2005. 9 Password Recovery Procedures.  GSR12000 Series Routers  Cisco7500 Series Routers  Cisco7200 Series Routers  Cisco2500 Series Routers  Catalyst6500.

Slides:



Advertisements
Similar presentations
Managing Cisco IOS Software. Overview The router boot sequence Locating IOS software The configuration register Recovering Passwords Backing Up the Cisco.
Advertisements

1 Passwords and Banners Cisco Devices Packet Tracer.
Cisco Router. Overview Understanding and configuring the Cisco Internetwork Operating System (IOS) Connecting to a router Bringing up a router Logging.
1 CCNA 2 v3.1 Module 3. 2 CCNA 2 Module 3 Configuring a Router.
WXES2106 Network Technology Semester /2005 Chapter 5 Routers CCNA2: Module 1 and 2.
CCNA 2 v3.1 Module 5.
Managing Cisco IOS Software
CCNA 2 v3.1 Module 2.
Chapter 9 Managing a Cisco Internetwork Cisco Router Components Bootstrap - Brings up the router during initialization POST - Checks basic functionality;
1 Semester 2 Module 2 Introduction to Routers Yuda college of business James Chen
Router and Switch Security By: Kulin Shah Krunal Shah.
IST 228\Ch4\Cisco IOS1 What we will be able to do?
Sybex CCNA Chapter 7: Managing a Cisco Internetwork Instructor & Todd Lammle.
CISCO NETWORKING ACADEMY Chabot College ELEC Password Recovery.
1 © 2002, Cisco Systems, Inc. All rights reserved. Router boot procedure.
Cisco 2 - Routers Perrine & modified by Brierley Page 18/18/2015 Chapter 5 IOS Internet Operating System (IOS)
Ch. 5 – Managing Cisco IOS Software
© 2004 Cisco Systems, Inc. All rights reserved. Managing Your Network Environment Managing Router Startup and Configuration INTRO v2.0—9-1.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 5 Managing Cisco IOS Software.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—6-1 Network Environment Management Managing Router Startup and Configuration.
1 Chapter 2 ROUTER FUNDAMENTALS By: Tassos Tassou.
1 Semester 2 Module 3 Configuring a Router Yuda college of business James Chen
© Wiley Inc All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 9: Managing a Cisco Internetwork.
Ch.2 – Introduction to Routers
Console Connectivity RJ-45 Connector Console Port Computer Rollover Cable RJ-45 to DB-9 Converter.
Instructor & Todd Lammle
1. 2 Console Connectivity RJ-45 Connector Console Port Computer Rollover Cable RJ-45 to DB-9 Converter.
Chap 5 Startup and Setup Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology
Instructor & Todd Lammle
1 Pertemuan 9 Switch Configuration. Discussion Topics Starting the Switch Configuring the Switch 2.
Page 110/19/2015 Chapter 5 CCNA2 Chapter 5 Managing Cisco IOS Software.
Basic Router Configuration 1.1 Global configuration Cisco allows us to configure the router to support various protocols and interfaces. The router stores.
1 Router Internal Components Console Auxiliary Interfaces RAMNVRAMFlashROM RAM - Packet buffers, running configurations, running IOS ROM - Rom Monitor,
Ch.2 – Introduction to Routers
Configuring a Router. Router user interface The Cisco IOS software uses a command-line interface (CLI) as the traditional console environment. This environment.
By Joe Elkins Password Recovery for Cisco Routers (aka Breaking a Cisco Router)
IOS Backup & Password Breaking Technique of Routers & Switches Chapter 17 powered by DJ 1.
CCNA2 v3 Module 5 v3 CCNA 2 Module 5 JEOPARDY K. Martin.
Router Fundamentals PJC CCNA Semester 2 Ver. 3.0 by William Kelly.
© 1999, Cisco Systems, Inc. 5-1 Chapter 5 Managing Your Network Environment.
Chapter 5 Managing a Cisco Internetwork
Ch.2 – Introduction to Routers CCNA 2 version 3.0 Rick Graziani Cabrillo College.
Introduction to Routers
CCNA2 Chapter 2 Cisco IOS Software. Cisco’s operating system is called Cisco Internetwork Operating System (IOS) IOS provides the following network services:
IOS Internetwork Operating System. IOS modes and ROM monitor Router>EXEC mode Router#Priviledge mode Router(config)#Global config m Router(config-if)#Interface.
Cisco Router IOS M Clements. 20-Jan-16 IOS Version - choice and deployment 2 This week …… Cisco IOS versions IOS Features Choosing an IOS IOS upgrade.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Router Initialization steps.
Configuring a Router MM Clements. Copyright This Week Command line interface Router configuration Modes for configuration Interface.
Sem 2v2 Chapter 5 Router Startup and Setup. A router initializes by loading the bootstrap, the operating system, and a configuration file. If the router.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 5 Managing Cisco IOS Software.
Router Startup and Setup Honolulu Community College Cisco Academy Training Center Semester 2 Version 2.1.
1 Version 3.1 Module 5 Managing Cisco IOS Software.
Console Connectivity RJ-45 Connector Console Port Computer Rollover Cable RJ-45 to DB-9 Converter.
Cisco 2 - Routers Perrine. J Page 16/26/2016 Chapter 2 Cisco IOS Software Cisco’s operating system is called Cisco Internetwork Operating System (IOS)
Introduction to networking (Yarnfield) Configure a router.
© 2002, Cisco Systems, Inc. All rights reserved..
Router Components & Configuration. Router Components & Configurations Topics Physical components Memory components Configuration modes Keystroke shortcuts.
Managing a Cisco Devices Internetwork
INITIAL CONFIGURATION.
CIT 384: Network Administration
Router Startup and Setup
Cisco S2 C5 Router Startup.
Instructor & Todd Lammle
Network Environment Management
Routers & Cisco IOS.
Router Startup and Setup
Lecture9: Embedded Network Operating System: cisco IOS
Managing Cisco IOS Software
Lecture9: Embedded Network Operating System: cisco IOS
Presentation transcript:

Password Recovery Procedures

 GSR12000 Series Routers  Cisco7500 Series Routers  Cisco7200 Series Routers  Cisco2500 Series Routers  Catalyst6500 Series Switches (with Native IOS)  Catalyst4000/4500 Series Switches  Catalyst2900/3500 Series Switches Agenda

Password Recovery (Router series)  Cisco Routers / Switches 의 Enable / Secret password recovery.  Password Recovery 시 System Reboot 이 1 번 이상 필요.  Routers 의 Register 값을 조정하여 Startup-config 를 무시하도록 변경 - 0x2102 : default/current value - 0x2142 : Startup-config 무시 ( 초기화 )  Access switches 의 config file name 을 조정하여 startup-config 를 무시.  각 변경 값은 Booting 완료 및 Password 복구 후 Default value 로 원복.  해당 제품 군 - Cisco 806, Cisco 827, Cisco uBR900, Cisco 1003, Cisco 1004, Cisco 1005 Cisco 1400, Cisco 1600, Cisco 1700, Cisco 2600, Cisco 3600, Cisco 4500 Cisco 4700, Cisco AS5x00, Cisco 6x00, Cisco 7000 (RSP7000), Cisco 7100 Cisco 7200, Cisco 7500, Cisco uBR7100, Cisco uBR7200, Cisco uBR10000 Cisco 12000, Cisco LS1010, Catalyst 2948G-L3, Catalyst 4840G,Catalyst 4908G-L3, Catalyst 5500 (RSM), Catalyst 8510-CSR, Catalyst 8510-MSR, Catalyst 8540-CSR, Catalyst 8540-MSR, Cisco MC3810, Cisco NI-2, Cisco VG200 Analog Gateway, Route Processor Module

GSR12000/C7500/C7200 Series Routers 1.Console 사용을 위한 Terminal setup (terminal/ terminal emulation) baud rate, No parity, 8 data bits, 1 stop bit, No flow control 2.User mode “Router>show version” 을 통해 register 값을 확인 “0x2102” - Radius/TACACS 등에 연동 되어있어 확인 불가하면 아래로 이동 3.System Power Off / On 을 통해 Reboot 4.Ctrl+Break 또는 Break 를 할 수 있는 Key 를 통해 Router booting 과정을 멈춤 5.“rommon 1> “ prompt 에서 “confreg 0x2142” 입력 후 “reset” - rommon 1> confreg 0x2142 rommon 2> reset  Register 0x2142 는 Startup-config 를 무시하고 Booting 하는 값 6."Would you like to enter the initial configuration dialog?[yes/no]" 에서 “no” 입력 7.“Router>”prompt 상에서 “Enable” 을 통해 “Router#” prompt 로 이동 8.“copy startup-config running-config” 를 통해 NVRAM 의 config 를 불러옴. 9.“config terminal” 을 통해 config mode 에서 Eanble / Secret password 변경 - Router(config)#enable secret hanaro 10.“config-register 0x2102 “ 로 기 변경한 register 값 원복  Startup-config 를 불러와도 모든 Interface 는 shutdown 상태 유지 하므로 “ no shutdown” 실행  Write / copy running-config startup-config 를 통해 변경사항 저장.

Example of Password Recovery Procedure (1) Router>enable Password: % Bad secret !======= Password recovery 요망 Router>show version Cisco Internetwork Operating System Software Configuration register is 0x2102 !======== Register 값 확인 !======== System Power Off/On 후 Break Key *** System received an abort due to Break Key *** rommon 1 > confreg 0x2142 !======== Register 값 변경 You must reset or power cycle for new config to take effect rommon 2 > reset !========== System reboot System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc.

--- System Configuration Dialog --- Would you like to enter the initial configuration dialog? [yes/no]: n !======= configuration dialog 취소 (“no” 입력 ) Press RETURN to get started! Router>enable Router#copy startup-config running-config Destination filename [running-config]? !========= NVRAM 의 startup config 불러옴 Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#enable secret cisco !========= Loading 된 configuration 상에 password 복구 ( 변경 ) Router#show ip interface brief !========= system restart 후 loading 된 configuration 은 Interface shutdown 상태로 되어있음 Interface IP-Address OK? Method Status Protocol Ethernet0/ YES TFTP administratively down down Serial0/0 unassigned YES TFTP administratively down down Example of Password Recovery Procedure (2)

Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface Ethernet0/0 Router(config-if)#no shutdown !========== Shutdown 되어 있는 Interface no shutdown 수행 Router# 00:02:35: %SYS-5-CONFIG_I: Configured from console by console Router#copy running-config startup-config !========== 변경된 password 및 shutdown 정보 저장 Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#config-register 0x2102 Router(config)#^Z !========== 기 변경된 register 값 변경 Router#show version Cisco Internetwork Operating System Software Configuration register is 0x2142 (will be 0x2102 at next reload) !====== register 값 변경 여부 확인 (0x2102 로 바뀌었고 system reboot 후에도 0x2102 로 됨 ) 꼭 이를 위해 reboot 할 필요는 없음 Router# Example of Password Recovery Procedure (3)

 GSR12000 Series Routers  Cisco7500 Series Routers  Cisco7200 Series Routers  Cisco2500 Series Routers  Catalyst6500 Series Switches (with Native IOS)  Catalyst4000/4500 Series Switches  Catalyst2900/3500 Series Switches Agenda

Cisco2500 Series Routers 1.Console 사용을 위한 Terminal setup (terminal/ terminal emulation) baud rate, No parity, 8 data bits, 1 stop bit, No flow control 2.User mode “Router>show version” 을 통해 register 값을 확인 “0x2102” - Radius/TACACS 등에 연동 되어있어 확인 불가하면 아래로 이동 3.System Power Off / On 을 통해 Reboot 4.Ctrl+Break 또는 Break 를 할 수 있는 Key 를 통해 Router booting 과정을 멈춤 5.“rommon 1> “ prompt 에서 o/r 0x2142” 입력 후 “i” 를 통해 system reboot - rommon 1> o/r 0x2142 rommon 2> i  Register 0x2142 는 Startup-config 를 무시하고 Booting 하는 값 6."Would you like to enter the initial configuration dialog?[yes/no]" 에서 “no” 입력 7.“Router>”prompt 상에서 “Enable” 을 통해 “Router#” prompt 로 이동 8.“copy startup-config running-config” 를 통해 NVRAM 의 config 를 불러옴. 9.“config terminal” 을 통해 config mode 에서 Eanble / Secret password 변경 - Router(config)#enable secret hanaro 10.“config-register 0x2102 “ 로 기 변경한 register 값 원복  Startup-config 를 불러와도 모든 Interface 는 shutdown 상태 유지 하므로 “ no shutdown” 실행  Write / copy running-config startup-config 를 통해 변경사항 저장.

 GSR12000 Series Routers  Cisco7500 Series Routers  Cisco7200 Series Routers  Cisco2500 Series Routers  Catalyst6000/7600 Series Switches (with Native IOS)  Catalyst4000/4500 Series Switches  Catalyst2900/3500 Series Switches Agenda

Catalyst 6500/7600 series Switches with Native IOS  Catalyst 6500/7600 Native IOS 는 SP side 와 RP side booting 이 따로 이루어짐.  IOS 는 SP bootflash 에 저장되어 있으며 Booting 순서는 SP boot 후 RP boot 로 이루어짐. -First : SP (switch process) -Second : RP (Router process)  일반적인 configuration 및 기타 동작은 RP 에서 이루어 지며 password 또는 RP configuration 상에 동작하고 있음.  Routers password recovery 와 동일한 복구방법 사용함.  Password recovery 시 Register 값 변경은 RP boot 시 break 를 통해 변경 해야 함

Example of Password Recovery Procedure (1) Router>enable Password: % Bad secret !======= Password recovery 요망 Router>show version Cisco Internetwork Operating System Software Configuration register is 0x2102 !======== Register 값 확인 !======== System Power Off/On 후 RP booting 시 Break Key System Bootstrap, Version 8.4(2) Release Copyright (c) by cisco Systems, Inc. Cat6k-Sup720/SP processor with Kbytes of main memory !========= First boot SP processor booting 0:00:07: %OIR-SP-6-CONSOLE: Changing console ownership to route processor !========= console ownership RP 로 변경 / Break key & Ctrl + Break key System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1) Cat6k-Sup720/RP platform with Kbytes of main memory

Example of Password Recovery Procedure (2) rommon 1 > confreg 0x2142 !======== Register 값 변경 You must reset or power cycle for new config to take effect rommon 2 > reset !========== System reboot System Bootstrap, Version 8.4(2) Release Copyright (c) by cisco Systems, Inc. Cat6k-Sup720/SP processor with Kbytes of main memory 0:00:07: %OIR-SP-6-CONSOLE: Changing console ownership to route processor System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1) Cat6k-Sup720/RP platform with Kbytes of main memory

--- System Configuration Dialog --- Would you like to enter the initial configuration dialog? [yes/no]: n !======= configuration dialog 취소 (“no” 입력 ) Press RETURN to get started! Router>enable Router#copy startup-config running-config Destination filename [running-config]? !========= NVRAM 의 startup config 불러옴 Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#enable secret cisco !========= Loading 된 configuration 상에 password 복구 ( 변경 ) Router#show ip interface brief !========= system restart 후 loading 된 configuration 은 Interface shutdown 상태로 되어있음 Interface IP-Address OK? Method Status Protocol Ethernet0/ YES TFTP administratively down down Serial0/0 unassigned YES TFTP administratively down down Example of Password Recovery Procedure (3)

Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface Ethernet0/0 Router(config-if)#no shutdown !========== Shutdown 되어 있는 Interface no shutdown 수행 Router# 00:02:35: %SYS-5-CONFIG_I: Configured from console by console Router#copy running-config startup-config !========== 변경된 password 및 shutdown 정보 저장 Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#config-register 0x2102 Router(config)#^Z !========== 기 변경된 register 값 변경 Router#show version Cisco Internetwork Operating System Software Configuration register is 0x2142 (will be 0x2102 at next reload) !====== register 값 변경 여부 확인 (0x2102 로 바뀌었고 system reboot 후에도 0x2102 로 됨 ) 꼭 이를 위해 reboot 할 필요는 없음 Router# Example of Password Recovery Procedure (4)

 GSR12000 Series Routers  Cisco7500 Series Routers  Cisco7200 Series Routers  Cisco2500 Series Routers  Catalyst6000/7600 Series Switches (with Native IOS)  Catalyst4000/4500 Series Switches  Catalyst2900/3500 Series Switches Agenda

Catalyst 4000/4500 series Switches (1) 1. Password Recovery 필요시 Power Off / on 후 Autobooting message 가 나올 때 5sec 안에 Ctrl+C Key 를 눌러 booting 과정을 멈춤  ROM monitor prompt 상태로 됨 !--- Switch being power cycled. ********************************************************** * Welcome to ROM Monitor for WS-X4014 System. * * Copyright (c) , 2001 by Cisco Systems, Inc. * * All rights reserved. * ********************************************************** ROM Monitor Program Version 12.1(10r)EY(1.21) Board type 1, Board revision 7 Swamp FPGA revision 16, Dagobah FPGA revision 43 Main Memory : 256 Mbytes ***** The system will autoboot in 5 seconds ***** Type control-C to prevent autobooting. !--- At this point Hit Ctl^C. Autoboot cancelled please wait!!! !--- Module ended in the rommon. rommon 1 >

Catalyst 4000/4500 series Switches (2) 2.“confreg“ command 를 통해 아래 질문에 대해 “Y”, “N” 로 입력  새로운 configuration 을 적용하겠다는 의미. rommon 1 >confreg Configuration Summary : => load ROM after netboot fails => console baud: 9600 => autoboot from: commands specified in 'BOOT' environment variable do you wish to change the configuration? y/n [n]: y enable "diagnostic mode"? y/n [n]: n enable "use net in IP bcast address"? y/n [n]: n disable "load ROM after netboot fails"? y/n [n]: n enable "use all zero broadcast"? y/n [n]: n enable "break/abort has effect"? y/n [n]: n enable "ignore system config info"? y/n [n]: y change console baud rate? y/n [n]: n change the boot characteristics? y/n [n]: n Configuration Summary : => load ROM after netboot fails => ignore system config info => console baud: 9600 => autoboot from: commands specified in 'BOOT' environment variable

Catalyst 4000/4500 series Switches (2) do you wish to save this configuration? y/n [n]: y You must reset or power cycle for new configuration to take effect  rommom#> prompt 상에서 “reset” command 를 통해 system reload 수행 Resetting !--- Output suppressed. Press RETURN to get started!  NVRAM 의 startup-config 를 running-config 로 복사 수행 – 저장되어 있는 configuration loading “ configure memory” or “copy startup-config running-config” command 사용 Switch# copy startup-config running-config [or configure memory] Switch#  Loading 된 configuration 에서 Enable password 또는 Enable secret password 변경 c-4006-SUPIII# configure terminal Enter configuration commands, one per line. End with CNTL/Z. c-4006-SUPIII(config)# no enable secret c-4006-SUPIII(config)# enable secret Cisco

Catalyst 4000/4500 series Switches (3) 6.Rommon 상에서 변경한 Register 값 원복 c-4006-SUPIII# configure terminal Enter configuration commands, one per line. End with CNTL/Z. c-4006-SUPIII(config)# config-register 0x2102 c-4006-SUPIII(config)# ^Z c-4006-SUPIII# c-4006-SUPIII# show version Cisco Internetwork Operating System Software Configuration register is 0x2142 (will be 0x2102 at next reload)  모든 변경사항 저장 – configuration 을 Load 하기 전에 절대 저장하면 안됨. c-4006-SUPIII# write memory

 GSR12000 Series Routers  Cisco7500 Series Routers  Cisco7200 Series Routers  Cisco2500 Series Routers  Catalyst6000/7600 Series Switches (with Native IOS)  Catalyst4000/4500 Series Switches  Catalyst2900/3500 Series Switches Agenda

Catalyst 2900/3500 series Switches (1)  Power Off/On – power cable Unplug and reconnecting Power Cable 재연결 시에 Switch 앞 단의 Mode button 누른 상태에서 cable 재 연결 The system has been interrupted prior to initializing the flash file system to finish loading the operating system software: flash_init load_helper bootswitch: Catalyst 2900/3500 XL Series Switches : Port1x LED 가 꺼질 때 까지 Mode button 을 누르 고 있는다. Catalyst 2940/2950 Series Switches : STAT LED 가 꺼질 때 까지 Mode button 을 누르 고 있는다.

Catalyst 2900/3500 series Switches (2) 2.“Switch:” prompt 상에서 “flash_init”, “load_helper” command 를 통해 Flash 시작한다. switch: flash_init Initializing Flash... flashfs[0]: 143 files, 4 directories flashfs[0]: 0 orphaned files, 0 orphaned directories flashfs[0]: Total bytes: flashfs[0]: Bytes used: flashfs[0]: Bytes available: flashfs[0]: flashfs fsck took 86 seconds....done Initializing Flash. Boot Sector Filesystem (bs:) installed, fsid: 3 Parameter Block Filesystem (pb:) installed, fsid: 4 switch: switch: load_helper switch:

Catalyst 2900/3500 series Switches (3)  “dir flash: “ command 를 통해 IOS 및 configuration 이 저장 되어 있는 Files 을 확인한다. - config.text : startup-configuration 이 저장 되어 Booting 시 Loading 되는 File. switch: dir flash: Directory of flash:/ 2 -rwx c3500xl-c3h2s-mz WC7.bin 4 -rwx 1131 config.text 5 -rwx 109 info 6 -rwx 389 env_vars 7 drwx 640 html 18 -rwx 109 info.ver bytes available ( bytes used) switch:  Startup-config 가 Booting 시 Load 되지 않도록 Config.text file 명 변경 switch: rename flash:config.text flash:config.old switch:

Catalyst 2900/3500 series Switches (4)  “boot” command 를 통해 system reload 를 수행하여 config 초기화 되도록 한다. switch: boot Loading "flash:c3500xl-c3h2s-mz WC7.bin"...############################### File "flash:c3500xl-c3h2s-mz WC7.bin" uncompressed and installed, entry po int: 0x3000 executing...  Cofiguration dialog 질문에 “no” 를 입력하여 prompt 상태로 들어간다. --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Continue with configuration dialog? [yes/no]: n Press RETURN to get started. Switch> Switch>en Switch#

Catalyst 2900/3500 series Switches (5)  Rename command 를 통해 초기화 시 file 명을 변경한 config.text 를 원복한다. Switch#rename flash:config.old flash:config.text Destination filename [config.text]  startup-config (config.text) 상의 내용을 Load 한다. - 기존 정보를 불러올 때까지 저장 명령은 사용하면 안됨. (password 복구 후 저장 ) Switch#copy flash:config.text system:running-config Destination filename [running-config]? 1131 bytes copied in secs Switch#  기 Loading 된 configuration 에 Password 확인 및 수정하도록 한다. Switch#configure terminal Switch(config)#no enable secret Switch(config)#enable password Cisco Switch#(config)#^Z 10. 모든 절차 및 Password 변경 확인 후 변경된 사항을 저장한다. Switch#write memory Building configuration... [OK] Switch#

Reference  e6.shtml e6.shtml  6a e10.shtml 6a e10.shtml  6a shtml 6a shtml  186a fb1.shtml 186a fb1.shtml  186a f7.shtml 186a f7.shtml  186a shtml 186a shtml

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.