This is an old revision of the document!
Table of Contents
Recovery password
Resetting Admin Password
This section describes how to reset the password for the default administrator user account (admin) on the managed device. Use this procedure if the administrator user account password is lost or forgotten.
- Connect a local console to the serial port on the managed device.
- From the console, login into the managed device as a password recovery user. For information, read Password Recovery user.
- Enter configuration mode by typing in configure terminal.
- To reset the administrator user account password, use the mgmt-user admin root command.
- Enter a new password for this account and retype the same to confirm.
- Exit from the configuration mode and the user mode.
If you have defined a management user password policy, make sure that the new password conforms to this policy. For details, see Implementing Specific Management Password Policy.
The following is an example of how to reset the admin password as a default password recovery user. If you have configured an alternate password recovery user, use its credentials to login to the controller. The commands in bold type are what you enter:
User: password
Password: forgetme!
(host) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z
(host) (config) #mgmt-user admin root
Password:
Re-Type password:
(host) (config) #exit
(host) #exit
Password Recovery user
A password recovery user is a management user with root rights that is used to reset the admin password in the event of a lost or forgotten password. Starting with ArubaOS 8.4.0.0, a configurable alternate password recovery user can be created in addition to the default password recovery feature.
Note: Password recovery access using either the default password recovery user or the alternate password recovery user is allowed only through the serial console of a controller.
Note: Password recovery users can be configured only through SSH sessions and serial console sessions with a controller and not through WebUI.
Note: Aruba recommends to enable the default password recovery user before generating and sharing the tech-support logs or configuration files with customer support.
Note: It is recommended that either the default password recovery user is disabled or the alternate password recovery user is configured when setting up the network to ensure. This is to ensure that there are no vulnerabilities.
Default password recovery user
In the event of a lost/forgotten password, the administrator can login to the controller and reset the admin password as the default password recovery user using the username password and the password forgetme!. The default password recovery user is defined and is enabled by default . Disabling the Default password recovery user is recommended if the network uses a TACACS server to authenticate its management users.
To disable the default password recovery user, execute the following command in the configuration mode:
(host) (config) #password-recovery-disable
To enable the default password recovery user, execute the following command in the configuration mode:
(host) (config) #no password-recovery-disable
Alternate password recovery user
Starting with ArubaOS 8.4.0.0, an alternate password recovery user with a username and password can be created to reset the admin password. The alternate user’s username can be 16 characters long and the password can be 32 characters long. Configuring the alternate password recovery user automatically disables the default password recovery user. Configuring the alternate password recovery user is highly recommended if the network is managed locally.
Note: The alternate password recovery user will not be shown in the management user section of the WebUI. This user role cannot be configured through the WebUI.
To configure the alternate password recovery user, execute the following command in the configuration mode:
(host) (config) #password-recovery-user <username>
Password: Re-Type password:
To disable the alternate password recovery user, execute the following command in the configuration mode:
(host) (config) #no password-recovery-user
The following is an example to configure the alternate password recovery user:
(host) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z
(host) (config) #password-recovery-user recadmin
Password: Re-Type password:
(host) (config) #exit
Use the show mgmt-user command to view the configured management users and the status of the default password recovery user.
The following is an example of the show mgmt-user command with the default password recovery user enabled.
(host) #show mgmt-user
Default password recovery user: Enabled
Management User Table --------------------- USER PASSWD ROLE STATUS ---- ------ ---- ------ admin ***** root ACTIVE The following is an example of the show mgmt-user command when the alternate password recovery user is configured. (host) #**show mgmt-user** Default password recovery user: Disabled Management User Table --------------------- USER PASSWD ROLE STATUS ---- ------ ---- ------ admin ***** root ACTIVE recadmin ***** passR ACTIVE
Using Clear/Reset
Procedure
- Using pointed objects, simultaneously press both the Reset and Clear buttons on the front of the switch.
- Continue to press the Clear button while releasing the Reset button.
- When the Self Test LED begins to flash, release the Clear button.
The switch then completes its self test and begins operating with the configuration restored to the factory default settings.
Restoring the Factory Default Configuration
You can also use the Reset button together with the Clear button (Reset+Clear) to restore the factory default configuration for the switch. To do this:
1. Press and hold the Reset button.
2. While holding the Reset button, press and hold the Clear button.
3. Release the Reset button.
4. When the Test LED to the right of the Clear button begins flashing, release the Clear button.
5. It takes approximately 20-25 seconds for the switch to reboot. This process restores the switch configuration to the factory default settings.
Aruba 3810M Switch Series - LED Indicators
Switch and port LEDs on front of the switches
Front of Switch Status and Mode LED Behavior describes the switch chassis and Flex Port status LEDs and also the Switch Mode LEDs.
Below table describes the switch Port LEDs and their different mode behaviors.
| Label | Description |
|---|---|
| 1 | Switch Port LEDs |
| 2 | LED Mode button |
| 3 | Speed LED |
| 4 | PoE LED |
| 5 | Usr LED |
| 6 | Reset button |
| 7 | Clear button |
| 8 | Back Module status LED |
| 9 | Aux Port status LED |
| 10 | Unit Identification LED |
| 11 | Global status LED |
Switch and port LEDs for JL075A
Switch and Port LEDs Label and Description for JL075A
| Label | Description |
|---|---|
| 1 | Switch Port LEDs |
| 2 | LED Mode button |
| 3 | Speed LED |
| 4 | Usr LED |
| 5 | Reset button |
| 6 | Clear button |
| 7 | Back Module status LED |
| 8 | Aux Port status LED |
| 9 | Unit Identification LED |
| 10 | Global status LED |
Front of switch status and mode LED behavior
| Switch LEDs | Function | State | Meaning |
|---|---|---|---|
| Internal Power Status of the switch. | On Green | The Switch has passed self-test and is powered up normally. | |
| Internal Power Status of the switch. | Slow Flash Green | The switch self-test and initialization are in progress Status after the switch has been power cycled or reset. The switch is not operational until this LED stops blinking green. | |
| Internal Power Status of the switch. | Slow Flash Orange | The switch self-test and initialization are in progress Switch/Port Fault Status after the switch has been power cycled or reset. The switch is not operational until this LED stops blinking green. | |
| Internal Power Status of the switch. | On Orange | If this LED is on orange for a prolonged time, the switch has encountered a fatal hardware failure or has failed its self-test. | |
| Internal Power Status of the switch. | Off | The unit is not receiving power. | |
| UID (Unit Identification) | On or Slow Flash | The “chassis locate” command allows you to blink or turn on the LED for a specified number of minutes (1-1440). The default is 30 minutes. | |
| UID (Unit Identification) | Off | LED will turn off after the timeout period has expired. | |
| Back Module Status | On Green | Normal operation: All modular components installed in the back of the unit are functioning correctly. | |
| Back Module Status | Slow Flash Orange | One of the modules inserted from the back of the chassis has failed self-test or is experiencing a fault condition. Flashes simultaneously with the Global Status LED flashing orange. | |
| Aux Port Activity | Solid Green | USB installed and successfully initialized, and mounted, but no data transfer. | |
| Aux Port Activity | Green Flicker | Data transfer is in progress. Do not remove installed device until data transfer is complete. | |
| Aux Port Activity | Slow Flash Orange | The USB device that is installed is unsupported or faulted. | |
| Aux Port Activity | Off | No USB installed. | |
| Flex Port Module Status | On Green | Flex Port module operating correctly. | |
| Flex Port Module Status | Slow Flash Orange | Flex Port module has experienced a fault. The Global Status LED should be flashing synchronously. | |
| Flex Port Module Status | Off | No power. | |
| Flex Port Module Status | No Present | No Module. | |
| Speed Mode Selected | On | Speed Mode is selected. Port LEDs indicate port speed. | |
| Speed Mode Selected | Off | Speed mode not selected. | |
| Power over Ethernet (PoE) Mode Selected | On Green | PoE Mode is selected. Port LEDs show PoE information. | |
| Power over Ethernet (PoE) Mode Selected | On Orange | PoE Mode is selected and a port also has a PoE error. The Global Status LED and the LED corresponding to the port with the error will be flashing orange. The rest of the Port LEDs will display normal PoE status. | |
| Power over Ethernet (PoE) Mode Selected | Slow Flash Orange | PoE Mode has NOT been selected and a port has a PoE error. LED will be flashing orange simultaneously with the Global Status LED and the LED corresponding to the port with the error. | |
| Save Power Mode Selected | On | Save Power Mode is indicated by ALL the switch indicator LEDs being off, except for the Global Status LED. | |
| Port LEDs (Activity/Link) | Half-Bright Green | The port is enabled and receiving a Link indication from the connected device. | |
| Port LEDs (Activity Flicker) | Activity Flicker Green | The percentage of time that the LED is full-bright is roughly proportional to the percentage of full bandwidth utilization of the port. | |
| Port LEDs (Slow Flash) | Slow Flash Orange | The corresponding port has failed its self-test. Flashes simultaneously with the Global Status LED flashing orange. | |
| Speed Mode (Fast Flash) | Fast Flash Green | The port is operating at 40 Gbps. | |
| Speed Mode (On) | On Green | The port is operating at 10 Gbps. | |
| Speed Mode (Triple Blink) | Triple Blink Green | The port is operating at 5 Gbps. (HPE SMART RATE ports only) | |
| Speed Mode (Double Blink) | Double Blink Green | The port is operating at 2.5 Gbps. (HPE SMART RATE ports only) | |
| Speed Mode (Slow Flash) | Slow Flash Green | The port is operating at 1 Gbps. | |
| PoE Mode (On) | On Green | The port is providing PoE power. | |
| PoE Mode (On Orange) | On Orange | PoE is disabled on the port. | |
| PoE Mode (Fast Flash Orange) | Fast Flash Orange | The port is denied power or is detecting an external PD fault. | |
| PoE Mode (Slow Flash Orange) | Slow Flash Orange | The port has an internal hardware failure. Flashes simultaneously with the Global Status LED flashing orange. | |
| User Mode Selected (On) | On Green | Stack Member exists in the stack and is operational. | |
| User Mode Selected (Slow Flash) | Slow Flash Green | Indicates the Member # of the chassis. | |
| User Mode Selected (Fast Flash) | Fast Flash Green | Indicates the Member # of the Commander of the stack. | |
| User Mode Selected (On Orange) | On Orange | Stack Member is currently booting or has a fault that is preventing it from communicating. | |
| User Mode Selected (Slow Flash Orange) | Slow Flash Orange | Stack Member is in a known fault condition (i.e., Fan fault, PSU fault, etc.). The Global Status LED on all stack members will also Slow Flash Orange. | |
| User Mode Selected (Off) | Off | Stack Member does not exist in the stack configuration. |
—-
Access Security guide
password all aaa authentication local-user "admin" group "Level-15" aaa authentication local-user "admin" group "Level-15" password plaintext New password for admin: ********** Please retype new password for admin: ********** no aaa authentication local-user localuser no password operator password manager