4507/4503/4506等4500系列交换机密码恢复的详细过程,虽然4500系列已经很老了,但是难免会再次遇到,记录一下。
1,重启设备
关闭设备电源后,重新打开。在5秒内按Ctrl-C以防止自动引导。
!— 重启设备
**********************************************************
* *
* Welcome to ROM Monitor for WS-X4014 System. *
* Copyright (c) 1999-2000, 2001 by Cisco Systems, Inc. *
* All rights reserved. *
* *
**********************************************************
ROM Monitor Program Version 12.1(10r)EY(1.21)
Board type 1, Board revision 7
Swamp FPGA revision 16, Dagobah FPGA revision 43
Timer interrupt test passed.
MAC Address : 00-02-b9-83-af-fe
IP Address : 172.16.84.122
Netmask : 255.255.255.0
Gateway : 172.16.84.1
TftpServer : Not set.
Main Memory : 256 MBytes
***** The system will autoboot in 5 seconds *****
Type control-C to prevent autobooting.
!— 按住 Ctrl-C.
Autoboot cancelled……… please wait!!!
Autoboot cancelled……… please wait!!!
rommon 1 > [interrupt]
rommon 1 > [interrupt]
2,在rommon提示符下使用confreg命令忽略从原配置启动
rommon 1 > set
rommon 1 > confreg
Configuration Summary :
=> load ROM after netboot fails
=> console baud: 9600
=> autoboot from: commands specified in ‘BOOT’ environment variable
do you wish to change the configuration? y/n [n]: y
enable “diagnostic mode”? y/n [n]: n
enable “use net in IP bcast address”? y/n [n]: n
disable “load ROM after netboot fails”? y/n [n]: n
enable “use all zero broadcast”? y/n [n]: n
enable “break/abort has effect”? y/n [n]: n
enable “ignore system config info”? y/n [n]: y
change console baud rate? y/n [n]: n
change the boot characteristics? y/n [n]: n
Configuration Summary :
=> load ROM after netboot fails
=> ignore system config info
=> console baud: 9600
=> autoboot from: commands specified in ‘BOOT’ environment variable
do you wish to save this configuration? y/n [n]: y
You must reset or power cycle for new configuration to take effect
rommon 1 >confreg 0x2142
You must reset or power cycle for the new configuration to take effect.
3,重启设备
rommon 2 > reset
Resetting …….
rommon 3 >
**********************************************************
* *
* Welcome to ROM Monitor for WS-X4014 System. *
* Copyright (c) 1999-2000, 2001 by Cisco Systems, Inc. *
* All rights reserved. *
* *
**********************************************************
Press RETURN to get started!
00:00:21: %SYS-5-RESTART: System restarted —
Cisco Internetwork Operating System Software
IOS ™ Catalyst 4000 L3 Switch Software (cat4000-IS-M),
Version 12.1(8a)EW, RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Thu 24-Jan-02 17:34 by ccai
00:00:21: %SNMP-5-COLDSTART: SNMP agent on host Switch
is undergoing a cold start
Switch>
4,确保设备寄存值为0x2142
此值使设备从Flash启动,而无需加载已保存的配置。在Switch提示符下发出enable命令进入启用模式。然后,使用show version命令以检查配置寄存器值。
Switch> enable
Switch#show version
Cisco Internetwork Operating System Software
IOS (TM) Catalyst 4000 L3 Switch Software (cat4000-IS-M),
Version 12.1(8a)EW, RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Thu 24-Jan-02 17:34 by ccai
Image text-base: 0x00000000, data-base: 0x00AA2B8C
ROM: 12.1(10r)EY(1.21)
Switch uptime is 5 minutes
System returned to ROM by reload
Running default software
cisco WS-C4006 (MPC8245) processor (revision 7) with 262144K bytes of memory.
Processor board ID FOX04183666
Last reset from Reload
32 Gigabit Ethernet/IEEE 802.3 interface(s)
467K bytes of non-volatile configuration memory.
Configuration register is 0x2142
Switch#
5,将配置恢复到内存中
使用configure memory命令或copy startup-config running-config命令将NVRAM复制到内存中。
请勿使用configure terminal命令,该命令显示模块的默认配置。
Switch#configure memory
Uncompressed configuration from 1307 bytes to 3014 bytes
Switch#
00:13:52: %SYS-5-CONFIG_I: Configured from memory by console
c-4006-SUPIII#
6,检查接口状态
使用show ip interface brief命令以确保之前使用的接口显示“ up up ”状态。
如果在密码恢复之前使用的任何接口显示“ down ”,请在该接口上发出no shutdown命令以启动接口。
7,检查配置
使用write terminal命令和show running-config命令检查配置。
c-4006-SUPIII#show running-config
Building configuration…
Current configuration : 3014 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service compress-config
!
hostname c-4006-SUPIII
!
boot system flash bootflash:
!
vtp mode transparent
line con 0
stopbits 1
line vty 0 4
login
!
end
c-4006-SUPIII#
8,更改密码
c-4006-SUPIII#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
c-4006-SUPIII(config)#no enable secret
!— 删除旧enable密码
c-4006-SUPIII(config)#enable secret xxx
[Choose a strong password with at least one capital letter,
one number, and one special character.]
!— 设置新密码.同理,也可以删除旧登录账号和密码,重新配置新账户和密码!
c-4006-SUPIII(config)#no username test1
c-4006-SUPIII(config)#username test2 password xxx
9,确保将配置寄存器值更改回0x2102
c-4006-SUPIII(config)#config-register 0x2102
c-4006-SUPIII(config)# ^Z
c-4006-SUPIII#
00:19:01: %SYS-5-CONFIG_I: Configured from console by console
c-4006-SUPIII#write memory
!— 保存配置
Building configuration…
Compressed configuration from 3061 bytes to 1365 bytes[OK]
c-4006-SUPIII#show version
!— 查看设备寄存值
Cisco Internetwork Operating System Software
IOS (TM) Catalyst 4000 L3 Switch Software (cat4000-IS-M),
Version 12.1(8a)EW, RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Thu 24-Jan-02 17:34 by ccai
Image text-base: 0x00000000, database: 0x00AA2B8C
ROM: 12.1(10r)EY(1.21)
c-4006-SUPIII uptime is 20 minutes
System returned to ROM by reload
Running default software
cisco WS-C4006 (MPC8245) processor (revision 7) with 262144K bytes of memory.
Processor board ID FOX04183666
Last reset from Reload
32 Gigabit Ethernet/IEEE 802.3 interface(s)
467K bytes of nonvolatile configuration memory.
Configuration register is 0x2142 (will be 0x2102 at next reload)
c-4006-SUPIII#
此时,已完成密码恢复。
……