrays. The blades (four actually) are B...
Hi All, Is there any CLI command available on Cisco ACI Leaf to check the live traffic statistics on particular interface...as like we are checking with IOS / NX-OS with "sh interface eth1/2" This command is working on Leaf But not showing...
I'm trying to find some documentation for the MDS9148S Switch that proves the support of the following port types: F_Port (Fabric), M_Port (Mirror Port) and E_Port (Switch-to-Switch). I easily found F_Port and E_Port:Fiber Channel standard port types...
I am trying to find out where zoning changes are logged to. For example, an admin creates a new zone, adds it to the active zoneset and commits the changes (we usually do this via CLI). A little while later we get a report of an issue and...
Hi Cisco experts, I need your help to understand why the VRFs have to be configured with a set of "route-target both auto" and "route-target both auto evpn" in a Fabric with VXLAN BGP EVPN. Knowing that the Fabric can work normally with a set of ...