You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close

Cisco Switch Firmware - Password Bypass


Overview

Cisco switches at factory default ask the user to change the login username and password on first connection. On older firmware, this process could be bypassed to leave the default settings of cisco/cisco.

Newer Cisco firmware has removed the ability to bypass, and now require the user to set a new username and password before allowing further configuration.

JADConfig v5.2.8.0 cannot currently bypass this prompt. You will need to apply either the webUI or CLI fix below before running JADConfig.


Affected Versions

  • Cisco SG300/SG500/SG500X
    • Firmware v1.4.5.02 and earlier do NOT have the problem
    • Firmware v1.4.10.06 and later HAVE the problem
  • Cisco SG350/SG550X
    • Firmware v2.2.8.04 and earlier do NOT have the problem
    • Firmware v2.5.0.90 HAS the problem

Fix

Correct the username/password issue via either the webUI or CLI.

Via webUI

  1. Login to the default switch with username/password cisco/cisco
  2. Set new username of hello and password of Goodbye007 on the window in the picture below. The actual username/password doesn't matter, as we will be removing it later.

  1. Once logged in, change the Display Mode to Advanced in the dropdown in the top-right corner

  1. On the left menu, select the Security tab and the Password Strength submenu.
  2. Uncheck Password Aging and Password Complexity Settings
  3. Click Apply

  1. On the left menu, select the Administration tab and the User Accounts submenu.
  2. In the User Account Table, click the Add button
  3. Create a User Name of cisco with a password of cisco and click Apply.

  1. Click the blinking Save button on the top bar to the left of the Display Mode and Language dropdown boxes. This will save the changes that have been made.
  2. Power-cycle the switch and run JADConfig. Done!


via CLI

  1. Connect to the switch with a console cable (same as the console connection used in JADConfig)
  2. Open PuTTY and connect to the switch at baud rate 115200
  3. Hit the enter key until the switch prompt reads Username:

  1. Enter the commands below one by one, hitting enter between them, to create a temporary username, remove username/password restrictions, reapply the default username/password of cisco/cisco, and save changes.

cisco
cisco
hello
Goodbye007
Goodbye007
config
passwords aging 0
no passwords complexity enable
username cisco privilege 15 password cisco
no user hello
end
write
y

  1. Power-cycle the switch and close PuTTY.
  2. Run JADConfig as usual. Done!
  • 343
  • 08-Nov-2019
  • 895 Views