1. 2005. 9 Password Recovery Procedures

2.  GSR12000 Series Routers  Cisco7500 Series Routers  Cisco7200 Series Routers  Cisco2500 Series Routers  Catalyst6500 Series Switches (with Native IOS)  Catalyst4000/4500 Series Switches  Catalyst2900/3500 Series Switches Agenda

3. Password Recovery (Router series)  Cisco Routers / Switches 의 Enable / Secret password recovery.  Password Recovery 시 System Reboot 이 1 번 이상 필요.  Routers 의 Register 값을 조정하여 Startup-config 를 무시하도록 변경 - 0x2102 : default/current value - 0x2142 : Startup-config 무시 ( 초기화 )  Access switches 의 config file name 을 조정하여 startup-config 를 무시.  각 변경 값은 Booting 완료 및 Password 복구 후 Default value 로 원복.  해당 제품 군 - Cisco 806, Cisco 827, Cisco uBR900, Cisco 1003, Cisco 1004, Cisco 1005 Cisco 1400, Cisco 1600, Cisco 1700, Cisco 2600, Cisco 3600, Cisco 4500 Cisco 4700, Cisco AS5x00, Cisco 6x00, Cisco 7000 (RSP7000), Cisco 7100 Cisco 7200, Cisco 7500, Cisco uBR7100, Cisco uBR7200, Cisco uBR10000 Cisco 12000, Cisco LS1010, Catalyst 2948G-L3, Catalyst 4840G,Catalyst 4908G-L3, Catalyst 5500 (RSM), Catalyst 8510-CSR, Catalyst 8510-MSR, Catalyst 8540-CSR, Catalyst 8540-MSR, Cisco MC3810, Cisco NI-2, Cisco VG200 Analog Gateway, Route Processor Module

4. GSR12000/C7500/C7200 Series Routers 1.Console 사용을 위한 Terminal setup (terminal/ terminal emulation) - 9600 baud rate, No parity, 8 data bits, 1 stop bit, No flow control 2.User mode “Router>show version” 을 통해 register 값을 확인 “0x2102” - Radius/TACACS 등에 연동 되어있어 확인 불가하면 아래로 이동 3.System Power Off / On 을 통해 Reboot 4.Ctrl+Break 또는 Break 를 할 수 있는 Key 를 통해 Router booting 과정을 멈춤 5.“rommon 1> “ prompt 에서 “confreg 0x2142” 입력 후 “reset” - rommon 1> confreg 0x2142 rommon 2> reset  Register 0x2142 는 Startup-config 를 무시하고 Booting 하는 값 6."Would you like to enter the initial configuration dialog?[yes/no]" 에서 “no” 입력 7.“Router>”prompt 상에서 “Enable” 을 통해 “Router#” prompt 로 이동 8.“copy startup-config running-config” 를 통해 NVRAM 의 config 를 불러옴. 9.“config terminal” 을 통해 config mode 에서 Eanble / Secret password 변경 - Router(config)#enable secret hanaro 10.“config-register 0x2102 “ 로 기 변경한 register 값 원복  Startup-config 를 불러와도 모든 Interface 는 shutdown 상태 유지 하므로 “ no shutdown” 실행  Write / copy running-config startup-config 를 통해 변경사항 저장.

5. Example of Password Recovery Procedure (1) Router>enable Password: % Bad secret !======= Password recovery 요망 Router>show version Cisco Internetwork Operating System Software Configuration register is 0x2102 !======== Register 값 확인 !======== System Power Off/On 후 Break Key *** System received an abort due to Break Key *** rommon 1 > confreg 0x2142 !======== Register 값 변경 You must reset or power cycle for new config to take effect rommon 2 > reset !========== System reboot System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc.

6. --- System Configuration Dialog --- Would you like to enter the initial configuration dialog? [yes/no]: n !======= configuration dialog 취소 (“no” 입력 ) Press RETURN to get started! Router>enable Router#copy startup-config running-config Destination filename [running-config]? !========= NVRAM 의 startup config 불러옴 Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#enable secret cisco !========= Loading 된 configuration 상에 password 복구 ( 변경 ) Router#show ip interface brief !========= system restart 후 loading 된 configuration 은 Interface shutdown 상태로 되어있음 Interface IP-Address OK? Method Status Protocol Ethernet0/0 10.200.40.37 YES TFTP administratively down down Serial0/0 unassigned YES TFTP administratively down down Example of Password Recovery Procedure (2)

7. Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface Ethernet0/0 Router(config-if)#no shutdown !========== Shutdown 되어 있는 Interface no shutdown 수행 Router# 00:02:35: %SYS-5-CONFIG_I: Configured from console by console Router#copy running-config startup-config !========== 변경된 password 및 shutdown 정보 저장 Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#config-register 0x2102 Router(config)#^Z !========== 기 변경된 register 값 변경 Router#show version Cisco Internetwork Operating System Software Configuration register is 0x2142 (will be 0x2102 at next reload) !====== register 값 변경 여부 확인 (0x2102 로 바뀌었고 system reboot 후에도 0x2102 로 됨 ) 꼭 이를 위해 reboot 할 필요는 없음 Router# Example of Password Recovery Procedure (3)

8.  GSR12000 Series Routers  Cisco7500 Series Routers  Cisco7200 Series Routers  Cisco2500 Series Routers  Catalyst6500 Series Switches (with Native IOS)  Catalyst4000/4500 Series Switches  Catalyst2900/3500 Series Switches Agenda

9. Cisco2500 Series Routers 1.Console 사용을 위한 Terminal setup (terminal/ terminal emulation) - 9600 baud rate, No parity, 8 data bits, 1 stop bit, No flow control 2.User mode “Router>show version” 을 통해 register 값을 확인 “0x2102” - Radius/TACACS 등에 연동 되어있어 확인 불가하면 아래로 이동 3.System Power Off / On 을 통해 Reboot 4.Ctrl+Break 또는 Break 를 할 수 있는 Key 를 통해 Router booting 과정을 멈춤 5.“rommon 1> “ prompt 에서 o/r 0x2142” 입력 후 “i” 를 통해 system reboot - rommon 1> o/r 0x2142 rommon 2> i  Register 0x2142 는 Startup-config 를 무시하고 Booting 하는 값 6."Would you like to enter the initial configuration dialog?[yes/no]" 에서 “no” 입력 7.“Router>”prompt 상에서 “Enable” 을 통해 “Router#” prompt 로 이동 8.“copy startup-config running-config” 를 통해 NVRAM 의 config 를 불러옴. 9.“config terminal” 을 통해 config mode 에서 Eanble / Secret password 변경 - Router(config)#enable secret hanaro 10.“config-register 0x2102 “ 로 기 변경한 register 값 원복  Startup-config 를 불러와도 모든 Interface 는 shutdown 상태 유지 하므로 “ no shutdown” 실행  Write / copy running-config startup-config 를 통해 변경사항 저장.

10.  GSR12000 Series Routers  Cisco7500 Series Routers  Cisco7200 Series Routers  Cisco2500 Series Routers  Catalyst6000/7600 Series Switches (with Native IOS)  Catalyst4000/4500 Series Switches  Catalyst2900/3500 Series Switches Agenda

11. Catalyst 6500/7600 series Switches with Native IOS  Catalyst 6500/7600 Native IOS 는 SP side 와 RP side booting 이 따로 이루어짐.  IOS 는 SP bootflash 에 저장되어 있으며 Booting 순서는 SP boot 후 RP boot 로 이루어짐. -First : SP (switch process) -Second : RP (Router process)  일반적인 configuration 및 기타 동작은 RP 에서 이루어 지며 password 또는 RP configuration 상에 동작하고 있음.  Routers password recovery 와 동일한 복구방법 사용함.  Password recovery 시 Register 값 변경은 RP boot 시 break 를 통해 변경 해야 함

12. Example of Password Recovery Procedure (1) Router>enable Password: % Bad secret !======= Password recovery 요망 Router>show version Cisco Internetwork Operating System Software Configuration register is 0x2102 !======== Register 값 확인 !======== System Power Off/On 후 RP booting 시 Break Key System Bootstrap, Version 8.4(2) Release Copyright (c) 1994-2005 by cisco Systems, Inc. Cat6k-Sup720/SP processor with 1048576 Kbytes of main memory !========= First boot SP processor booting 0:00:07: %OIR-SP-6-CONSOLE: Changing console ownership to route processor !========= console ownership RP 로 변경 / Break key & Ctrl + Break key System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1) Cat6k-Sup720/RP platform with 1048576 Kbytes of main memory

13. Example of Password Recovery Procedure (2) rommon 1 > confreg 0x2142 !======== Register 값 변경 You must reset or power cycle for new config to take effect rommon 2 > reset !========== System reboot System Bootstrap, Version 8.4(2) Release Copyright (c) 1994-2005 by cisco Systems, Inc. Cat6k-Sup720/SP processor with 1048576 Kbytes of main memory 0:00:07: %OIR-SP-6-CONSOLE: Changing console ownership to route processor System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1) Cat6k-Sup720/RP platform with 1048576 Kbytes of main memory

14. --- System Configuration Dialog --- Would you like to enter the initial configuration dialog? [yes/no]: n !======= configuration dialog 취소 (“no” 입력 ) Press RETURN to get started! Router>enable Router#copy startup-config running-config Destination filename [running-config]? !========= NVRAM 의 startup config 불러옴 Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#enable secret cisco !========= Loading 된 configuration 상에 password 복구 ( 변경 ) Router#show ip interface brief !========= system restart 후 loading 된 configuration 은 Interface shutdown 상태로 되어있음 Interface IP-Address OK? Method Status Protocol Ethernet0/0 10.200.40.37 YES TFTP administratively down down Serial0/0 unassigned YES TFTP administratively down down Example of Password Recovery Procedure (3)

15. Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface Ethernet0/0 Router(config-if)#no shutdown !========== Shutdown 되어 있는 Interface no shutdown 수행 Router# 00:02:35: %SYS-5-CONFIG_I: Configured from console by console Router#copy running-config startup-config !========== 변경된 password 및 shutdown 정보 저장 Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#config-register 0x2102 Router(config)#^Z !========== 기 변경된 register 값 변경 Router#show version Cisco Internetwork Operating System Software Configuration register is 0x2142 (will be 0x2102 at next reload) !====== register 값 변경 여부 확인 (0x2102 로 바뀌었고 system reboot 후에도 0x2102 로 됨 ) 꼭 이를 위해 reboot 할 필요는 없음 Router# Example of Password Recovery Procedure (4)

16.  GSR12000 Series Routers  Cisco7500 Series Routers  Cisco7200 Series Routers  Cisco2500 Series Routers  Catalyst6000/7600 Series Switches (with Native IOS)  Catalyst4000/4500 Series Switches  Catalyst2900/3500 Series Switches Agenda

17. Catalyst 4000/4500 series Switches (1) 1. Password Recovery 필요시 Power Off / on 후 Autobooting message 가 나올 때 5sec 안에 Ctrl+C Key 를 눌러 booting 과정을 멈춤  ROM monitor prompt 상태로 됨 !--- Switch being power cycled. ********************************************************** * Welcome to ROM Monitor for WS-X4014 System. * * Copyright (c) 1999-2000, 2001 by Cisco Systems, Inc. * * All rights reserved. * ********************************************************** ROM Monitor Program Version 12.1(10r)EY(1.21) Board type 1, Board revision 7 Swamp FPGA revision 16, Dagobah FPGA revision 43 Main Memory : 256 Mbytes ***** The system will autoboot in 5 seconds ***** Type control-C to prevent autobooting. !--- At this point Hit Ctl^C. Autoboot cancelled......... please wait!!! !--- Module ended in the rommon. rommon 1 >

18. Catalyst 4000/4500 series Switches (2) 2.“confreg“ command 를 통해 아래 질문에 대해 “Y”, “N” 로 입력  새로운 configuration 을 적용하겠다는 의미. rommon 1 >confreg Configuration Summary : => load ROM after netboot fails => console baud: 9600 => autoboot from: commands specified in 'BOOT' environment variable do you wish to change the configuration? y/n [n]: y enable "diagnostic mode"? y/n [n]: n enable "use net in IP bcast address"? y/n [n]: n disable "load ROM after netboot fails"? y/n [n]: n enable "use all zero broadcast"? y/n [n]: n enable "break/abort has effect"? y/n [n]: n enable "ignore system config info"? y/n [n]: y change console baud rate? y/n [n]: n change the boot characteristics? y/n [n]: n Configuration Summary : => load ROM after netboot fails => ignore system config info => console baud: 9600 => autoboot from: commands specified in 'BOOT' environment variable

19. Catalyst 4000/4500 series Switches (2) do you wish to save this configuration? y/n [n]: y You must reset or power cycle for new configuration to take effect  rommom#> prompt 상에서 “reset” command 를 통해 system reload 수행 Resetting....... !--- Output suppressed. Press RETURN to get started!  NVRAM 의 startup-config 를 running-config 로 복사 수행 – 저장되어 있는 configuration loading “ configure memory” or “copy startup-config running-config” command 사용 Switch# copy startup-config running-config [or configure memory] Switch#  Loading 된 configuration 에서 Enable password 또는 Enable secret password 변경 c-4006-SUPIII# configure terminal Enter configuration commands, one per line. End with CNTL/Z. c-4006-SUPIII(config)# no enable secret c-4006-SUPIII(config)# enable secret Cisco

20. Catalyst 4000/4500 series Switches (3) 6.Rommon 상에서 변경한 Register 값 원복 c-4006-SUPIII# configure terminal Enter configuration commands, one per line. End with CNTL/Z. c-4006-SUPIII(config)# config-register 0x2102 c-4006-SUPIII(config)# ^Z c-4006-SUPIII# c-4006-SUPIII# show version Cisco Internetwork Operating System Software Configuration register is 0x2142 (will be 0x2102 at next reload)  모든 변경사항 저장 – configuration 을 Load 하기 전에 절대 저장하면 안됨. c-4006-SUPIII# write memory

21.  GSR12000 Series Routers  Cisco7500 Series Routers  Cisco7200 Series Routers  Cisco2500 Series Routers  Catalyst6000/7600 Series Switches (with Native IOS)  Catalyst4000/4500 Series Switches  Catalyst2900/3500 Series Switches Agenda

22. Catalyst 2900/3500 series Switches (1)  Power Off/On – power cable Unplug and reconnecting Power Cable 재연결 시에 Switch 앞 단의 Mode button 누른 상태에서 cable 재 연결 The system has been interrupted prior to initializing the flash file system to finish loading the operating system software: flash_init load_helper bootswitch: Catalyst 2900/3500 XL Series Switches : Port1x LED 가 꺼질 때 까지 Mode button 을 누르 고 있는다. Catalyst 2940/2950 Series Switches : STAT LED 가 꺼질 때 까지 Mode button 을 누르 고 있는다.

23. Catalyst 2900/3500 series Switches (2) 2.“Switch:” prompt 상에서 “flash_init”, “load_helper” command 를 통해 Flash 시작한다. switch: flash_init Initializing Flash... flashfs[0]: 143 files, 4 directories flashfs[0]: 0 orphaned files, 0 orphaned directories flashfs[0]: Total bytes: 3612672 flashfs[0]: Bytes used: 2729472 flashfs[0]: Bytes available: 883200 flashfs[0]: flashfs fsck took 86 seconds....done Initializing Flash. Boot Sector Filesystem (bs:) installed, fsid: 3 Parameter Block Filesystem (pb:) installed, fsid: 4 switch: switch: load_helper switch:

24. Catalyst 2900/3500 series Switches (3)  “dir flash: “ command 를 통해 IOS 및 configuration 이 저장 되어 있는 Files 을 확인한다. - config.text : startup-configuration 이 저장 되어 Booting 시 Loading 되는 File. switch: dir flash: Directory of flash:/ 2 -rwx 1803357 c3500xl-c3h2s-mz.120-5.WC7.bin 4 -rwx 1131 config.text 5 -rwx 109 info 6 -rwx 389 env_vars 7 drwx 640 html 18 -rwx 109 info.ver 403968 bytes available (3208704 bytes used) switch:  Startup-config 가 Booting 시 Load 되지 않도록 Config.text file 명 변경 switch: rename flash:config.text flash:config.old switch:

25. Catalyst 2900/3500 series Switches (4)  “boot” command 를 통해 system reload 를 수행하여 config 초기화 되도록 한다. switch: boot Loading "flash:c3500xl-c3h2s-mz.120-5.WC7.bin"...############################### File "flash:c3500xl-c3h2s-mz.120-5.WC7.bin" uncompressed and installed, entry po int: 0x3000 executing...  Cofiguration dialog 질문에 “no” 를 입력하여 prompt 상태로 들어간다. --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Continue with configuration dialog? [yes/no]: n Press RETURN to get started. Switch> Switch>en Switch#

26. Catalyst 2900/3500 series Switches (5)  Rename command 를 통해 초기화 시 file 명을 변경한 config.text 를 원복한다. Switch#rename flash:config.old flash:config.text Destination filename [config.text]  startup-config (config.text) 상의 내용을 Load 한다. - 기존 정보를 불러올 때까지 저장 명령은 사용하면 안됨. (password 복구 후 저장 ) Switch#copy flash:config.text system:running-config Destination filename [running-config]? 1131 bytes copied in 0.760 secs Switch#  기 Loading 된 configuration 에 Password 확인 및 수정하도록 한다. Switch#configure terminal Switch(config)#no enable secret Switch(config)#enable password Cisco Switch#(config)#^Z 10. 모든 절차 및 Password 변경 확인 후 변경된 사항을 저장한다. Switch#write memory Building configuration... [OK] Switch#

27. Reference  http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1831/products_tech_note09186a0080 1746e6.shtml http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1831/products_tech_note09186a0080 1746e6.shtml  http://www.cisco.com/en/US/partner/products/hw/routers/ps167/products_password_recovery0918 6a0080093e10.shtml http://www.cisco.com/en/US/partner/products/hw/routers/ps167/products_password_recovery0918 6a0080093e10.shtml  http://www.cisco.com/en/US/partner/products/hw/routers/ps233/products_password_recovery0918 6a0080094795.shtml http://www.cisco.com/en/US/partner/products/hw/routers/ps233/products_password_recovery0918 6a0080094795.shtml  http://www.cisco.com/en/US/partner/products/hw/switches/ps700/products_password_recovery09 186a0080133fb1.shtml http://www.cisco.com/en/US/partner/products/hw/switches/ps700/products_password_recovery09 186a0080133fb1.shtml  http://www.cisco.com/en/US/partner/products/hw/switches/ps663/products_password_recovery09 186a00800945f7.shtml http://www.cisco.com/en/US/partner/products/hw/switches/ps663/products_password_recovery09 186a00800945f7.shtml  http://www.cisco.com/en/US/partner/products/hw/switches/ps628/products_password_recovery09 186a0080094184.shtml http://www.cisco.com/en/US/partner/products/hw/switches/ps628/products_password_recovery09 186a0080094184.shtml