Solved: Change admin password CIsco Catalyst 2960X

LucaSamioloNemes · ‎12-27-2018

Hello, I'm Luca.

I have a catalyst 2960x and I should change the admin password.

I have just followed the instructions described in the product manual, but continue to keep the old password.

If I use show config I see that the password is changed but if I try on more browers I have to use the old password.

I use the CLI interface to change this password.

Thank you very much for any help

Best regards,

Luca

luis_cordova · ‎12-28-2018

Hi @LucaSamioloNemes,

Try entering this command:

(config)# enable secret TL!2712/am

Regards

View solution in original post

Richard Burts · ‎12-28-2018

I believe that Luis is on the right path. The issue here is that the switch has been configured with both enable password and enable secret. enable password was the older implementation and enable secret was introduced to increase the security. When both enable password and enable secret are present in the configuration then enable password is ignored and enable secret is used. So if the original poster wants the switch to require the new password it must be configured as enable secret. It does not matter what value is configured for enable password when enable secret is present.

HTH

Rick

HTH

Rick

View solution in original post

luis_cordova · ‎12-27-2018

Hi @LucaSamioloNemes,

Could you show us the current settings of your device?

Regards

LucaSamioloNemes · ‎12-27-2018

A Print Screen? or a file?

luis_cordova · ‎12-27-2018

Hi @LucaSamioloNemes,

A print screen its ok.

Regards

LucaSamioloNemes · ‎12-27-2018

Ok. I will share it soon.

Thanks.

LucaSamioloNemes · ‎12-28-2018

Good morning,

in the attachment, show config of my switch.

Thank you.

Luca

luis_cordova · ‎12-28-2018

Hi @LucaSamioloNemes,

Queries:
Do you ask for the password when you try to connect with telnet?
The new password is TL! 2712 / am?
Do you ask for the old password when entering by telnet or to enter privileged mode?

Regards

LucaSamioloNemes · ‎12-28-2018

There, is the new password.

But if I try to log in through ip on browser or with console cable it wants the old password.

I don't understand: because it wants the old password if in the show config it shows the new password…

Thanks

luis_cordova · ‎12-28-2018

Hi @LucaSamioloNemes,

Query:

Did you change the password with the enable secret command as well?

Regards

LucaSamioloNemes · ‎12-28-2018

I follow this instructions:

Setting or Changing a Static Enable Password in this link

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/security/configuration_guide/b_sec_152ex_2960-x_cg/b_sec_152ex_2960-x_cg_chapter_0100.html#task_1020679

luis_cordova · ‎12-28-2018

Hi @LucaSamioloNemes,

Try entering this command:

(config)# enable secret TL!2712/am

Regards

Richard Burts · ‎12-28-2018

I believe that Luis is on the right path. The issue here is that the switch has been configured with both enable password and enable secret. enable password was the older implementation and enable secret was introduced to increase the security. When both enable password and enable secret are present in the configuration then enable password is ignored and enable secret is used. So if the original poster wants the switch to require the new password it must be configured as enable secret. It does not matter what value is configured for enable password when enable secret is present.

HTH

Rick

HTH

Rick

Richard Burts · ‎01-03-2019

I am glad that our suggestions were helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This question is about a subtle aspect of passwords in Cisco IOS and I believe that other participants will benefit from it.

HTH

Rick

HTH

Rick