3750 "Feature"

ReibeReibe Member Posts: 56 ■■□□□□□□□□
So there is a "feature" at least on the 3750 switches, that when you hold down the "Mode" button for approx. 10-15 seconds, the switch looses its config. Where I work some of our switch stacks are in places where this may be a concern...

Luckily this hasn't been an issue before, but I would like to disable this feature if I can. I tried Google but I'm not sure what the feature is actually called to search for - so I wasn't able to find much. Does anybody know how to disable this?

Thanks in advance.

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    I believe that only applies if you hold the Mode button down during a power up. Its for password recovery. Holding the Mode button down during normal operation shouldn't cause any issues that I know of.
    An expert is a man who has made all the mistakes which can be made.
  • tierstentiersten Member Posts: 4,505
    Its in other Catalysts. It should be disabled when you initially configure the switch.

    "no setup express"
  • tierstentiersten Member Posts: 4,505
    I believe that only applies if you hold the Mode button down during a power up. Its for password recovery. Holding the Mode button down during normal operation shouldn't cause any issues that I know of.
    Its Express Setup that is wiping the configuration. Push for 2 secs on a configured switch and it'll blink at you to say its already configured. Continue to push for another 8 secs and it'll wipe the configuration completely.
  • tierstentiersten Member Posts: 4,505
    Whilst you should disable Express Setup, the bigger issue is that your switch stacks are in places accessible to nosy people who can't resist pushing buttons...
  • networker050184networker050184 Mod Posts: 11,962 Mod
    tiersten wrote: »
    Its Express Setup that is wiping the configuration. Push for 2 secs on a configured switch and it'll blink at you to say its already configured. Continue to push for another 8 secs and it'll wipe the configuration completely.

    That sucks pretty bad. Definitely not a cool "feature" thats for sure.
    An expert is a man who has made all the mistakes which can be made.
  • mikearamamikearama Member Posts: 749
    tiersten wrote: »
    Whilst you should disable Express Setup, the bigger issue is that your switch stacks are in places accessible to nosy people who can't resist pushing buttons...

    +1

    If you have your switches out in the open, then yes, this is a crappy feature. Assuming your switches are in locked hub rooms or a secured server farms... I don't understand. What's the issue?
    There are only 10 kinds of people... those who understand binary, and those that don't.

    CCIE Studies: Written passed: Jan 21/12 Lab Prep: Hours reading: 385. Hours labbing: 110

    Taking a time-out to add the CCVP. Capitalizing on a current IPT pilot project.
  • tierstentiersten Member Posts: 4,505
    That sucks pretty bad. Definitely not a cool "feature" thats for sure.
    Yeah. I don't understand why they made it so easy to wipe the configuration. I wouldn't say it would be too annoying to make the user jump through some hoops to actually invoke this wipe procedure.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    mikearama wrote: »
    +1

    If you have your switches out in the open, then yes, this is a crappy feature. Assuming your switches are in locked hub rooms or a secured server farms... I don't understand. What's the issue?

    There is always the chance of pressing it while installing new equipment, replacing another device etc. even if its in a secure location. I think you should at least have to press two buttons at the same time or something to make it a little safer.

    I don't really work on switches that small often though so nothing I've really had to worry about. I'd hate to be the guy who's butt wiped out a critical switch :D
    An expert is a man who has made all the mistakes which can be made.
  • ReibeReibe Member Posts: 56 ■■□□□□□□□□
    Tested "no setup express" and it works great.

    The "feature" not only wipes the config, but it decides the switch needs to reboot as well.
    tiersten wrote: »
    Whilst you should disable Express Setup, the bigger issue is that your switch stacks are in places accessible to nosy people who can't resist pushing buttons...

    Granted, but I can't do anything to fix that part. The boss didn't approve the requisition for a cattle prod.icon_cry.gif
  • jason_lundejason_lunde Member Posts: 567
    Reibe wrote: »
    Granted, but I can't do anything to fix that part. The boss didn't approve the requisition for a cattle prod.icon_cry.gif

    There are locking, wall-mountable racks.
  • mamir01mamir01 Registered Users Posts: 3 ■□□□□□□□□□
    Guys,

    Pressing the mode button for 10 to 15 seconds does not wipe the configuration. This feature renames the config.text file to something else. You could run show flash: to see what its called and its as easy as renaming the file back to config.text and booting the switch which will boot back into the old config.

    no setup express will not allow you to do that but could also cause other headaches e.g. if you need to get into your switch which isn't responding (it doesn happen) and you can't rename the actual config file by pushing the mode button then that leaves only one option the switch has to be sent back to the manufacturer. (watch out)

    Regards,

    Amir
  • tierstentiersten Member Posts: 4,505
    mamir01 wrote: »
    Pressing the mode button for 10 to 15 seconds does not wipe the configuration. This feature renames the config.text file to something else. You could run show flash: to see what its called and its as easy as renaming the file back to config.text and booting the switch which will boot back into the old config.
    I've never used Express Setup except once just to see what it does and the Cisco documentation says the configuration is deleted so that is what I was going by.

    The issue isn't the actual deletion of the configuration as you should have a backup but more that the switch loses the configuration and reboots. Until you can restore the configuration, that switch is completely out of action and may possibly be causing other issues on your network.
    mamir01 wrote: »
    no setup express will not allow you to do that but could also cause other headaches e.g. if you need to get into your switch which isn't responding (it doesn happen) and you can't rename the actual config file by pushing the mode button then that leaves only one option the switch has to be sent back to the manufacturer. (watch out)
    You can still get into the Catalyst equivalent of ROMMON even with password recovery and express setup disabled which allows you to erase the configuration and IOS.

    If your console port and/or the rest of the switch is that badly broken that you need to send it back to Cisco then you've got other issues and the switch should be replaced anyway. Your situation is a very contrived situation IMO.

    Situations like Reibe's where the switches are in publicly accessible areas then it would be foolish not to disable Express Setup.
  • HeeroHeero Member Posts: 486
    mamir01 wrote: »
    Guys,

    Pressing the mode button for 10 to 15 seconds does not wipe the configuration. This feature renames the config.text file to something else. You could run show flash: to see what its called and its as easy as renaming the file back to config.text and booting the switch which will boot back into the old config.

    no setup express will not allow you to do that but could also cause other headaches e.g. if you need to get into your switch which isn't responding (it doesn happen) and you can't rename the actual config file by pushing the mode button then that leaves only one option the switch has to be sent back to the manufacturer. (watch out)

    Regards,

    Amir

    I had to do this in a lab once, didnt have password but did express setup was still enabled. I remember it renaming the config from startup-config to something like startup-config.old. It was still there, and all i would have to do is rename it.
  • DaveB!DaveB! Registered Users Posts: 2 ■□□□□□□□□□
    Heero wrote: »
    I had to do this in a lab once, didnt have password but did express setup was still enabled. I remember it renaming the config from startup-config to something like startup-config.old. It was still there, and all i would have to do is rename it.


    I've also tested password recovery out in a lab. Using both methods.
    1. Press and hold mode button for 10 seconds
    2. following the manual password recovery method as described in Cisco DID 12040.
    Obviously method one is the simplest method, but also the least secure.

    My question is: What are the "gotchas", if there are any, for disabling setup express, besides having to use the longhand version of password recovery?
  • tierstentiersten Member Posts: 4,505
    DaveB! wrote: »
    My question is: What are the "gotchas", if there are any, for disabling setup express, besides having to use the longhand version of password recovery?
    I don't believe there is any downside to having setup express disabled unless you explicitly need the ability to reset the config by button only.
Sign In or Register to comment.