Re: tacacs screw up - can't get into switch!!!

From: Cacca Mucca (caccamucca@gmail.com)
Date: Mon Mar 19 2007 - 04:34:05 ART

• Next message: mohammed shoeb ahmed: "Fwd: Static Multicast route"
• Previous message: Jinhong Im: "Benefits from Cisco to Compaines"
• Maybe in reply to: John Matus: "tacacs screw up - can't get into switch!!!"
• Next in thread: Darby Weaver: "Re: tacacs screw up - can't get into switch!!!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Do a password recovery.

http://www.cisco.com/en/US/products/hw/switches/ps5528/products_command_reference_chapter09186a0080211317.html

On 3/19/07, John Matus <jmatus@pacbell.net> wrote:
>
> i made the mistake of copying and pasting a config into a new switch that
> we
> got @ work.
> after i saved the confige and tried to reload it it got to "hit enter to
> continue" and it just keeps cycling back to that line over and over and
> over
> "hit enter to continue" ......< or it it 'hit return to enter'> (it's
> late)
> anyhow, i can't seem to do password recovery on it b/c i can't get the the
> initial prompt to change it.
> here is my config.....HELP!!! how can i recover my switch and get
> it
> back to default settings????
>
> version 12.0
> no service pad
> service timestamps debug uptime
> service timestamps log uptime
> service password-encryption
> !
> hostname 3560
> !
> enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxx
>
> aaa new-model
> aaa group server tacacs+ TMM
> server 10.1.1.2
> server 10.1,13
> !
> aaa authentication login default group bosco line
> aaa authentication login CONSOLE line
> aaa authorization exec default group bosco none
> aaa accounting exec default start-stop group bosco
> aaa accounting commands 0 default start-stop group bosco
> aaa accounting commands 15 default start-stop group bosco
> !
> !
> !
> !
> !
> clock timezone pDT -8
> clock summer-time pDT recurring
> spanning-tree uplinkfast
> !
> ip subnet-zero
> ip domain-name candy.com
> ip name-server 10.1.1.50
> cluster enable candy 0
> cluster member 1 mac-address xxxx.xxxx.xxxx
> cluster member 2 mac-address xxxx.xxxx.xxxx
> cluster member 3 mac-address xxxx.xxxx.xxxx
> cluster member 4 mac-address xxxx.xxxx.xxxx
> cluster member 5 mac-address xxxx.xxxx.xxxx
> cluster member 6 mac-address xxxx.xxxx.xxxx
> !
> !
> !
> interface FastEthernet0/1
> !
> interface FastEthernet0/2
> !
> interface FastEthernet0/3
> !
> interface FastEthernet0/4
> !
> interface FastEthernet0/5
> !
> interface FastEthernet0/6
> !
> interface FastEthernet0/7
> !
> interface FastEthernet0/8
> !
> interface FastEthernet0/9
> !
> interface FastEthernet0/10
> !
> interface FastEthernet0/11
> !
> interface FastEthernet0/12
> !
> interface FastEthernet0/13
> spanning-tree portfast
> !
> interface FastEthernet0/14
> !
> interface FastEthernet0/15
> !
> interface FastEthernet0/16
> !
> interface FastEthernet0/17
> !
> interface FastEthernet0/18
> !
> interface FastEthernet0/19
> !
> interface FastEthernet0/20
> !
> interface FastEthernet0/21
> !
> interface FastEthernet0/22
> !
> interface FastEthernet0/23
> !
> interface FastEthernet0/24
> !
> interface FastEthernet0/25
> !
> interface FastEthernet0/26
> !
> interface FastEthernet0/27
> !
> interface FastEthernet0/28
> !
> interface FastEthernet0/29
> !
> interface FastEthernet0/30
> !
> interface FastEthernet0/31
> !
> interface FastEthernet0/32
> !
> interface FastEthernet0/33
> !
> interface FastEthernet0/34
> !
> interface FastEthernet0/35
> !
> interface FastEthernet0/36
> !
> interface FastEthernet0/37
> !
> interface FastEthernet0/38
> !
> interface FastEthernet0/39
> !
> interface FastEthernet0/40
> !
> interface FastEthernet0/41
> !
> interface FastEthernet0/42
> !
> interface FastEthernet0/43
> !
> interface FastEthernet0/44
> !
> interface FastEthernet0/45
> !
> interface FastEthernet0/46
> !
> interface FastEthernet0/47
> !
> interface FastEthernet0/48
> !
> interface GigabitEthernet0/1
> !
> interface GigabitEthernet0/2
> !
> interface VLAN1
> ip address 10.1.1.1 255.255.255.0
> no ip directed-broadcast
> ip nat outside
> !
> ip default-gateway 10.1.1.254
> ip nat inside source list 199 interface VLAN1 overload
> access-list 199 dynamic Cluster-NAT permit ip any any
> snmp-server engineID local xxxxxxxxxxxxxxxxxxxx
> snmp-server community name RW
> snmp-server community name1 rw
> tacacs-server host 10.1.1.2
> tacacs-server host 10.1.1.3
> tacacs-server key whatever
> !
> line con 0
> transport input none
> stopbits 1
> line vty 0 4
> password 7 xxxxxxxxxxxx
> line vty 5 15
> password 7 xxxxxxxxxxxx
> !
> ntp clock-period 11259163
> ntp server 10.1.1.4
> end
>
>
> John D. Matus
> MCSE, CCNP
> Home (818) 782-2061
> Work (626) 568-7716
> Cell (818) 430-8372
> jmatus@pacbell.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: mohammed shoeb ahmed: "Fwd: Static Multicast route"
• Previous message: Jinhong Im: "Benefits from Cisco to Compaines"
• Maybe in reply to: John Matus: "tacacs screw up - can't get into switch!!!"
• Next in thread: Darby Weaver: "Re: tacacs screw up - can't get into switch!!!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Apr 01 2007 - 06:35:51 ART