Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4120
Views
0
Helpful
1
Replies

Resolved: Can't Factory Reset 3650 - No access to config

aarond
Level 1
Level 1

‎10-12-2015 04:03 AM

I stupidly wrote a config to startup that meant I have no access to the config anymore.

 

I tried factory resetting the node by using the physical button on the front - Holding it in for three seconds until the lights flash, then keeping it held in for another 7 seconds (I also tried varied time lengths, up to minutes at a time) at which point the node is supposed to reboot into a config-less mode. This doesn't work.

 

I also tried holding the mode button down as the switch powers up.

 

The commands I ran before saving are below. No access via "Aux". SSH only over Console (Is that even possible?). And the only IP address is on VLAN 115, which is not attached to any ports.

 

Can anyone tell me how I might possibly fix this? 

 


! =======Go to Privileged Mode
config t

! =======Set the hostname
hostname ExternalSwitch

! =======Set the password to access Privileged Mode to 'privpass'
enable secret privpass            ! - NOTE: 'secret' creates an encrypted password to access the privileged mode

! =======Edit Console settings
line con 0                        ! There is only one Console line.
password consolepass              ! Password to be changed - but will not be used.
login                             ! Specify that you must log in if using this line.
transport input ssh               ! Only allow SSH through the Console line.
exec-timeout 5 0                  ! Revoke privileges after 5 minutes and 0 seconds of inactivity (Default is 10 minutes).
exit                              ! Stop editing settings for this line.

! =======Edit Auxiliary settings
line aux 0                        ! There is only one Auxiliary line.
password auxpass                  ! Password to be changed - but will not be used.
no login                          ! Specify that this line cannot be used as we have no Aux Port. Security measure only.
exit                              ! Stop editing settings for this line.

! =======Edit vty settings - These are what will be used 99% of the time.
line vty 0 15                     ! There are 16 vty lines, 0 to 15.
password nologinpass              ! Password to be changed - but will not be used.
no login                          ! Specify that these lines cannot be used as security measure. We will activate 2 lines next
exit                              ! Stop editing settings for these line.

line vty 0 1                      ! Now edit two vty lines. We have no need for more than two people to log in at once. This edits vty line 0 and line 1.
password vtypass                  ! Password to be changed - but will not be used.
login local                       ! Specify that you must log in if using this line. Local means you will use a local username - Required for SSH log in.
transport input ssh               ! Only allow SSH through the VTY line.
exec-timeout 5 0                  ! Revoke privileges after 5 minutes and 0 seconds of inactivity (Default is 10 minutes).
exit                              ! Stop editing settings for these line.

! =======So far, the line passwords are not encrypted.
! =======The next line encrypts all plain-text passwords.
service password-encryption

! =======Warning message to be shown BEFORE logging in.
banner login $

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=   Property of example.com         =
=====================================
= UNAUTHORIZED ACCESS IS PROHIBITED =
=====================================
=Contact admin@example.com for access=
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

$

! =======Set up IP access to switch
interface vlan 115                           ! VLAN to use can be decided later. 115 used to match with SSH VLAN
ip address 192.168.115.150 255.255.255.0     ! Used IP address I believe is free.
no shutdown                                  ! Prevent the VLAN Virtual Interface from shutting down due to inactivity.
exit

! =======Set up SSL Access
ip domain-name internal.example.com  ! Requires a domain-name
! =======Generate an RSA key pair with a modulus of 4096 (max) and call it externalswitch.example....
crypto key generate rsa general-keys modulus 4096 label externalswitch.internal.example.com
ip ssh version 2                     ! Force SSH version 2.

! =======Create a user named admin
username admin privilege 15 secret adminspass    ! Privilege 15 = admin

! =======Add admin's RSA key to the trusted list
ip ssh pubkey-chain
username admin                    ! Unsername to associate with this RSA key.
key-string                        ! Let the switch know we are going to enter the string from the users public key
ssh-rsa 
RSA KEY GOES HERE== 
exit                              ! Defines the end of the RSA key.
exit                              ! Exit the public-key settings for this user.
exit                              ! Exit the public-key settings.

 

 

Labels:
0 Helpful
1 Reply 1

aarond
Level 1
Level 1

‎10-13-2015 04:46 AM

---RESOLVED---

 

It appears that I had a faulty Console cable. As I used the USB console on the switch to connect.

 

I have successfully deleted the startup-config.

 

If you are reading this, thank you for taking the time to do so. Sorry about wasting your time.

0 Helpful
Customers Also Viewed These Support Documents