Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
12632
Views
35
Helpful
16
Replies

C9300 Day 0 Configuration

Go to solution
justin_m
Level 1
Level 1

‎01-09-2020 11:49 AM - edited ‎01-13-2020 09:59 AM

EDIT 13-Jan-2020 - I found an ideal solution for my issue with the help of the posts below and a lot of searching around the Cisco documentation. In my case, I wanted to get back to the WebUI's "Day 0 configuration" tool to attempt to configure the switch that way rather than through command line. Here's what I did:

  • Obtained a console cable (in my case I strung together a USB-to-DB9 converter, an RS485 interface to get from DB9 to RJ45, and finally an ethernet cable) and connected to the rear RJ45 console port of my Catalyst 9300 switch.
  • Used PuTTY to connect to the switch's console
  • Performed a factory reset of the switch (link to Cisco doc explaining how to do this). When the switch powers back on it'll be in ROMMON mode.
  • Downloaded a copy of the IOSXE software from Cisco's website (in my case version 16.09.04) and loaded it onto a USB memory stick
  • Plugged the stick into the front USB-A port of my switch
  • Again from the console/ROMMON mode, performed an emergency-install command of:
    • emergency-install usbflash0:[filename of your cat9k_iosxe... file]
  • The emergency-install command does its thing and when the switch finally finishes booting, the console will give the "Would you like to enter the initial configuration dialog?" prompt. At this point don't type anything into console, go follow the normal directions for setup using the WebUI (login with webui/serial number).

What makes this fix work for me is that is clears the stored configuration files in NVRAM and re-installs the IOS software completely. There was even a console message following the emergency-install saying "Checking backup nvram / No config present. Using default config". That was a very satisfying message to see, in my case.

Thanks to the several folks who helped me troubleshoot this. Hopefully future googlers will find the above helpful.

---- original message below ----

Hello,

I have a brand new, fresh out of the box Cisco C9300-48T-E-V02 switch running IOS 16.9.4 software. I have been following the Cisco Catalyst 9300 Series Switches Hardware Installation Guide to set it up, and was in the process of Chapter 7, "Configuring the Switch Using the Web User Interface".

When I reached the end of the Day 0 configuration wizard, I was met with a message that my session had timed out and I would need to login again. When I attempted to login again, the login credentials (username: webui, password: serial number of switch) were rejected.

Is there any way to "reset" the switch such that I can run the Day 0 configuration wizard again? I have the ability to connect to the switch through the console and have successfully been able to enter CLI commands (note I did not connect to the console until *after* I was locked out of the web interface).

Any guidance would be appreciated, thank you.

-Justin

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to justin_m

‎01-10-2020 10:38 AM

Hi Justin,

 

I apologize, I'm not sure which section of the document you linked would help me get the switch past ROMMON mode and booted completely. Would you be able to elaborate on that? (Also my ROMMON issue is actually on a separate, second switch from the one I'm asking about the web interface for)

Ok, so we are dealing with 2 different issues here, one is the switch that only boots to ROMMON and the other one is the switch that boot the IOS and you are able to console to it and logon to the device and make changes. Is that correct? If this is correct, for the switch you have access to via console/CLI, you don't need password recovery, all you need is to create a username and give it password you desire. 

Also, as far as the loading a config file. Cisco does not provide any config file, the only thing Cisco provides is the IOS (the operating system for the device) you have to build the config yourself as it differs for every implementation.

HTH

View solution in original post

16 Replies 16

Go to solution
paul driver
VIP
VIP

‎01-09-2020 12:25 PM

Hello Justin

Just follow the password recovery procedure stated here


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Go to solution
justin_m
Level 1
Level 1
In response to paul driver

‎01-09-2020 01:09 PM

Hi Paul,

Thanks very much for your reply.

I followed the password recovery procedure you linked, but when I reach Step 6 of the "Procedure with Password Recovery Enabled" section I run into an issue. It appears Step 6 is perhaps missing the Switch(config)# command to change the enable password? I found that elsewhere ("enable password ******", new line, then "end"). Then Step 7 still shows the "(config)" flag on the command prompt, is that right? I wasn't able to issue a "copy" command to "Switch(config)#" but was able to issue the "copy" command in Step 7 once I was back out at just "Switch#" level. Then in Step 8, when I issue the "show boot" command, I am met with a message saying "Current Boot Variables: BOOT variable does not exist ..... Boot Variables on next reload: BOOT variable = flash:packages.conf / Manual boot = no ..." and so on.

 

Any advice on these steps? Thanks again for your help.

-Justin

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to justin_m

‎01-09-2020 01:17 PM

Hi,

"I have the ability to connect to the switch through the console and have successfully been able to enter CLI commands"

If you have access to the switch through the console and you are able to logon and make changes than there is no need for password recovery. All you have to do is to change the username and password to what you want to be.

Password recovery is used only when you have no access to the switch at all.

HTH

 

Go to solution
justin_m
Level 1
Level 1
In response to Reza Sharifi

‎01-09-2020 01:27 PM

Hi Reza,

Thank you for your reply. I perhaps should clarify, I have not lost any passwords and do not necessarily need to recover a password.

My understanding of the Day 0 configuration wizard, through the switch's web interface, can only be accessed initially using the "webui / serial number" user credentials. The serial number is printed on a label on the switch so I have no trouble getting the serial number. The issue is that once those login credentials have been used once, it appears they are then disabled from further use. The first step of the Day 0 configuration wizard is to create a privileged user account, but as I was never able to finish the wizard (my session timed out prior to the final "Submit" button), that privileged user account was never created BUT my Day 0 credentials (webui / serial number) also no longer work.

 

Perhaps the better question is: is there a way through the command line for me to reset all settings on the switch to factory defaults? I don't have any configuration I'm losing at this stage so the ideal scenario would be resetting the switch back to as if it were fresh from the box. Note that I already tried the "factory-reset all" command from this page: [cisco.com]  ... on another switch and it is left with just the ROMMON mode, which is another issue I'm troubleshooting :-(

Thank you again,

Justin

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to justin_m

‎01-09-2020 01:41 PM

Hi Justin,

 

I have never used the web interface on any Cisco device but I know as long as you have access to the switch through the console/cli than you can make any changes you want including factory rest, erase the config, etc... 

I see now that you have the switch in ROMMON mode. Can you try and use this document and see if you can make the switch boot completely? 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-6/configuration_guide/sys_mgmt/b_166_sys_mgmt_9300_cg/b_166_sys_mgmt_9300_cg_chapter_01100.html

HTH

ROMMON Mode and Password Recovery
ROMMON Mode and Password Recovery
youtube.com/watch?v=IzS0ahlVEks
Whether you bought your lab gear online or have a switch that's down and can't come up, you need to know the Cisco ROMMON procedure. It's different on different platforms, but the process is similar. Here, I use ROMMON on a 2950 switch.

Go to solution
justin_m
Level 1
Level 1
In response to Reza Sharifi

‎01-09-2020 03:16 PM

Hi Reza,

I apologize, I'm not sure which section of the document you linked would help me get the switch past ROMMON mode and booted completely. Would you be able to elaborate on that? (Also my ROMMON issue is actually on a separate, second switch from the one I'm asking about the web interface for)

Also, does Cisco provide basic configurations anywhere? For example could I download a basic configuration file, load it to a USB drive, and use the C9300's front USB-A port to load that configuration file to the switch? I found a Youtube tutorial on loading IOS software to a switch, I wasn't sure if that would carry a base-load configuration with it.

I appreciate your help with answering these questions, also. I'm new to configuring managed switches so there's a lot about the CLI that I'm unfamiliar with.

Thanks again,

-Justin

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to justin_m

‎01-10-2020 10:38 AM

Hi Justin,

 

I apologize, I'm not sure which section of the document you linked would help me get the switch past ROMMON mode and booted completely. Would you be able to elaborate on that? (Also my ROMMON issue is actually on a separate, second switch from the one I'm asking about the web interface for)

Ok, so we are dealing with 2 different issues here, one is the switch that only boots to ROMMON and the other one is the switch that boot the IOS and you are able to console to it and logon to the device and make changes. Is that correct? If this is correct, for the switch you have access to via console/CLI, you don't need password recovery, all you need is to create a username and give it password you desire. 

Also, as far as the loading a config file. Cisco does not provide any config file, the only thing Cisco provides is the IOS (the operating system for the device) you have to build the config yourself as it differs for every implementation.

HTH

Go to solution
justin_m
Level 1
Level 1
In response to Reza Sharifi

‎01-10-2020 11:04 AM

Thanks, Reza.
I believe you have answered my original question. I was able to add a username and password with a tutorial I found online, and it allowed me to login to the WebUI's Day 0 configuration tool.
One follow-up question: would reloading IOS onto the switch also reload the original "out of the box" config file?
Thanks again for your help!
0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to justin_m

‎01-10-2020 11:23 AM

One follow-up question: would reloading IOS onto the switch also reload the original "out of the box" config file?

No, so, the IOS sits on flash and you can upgrade and downgrade as needed without effecting the config file. The config file sits on NVRAM and does not get erased unless you reset the switch to factory default or use a command like "write erase" 

Be very careful with this command :-) 

Thanks,

Reza

Go to solution
justin_m
Level 1
Level 1
In response to Reza Sharifi

‎01-13-2020 10:02 AM

Reza,

This message was hugely helpful, actually. I figured out an even better solution to my issue based on your explanation of the difference between NVRAM and flash memory on these switches. I edited my original post to outline what I did, and I was able to get back to the WebUI and a "fresh" default config on the switch. In the process I learned beginner-level command line use so that's a plus.

Thanks again for your help!

-Justin

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to justin_m

‎01-13-2020 11:03 AM

Justin,

You are absolutely welcome. Glad to help.

Good Luck!

Reza

0 Helpful

Go to solution
lucasfreitas83
Level 1
Level 1

‎01-10-2020 09:33 AM

Hello Justin,

 

Try proceed the link bellow

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/hardware/install/b_c9300_hig/b_c9300_hig_chapter_01000.html

 

In resume you need change windows paramenters:

Setting up the DHCP Client Identifier on the client for Windows

Type regedit in the Windows search box on the taskbar and press enter.

If prompted by User Account Control, click Yes to open the Registry Editor.
Navigate to

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\ and locate the Ethernet Interface Global Unique Identifier (GUID).

Add a new REG_BINARY DhcpClientIdentifier with Data 77 65 62 75 69 for webui. You need to manually type in the value.
Figure 1. Setting up DHCP Client Identifier on Windows

 

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future.

Best regards,
Lucas Freitas






Go to solution
justin_m
Level 1
Level 1
In response to lucasfreitas83

‎01-10-2020 10:03 AM

Thanks for your reply, Lucas. I had already performed the steps you listed (to set my computer's DCHP Client Identifier) prior to attempting to access the WebUI.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card