Have you lost the network administrator password on a Cisco Nexus switch? If yes, This guide can help you learn how to recover it in different ways. However, before you proceed with the password recovery procedure, here are a couple of things you must know:
What to Do If There Are Two Supervisor Modules on a Device
- If there are two supervisor modules on a device, perform the password recovery procedure on the supervisor module that will remain active after completing the recovery procedure.
- To ensure that the other supervisor module doesn’t become active, you need to either remove it from the chassis or change its console prompt to
loader>
orswitch (boot)#
. Consequently, this will prevent the other module from interfering with the recovery process.
The Two Ways to Recover Admin Password on Nexus Switches
- From the Command Line Interface (CLI) with a user name with network-admin privileges
- By power cycling the device
Steps to Recover Admin Password on Nexus Switches by Using CLI
Step 1: Check if the username has network-admin privileges
- switch# show user-account
user: admin
this user account has no expiry date
roles: network-admin
user:dbgusr
this user account has no expiry date
roles: network-admin network-operator
Step 2: If a username has network-admin privileges, then create a new network admin password.
- switch# configure terminal
- switch(config)# username admin password <new password>
- switch(config)# exit
- switch#
Step 3: Save the changes.
- switch# copy running-config startup-config
Steps to Recover Admin Password on Nexus Switches by Power Cycling
If you cannot recover the password using the above method, you will need to recover the network admin password by power cycling the device using the method discussed below. Note that this password recovery procedure will interrupt all traffic on the device, and you will experience no connections for 2 to 3 minutes.
Before trying any other method, note that you cannot recover the network admin password on a Nexus switch from a Telnet or Secure Shell (SSH) session. Access to the local console connection is mandatory. Furthermore, you cannot use the CMP management interface to recover the password on NX-OS-enabled devices. Cisco Nexus 7000 series switches.
Step 1: Establish a terminal session on the switch’s console and power cycle the switch. Here are the settings for the console:
- Speed— 9600 baud
- Data bits— 8 bits per byte
- Stop bits— 1 bit
- Parity— none
Step 2: Continue to press Ctrl-] during the boot sequence to enter the switch(boot)# prompt mode when you see that the system image is getting loaded. In case you are using earlier versions of Nexus Switches such as Nexus 5000 Series switches that are enabled using Cisco NX-OS 4.0(0)N1(2a), press Ctrl-B(Ctrl+Shift+B) instead of Ctrl-].
Mod 1 2 Post Completed Successfully
Mod 3 Post Completed Successfully
POST is completed
Checking all filesystems….r. done.
Ctrl-]
switch(boot)#
Step 3: Update the network admin password now using the following commands:
switch(boot)# configure terminal
switch(boot-config)# admin-password <new password>
WARNING! Remote Authentication for login through the console has been
disabled
switch(boot-config)# exit
switch(boot)#
Step 4: Then, display the bootflash:
contents to find the image file of Cisco NX-OS software.
switch(boot)# dir. bootflash:
Step 5: Load the image of Cisco NX-OS software. Here, it has been assumed that the system image file name is nx-os.bin:
switch(boot) # load bootflash:nx-os.bin
Step 6: Afterward, log in to the device using the updated network admin password. Subsequently, verify that all configurations are correctly applied and functional.
switch login: admin
Password: <new password>
Step 7 :When you see the following lines, it indicates that local authentication is enabled for logins through a local console rather than a remote console. Therefore, avoid changing the running configuration to ensure the new password will work for future logins. Once you have reset the password, you can enable remote authentication; additionally, make sure to remember the admin password configured on the AAA servers.
switch# show running-config aaa
!Command: show running-config aaa
!Time: Fri Feb 5 02:39:23 2010
version 5.0(2)
logging level aaa 5
aaa authentication login ascii-authentication
Step 8: Next, reset the new password so that it also serves as the SNMP (Simple Network Management Protocol) password. Consequently, this will ensure consistency across your network management protocols.
switch# configure terminal
switch(config)# username admin password <new password>
switch(config)# exit
switch#
Step 9: Now, if needed, you can insert the previously removed supervisor module into the chassis. Afterwards, ensure that the module is properly seated and verify its status.
Step 10: If needed, boot the Cisco NX-OS kickstart image, such as nx-os_kickstart.bin
, on the standby supervisor module. Subsequently, proceed with the necessary updates or configurations.
loader# boot bootflash:nx-os_kickstart.bin
Step 11: Now, load the Cisco NX-OS Update the software on the standby supervisor module if needed. In this case, it is assumed that the system image file name is nx-os.bin
:
switch(boot)# load bootflash:nx-os.bin
Step 12: Finally, save the configuration by running the following command.
Switch # copy running-config startup-config
Gear Net Technologies leads in supplying Cisco Nexus Switches both locally and internationally. Consequently, it has established a strong presence in these markets.