Guest

Firepower 9300/4100系列设备的密码恢复流程

下载选项

  • PDF     (251.4 KB)
    在各种设备上使用 Adobe Reader 查看
  • ePub     (73.0 KB)
    在 iPhone、iPad、Android、Sony Reader 或 Windows Phone 上使用各种应用查看
  • Mobi (Kindle)     (67.3 KB)
    在 Kindle 设备上查看或在多个设备上使用 Kindle 应用查看
已更新: 2017 年 5 月 19 日
文档 ID:200491
关于翻译

关于此翻译

思科采用人工翻译与机器翻译相结合的方式将此文档翻译成不同语言,希望全球的用户都能通过各自的语言得到支持性的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 Cisco Systems, Inc. 对于翻译的准确性不承担任何责任,并建议您总是参考英文原始文档(已提供链接)。

简介

本文描述如何恢复FirePOWER 9300/4100系列设备的Supervisor管理输入-输出(减少)密码。


先决条件


要求

本文档没有任何特定的要求。


使用的组件


本文档中的信息基于以下硬件版本:


    •   Cisco Firepower 4100系列和9300个设备。

本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。


背景信息

当用户忘记Supervisor减少密码时,密码恢复流程执行。当您执行密码恢复流程时,要达到此,所有数据库文件和配置重置对工厂默认设置。

注意不应该使用步骤重置已经知道的密码。


逐步密码恢复流程

为了恢复减少的Supervisor的密码,请执行这些步骤:

步骤1.Connect对控制台端口的PC使用提供的控制台电缆,和连接到控制台使用为9600波特设置的终端仿真器, 8数据位,无奇偶校验, 1个结束位,无流量控制。检查思科Firepower 9300硬件安装指南关于控制台电缆的更多信息。

注意密码恢复需要对FXO Supervisor的控制台访问。

步骤2.停电系统,然后通电它。

第三步:当启动时,请按ESCCTRL+L锁上,当提示您输入ROMmon模式时。

!!  Rommon image verified successfully  !!

Cisco System ROMMON, Version 1.0.09, RELEASE SOFTWARE
Copyright (c) 1994-2015  by Cisco Systems, Inc.
Compiled Thu 05/28/2015 17:21:39.46 by gilchen

Current image running: Boot ROM0
Last reset cause: ResetRequest
DIMM Slot 0 : Present
DIMM Slot 1 : Present
No USB drive !!
BIOS has been locked !!

Platform FPR9K-SUP with 16384 Mbytes of main memory
MAC Address: b0:aa:77:2f:93:74

find the string ! boot bootflash:/installables/switch/fxos-k9-kickstart.5.0.3.N2.3.14.69.SPA bootflash:/installables/switch/fxos-k9-system.5.0.3.N2.3.14.69.SPA

Use BREAK, ESC or CTRL+L to interrupt boot.
Use SPACE to begin boot immediately.
Boot interrupted.
rommon 1 >

第四步:  记录下来kickstart突出显示的镜像和系统镜像以上。

bootflash:/installables/switch/fxos-k9-kickstart.5.0.3.N2.3.14.69.SPA 
bootflash:/installables/switch/fxos-k9-system.5.0.3.N2.3.14.69.SPA

 步骤5.负载kickstart镜像,当您输入引导程序(kickstart镜像名称) at命令ROMmon提示。


rommon 1 > boot bootflash:/installables/switch/fxos-k9-kickstart.5.0.3.N2.3.14.69.SPA
 !! Kickstart Image verified successfully !!

Linux version: 2.6.27.47 (security@cisco.com) #1 SMP Tue Nov 24 12:10:28 PST 2015
[ 0.000000] Fastboot Memory at 0c100000 of size 201326592
Usage: init 0123456SsQqAaBbCcUu
INIT: POST INIT Starts at Wed Jun 1 13:46:33 UTC 2016
can't create lock file /var/lock/mtab~302: No such file or directory (use -n flag to override)
S10mount-ramfs.supnuovaca Mounting /isan 3000m
Mounted /isan
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2015, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php
switch(boot)#


第六步:在switch(boot)-提示符,请输入config terminal命令为了导航到Configure模式,并且尔后,请输入erase命令的管理密码重置密码以后提示用户输入确认。

警告:如果选择Y在此提示符,清除所有配置并且带来系统回到工厂默认配置。

switch(boot)#
switch(boot)# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
switch(boot)(config)# admin-password erase
Your password and configuration will be erased!
Do you want to continue? (y/n)  [n] y

 步骤7.switch(boot)-提示符的退出和及早保存的负载系统镜像完成步骤。 

switch(boot)(config)# exit
switch(boot)# load bootflash:/installables/switch/fxos-k9-system.5.0.3.N2.3.14.69.SPA

Uncompressing system image: bootflash:/installables/switch/fxos-k9-system.5.0.3.N2.3.14.69.SPA

<lines ommitted>

 ---- Basic System Configuration Dialog ----

 This setup utility will guide you through the basic configuration of
 the system. Only minimal configuration including IP connectivity to
 the Fabric interconnect and its clustering mode is performed through these steps.

 Type Ctrl-C at any time to abort configuration and reboot system.
 To back track or make modifications to already entered values,
 complete input till end of section and answer no when prompted
 to apply configuration.


 You have chosen to setup a new Security Appliance. Continue? (y/n): y

 Enforce strong password? (y/n) [y]: n

 Enter the password for "admin":
 Confirm the password for "admin":

 Enter the system name: FF09-FPR9300-1

 Physical Switch Mgmt0 IP address : 192.168.10.10

 Physical Switch Mgmt0 IPv4 netmask : 255.255.255.0

 IPv4 address of the default gateway : 192.168.10.1

 Configure the DNS Server IP address? (yes/no) [n]: n

 Configure the default domain name? (yes/no) [n]: n

 Following configurations will be applied:

 Switch Fabric=A
 System Name=FF09-FPR9300-1
 Enforced Strong Password=no
 Physical Switch Mgmt0 IP Address=192.168.10.1
 Physical Switch Mgmt0 IP Netmask=255.255.255.0
 Default Gateway=192.168.10.1
 Ipv6 value=0

Apply and save the configuration (select 'no' if you want to re-enter)? (yes/no): yes
 Applying configuration. Please wait.
 Configuration file - Ok


Cisco FPR Series Security Appliance
FF09-FPR9300-1 login:

相关信息

TAC Authored

由思科工程师提供

  • Prashant Joshi
    Cisco TAC Engineer
  • Prapanch Ramamoorthy
    Cisco TAC Engineer

此文档是否有帮助?

反馈

联系我们

本文档适用于以下产品