Cisco - Password Recovery Procedure for the Wireless LAN

Cisco - Password Recovery Procedure for the Wireless LAN
Password Recovery Procedure for the Wireless
LAN Controller Module (WLCM) and Wireless
Services Module (WiSM)
Document ID: 71094
Introduction
Prerequisites
Requirements
Conventions
Reset the WLCM to Default Settings
Reset the WiSM to Default Settings
NetPro Discussion Forums − Featured Conversations
Related Information
Introduction
This document describes how to recover a password or to restore the default settings on a Cisco Wireless
LAN Controller Module (WLCM) installed on a Cisco Integrated Services Router (ISR) and the Cisco
Wireless Services Module (WiSM) installed on a Catalyst 6500 Series Switch with the Supervisor 720.
Note: If you use the Cisco Wireless Control System (WCS) in order to manage the WLCM or WiSM, you
should be able to access the controller from the WCS and create a new admin user without logging into the
controller itself. Or, if you did not save the configuration on the controller after you deleted the user, then a
reboot (power cycling) of the controller should bring it back up with the deleted user still in the system. If you
do not have the default admin account or another user account with which you can log in, your only option is
to default the controller to factory settings and reconfigure it from scratch.
Prerequisites
Requirements
There are no specific requirements for this document.
Conventions
Refer to Cisco Technical Tips Conventions for more information on document conventions.
Reset the WLCM to Default Settings
When the password to login to the WLCM is lost, the only way to get into the WLCM is to reset the WLCM
back to default settings. This also means that the entire configuration on the WLCM is reset and has to be
configured from scratch.
Complete these steps in order to reset the WLCM to factory default settings.
1. Go to the CLI on the ISR and type this command.
Cisco − Password Recovery Procedure for the Wireless LAN Controller Module (WLCM) and Wireless Servi
2811ISR#service−module wlan−controller slot/port reset
This command performs a hardware reset on the WLCM. When this command is executed, the user is
prompted to confirm the reset. When the user presses Enter, the reset begins. This output shows an
example.
2811ISR#service−module wlan−controller 2/0 reset
Use reset only to recover from shutdown or failed state
Warning: May lose data on the hard disc!
Do you want to reset?[confirm]
Trying to reset Service Module wlan−controller2/0.
[Resuming connection 1 to 192.168.11.1 ... ]
2. When the reset begins, the console switches back to the ISR CLI. Press Enter in order to switch back
to the WLCM CLI.
Note: The console switches back to the controller only if there is an open session that was previously
established on the controller. If there is no open session on the controller, use the service−module
wlan−controller 2/0 session command in order to open a new session on the controller.
The boot process on the WLCM starts.
During the boot process on the WLCM, the user has to break into the boot loader by pressing Esc in
order to see the additional options. This output shows an example.
Initializing memory. Please wait.
BIOS Version: SM 02.00
BIOS Build date: 09/17/02
System Now Booting ...
256 MB SDRAM detected
Booting from disk..., please wait.
Cisco Bootloader Loading stage2...
Cisco Bootloader (Version 3.2.116.21)
.o88b. d888888b .d8888.
d8P Y8
`88'
88' YP
8P
88
`8bo.
8b
88
`Y8b.
Y8b d8
.88.
db
8D
`Y88P' Y888888P `8888Y'
.o88b.
d8P Y8
8P
8b
Y8b d8
`Y88P'
.d88b.
.8P Y8.
88
88
88
88
`8b d8'
`Y88P'
Booting Primary Image...
Press <ESC> now for additional boot options...
Boot Options
Please choose an option from below:
1.
2.
3.
4.
5.
Run primary image (Version 3.2.116.21) (active)
Run backup image (Version 3.2.116.21)
Manually upgrade primary image
Change active boot image
Clear Configuration
3. Choose 5. Clear Configuration.
Cisco − Password Recovery Procedure for the Wireless LAN Controller Module (WLCM) and Wireless Servi
This is the only option that resets the password along with the controller configuration. This means
you need to reconfigure the rest of the box again. This output shows an example.
Please choose an option from below:
1.
2.
3.
4.
5.
Run primary image (version 3.2.116.21) (active)
Run backup image (version 3.1.87.0)
Manually update images
Change active boot image
Clear Configuration
Please enter your choice: 5
4. Once you enter this option, the WLCM is reset to factory default settings. After the reset, the WLCM
automatically enters the CLI startup wizard and you are prompted for the startup configuration which
includes the username/password. Complete the startup configuration wizard in order to access the
WLCM. This output shows an example.
Please enter your choice: 5
Detecting hardware . . . .
Clearing system configuration: done.
Configuration has been cleared.
Restarting...
Initializing memory. Please wait.
BIOS Version: SM 02.00
BIOS Build date: 09/17/02
System Now Booting ...
256 MB SDRAM detected
Booting from disk..., please wait.
Cisco Bootloader Loading stage2...
Cisco Bootloader (Version 3.2.116.21)
.o88b. d888888b .d8888.
d8P Y8
`88'
88' YP
8P
88
`8bo.
8b
88
`Y8b.
Y8b d8
.88.
db
8D
`Y88P' Y888888P `8888Y'
.o88b.
d8P Y8
8P
8b
Y8b d8
`Y88P'
.d88b.
.8P Y8.
88
88
88
88
`8b d8'
`Y88P'
Booting Primary Image...
Press <ESC> now for additional boot options...
Detecting hardware . . . .
Generating Secure Shell DSA Host Key ...
Generating Secure Shell RSA Host Key ...
Generating Secure Shell version 1.5 RSA Host Key ...
Cisco is a trademark of Cisco Systems, Inc.
Software Copyright Cisco Systems, Inc. All rights reserved.
Cisco AireOS Version 3.2.116.21
Initializing OS Services: ok
Initializing Serial Services: ok
Initializing Network Services: ok
Starting ARP Services: ok
Starting Trap Manager: ok
Starting Network Interface Management Services: ok
Starting System Services: ok
Cisco − Password Recovery Procedure for the Wireless LAN Controller Module (WLCM) and Wireless Servi
Starting Fast Path Hardware Acceleration: ok
Starting Switching Services: ok
Starting QoS Services: ok
Starting FIPS Features: Not enabled
Starting Policy Manager: ok
Starting Data Transport Link Layer: ok
Starting Access Control List Services: ok
Starting System Interfaces: ok
Starting LWAPP: ok
Starting Crypto Accelerator: Not Present
Starting Certificate Database: ok
Starting VPN Services: ok
Starting Security Services: ok
Starting Policy Manager: ok
Starting Authentication Engine: ok
Starting Mobility Management: ok
Starting Virtual AP Services: ok
Starting AireWave Director: ok
Starting Network Time Services: ok
Starting Broadcast Services: ok
Starting Logging Services: ok
Starting DHCP Server: ok
Starting IDS Signature Manager: ok
Starting RFID Tag Tracking: ok
Starting RBCP: ok
Starting Management Services:
Web Server: ok
CLI: ok
Secure Web: Web Authentication Certificate not found (error).
(Cisco Controller)
Welcome to the Cisco Wizard Configuration Tool
Use the '−' character to backup
System Name [Cisco_e8:38:c0]: WLCM
Enter Administrative User Name (24 characters max): admin
Enter Administrative Password (24 characters max): *****
Management
Management
Management
Management
Management
Management
Interface
Interface
Interface
Interface
Interface
Interface
IP Address: 172.16.1.60
Netmask: 255.255.0.0
Default Router: 172.16.1.1
VLAN Identifier (0 = untagged):
Port Num [1]: 1
DHCP Server IP Address: 172.16.1.1
AP Manager Interface IP Address: 172.16.1.61
AP−Manager is on Management subnet, using same values
AP Manager Interface DHCP Server (172.16.1.1):
Virtual Gateway IP Address: 1.1.1.1
Mobility/RF Group Name: WLCM−Group
Network Name (SSID): WLCM−Clients
Allow Static IP Addresses [YES][no]: no
Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server.
Please see documentation for more details.
Enter Country Code (enter 'help' for a list of countries) [US]:
Cisco − Password Recovery Procedure for the Wireless LAN Controller Module (WLCM) and Wireless Servi
Enable
Enable
Enable
Enable
802.11b
802.11a
802.11g
Auto−RF
Network [YES][no]: yes
Network [YES][no]: yes
Network [YES][no]: yes
[YES][no]: yes
Configure a NTP server now? [YES][no]: no
Configure the system time now? [YES][no]: no
Warning! No AP will come up unless the time is set.
Please see documentation for more details.
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
Configuration saved!
Resetting system with new configuration...
Initializing memory. Please wait.
BIOS Version: SM 02.00
BIOS Build date: 09/17/02
System Now Booting ...
256 MB SDRAM detected
Booting from disk..., please wait.
Cisco Bootloader Loading stage2...
Cisco Bootloader (Version 3.2.116.21)
.o88b. d888888b .d8888.
d8P Y8
`88'
88' YP
8P
88
`8bo.
8b
88
`Y8b.
Y8b d8
.88.
db
8D
`Y88P' Y888888P `8888Y'
.o88b.
d8P Y8
8P
8b
Y8b d8
`Y88P'
.d88b.
.8P Y8.
88
88
88
88
`8b d8'
`Y88P'
Booting Primary Image...
Press <ESC> now for additional boot options...
Detecting hardware . . . .
Cisco is a trademark of Cisco Systems, Inc.
Software Copyright Cisco Systems, Inc. All rights reserved.
Cisco AireOS Version 3.2.116.21
Initializing OS Services: ok
Initializing Serial Services: ok
Initializing Network Services: ok
Starting ARP Services: ok
Starting Trap Manager: ok
Starting Network Interface Management Services: ok
Starting System Services: ok
Starting Fast Path Hardware Acceleration: ok
Starting Switching Services: ok
Starting QoS Services: ok
Starting FIPS Features: Not enabled
Starting Policy Manager: ok
Starting Data Transport Link Layer: ok
Starting Access Control List Services: ok
Starting System Interfaces: ok
Starting LWAPP: ok
Starting Crypto Accelerator: Not Present
Starting Certificate Database: ok
Cisco − Password Recovery Procedure for the Wireless LAN Controller Module (WLCM) and Wireless Servi
Starting VPN Services: ok
Starting Security Services: ok
Starting Policy Manager: ok
Starting Authentication Engine: ok
Starting Mobility Management: ok
Starting Virtual AP Services: ok
Starting AireWave Director: ok
Starting Network Time Services: ok
Starting Broadcast Services: ok
Starting Logging Services: ok
Starting DHCP Server: ok
Starting IDS Signature Manager: ok
Starting RFID Tag Tracking: ok
Starting RBCP: ok
Starting Management Services:
Web Server: ok
CLI: ok
Secure Web: ok
(Cisco Controller)
Enter User Name (or 'Recover−Config' this one−time only to reset
configuration to factory defaults)
User: admin
Password:*****
(Cisco Controller) >
Note: There is an alternate way to reset the WLCM to default settings. After the WLCM is reset with
the command illustrated in step 1, you can enter the recover−config command at the User prompt on
the controller. This resets the WLCM to default settings and the user is prompted with the startup
wizard so that they can reconfigure the WLCM from scratch. This output shows an example.
(Cisco Controller)
Enter User Name (or 'Recover−Config' this one−time only to reset
configuration to factory defaults)
User:recover−config
Note: If host router has a default authentication method, for example:
aaa login default group radius local
Note: then on the line for the WLC, authentication is on default. This prevents the recovery of the
password, as the router prompts for a username/password, breaks the recover−config first prompt (it
gets intercepted), and therefore the user never have the opportunity. A workaround is to disable auth
for the line.
aaa login wlc none
line 66
login authentication wlc
Note: Line 66 might change based on the hardware/chassis used on the router.
You can now use the new username/password in order to access the WLCM.
Cisco − Password Recovery Procedure for the Wireless LAN Controller Module (WLCM) and Wireless Servi
Reset the WiSM to Default Settings
The procedure to reset the WiSM to its default settings is similar to the procedure to reset the WLCM.
Complete these steps in order to reset the WiSM to its default settings.
1. In privileged mode from the router prompt, enter this command.
Router#hw−module module <module slot number> reset
This command reboots the WiSM module. This is an example.
Router#hw−module module 3 reset
Proceed with reload of module?[confirm]
2. Access the console of the controllers using a serial connection.
3. When you are prompted for a username, enter recover−config in order to restore the factory default
configuration. Here is an example.
(Cisco Controller)
Enter User Name (or 'Recover−Config' this one−time only to reset
configuration to factory defaults)
User:recover−config
The controller reboots and displays this message:
Welcome to the Cisco WLAN Solution Wizard Configuration Tool
4. Use the startup configuration wizard in order to enter new configuration settings including the
username and password.
NetPro Discussion Forums − Featured Conversations
Networking Professionals Connection is a forum for networking professionals to share questions, suggestions,
and information about networking solutions, products, and technologies. The featured links are some of the
most recent conversations available in this technology.
NetPro Discussion Forums − Featured Conversations for Wireless
Wireless − Mobility: WLAN Radio Standards
Wireless − Mobility: Security and Network Management
Wireless − Mobility: Getting Started with Wireless
Wireless − Mobility: General
Related Information
• Cisco WLAN Controller Network Module Feature Guide
• WiSM Troubleshooting FAQ
• Cisco Wireless LAN Controller Configuration Guide, Release 4.0
• Technical Support & Documentation − Cisco Systems
Cisco − Password Recovery Procedure for the Wireless LAN Controller Module (WLCM) and Wireless Servi
All contents are Copyright © 1992−2006 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Updated: Sep 11, 2006
Document ID: 71094
Cisco − Password Recovery Procedure for the Wireless LAN Controller Module (WLCM) and Wireless Servi
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising