This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Wireless
- ExtremeWireless (WiNG)
- RFS6000 lost admin password but SNMP works, possib...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
RFS6000 lost admin password but SNMP works, possible to reset password?
RFS6000 lost admin password but SNMP works, possible to reset password?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
06-21-2017 01:32 PM
Hi,
Client has lost their RFS6000 password, but I've determined that SNMPv3 access is working. Is it possible to reset the admin password this way, if so, what SNMP element needs to be updated?
Thanks!
Client has lost their RFS6000 password, but I've determined that SNMPv3 access is working. Is it possible to reset the admin password this way, if so, what SNMP element needs to be updated?
Thanks!
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
03-23-2022 03:13 AM
Yes, it is possible.
# snmpwalk -v3 -l authPriv -u snmpmanager -a MD5 -A admin123 -x DES -X admin123 172.16.x.x 1.3.6.1.4.1.388.50.1.3.19.5.1
where 172.16.x.x = ip address of WiNG controller
so we can see one user with superuser role, admin = 5 char in OID
iso.3.6.1.4.1.388.50.1.3.19.5.1.1.7.100.101.102.97.117.108.116.5.97.100.109.105.110
where 100.101.102.97.117.108 = "default" in ascii, 5 = number of char in username and 97.100.109.105.110 = "admin" decimal number in ascii table
# snmpset -v3 -l authPriv -u snmpmanager -a MD5 -A admin123 -x DES -X admin123 172.16.x.x iso.3.6.1.4.1.388.50.1.3.19.5.1.3.7.100.101.102.97.117.108.116.5.97.100.109.105.110 s 80111d5fb243dd3b462fe831ae667f48cec2bbca02f3175aeacfc513c733ac98
now for user "admin" password is = mysuperpassword
but if username is not default "admin" we need to make different string, not "80111d5fb243dd3b462fe831ae667f48cec2bbca02f3175aeacfc513c733ac98"
how to:
jump to any WiNG box (like VX9000_DEMO) and make user
vx9000-EA2320~>en
vx9000-EA2320~#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
vx9000-EA2320(config)~#management-policy default
vx9000-EA2320(config-management-policy-default)~#show context
management-policy default
no telnet
no http server
https server
rest-server
ssh
user admin password 1 80111d5fb243dd3b462fe831ae667f48cec2bbca02f3175aeacfc513c733ac98 role superuser access all
snmp-server community 0 private rw
snmp-server community 0 public ro
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
t5 snmp-server community public ro 192.168.0.1
t5 snmp-server community private rw 192.168.0.1
idle-session-timeout 4320
vx9000-EA2320(config-management-policy-default)~#user another password 0 mysuperpassword2 role superuser access all
vx9000-EA2320(config-management-policy-default)~#no user admin
vx9000-EA2320(config-management-policy-default)~#comm wr
[OK]
vx9000-EA2320(config-management-policy-default)~#sh context
management-policy default
no telnet
no http server
https server
rest-server
ssh
user another password 1 c49fb4f1ca6c15ef7ca6fea316180cfd965d7a8cad8bb251853613bfce396d07 role superuser access all
snmp-server community 0 private rw
snmp-server community 0 public ro
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
t5 snmp-server community public ro 192.168.0.1
t5 snmp-server community private rw 192.168.0.1
idle-session-timeout 4320
now we have c49fb4f1ca6c15ef7ca6fea316180cfd965d7a8cad8bb251853613bfce396d07
for user "another" and password "mysuperpassword2"
change password for test
vx9000-EA2320(config-management-policy-default)~#user another password 0 anotherpassword role superuser access all
vx9000-EA2320(config-management-policy-default)~#comm wr
vx9000-EA2320(config-management-policy-default)~#sh context
management-policy default
no telnet
no http server
https server
rest-server
ssh
user another password 1 0acde8d461c979b40dedb7169e06119c7774a1df23ca292aaea195562aa09365 role superuser access all
snmp-server community 0 private rw
snmp-server community 0 public ro
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
t5 snmp-server community public ro 192.168.0.1
t5 snmp-server community private rw 192.168.0.1
idle-session-timeout 4320
# snmpwalk -v3 -l authPriv -u snmpmanager -a MD5 -A admin123 -x DES -X admin123 172.16.x.x 1.3.6.1.4.1.388.50.1.3.19.5.1
change password over snmp
# snmpset -v3 -l authPriv -u snmpmanager -a MD5 -A admin123 -x DES -X admin123 172.16.x.x iso.3.6.1.4.1.388.50.1.3.19.5.1.3.7.100.101.102.97.117.108.116.7.97.110.111.116.104.101.114 s c49fb4f1ca6c15ef7ca6fea316180cfd965d7a8cad8bb251853613bfce396d07
now for user "another" password is = mysuperpassword2
vx9000-EA2320(config-management-policy-default)~#sh context
management-policy default
no telnet
no http server
https server
rest-server
ssh
user another password 1 c49fb4f1ca6c15ef7ca6fea316180cfd965d7a8cad8bb251853613bfce396d07 role superuser access all
snmp-server community 0 private rw
snmp-server community 0 public ro
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
t5 snmp-server community public ro 192.168.0.1
t5 snmp-server community private rw 192.168.0.1
idle-session-timeout 4320
# snmpwalk -v3 -l authPriv -u snmpmanager -a MD5 -A admin123 -x DES -X admin123 172.16.x.x 1.3.6.1.4.1.388.50.1.3.19.5.1
iso.3.6.1.4.1.388.50.1.3.19.5.1.1.7.100.101.102.97.117.108.116.5.97.100.109.105.110 = STRING: "admin"iso.3.6.1.4.1.388.50.1.3.19.5.1.3.7.100.101.102.97.117.108.116.5.97.100.109.105.110 = ""iso.3.6.1.4.1.388.50.1.3.19.5.1.4.7.100.101.102.97.117.108.116.5.97.100.109.105.110 = STRING: "superuser"iso.3.6.1.4.1.388.50.1.3.19.5.1.5.7.100.101.102.97.117.108.116.5.97.100.109.105.110 = ""where 172.16.x.x = ip address of WiNG controller
so we can see one user with superuser role, admin = 5 char in OID
iso.3.6.1.4.1.388.50.1.3.19.5.1.1.7.100.101.102.97.117.108.116.5.97.100.109.105.110
where 100.101.102.97.117.108 = "default" in ascii, 5 = number of char in username and 97.100.109.105.110 = "admin" decimal number in ascii table
# snmpset -v3 -l authPriv -u snmpmanager -a MD5 -A admin123 -x DES -X admin123 172.16.x.x iso.3.6.1.4.1.388.50.1.3.19.5.1.3.7.100.101.102.97.117.108.116.5.97.100.109.105.110 s 80111d5fb243dd3b462fe831ae667f48cec2bbca02f3175aeacfc513c733ac98
iso.3.6.1.4.1.388.50.1.3.19.5.1.3.7.100.101.102.97.117.108.116.5.97.100.109.105.110 = STRING: "80111d5fb243dd3b462fe831ae667f48cec2bbca02f3175aeacfc513c733ac98"now for user "admin" password is = mysuperpassword
but if username is not default "admin" we need to make different string, not "80111d5fb243dd3b462fe831ae667f48cec2bbca02f3175aeacfc513c733ac98"
how to:
jump to any WiNG box (like VX9000_DEMO) and make user
vx9000-EA2320~>en
vx9000-EA2320~#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
vx9000-EA2320(config)~#management-policy default
vx9000-EA2320(config-management-policy-default)~#show context
management-policy default
no telnet
no http server
https server
rest-server
ssh
user admin password 1 80111d5fb243dd3b462fe831ae667f48cec2bbca02f3175aeacfc513c733ac98 role superuser access all
snmp-server community 0 private rw
snmp-server community 0 public ro
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
t5 snmp-server community public ro 192.168.0.1
t5 snmp-server community private rw 192.168.0.1
idle-session-timeout 4320
vx9000-EA2320(config-management-policy-default)~#user another password 0 mysuperpassword2 role superuser access all
vx9000-EA2320(config-management-policy-default)~#no user admin
vx9000-EA2320(config-management-policy-default)~#comm wr
[OK]
vx9000-EA2320(config-management-policy-default)~#sh context
management-policy default
no telnet
no http server
https server
rest-server
ssh
user another password 1 c49fb4f1ca6c15ef7ca6fea316180cfd965d7a8cad8bb251853613bfce396d07 role superuser access all
snmp-server community 0 private rw
snmp-server community 0 public ro
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
t5 snmp-server community public ro 192.168.0.1
t5 snmp-server community private rw 192.168.0.1
idle-session-timeout 4320
now we have c49fb4f1ca6c15ef7ca6fea316180cfd965d7a8cad8bb251853613bfce396d07
for user "another" and password "mysuperpassword2"
change password for test
vx9000-EA2320(config-management-policy-default)~#user another password 0 anotherpassword role superuser access all
vx9000-EA2320(config-management-policy-default)~#comm wr
vx9000-EA2320(config-management-policy-default)~#sh context
management-policy default
no telnet
no http server
https server
rest-server
ssh
user another password 1 0acde8d461c979b40dedb7169e06119c7774a1df23ca292aaea195562aa09365 role superuser access all
snmp-server community 0 private rw
snmp-server community 0 public ro
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
t5 snmp-server community public ro 192.168.0.1
t5 snmp-server community private rw 192.168.0.1
idle-session-timeout 4320
# snmpwalk -v3 -l authPriv -u snmpmanager -a MD5 -A admin123 -x DES -X admin123 172.16.x.x 1.3.6.1.4.1.388.50.1.3.19.5.1
iso.3.6.1.4.1.388.50.1.3.19.5.1.1.7.100.101.102.97.117.108.116.7.97.110.111.116.104.101.114 = STRING: "another"iso.3.6.1.4.1.388.50.1.3.19.5.1.3.7.100.101.102.97.117.108.116.7.97.110.111.116.104.101.114 = ""iso.3.6.1.4.1.388.50.1.3.19.5.1.4.7.100.101.102.97.117.108.116.7.97.110.111.116.104.101.114 = STRING: "superuser"iso.3.6.1.4.1.388.50.1.3.19.5.1.5.7.100.101.102.97.117.108.116.7.97.110.111.116.104.101.114 = ""change password over snmp
# snmpset -v3 -l authPriv -u snmpmanager -a MD5 -A admin123 -x DES -X admin123 172.16.x.x iso.3.6.1.4.1.388.50.1.3.19.5.1.3.7.100.101.102.97.117.108.116.7.97.110.111.116.104.101.114 s c49fb4f1ca6c15ef7ca6fea316180cfd965d7a8cad8bb251853613bfce396d07
iso.3.6.1.4.1.388.50.1.3.19.5.1.3.7.100.101.102.97.117.108.116.7.97.110.111.116.104.101.114 = STRING: "c49fb4f1ca6c15ef7ca6fea316180cfd965d7a8cad8bb251853613bfce396d07"now for user "another" password is = mysuperpassword2
vx9000-EA2320(config-management-policy-default)~#sh context
management-policy default
no telnet
no http server
https server
rest-server
ssh
user another password 1 c49fb4f1ca6c15ef7ca6fea316180cfd965d7a8cad8bb251853613bfce396d07 role superuser access all
snmp-server community 0 private rw
snmp-server community 0 public ro
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
t5 snmp-server community public ro 192.168.0.1
t5 snmp-server community private rw 192.168.0.1
idle-session-timeout 4320
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
06-27-2017 05:39 PM
Version is 5.5.2.
The MIB value wingCfgMgmtAdminPassword OID .1.3.6.1.4.1.388.50.1.3.19.5.1.3 looks promising, but when written doesn't work as expected.
The MIB value wingCfgMgmtAdminPassword OID .1.3.6.1.4.1.388.50.1.3.19.5.1.3 looks promising, but when written doesn't work as expected.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
06-27-2017 05:00 PM
Hello Andrew,
What version is the RFS6000 currently running? Once I have this, I can check the RFS6000 MIB for that release and see if there is an OID to reset the admin password.
Thanks,
Chris Frazee
What version is the RFS6000 currently running? Once I have this, I can check the RFS6000 MIB for that release and see if there is an OID to reset the admin password.
Thanks,
Chris Frazee
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
06-21-2017 01:39 PM
Hello Andrew,
If lost, the password may only be reset from CLI either by using a temp password or via the console port using the reset/FactoryDefault credentials.
In both cases, when a controller password is reset the config will be lost.
Thank you,
Chris
If lost, the password may only be reset from CLI either by using a temp password or via the console port using the reset/FactoryDefault credentials.
In both cases, when a controller password is reset the config will be lost.
Thank you,
Chris
Christoph S.
