CCIE实验室考试指南(6)
添加时间: 2008-1-4 4:14:53 作者: Cisco教程指导 阅读次数:21 来源: http://www.d9soft.com
lab 06 -
password recovery trouble shooting
let us assume that you have a router and you don’t know the enable
secret password.
first and foremost you must have physical access to the router to
perform password recovery. bit 6 defines if the configuration file will
be loaded from nvram. since there is a password in the configuration
file that we do not know, we will want to set bit 6 to 1.
if bit 6 is 0 then the router will load the configuration file from
nvram. if bit 6 is 1 then the router will not load the configuration file
from nvram.
configuration register represented in decimal
此主题相关图片如下:
the following are the steps to recover from a lost password.
1. turn the router off, turn the router on, and within 60 seconds
issue the break sequence of your terminal emulation package. if
you are using hyperterminal that would be .
2. you will now be in rom monitor mode indicated by the >
prompt. our goal here is to turn bit 6 on, so if the configuration
register is set to 0x2102, we want to change the register to
0x2142. to determine the current configuration register setting
use the following command:
>e/s 2000002
to change the register:
>o/r 0x2142
to re-initialize the router
>i
3. after the router prompt appears get into the privileged mode
and copy the backup configuration file to ram.
4. get into the configuration mode and key in your new password
5. change the configuration register back to original setting
6. perform a no-shut on all interfaces
7. copy the running configuration to nvram
all of the steps are in bold
system bootstrap, version 5.2(8a),
release software
copyright (c) 1986-1995 by cisco systems
2500 processor with 16384 kbytes
of main memory
abort at 0x10ea87c (pc) break sequence
issued here
>e/s2000002
2000002: 2102 use q to quit the examine mode
>o/r0x2142
>i
system bootstrap, version 5.2(8a),
release software
copyright (c) 1986-1995 by cisco systems
2500 processor with 16384 kbytes
of main memory
f3: 7564496+94188+304272 at 0x3000060
--- system configuration dialog --->
at any point you may enter a question mark "?"
for help.
use ctrl-c to abort configuration
dialog at any prompt.
default settings are in square brackets "[ ]."
would you like to enter the initial
configuration dialog? [yes]: n
press return to get started!
%link-3-updown: interface ethernet0,
changed state to up
%link-3-updown: interface ethernet1,
changed state to up
%link-3-updown: interface serial0,
changed state to down
%link-3-updown: interface serial1,
changed state to down
%lance-5-coll: unit 0, excessive
collisions. tdr=6
%lineproto-5-updown: line protocol on
interface ethernet0,
changed state to down
%lineproto-5-updown: line protocol on
interface ethernet1,
changed state to down
%lineproto-5-updown: line protocol on
interface serial0,
changed state to down
%lineproto-5-updown: line protocol on
interface serial1,
changed state to down
%sys-5-restart: system restarted --
cisco internetwork operating system software
ios (tm) 2500 software (c2500-j-l),
version 11.2(3),
release software (fc2)
copyright (c) 1986-1996 by cisco systems, inc.
compiled mon 30-dec-96 21:28 by ajchopra
%link-5-changed: interface ethernet0,
changed state to administratively down
%link-5-changed: interface ethernet1,
changed state to administratively down
%link-5-changed: interface serial0,
changed state to administratively down
%link-5-changed: interface serial1,
changed state to administratively down
router>en
router#copy start run
atlanta#
atlanta#config t
enter configuration commands, one per line.
end with cntl/z.
atlanta(config)#enable secret password
atlanta(config)#config-reg 0x2102
atlanta(config)#int e0
atlanta(config-if)#no shut
atlanta(config)#int e1
atlanta(config-if)#no shut
atlanta(config-if)#int s0
atlanta(config-if)#no shut
atlanta(config)#int s1
atlanta(config-if)#no shut
atlanta(config-if)#
atlanta#
%sys-5-config_i: configured from console
by console
atlanta#copy run start
building configuration...
[ok]
atlanta#
solution:
first and foremost you must have physical access to the router to
perform password recovery. bit 6 defines if the configuration file will
be loaded from nvram. since there is a password in the configuration
file that we do not know, we will want to set bit 6 to 1.
if bit 6 is 0 then the router will load the configuration file from
nvram. if bit 6 is 1 then the router will not load the configuration file
from nvram.
configuration register represented in decimal
此主题相关图片如下:
the following are the steps to recover from a lost password.
1. turn the router off, turn the router on, and within 60 seconds
issue the break sequence of your terminal emulation package. if
you are using hyperterminal that would be
2. you will now be in rom monitor mode indicated by the >
prompt. our goal here is to turn bit 6 on, so if the configuration
register is set to 0x2102, we want to change the register to
0x2142. to determine the current configuration register setting
use the following command:
>e/s 2000002
to change the register:
>o/r 0x2142
to re-initialize the router
>i
3. after the router prompt appears get into the privileged mode
and copy the backup configuration file to ram.
4. get into the configuration mode and key in your new password
5. change the configuration register back to original setting
6. perform a no-shut on all interfaces
7. copy the running configuration to nvram
all of the steps are in bold
system bootstrap, version 5.2(8a),
release software
copyright (c) 1986-1995 by cisco systems
2500 processor with 16384 kbytes
of main memory
abort at 0x10ea87c (pc) break sequence
issued here
>e/s2000002
2000002: 2102 use q to quit the examine mode
>o/r0x2142
>i
system bootstrap, version 5.2(8a),
release software
copyright (c) 1986-1995 by cisco systems
2500 processor with 16384 kbytes
of main memory
f3: 7564496+94188+304272 at 0x3000060
--- system configuration dialog ---
at any point you may enter a question mark "?"
for help.
use ctrl-c to abort configuration
dialog at any prompt.
default settings are in square brackets "[ ]."
would you like to enter the initial
configuration dialog? [yes]: n
press return to get started!
%link-3-updown: interface ethernet0,
changed state to up
%link-3-updown: interface ethernet1,
changed state to up
%link-3-updown: interface serial0,
changed state to down
%link-3-updown: interface serial1,
changed state to down
%lance-5-coll: unit 0, excessive
collisions. tdr=6
%lineproto-5-updown: line protocol on
interface ethernet0,
changed state to down
%lineproto-5-updown: line protocol on
interface ethernet1,
changed state to down
%lineproto-5-updown: line protocol on
interface serial0,
changed state to down
%lineproto-5-updown: line protocol on
interface serial1,
changed state to down
%sys-5-restart: system restarted --
cisco internetwork operating system software
ios (tm) 2500 software (c2500-j-l),
version 11.2(3),
release software (fc2)
copyright (c) 1986-1996 by cisco systems, inc.
compiled mon 30-dec-96 21:28 by ajchopra
%link-5-changed: interface ethernet0,
changed state to administratively down
%link-5-changed: interface ethernet1,
changed state to administratively down
%link-5-changed: interface serial0,
changed state to administratively down
%link-5-changed: interface serial1,
changed state to administratively down
router>en
router#copy start run
atlanta#
atlanta#config t
enter configuration commands, one per line.
end with cntl/z.
atlanta(config)#enable secret password
atlanta(config)#config-reg 0x2102
atlanta(config)#int e0
atlanta(config-if)#no shut
atlanta(config)#int e1
atlanta(config-if)#no shut
atlanta(config-if)#int s0
atlanta(config-if)#no shut
atlanta(config)#int s1
atlanta(config-if)#no shut
atlanta(config-if)#
atlanta#
%sys-5-config_i: configured from console
by console
atlanta#copy run start
building configuration...
[ok]
atlanta#
上一篇文章: CCIE实验室考试指南(8) 下一篇文章: CCIE实验室考试指南(7)