參考:
1、Cisco路由器口令恢復
當Cisco路由器的口令被錯誤修改或忘記時,可以按如下步驟進行操作:
1. 開機時按
2. 按o 命令讀取配置寄存器的原始值
> o 一般值為0x2102
3. 作如下設置,使忽略NVRAM引導
>o/r0x**4* Cisco2500系列命令
rommon 1 >confreg 0x**4* Cisco2600、1600系列命令
一般正常值為0x2102
4. 重新啟動路由器
>I
rommon 2 >reset
5. 在「Setup」模式,對所有問題回答No
6. 進入特權模式
Router>enable
7. 下載NVRAM
Router>configure memory
8. 恢復原始配置寄存器值並啟動所有埠
「hostname」#configure terminal
「hostname」(config)#config-register 0x「value」
「hostname」(config)#interface xx
「hostname」(config)#no shutdown
9. 查詢並記錄丟失的口令
「hostname」#show configuration (show startup-config)
10. 修改口令
「hostname」#configure terminal
「hostname」(config)line console 0
「hostname」(config-line)#login
「hostname」(config-line)#password xxxxxxxxx
「hostname」(config-line)#
「hostname」(config-line)#write memory(copy running-config startup-config)
您要用終端機才會方便
我是以2611來做的,不過1600也適用。
以下是我的做法,您可以參考一下,有實做成功喔!
一:先準備一條使用RJ45接頭的連接線,連接Router的Console Port。
二:終端機使用以下設定(不要用Win NT,建議用Win9x)
9600 baud rate
No parity
8 data bits
1 stop bit
No flow control
三:將Router開機,
System Bootstrap, Version 11.3(19)AA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
Copyright (c) 1998 by cisco Systems, Inc.
C2600 processor with 32768 Kbytes of main memory
Main memory is configured to 32 bit mode with parity enabled
看到出現此訊息後,趕緊按下Ctrl+Break送出 Break,就會進到ROMMON Mode。
四:在rommon>下輸入confreg
rommon 1 > confreg
回答下列問題
Configuration Summary
enabled are:
load rom after netboot fails
console baud: 9600
boot: image specified by the boot system commands
or default to: cisco2-C2600
do you wish to change the configuration? y/n [n]: y-------回答Y
enable "diagnostic mode"? y/n [n]:
enable "use net in IP bcast address"? y/n [n]:
disable "load rom after netboot fails"? y/n [n]:
enable "use all zero broadcast"? y/n [n]:
enable "break/abort has effect"? y/n [n]:
enable "ignore system config info"? y/n [n]: y-------回答Y
change console baud rate? y/n [n]:
change the boot characteristics? y/n [n]: y-------回答Y
enter to boot:
0 = ROM Monitor
1 = the boot helper image
2-15 = boot system
[2]: 2-----要選2
五:rommon 2 > reset 重新啟動 Router
六:
--- System Configuration Dialog --- Router 會自動進入 Setup 選單
Would you like to enter the initial configuration dialog? [yes/no]:
按 Ctrl-C 中斷 Setup
七:Router 會進入一般模式
Router>enable 進入 Priviledged mode (不需輸入任何密碼)
Router#show startup-config 顯示 NVRAM 裡面的 Startup-Config
(顯示結果省略)
八:將 Startup-Config 載入 DRAM
Router#configure memory
九: 2611#configure terminal----輸入此命令進入設定模式
十:將 enable 的密碼改為 2611
2611(config)#enable secret 2611
十一:將 Running-Config 寫回 NVRAM
2611#copy running-config startup-config
十二:
2611#show version
Cisco Internetwork Operating System Software
(中間結果省略)
Configuration register is 0x2142 目前的 Configuration Register 為 0x2142
十三:
2611#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
2611(config)#config-reg 0x2102 將 Configuration Register 改回來
2611(config)#^Z -----Ctrl+Z
2611#
00:01:54: %SYS-5-CONFIG_I: Configured from console by console
2611# reload 重新開機
全部大功告成。過程雖然有點囉唆,不過卻是一定要做的。
希望上述做法對需要的人有幫助。
2500 Password Recovery
Step 1 : Power on router (Press [Ctrl] + [Break] within 30 sec)
Step 2 : o/r 0x2142 [Enter]
Step 3 : i [Enter]
Then it will show as follow
Step 4 : Would you like to enter initial configuration dialog? [Yes] : No [Enter]
Step 5 : Router> enable [Enter]
Step 6 : router# copy start run [Enter]
Step 7 : router# conf t [Enter]
Step 8 : router(config)# config-register 0x2102 [Enter]
Step 9 : router(config)# enable secret Newpassword [Enter]
Step 10 : router(config)# exit [Enter]
Step 11 : router# copy run start [Enter]
Step 12 : router# reload [Enter]
1600 (2600;3600)Password Recovery
Step 1 : Power on router (Press [Ctrl] + [Break] within 30 sec)
Then it will show as follow
Step 2 : rommon> confreg [Enter]
Step 3 : “Do you wish to change configuration[y/n]?” Type y
Step 4 : Type n to all of the question that appear until you reach the
“ignore system config info[y/n]” , type y
Step 5 : Type n to all of the question that appear until you reach the
“change boot characteristics[y/n]” , type y
Step 6 : “enter to boot “ type 2[Enter]
Step 7 : “Do you wish to chane configuration [y/n]” type n
Step 8 : reset [Enter]
Step 9 : Then do the same thing as Step 5 to 12 in 2500 password recovery
以下是我的做法,您可以參考一下,有實做成功喔!
一:先準備一條使用RJ45接頭的連接線,連接Router的Console Port。
二:終端機使用以下設定(不要用Win NT,建議用Win9x)
9600 baud rate
No parity
8 data bits
1 stop bit
No flow control
三:將Router開機,
System Bootstrap, Version 11.3(19)AA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
Copyright (c) 1998 by cisco Systems, Inc.
C2600 processor with 32768 Kbytes of main memory
Main memory is configured to 32 bit mode with parity enabled
看到出現此訊息後,趕緊按下Ctrl+Break送出 Break,就會進到ROMMON Mode。
四:在rommon>下輸入confreg
rommon 1 > confreg
回答下列問題
Configuration Summary
enabled are:
load rom after netboot fails
console baud: 9600
boot: image specified by the boot system commands
or default to: cisco2-C2600
do you wish to change the configuration? y/n [n]: y-------回答Y
enable "diagnostic mode"? y/n [n]:
enable "use net in IP bcast address"? y/n [n]:
disable "load rom after netboot fails"? y/n [n]:
enable "use all zero broadcast"? y/n [n]:
enable "break/abort has effect"? y/n [n]:
enable "ignore system config info"? y/n [n]: y-------回答Y
change console baud rate? y/n [n]:
change the boot characteristics? y/n [n]: y-------回答Y
enter to boot:
0 = ROM Monitor
1 = the boot helper image
2-15 = boot system
[2]: 2-----要選2
五:rommon 2 > reset 重新啟動 Router
六:
--- System Configuration Dialog --- Router 會自動進入 Setup 選單
Would you like to enter the initial configuration dialog? [yes/no]:
按 Ctrl-C 中斷 Setup
七:Router 會進入一般模式
Router>enable 進入 Priviledged mode (不需輸入任何密碼)
Router#show startup-config 顯示 NVRAM 裡面的 Startup-Config
(顯示結果省略)
八:將 Startup-Config 載入 DRAM
Router#configure memory
九: 2611#configure terminal----輸入此命令進入設定模式
十:將 enable 的密碼改為 2611
2611(config)#enable secret 2611
十一:將 Running-Config 寫回 NVRAM
2611#copy running-config startup-config
十二:
2611#show version
Cisco Internetwork Operating System Software
(中間結果省略)
Configuration register is 0x2142 目前的 Configuration Register 為 0x2142
十三:
2611#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
2611(config)#config-reg 0x2102 將 Configuration Register 改回來
2611(config)#^Z -----Ctrl+Z
2611#
00:01:54: %SYS-5-CONFIG_I: Configured from console by console
2611# reload 重新開機
全部大功告成。過程雖然有點囉唆,不過卻是一定要做的。
希望上述做法對需要的人有幫助。
2500 Password Recovery
Step 1 : Power on router (Press [Ctrl] + [Break] within 30 sec)
Step 2 : o/r 0x2142 [Enter]
Step 3 : i [Enter]
Then it will show as follow
Step 4 : Would you like to enter initial configuration dialog? [Yes] : No [Enter]
Step 5 : Router> enable [Enter]
Step 6 : router# copy start run [Enter]
Step 7 : router# conf t [Enter]
Step 8 : router(config)# config-register 0x2102 [Enter]
Step 9 : router(config)# enable secret Newpassword [Enter]
Step 10 : router(config)# exit [Enter]
Step 11 : router# copy run start [Enter]
Step 12 : router# reload [Enter]
1600 (2600;3600)Password Recovery
Step 1 : Power on router (Press [Ctrl] + [Break] within 30 sec)
Then it will show as follow
Step 2 : rommon> confreg [Enter]
Step 3 : “Do you wish to change configuration[y/n]?” Type y
Step 4 : Type n to all of the question that appear until you reach the
“ignore system config info[y/n]” , type y
Step 5 : Type n to all of the question that appear until you reach the
“change boot characteristics[y/n]” , type y
Step 6 : “enter to boot “ type 2[Enter]
Step 7 : “Do you wish to chane configuration [y/n]” type n
Step 8 : reset [Enter]
Step 9 : Then do the same thing as Step 5 to 12 in 2500 password recovery
