Skip to main content

 路由器网 > 新闻资讯 >

CISCO防火墙破译密码及升级

2014-07-09 23:58 浏览:


一、ASA防火墙破译密码:


(1)准备环境:PCCOM口,连设备CONSOLE口,打开超级终端,参数还原默认值:端口速率9600b/s,数据位:8,无奇偶校验,然后启动ASA


(2)等待出现:


use baeak or esc to interrrupt boot.


use space to begin boot immediately.


按ESC键进入rommon状态:


rommon #0>


输入:


rommon #0>confreg 0x41(绕过NVRAM启动)


出现

  update config register(0x41)in nvram...

  rommon #1>reload


启动成功后,进入asa以后:

  ciscoasa>enable


密码为空:

  ciscoasa#sh run

  ciscoasa#copy startup-config running-config

  #config terminal


设置新密码:

  #enable password benet(密码)

  修改回原来的配置寄存器值:

  asa(config)#config-register 0x11(从NVRAM启动)


保存配置文件


asa(config)#copy running-config startup-config

  -------------------------------------------------------------------


二、IOS升级
 

  (1)确保PC机能够telnet到ASA

  (2)在PC机上运行Cisco TFTP Server(IP:192.168.0.100),将asa802-k8.bin放到相应的目录

  (3)备份现有的文件

  asa#copy run tftp://192.168.0.100/running-config

  asa#copy start tftp://192.168.0.100/startup-config

  asa#copy flash:/asa723-k8.bin tftp://192.168.0.100/asa723-k8.bin

  (4)升级

  asa#copy tftp://192.168.0.100/asa802-k8.bin flash:/asa802-k8.bin

  adress or name of remoter host(192.168.0.100):回车

  source filename[asa802-k8.bin]?回车

  Destination filename[asa802-k8.bin]?回车

  !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

  asa#dir

  asa(config)#boot system disk0:/asa802-k8.bin

  asa#copy run start

  asa#reload