Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2401
Views
0
Helpful
4
Replies

Unable to remotely SSH into my 3750 switch

ckozub015
Level 1
Level 1

‎07-30-2013 05:28 AM - edited ‎03-10-2019 12:23 PM

Hi all:

Stupid question:

I have a switch that is attached to my network at a remote site a few hours away and it is online and functioning, however, I cannot SSH into it.  I believe that someone attempted to configure TACACS on it and didn't do it properly because I can't login with my ACS username and password nor can I login with the local username and password that is configured on the switch.  Any ideas how to resolve this without me driving out there and connecting with a console port??

Thanks,

Chris

Labels:
0 Helpful
4 Replies 4

Peter Paluch
Cisco Employee
Cisco Employee

‎07-30-2013 05:52 AM

Hi Chris,

If someone locked you out by misconfiguring the AAA then I am not sure there is any way into your device except the console. You can surely try accessing the switch using HTTP, HTTPS, Telnet and SNMP but if you have intentionally disabled them (or in case of SNMP, not enabled them for RW access), I am afraid you are out of luck. There are no magic backdoor logins/passwords into Cisco devices as far as I know.

Is there at least someone on the remote location who could connect a PC to the console port and run a TeamViewer or a similar remote session for you so you could remotely control the PC and use it to access the switch via console?

Best regards,

Peter

0 Helpful

cmarva
Level 4
Level 4
In response to Peter Paluch

‎07-30-2013 06:18 AM

or if you're sure that it is misconfigured AAA, you can try deleting the device from ACS (or whatever your tacacs server is).

That should be enough for it to fail and fall back to local login. Just a thought

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to cmarva

‎07-30-2013 06:24 AM

Hi,

Hmmm - not a bad idea! The only uncertain thing is whether the switch actually is configured for a fallback to local authentication - but this is surely worth trying.

Best regards,

Peter

0 Helpful

ckozub015
Level 1
Level 1
In response to Peter Paluch

‎07-30-2013 06:47 AM

Thanks guys.  Those are some good ideas.  Unfortunately the removal option from ACS was unsuccessful.  I'm going to try the route of getting someone to connect to it locally and me remoting into their PC.  Thanks for the help!! 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card