How to Reset a Cisco Catalyst 9300 Switch (CLI, ROMMON & Safe Recovery Guide)

Resetting a Cisco Catalyst 9300 switch is a standard operation in enterprise environments, but it is also one of the most commonly misused procedures. A wrong reset method can lead to configuration loss, boot issues, or unnecessary downtime.

This guide explains how to safely reset a Cisco 9300 switch, recover access when locked out, and properly load a new configuration in real production environments.

1. When Should You Reset a Cisco 9300?

Before executing any reset command, you should first confirm whether a full reset is actually required.

Common scenarios include:

• Redeploying the switch in a new environment

• Cleaning corrupted or legacy configurations

• Recovering from lost administrative access

• Preparing the device for resale or decommission

In many cases, a full factory reset is unnecessary if the goal is only configuration cleanup.

2. Cisco 9300 Factory Reset Using CLI (Recommended Method)

If you still have administrative access, this is the safest approach.

Step 1: Enter privileged mode

enable

Step 2: Erase startup configuration

write erase

Step 3: Remove VLAN database (often missed in real operations)

delete flash:vlan.dat

Step 4: Reload the switch

reload

When prompted to save configuration, always select NO.

3. Cisco 9300 Password Recovery (ROMMON Method)

If you are locked out of the device, ROMMON recovery is required.

Step 1: Enter ROMMON mode

• Power cycle the switch

• Hold the Mode button until the prompt appears:

switch:

Step 2: Ignore startup configuration

SWITCH_IGNORE_STARTUP_CFG=1
boot

Step 3: Restore access

enable

At this point, you can load or inspect the existing configuration in running memory if needed.

Step 4: Permanently clear configuration state

write erase
configure terminal
no system ignore startupconfig switch all
end
reload

4. Loading a New Configuration on Cisco 9300

After reset, the next step is restoring or applying a working configuration.

USB method

copy usbflash0:config.txt running-config

TFTP method

copy tftp://<server-ip>/config.txt running-config

In production environments, engineers often follow a structured reset-and-reload workflow rather than manually rebuilding configurations line by line. A more complete operational sequence covering CLI reset, ROMMON recovery, and configuration restoration can be found in a dedicated guide on how to default a Cisco 9300 switch and load a new configuration (router-switch FAQ: Cisco 9300 factory reset and configuration recovery guide).

5. Save Configuration Permanently

After loading configuration, always save it:

copy running-config startup-config

or

write memory

6. Common Cisco 9300 Reset Issues

VLAN still exists after reset

Cause: vlan.dat was not deleted
Fix:

delete flash:vlan.dat

USB not recognized in ROMMON

Cause: incompatible USB format or size
Fix:

• Use FAT32 format

• Use USB 32GB or smaller

TFTP transfer fails in ROMMON

Cause: missing network configuration variables
Fix:

IP_ADDRESS=x.x.x.x
IP_SUBNET_MASK=x.x.x.x
DEFAULT_GATEWAY=x.x.x.x

Switch boots in Bundle Mode

Cause: booting directly from .bin file
Fix: switch to Install Mode

install add file bootflash:image.bin activate commit

7. What Happens After a Reset?

After resetting a Cisco Catalyst 9300:

• Startup configuration is erased

• VLAN database may persist if not manually removed

• Device enters Smart Licensing evaluation mode

• Boot mode should be verified (Install vs Bundle)

Check system state:

show version
show boot

8. Best Practice Summary

• Always verify whether full reset is necessary

• Always delete vlan.dat manually

• Avoid unnecessary ROMMON usage unless required

• Prefer CLI reset over full factory reset in most cases

• Validate boot mode after recovery

• Reload configuration in a controlled sequence

FAQ

Q1: Does factory reset remove IOS on Cisco 9300?

Only destructive reset operations may remove IOS images. Standard CLI reset does not affect system software.

Q2: Why do VLANs still exist after reset?

Because VLAN data is stored separately in vlan.dat and must be manually removed.

Q3: What is the safest reset method?

CLI-based reset (write erase + delete vlan.dat + reload) is the safest approach for most production environments.

Q4: How do I recover a Cisco 9300 without a password?

Use ROMMON mode with SWITCH_IGNORE_STARTUP_CFG=1.