鱼!
分类: 网络与安全
2009-04-25 17:02:59
恢复步骤:
本方法只是真对没有floppy的PIX,采用TFTP进行文件传输。
1、 准备:
1)PC一台,其上安装TFTP服务器
2)交叉线一条,连接PIX以太网口和PC网卡
3)下载密码恢复软件(根据PIXOS的版本选择不同的恢复软件),放到TFTP服务器的目录下,
2、网络拓扑示意图
3、详细恢复过程:
启动Pix的时候按ESC或者ctrl+breack,进入到monitor>模式下,执行下面的操作:
monitor> interface 0 0: i8255X @ PCI(bus:0 dev:13 irq:10) 1: i8255X @ PCI(bus:0 dev:14 irq:7 ) Using 0: i82559 @ PCI(bus:0 dev:13 irq:10), MAC: 0050.54ff.82b9 monitor> address 192.168.18.111-代表PIX地址 address 192.168.18.111 monitor> server 192.168.18.254-代表TFTP Server地址 server 192.168.18.111 monitor> file np63.bin--PIXOS代表版本号 file np63.bin monitor> gateway 192.168.18.254 gateway 192.168.18.254 monitor> ping 192.168.18.254 Sending 5, 100-byte 0xf8d3 ICMP Echoes to 192.168.18.254, timeout is 4 seconds: !!!!! Success rate is 100 percent (5/5) monitor> tftp tftp via 192.168.18.254................................... Received 92160 bytes Cisco Secure PIX Firewall password tool (3.0) #0: Tue Aug 22 23:22:19 PDT 2000 Flash=i28F640J5 @ 0x300 BIOS Flash=AT29C257 @ 0xd8000 Do you wish to erase the passwords? [yn] y Passwords have been erased. Rebooting....
Cisco Secure PIX Firewall BIOS (3.6)
Booting Floppy
Flash=i28F640J5 @ 0x300
Reading 1974784 bytes of image from flash.
#################################################################################################################
128MB RAM
mcwa i82559 Ethernet at irq 11 MAC: 00d0.b76b.5549
mcwa i82559 Ethernet at irq 10 MAC: 00d0.b76b.4f2c
mcwa i82558 Ethernet at irq 9 MAC: 00e0.b601.2686
mcwa i82558 Ethernet at irq 11 MAC: 00e0.b601.2685
mcwa i82558 Ethernet at irq 15 MAC: 00e0.b601.2684
mcwa i82558 Ethernet at irq 10 MAC: 00e0.b601.2683
Flash=i28F640J5 @ 0x300
BIOS Flash=AT29C257 @ 0xfffd8000
-----------------------------------------------------------------------
|| ||
|| ||
|||| ||||
..:||||||:..:||||||:..
c i s c o S y s t e m s
Private Internet eXchange
-----------------------------------------------------------------------
Cisco PIX Firewall
Cisco PIX Firewall Version 6.3(5)
Licensed connections: 65536
Copyright (c) 1996-2005 by Cisco Systems, Inc.
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
.
Cryptochecksum(unchanged): 84ab36ae c8f17d1c 9770f9c0 b25a904e
Type help or '?' for a list of available commands.
PIX520>
4、相关软件:根据PIX的不同OS版本进行选择。
ASA的密码恢复过程就更加像路由器了.
同样,启动后按ESC进入Rommon,输入 confreg命令.
rommon #1> confreg
然后更改:
Current Configuration Register: 0x00000011
Configuration Summary:
boot TFTP image, boot default image from Flash on netboot failure
Do you wish to change this configuration? y/n [n]: y
所有都按照默认回答,在问"disable system configuration?" 的时候,选择 y.
然后重启:
rommon #2> boot
启动进入OS以后,密码为空.
hostname> enable
hostname# copy startup-config running-config hostname# configure terminal hostname(config)# password password hostname(config)# enable password password hostname(config)# username name password password 再把configuration register 改回来.
hostname(config)# config-register value 然后存盘.
hostname(config)# copy running-config startup-config
请参考cisco文档:
Performing Password Recovery for the ASA 5500 Series Adaptive Security Appliance http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/trouble.html#wp1058131
