Firepower 9300/4100系列工具的密码恢复流程

下载选项

  • PDF     (175.4 KB)
    在各种设备上使用 Adobe Reader 查看
  • ePub     (73.0 KB)
    在 iPhone、iPad、Android、Sony Reader 或 Windows Phone 上使用各种应用查看
  • Mobi (Kindle)     (67.3 KB)
    在 Kindle 设备上查看或在多个设备上使用 Kindle 应用查看
已更新: 2018 年 2 月 15 日
文档 ID:200491

非歧视性语言

此产品的文档集力求使用非歧视性语言。在本文档集中,非歧视性语言是指不隐含针对年龄、残障、性别、种族身份、族群身份、性取向、社会经济地位和交叉性的歧视的语言。由于产品软件的用户界面中使用的硬编码语言、基于 RFP 文档使用的语言或引用的第三方产品使用的语言,文档中可能无法确保完全使用非歧视性语言。 深入了解思科如何使用包容性语言。

关于此翻译

思科采用人工翻译与机器翻译相结合的方式将此文档翻译成不同语言,希望全球的用户都能通过各自的语言得到支持性的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 Cisco Systems, Inc. 对于翻译的准确性不承担任何责任,并建议您总是参考英文原始文档(已提供链接)。

简介

本文描述如何恢复Firepower 9300/4100系列工具的Supervisor管理输入-输出(减少)密码。


Prerequisites


Requirements

There are no specific requirements for this document.


Components Used


本文档中的信息基于以下硬件版本:


    •   Cisco Firepower 4100系列和9300种工具。

The information in this document was created from the devices in a specific lab environment.All of the devices used in this document started with a cleared (default) configuration.If your network is live, make sure that you understand the potential impact of any command.


背景信息

当用户忘记Supervisor减少密码时,密码恢复流程执行。当您执行密码恢复流程时,要达到此,所有数据库文件和配置被重置对工厂默认设置。

Note:不应该使用程序重置已经知道的密码。


逐步密码恢复流程

为了恢复减少的Supervisor的密码,请执行这些步骤:

步骤1.Connect对控制台端口的PC使用提供的控制台电缆,和连接到控制台使用为9600波特设置的终端仿真器, 8数据位,无奇偶校验, 1个结束位,没有流控制。检查Cisco Firepower 9300硬件安装指南关于控制台电缆的更多信息。

Note:密码恢复需要对FXO Supervisor的控制台访问。

步骤2.停电系统,然后通电它。

第 3 步:当引导时,请按ESCCTRL+ L键,当提示您输入ROMmon模式时。

!!  Rommon image verified successfully  !!

Cisco System ROMMON, Version 1.0.09, RELEASE SOFTWARE
Copyright (c) 1994-2015  by Cisco Systems, Inc.
Compiled Thu 05/28/2015 17:21:39.46 by gilchen

Current image running: Boot ROM0
Last reset cause: ResetRequest
DIMM Slot 0 : Present
DIMM Slot 1 : Present
No USB drive !!
BIOS has been locked !!

Platform FPR9K-SUP with 16384 Mbytes of main memory
MAC Address: b0:aa:77:2f:93:74

find the string ! boot bootflash:/installables/switch/fxos-k9-kickstart.5.0.3.N2.3.14.69.SPA bootflash:/installables/switch/fxos-k9-system.5.0.3.N2.3.14.69.SPA

Use BREAK, ESC or CTRL+L to interrupt boot.
Use SPACE to begin boot immediately.
Boot interrupted.
rommon 1 >

第 4 步:  记录下来kickstart突出显示的镜像和系统镜像以上。

bootflash:/installables/switch/fxos-k9-kickstart.5.0.3.N2.3.14.69.SPA 
bootflash:/installables/switch/fxos-k9-system.5.0.3.N2.3.14.69.SPA

 步骤5.负荷kickstart镜像,当您输入引导程序(kickstart镜像名称) at命令ROMmon提示。


rommon 1 > boot bootflash:/installables/switch/fxos-k9-kickstart.5.0.3.N2.3.14.69.SPA
 !! Kickstart Image verified successfully !!

Linux version: 2.6.27.47 (security@cisco.com) #1 SMP Tue Nov 24 12:10:28 PST 2015
[ 0.000000] Fastboot Memory at 0c100000 of size 201326592
Usage: init 0123456SsQqAaBbCcUu
INIT: POST INIT Starts at Wed Jun 1 13:46:33 UTC 2016
can't create lock file /var/lock/mtab~302: No such file or directory (use -n flag to override)
S10mount-ramfs.supnuovaca Mounting /isan 3000m
Mounted /isan
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2015, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php
switch(boot)#


第6.步。在switch(boot)-提示,请输入config terminal命令为了连接到Configure模式,并且尔后,请输入erase命令的管理密码重置密码以后提示用户输入确认。

警告:如果选择Y在此提示,清除所有配置并且带来系统回到工厂默认配置。

switch(boot)#
switch(boot)# config terminal
Enter configuration commands, one per line.  End with CNTL/Z.
switch(boot)(config)# admin-password erase
Your password and configuration will be erased!
Do you want to continue? (y/n)  [n] y

 步骤7.退出对switch(boot)-提示并且装载及早被保存的系统镜像完成程序。 

switch(boot)(config)# exit
switch(boot)# load bootflash:/installables/switch/fxos-k9-system.5.0.3.N2.3.14.69.SPA

Uncompressing system image: bootflash:/installables/switch/fxos-k9-system.5.0.3.N2.3.14.69.SPA

<lines ommitted>

 ---- Basic System Configuration Dialog ----

 This setup utility will guide you through the basic configuration of
 the system. Only minimal configuration including IP connectivity to
 the Fabric interconnect and its clustering mode is performed through these steps.

 Type Ctrl-C at any time to abort configuration and reboot system.
 To back track or make modifications to already entered values,
 complete input till end of section and answer no when prompted
 to apply configuration.


 You have chosen to setup a new Security Appliance. Continue? (y/n): y

 Enforce strong password? (y/n) [y]: n

 Enter the password for "admin":
 Confirm the password for "admin":

 Enter the system name: FF09-FPR9300-1

 Physical Switch Mgmt0 IP address : 192.168.10.10

 Physical Switch Mgmt0 IPv4 netmask : 255.255.255.0

 IPv4 address of the default gateway : 192.168.10.1

 Configure the DNS Server IP address? (yes/no) [n]: n

 Configure the default domain name? (yes/no) [n]: n

 Following configurations will be applied:

 Switch Fabric=A
 System Name=FF09-FPR9300-1
 Enforced Strong Password=no
 Physical Switch Mgmt0 IP Address=192.168.10.1
 Physical Switch Mgmt0 IP Netmask=255.255.255.0
 Default Gateway=192.168.10.1
 Ipv6 value=0

Apply and save the configuration (select 'no' if you want to re-enter)? (yes/no): yes
 Applying configuration. Please wait.
 Configuration file - Ok


Cisco FPR Series Security Appliance
FF09-FPR9300-1 login:

Related Information

TAC Authored

由思科工程师提供

  • Prashant Joshi
    Cisco TAC工程师
  • Prapanch Ramamoorthy
    Cisco TAC工程师

此文档是否有帮助?

Feedback反馈

联系我们

本文档适用于以下产品