• News
• C50 C100 5000BH
  • Centillion 50
  • Centillion 100
  • Speed View Software
  • MCP cable1
  • MCP cable2
  • C100 MCP
  • C100 Partnumbers
  • MCP-Test
    • MCP-PW
    • dead MCP
• System 5000BH
• Centillion 1400
• Centillion 1600
• Centillion NEC
• Accelar
• Spareparts
• Services
• Other Models
• Books
• About Bay
• Suchen
• Table of content

You need to have physically access to the switch. You cannot do this remotely. This seems to be wanted for security reasons.

connecting via Hyperterminal / COM port to the MCP port,

using the CLI, you see:

"name-of-the switch": Command >

type "eng"

here the pw is "debug"

typing "what"

now you see :

"name-of-the switch": what?

First try this :

at the what? prompt, type "d 0bfc60000"

continue dumping (d <CR ) until 0bfc607FF

(To continue dumping type only a d at the what prompt)

what?d

Somewhere towards the end of this dump or the next one you will find a double 12C pattern. Approximately 12 bytes before this is the password in hex.

Example: for rev 2.1 (this one was our first C100)

BFC70480: 00000000 00000000 00000000 00000000

BFC70490: 00000000 00000000 00000000 00000000

BFC704A0: 00000000 00000000 00000000 00006261

BFC704B0: 796E6574 00000000 00000000 00000400

BFC704C0: 0000012C 0000012C 00000000 00000000

BFC704D0: 00000000 00000000 00000000 00000000

6261796E6574 is the password here. Go to the hex table and convert the hex to ascii.

If it is not at the fist addresses,

goto next try : d 0bfc70000

Continue dumping until 0bfc707FF

To leave the debug mode, type ctrl x.

NOTE: In version 2.0.2, password recovery from the CLI is not possible. Access to the engineering or what? Prompt requires the user password. The solution is to get the flash reprogrammed.