Wednesday, November 6, 2019

Aruba InstantOS 8.5 - Finding the Default Password (Serial Number)

Recently I was doing some lab work with some AP’s running InstantOS 6.4.2 and decided to upgrade them to Instant 8.5. Going through the upgrade was quick and painless. However, once I was up to Instant 8.5, I decided to clear the configuration on the AP’s in order to remove any of the prior lab configurations that I had done. When the AP’s came back up, I was surprised to find out that the default password was no longer working. It turns out that with InstantOS 8.5 the default password is now the Serial Number of the AP. This put me in a bit of a predicament because the AP’s I was working with were remotely located. Due to this, I had no way of physically finding the Serial Number of the AP.

To get around this you need to be able to console into the AP and power cycle the AP (disabling then re-enabling PoE on the port works.) As soon as the AP begins to boot watch for the below to appear.

As soon as that appears, quickly hit enter. You only have about two seconds to do so, so be ready! This will drop you into the “apboot” menu. If you haven’t already explored this menu, I recommend you do so, it can be a very valuable troubleshooting tool.

At the “apboot” menu, use the command “mfginfo”. This will output a fair amount of information regarding the AP, including the Serial Number itself. Note, the correct Serial Number to use is the System Serial Number, not the CPU.

Once you have the Serial Number noted down, use the command “boot” to reload the AP. Once its rebooted you can login using the default user name “admin” and the Serial Number (make sure you capitalize the letters) as the password. The AP will immediately prompt you (both in the GUI and CLI) to create a new admin password.

The incomparable Scott Lester (@theITrebel) reminded me that if your IAP's are already up and have joined in a cluster. You can use the Serial Number of any of the AP's within that cluster. That way you don't have to go hunting around for the Master to console into. Thanks Scott!

I hope this helps someone! Feel free to ask any questions or present any other suggestions. I’m sure there are other ways of doing this. This is just the method that worked for me.

No comments:

Post a Comment