Switches : Switches Cisco Catalyst 6500 Series

Procedimento de recuperação de senha para o Catalyst 6500 com Cisco IOS Software running do supervisor 720 antes de 12.2(17)SX

14 Outubro 2016 - Tradução por Computador
Outras Versões: Versão em PDFpdf | Inglês (22 Agosto 2015) | Feedback


Índice


Introdução

Este documento descreve como recuperar uma senha em um Catalyst 6500 Series Switch com um supervisor 720 que execute o software do sistema do ½ do ¿  de Cisco IOSï com uma versão antes de 12.2(17)SX.

A razão para o procedimento que é diferente para Cisco IOS Software Release antes de 12.2(17)SX é a identificação de bug Cisco CSCec36997 (clientes registrados somente) (a recuperação de senha em sup720-native conduz para causar um crash no switch processor (SP)). Quando seu interruptor é sujeito a este erro, você tem o aproximadamente 10 segundos após a quebra em RP ROMMON para mudar o registro de configuração a 0x2142. Após estes segundos 10, os reloads do interruptor com um software forçaram o reload. Contudo, se você muda o registro de configuração a este valor antes do impacto, toma o efeito após o reload e você pode continuar com o resto do procedimento.

Pré-requisitos

Requisitos

Não existem requisitos específicos para este documento.

Componentes Utilizados

Este documento aplica-se aos sistemas do supervisor 720-based que executam Cisco IOS Software Release antes de 12.2(17)SX. Se seu supervisor 720 executa o Cisco IOS Software Release 12.2(17)SX ou Mais Recente, refira o procedimento de recuperação de senha para os Series Switch do Catalyst 6000/6500 que executam o documento do software do sistema do Cisco IOS.

Visão geral

A sequência de inicialização é diferente no Catalyst 6500/6000 que executa o Cisco IOS do que no Cisco 7200 Series Router porque o hardware é diferente. Depois que você ciclo de energia a caixa, o SP carreg acima. Após aproximadamente 25-60 segundos, transfere a posse do console ao processador de rotas (RP (MSFC)). O RP continua a carregar a imagem do software empacotada. É crucial que você pressiona o Ctrl-Break imediatamente depois que o SP entreg o controle do console ao RP. Se você envia a sequência de break demasiado logo, você termina acima no ROMMON do SP, que não é onde você deve ser. Envie a sequência de break depois que você vê esta mensagem no console:

00:00:03: %OIR-6-CONSOLE: Changing console ownership to route processor

Após este ponto, a recuperação da senha é feita da mesma maneira que em um roteador normal.

Nota: A partir daqui, o Catalyst 6500 Series Switch que executa o Cisco IOS Software é referido como um roteador.

Convenções

Para obter mais informações sobre convenções de documento, consulte as Convenções de dicas técnicas Cisco.

Procedimento Passo a Passo

O interruptor é configurado como um roteador porque o sistema operacional do Cisco IOS é executado no interruptor. O procedimento de recuperação de senha segue as mesmas etapas que um Cisco 7200 Series Router. A exceção é que você tem que esperar aproximadamente 25-60 segundos mais por muito tempo antes que você comece a sequência de break.

  1. Conecte um terminal ou PC com emulação de terminal à porta de console do roteador. Utilize estas configurações de terminal:

    9600 baud rate 
    No parity 
    8 data bits 
    1 stop bit 
    No flow control

    As especificações do cabo do console necessário estão descritas no documento Especificações do cabo. As instruções em como conectar à porta de Console estão no guia de instalação de módulo. A conexão à seção única do Engine porta de Console-supervisor fornece a informação util.

  2. Se você ainda tem acesso ao roteador, emita o comando show version e registre a definição do registro de configuração. Geralmente é 0x2102 ou 0x102. Clique aqui para ver o exemplo de saída de um comando show version.

  3. Se você não tem o acesso ao roteador (devido a um login ou senha de TACACS perdido), é seguro supor que seu registro de configuração está ajustado a 0x2102.

  4. Põe para baixo e põe então acima o roteador com a ajuda do switch de energia.

  5. Pressione a ruptura no teclado terminal right after o RP ganha o controle da porta de Console. No Catalyst 6500 que executa o Cisco IOS, o SP carreg primeiramente. Vira então o controle para o RP. Depois que o RP ganha o controle, inicie a sequência de break. O RP ganhou o controle da porta de Console quando você vê esta mensagem. (Não inicie a seqüência de break até ver esta mensagem):

    00:00:03: %OIR-6-CONSOLE: Changing console ownership to route processor

    Devido à identificação de bug Cisco CSCec36997 (clientes registrados somente) (a recuperação de senha em sup720-native conduz para causar um crash no SP), você tem sobre os segundos 10 para terminar a etapa 6 antes que o interruptor cause um crash.

    Se a sequência de break não trabalha, refira as combinações de sequência chave de ruptura padrão durante a recuperação de senha para outras combinações chave.

  6. Digite confreg 0x2142 no prompt ROMMON 1> para inicializar a partir da flash sem carregar a configuração.

  7. O interruptor causa um crash com um impacto forçado software:

    rommon 1 > 
     00:00:41: %SYS-SP-3-LOGGER_FLUSHED: System was paused for 00:00:00 to ensure co. 
    00:00:41: %SYS-SP-2-INTSCHED: 't_idle' at level 7 
     -Process= "SCP Download Process", ipl= 7, pid= 57 
     -Traceback= 4013991C 401232B4 402827F4 40282994 40283010 405CB010 402A9858 4013C 
     00:00:41: %SYS-SP-2-INTSCHED: 't_idle' at level 7 
     -Process= "SCP Download Process", ipl= 7, pid= 57 
     -Traceback= 4013991C 401232B4 402827F4 40282994 40283010 405CB010 402A9858 4013C 
     00:00:41: %SYS-SP-2-INTSCHED: 't_idle' at level 7 
     -Process= "SCP Download Process", ipl= 7, pid= 57 
     -Traceback= 4013991C 401232B4 402827F4 40282994 40283010 405CB010 402A9858 4013C 
     00:00:41: %OIR-SP-6-CONSOLE: Changing console ownership to switch processor 
        
    *** System received a Software forced crash *** 
     signal= 0x17, code= 0x24, context= 0x4269f6f4 
     PC = 0x401370d8, Cause = 0x3020, Status Reg = 0x34008002 

    As repartições do roteador. Contudo, ignora sua configuração salva devido ao fato de que o registro de configuração está ajustado a 0x2142. Se você perceber que a configuração do roteador ainda está presente (ainda tem o nome de host anterior), ela indica que o registro de configuração não foi alterado em tempo para 0x2142 antes da pane. Se este é o caso, comece sobre outra vez (etapa 4). Se o registro de configuração é mudado corretamente a 0x2142, você obtém as perguntas da configuração inicial após o reload.

  8. Digite no depois de cada pergunta da configuração ou pressione Ctrl-C para pular o procedimento inicial de configuração.

  9. Digite enable no prompt Router>. Você reage do modo enable. A alerta do router- é indicada.

  10. É importante emitir os comandos configure memory ou copy start running copiar o RAM não-volátil (NVRAM) na memória. Não emita o comando configure terminal.

  11. Emita o comando write terminal ou show running. Estes comandos mostram a configuração do roteador. Nesta configuração, você vê o comando shutdown sob todas as relações. Isto significa que todas as relações estão fechadas atualmente. Você vê as senhas um ou outro dentro formato criptografado ou não criptografado.

  12. Emita o comando configure terminal incorporar o modo de configuração global e fazer as mudanças. O prompt agora é hostname(config)#.

  13. Emita o comando enable secret <password> no modo de configuração global para alterar a habilitação de senha.

  14. Emita o comando config-register 0x2102 ou o valor registrado na Etapa 2 em modo de configuração global (Router(config)#) para redefinir o valor da configuração para seu valor original.

  15. Mude todas as senhas de terminal virtual, se presente:

    Router(config)#line vty 0 4
    Router(config-line)#password cisco
    Router(config-line)#^Z
    Router#
  16. Emita o comando no shutdown em cada relação que é normalmente dentro uso. Emita um comando show ip interface brief ver uma lista de relações e de seu status atual. Você deve estar em modo de habilitação (Roteador#) para executar o comando show ip interface brief. Aqui está um exemplo de uma interface:

    Router#show ip interface brief
    Interface                  IP-Address      OK? Method Status                Prol
    Vlan1                      172.17.10.10    YES TFTP   administratively down dow 
    Vlan10                     10.1.1.1        YES TFTP   administratively down dow 
    GigabitEthernet1/1         unassigned      YES unset  administratively down dow 
    GigabitEthernet1/2         unassigned      YES TFTP   administratively down dow 
    GigabitEthernet2/1         unassigned      YES TFTP   administratively down dow 
    GigabitEthernet2/2         unassigned      YES TFTP   administratively down dow 
    FastEthernet3/1            172.16.84.110   YES TFTP   administratively down dow 
    <snip>...
     
    Router#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    Router(config)#interface fastEthernet 3/1
    Router(config-if)#no shutdown 
    Router(config-if)#exit
    Router(config)# <do other interfaces as necessary...>
  17. Pressione Ctrl-Z para sair do modo de configuração. O prompt agora é hostname##.

  18. Emita um ou outro os comandos write memory ou copy running startup comprometer as mudanças.

Saída de exemplo

O exemplo aqui mostra um procedimento de recuperação de senha real. Este exemplo é criado com a ajuda de um Catalyst 6500 Series Switch. Comece com os comandos show version and show module ver os componentes que são usados neste exemplo.

Press RETURN to get started.
 
sup720>enable
Password: 
sup720#
sup720#show version
Cisco Internetwork Operating System Software 
IOS (tm) s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY DEPLOY)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Tue 27-May-03 20:40 by ccai
Image text-base: 0x40008C10, data-base: 0x41ACE000
 
ROM: System Bootstrap, Version 12.2(14r)S9, RELEASE SOFTWARE (fc1)
BOOTLDR: s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY DEPLOY)
 
sup720 uptime is 18 minutes
Time since sup720 switched to active is 17 minutes
System returned to ROM by power-on (SP by reload)
System image file is "disk0:s72033-ps-mz.122-14.SX1.bin"
 
cisco Catalyst 6000 (R7000) processor with 458752K/65536K bytes of memory.
Processor board ID 
SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache
Last reset from power-on
X.25 software, Version 3.0.0.
Bridging software.
3 Virtual Ethernet/IEEE 802.3  interface(s)
96 FastEthernet/IEEE 802.3 interface(s)
58 Gigabit Ethernet/IEEE 802.3 interface(s)
1917K bytes of non-volatile configuration memory.
8192K bytes of packet buffer memory.
 
65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0x2102
 
sup720#
sup720#show module
Mod Ports Card Type                              Model              Serial No.
--- ----- -------------------------------------- ------------------ -----------
  1   16  16 port GE RJ45                        WS-X6316-GE-TX     SAD04100A9R
  2   48  48 port 10/100 mb RJ-45 ethernet       WS-X6248-RJ-45     SAD041402P9
  4   16  SFM-capable 16 port 1000mb GBIC        WS-X6516A-GBIC     SAL0705CD7X
  5    2  Supervisor Engine 720 (Active)         WS-SUP720-BASE     SAD070600MU
  7   24  aCEF720 24 port 1000mb SFP             WS-X6724-SFP       SAD0725035Y
  9   48  48-port 10/100 mb RJ45                 WS-X6148-RJ45V     SAL06282HGE
 
Mod MAC addresses                       Hw    Fw           Sw           Status
--- ---------------------------------- ------ ------------ ------------ -------
  1  00d0.9738.702a to 00d0.9738.7039   0.202 5.3(1)       7.7(0.74)APP Ok      
  2  0001.9709.5c90 to 0001.9709.5cbf   1.2   5.1(1)CSX    7.7(0.74)APP Ok      
  4  0009.11f6.aa28 to 0009.11f6.aa37   1.0   7.2(1)       7.7(0.74)APP Ok      
  5  000c.3042.844c to 000c.3042.844f   1.0   7.7(1)       12.2(14)SX1  Ok      
  7  0030.f272.2666 to 0030.f272.267d   1.0   12.2(14r)S5  12.2(14)SX1  PwrDown 
  9  0009.127c.8d40 to 0009.127c.8d6f   1.0   5.4(2)       7.7(0.74)APP Ok      
 
Mod Sub-Module                  Model              Serial        Hw     Status 
--- --------------------------- ------------------ ------------ ------- -------
  5 Policy Feature Card 3       WS-F6K-PFC3A       SAD070601DR   1.0    Ok     
  5 MSFC3 Daughterboard         WS-SUP720          SAD070500YF   1.0    Ok     
  7 unknown FRU type (major = 0 WS-F6700-CFC       SAD073201KC   1.0    PwrDown
  9 Inline Power Module         WS-F6K-PWR                       1.0    Ok     
 
Mod Online Diag Status 
--- -------------------
  1 Pass               
  2 Pass               
  4 Pass               
  5 Pass               
  7 Unknown            
  9 Pass               
sup720#
sup720#
sup720#reload
Proceed with reload? [confirm]
 

!--- Here you turn off the power and then turn it back on.
!---  Here it is done with a reload  instead of a hard power-cycle.

 
*Sep 29 04:21:13: %SYS-5-RELOAD: Reload requested by console.
*Sep 29 04:21:16: %OIR-SP-6-CONSOLE: Changing console ownership to switch procer
 
*Sep 29 04:21:18: %SYS-SP-5-RELOAD: Reload requested
*Sep 29 04:21:18: %OIR-SP-6-CONSOLE: Changing console ownership to switch procer
 
***
*** --- SHUTDOWN NOW ---
***
 

!--- First, the switch processor comes up.

 
System Bootstrap, Version 7.7(1)
Copyright (c) 1994-2003 by cisco Systems, Inc.
Cat6k-Sup720/SP processor with 524288 Kbytes of main memory
 
Autoboot executing command: "boot disk0:s72033-ps-mz.122-14.SX1.bin"
 
Self decompressing the image : ################################################]
 
              Restricted Rights Legend
 
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
 
           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706
 
Cisco Internetwork Operating System Software 
IOS (tm) s72033_sp Software (s72033_sp-SP-M), Version 12.2(14)SX1, EARLY DEPLOY)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Tue 27-May-03 20:48 by ccai
Image text-base: 0x40020C10, data-base: 0x40B98000
 
00:00:03: %PFREDUN-6-ACTIVE: Initializing as ACTIVE processor

00:00:03: %OIR-6-CONSOLE: Changing console ownership to route processor

 

!--- The RP now has control of the console.
!--- This is when  you send the break sequence.

 
System Bootstrap, Version 12.2(14r)S9, RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 2003 by cisco Systems, Inc.
Cat6k-Sup720/RP platform with 524288 Kbytes of main memory
 
Download Start
*** Mistral Interrupt on line 4 ***
System memory 1 bit ECC correctable error interrupt ..
  PC = 0x8000841c, SP = 0x80007f00, RA = 0x80008488
  Cause Reg = 0x00004400, Status Reg = 0x3041c003

rommon 1 > 
 

!---  You are now in ROMMON mode on the RP. Continue the password
!--- recovery procedure just as on any router. Changing the configuration
!--- register from 0x2102 to 0x2142  causes the router to ignore the existing
!--- configuration. It needs to be ignored because it has passwords that are not
!--- known. Due to Cisco bug ID CSCec36997 : Password recovery on sup720-native leads to crash 
!--- on SP. You have about 10 seconds to change the configuration register to 0x2142. 
!--- After these 10 seconds, the SP crashes. If the config register is not changed 
!--- in time,  start again.


rommon 1 > confreg 0x2142
 
You must reset or power cycle for new config to take effect.

rommon 2 >


!--- Without any intervention, the switch crashes in about 10 seconds 
!--- after you break into RP ROMMON.


00:00:31: %SYS-SP-3-LOGGER_FLUSHED: System was paused for 00:00:00 to ensure co.
 
00:00:31: %SYS-SP-2-INTSCHED: 't_idle' at level 7
-Process= "SCP Download Process", ipl= 7, pid= 57
-Traceback= 4013991C 401232B4 402827F4 40282994 40283010 405CB010 402A9858 4013C
00:00:31: %SYS-SP-2-INTSCHED: 't_idle' at level 7
-Process= "SCP Download Process", ipl= 7, pid= 57
-Traceback= 4013991C 401232B4 402827F4 40282994 40283010 405CB010 402A9858 4013C
00:00:31: %SYS-SP-2-INTSCHED: 't_idle' at level 7
-Process= "SCP Download Process", ipl= 7, pid= 57
-Traceback= 4013991C 401232B4 402827F4 40282994 40283010 405CB010 402A9858 4013C
00:00:31: %OIR-SP-6-CONSOLE: Changing console ownership to switch processor
 
*** System received a Software forced crash ***
signal= 0x17, code= 0x24, context= 0x4269f6f4
PC = 0x401370d8, Cause = 0x3020, Status Reg = 0x34008002
 
System Bootstrap, Version 7.7(1)
Copyright (c) 1994-2003 by cisco Systems, Inc.
Cat6k-Sup720/SP processor with 524288 Kbytes of main memory
 
Autoboot executing command: "boot disk0:s72033-ps-mz.122-14.SX1.bin"
 
Self decompressing the image : ################################################]
 
              Restricted Rights Legend
 
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
 
           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706
 
Cisco Internetwork Operating System Software 
IOS (tm) s72033_sp Software (s72033_sp-SP-M), Version 12.2(14)SX1, EARLY DEPLOY)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Tue 27-May-03 20:48 by ccai
Image text-base: 0x40020C10, data-base: 0x40B98000
 
00:00:03: %PFREDUN-6-ACTIVE: Initializing as ACTIVE processor
00:00:03: %OIR-6-CONSOLE: Changing console ownership to route processor
 
System Bootstrap, Version 12.2(14r)S9, RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 2003 by cisco Systems, Inc.
Cat6k-Sup720/RP platform with 524288 Kbytes of main memory
 
Download Start
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Download Completed! Booting the image.
Self decompressing the image : ################################################]
 
              Restricted Rights Legend
 
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
 
           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706
 
Cisco Internetwork Operating System Software 
IOS (tm) s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY DEPLOY)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Tue 27-May-03 20:40 by ccai
Image text-base: 0x40008C10, data-base: 0x41ACE000
 
cisco Catalyst 6000 (R7000) processor with 458752K/65536K bytes of memory.
Processor board ID 
SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache
Last reset from power-on
X.25 software, Version 3.0.0.
Bridging software.
1 Virtual Ethernet/IEEE 802.3  interface(s)
96 FastEthernet/IEEE 802.3 interface(s)
58 Gigabit Ethernet/IEEE 802.3 interface(s)
1917K bytes of non-volatile configuration memory.
8192K bytes of packet buffer memory.
 
65536K bytes of Flash internal SIMM (Sector size 512K).
        --- System Configuration Dialog ---
 
Would you like to enter the initial configuration dialog? [yes/no]: n
 

!--- The router ignores  the saved configuration and enters  
!--- the initial configuration mode.

 
Press RETURN to get started!
 
00:00:03: %SYS-3-LOGGER_FLUSHED: System was paused for 00:00:00 to ensure conso.
 
00:00:46: curr is 0x10000
 
00:00:46: RP: Currently running ROMMON from F1 region
00:01:00: %SYS-5-RESTART: System restarted --
Cisco Internetwork Operating System Software 
IOS (tm) s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY DEPLOY)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Tue 27-May-03 20:40 by ccai
00:01:00: %SNMP-5-COLDSTART: SNMP agent on host Router is undergoing a cold stat
00:01:00: %SYS-6
Router>-BOOTTIME: Time taken to reboot after reload = 1807 seconds
 
Firmware compiled 19-May-03 10:54 by integ Build [100]
 
00:00:54: %SPANTREE-SP-5-EXTENDED_SYSID: Extended SysId enabled for type vlan
00:00:54: SP: SP: Currently running ROMMON from F1 region
00:01:00: %SYS-SP-5-RESTART: System restarted --
Cisco Internetwork Operating System Software 
IOS (tm) s72033_sp Software (s72033_sp-SP-M), Version 12.2(14)SX1, EARLY DEPLOY)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Tue 27-May-03 20:48 by ccai
00:01:01: %OIR-SP-6-INSPS: Power supply inserted in slot 1
00:01:01: %C6KPWR-SP-4-PSOK: power supply 1 turned on.
00:01:01: %OIR-SP-6-INSPS: Power supply inserted in slot 2
00:01:01: %C6KPWR-SP-4-PSOK: power supply 2 turned on.
00:01:01: %C6KPWR-SP-4-PSREDUNDANTBOTHSUPPLY: in power-redundancy mode, system .
00:01:05: %FABRIC-SP-5-FABRIC_MODULE_ACTIVE: the switching fabric module in sloe
00:01:06: %DIAG-SP-6-RUN_MINIMUM: Module 5: Running Minimum Diagnostics...
Router>
Router>
00:01:18: %DIAG-SP-6-DIAG_OK: Module 5: Passed Online Diagnostics
00:01:18: %OIR-SP-6-INSCARD: Card inserted in slot 5, interfaces are now online
00:01:21: %DIAG-SP-6-RUN_MINIMUM: Module 4: Running Minimum Diagnostics...
Router>
Router>
Router>
00:01:36: %DIAG-SP-6-RUN_MINIMUM: Module 9: Running Minimum Diagnostics...
Router>
Router>
00:01:42: %DIAG-SP-6-RUN_MINIMUM: Module 1: Running Minimum Diagnostics...
00:01:44: %DIAG-SP-6-DIAG_OK: Module 4: Passed Online Diagnostics
00:01:45: %OIR-SP-6-INSCARD: Card inserted in slot 4, interfaces are now online
00:01:54: %DIAG-SP-6-DIAG_OK: Module 9: Passed Online Diagnostics
00:01:54: %OIR-SP-6-INSCARD: Card inserted in slot 9, interfaces are now online
00:01:57: %DIAG-SP-6-DIAG_OK: Module 1: Passed Online Diagnostics
00:01:57: %OIR-SP-6-INSCARD: Card inserted in slot 1, interfaces are now online
00:02:06: %DIAG-SP-6-RUN_MINIMUM: Module 2: Running Minimum Diagnostics...
00:02:15: %DIAG-SP-6-DIAG_OK: Module 2: Passed Online Diagnostics
00:02:15: %OIR-SP-6-INSCARD: Card inserted in slot 2, interfaces are now online
Router>
Router>enable
Router#
 

!---  You go right into privilege mode without needing a password.
!--- At this point, the configuration running-config is a default configuration
!--- with all the ports administratively down (shutdown).

 
Router#copy startup-config running-config
Destination filename [running-config]? <press enter>
 

!--- This pulls in your original configuration. Since  you are already in privilege
!--- mode, the passwords in this configuration (that are not known) do not affect  you.

 
4864 bytes copied in 2.48 secs (2432 bytes/sec)
sup720#
sup720#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
sup720(config)#enable secret < password > [Choose a strong password with at least one capital letter, one number, and one special character.]
 

!--- Overwrite the password that you do not know. This is your new enable password.

 
sup720#show ip interface brief
Interface                  IP-Address      OK? Method Status                Prol
Vlan1                      10.48.72.142    YES TFTP   administratively down dow 
Vlan500                    10.1.1.1        YES TFTP   administratively down dow 
Vlan501                    10.2.2.1        YES TFTP   administratively down dow 
GigabitEthernet1/1         unassigned      YES TFTP   administratively down dow 
GigabitEthernet1/2         unassigned      YES TFTP   administratively down dow 
GigabitEthernet1/3         unassigned      YES TFTP   administratively down dow 
GigabitEthernet1/4         unassigned      YES TFTP   administratively down dow 
GigabitEthernet1/5         unassigned      YES TFTP   administratively down dow 
GigabitEthernet1/6         unassigned      YES TFTP   administratively down dow 
GigabitEthernet1/7         unassigned      YES TFTP   administratively down dow 
<snip>...
 

!--- Issue the no shut command on all interfaces that you want to bring up.

 
sup720#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
sup720(config)#interface gig 1/1 
sup720(config-if)#no shut
sup720(config-if)#^Z
sup720#
 

!---  Overwrite the virtual terminal passwords. 


 
sup720#configure terminal
sup720(config)#line vty 0 4
sup720(config-line)#password XXX
sup720(config-line)#^Z
sup720# 
 

!---  Restore the configuration register to its normal state
!--- so that it no longer ignores the stored configuration file.

 
sup720#show version
Cisco Internetwork Operating System Software 
IOS (tm) s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY DEPLOY)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Tue 27-May-03 20:40 by ccai
Image text-base: 0x40008C10, data-base: 0x41ACE000
 
ROM: System Bootstrap, Version 12.2(14r)S9, RELEASE SOFTWARE (fc1)
BOOTLDR: s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY DEPLOY)
 
sup720 uptime is 4 minutes
Time since sup720 switched to active is 4 minutes
System returned to ROM by power-on (SP by error - a Software forced crash, PC 0)
System image file is "disk0:s72033-ps-mz.122-14.SX1.bin"
 
cisco Catalyst 6000 (R7000) processor with 458752K/65536K bytes of memory.
Processor board ID 
SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache
Last reset from power-on
X.25 software, Version 3.0.0.
Bridging software.
3 Virtual Ethernet/IEEE 802.3  interface(s)
96 FastEthernet/IEEE 802.3 interface(s)
58 Gigabit Ethernet/IEEE 802.3 interface(s)
1917K bytes of non-volatile configuration memory.
8192K bytes of packet buffer memory.
 
65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0x2142
sup720#
sup720#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
sup720(config)#config-register 0x2102
sup720(config)#
 

!--- Verify that the configuration register is changed for the next reload.

 
sup720#show version
Cisco Internetwork Operating System Software 
IOS (tm) s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY DEPLOY)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Tue 27-May-03 20:40 by ccai
Image text-base: 0x40008C10, data-base: 0x41ACE000
 
ROM: System Bootstrap, Version 12.2(14r)S9, RELEASE SOFTWARE (fc1)
BOOTLDR: s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY DEPLOY
sup720 uptime is 4 minutes
Time since sup720 switched to active is 4 minutes
System returned to ROM by power-on (SP by error - a Software forced crash, PC 0)
System image file is "disk0:s72033-ps-mz.122-14.SX1.bin"
 
cisco Catalyst 6000 (R7000) processor with 458752K/65536K bytes of memory.
Processor board ID 
SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache
Last reset from power-on
X.25 software, Version 3.0.0.
Bridging software.
3 Virtual Ethernet/IEEE 802.3  interface(s)
96 FastEthernet/IEEE 802.3 interface(s)
58 Gigabit Ethernet/IEEE 802.3 interface(s)
1917K bytes of non-volatile configuration memory.
8192K bytes of packet buffer memory.
 
65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0x2142 (will be 0x2102 at next reload)
sup720#
sup720#copy running-config startup-config
Destination filename [startup-config]? <press enter>
Building configuration...
[OK]
sup720#
 

!--- Optional: If you want to test that the router operates properly and that you have changed the passwords, 
!--- reload and test.

 
sup720#reload
 
Proceed with reload? [confirm] 

<press enter>

Informações Relacionadas


Document ID: 45681