一、ASA防火牆破譯密碼:
(1)準備環境:PCCOM口,連設備CONSOLE口,打開超級終端,參數還原默認值:端口速率9600b/s,數據位:8,無奇偶校驗,然後啓動ASA
(2)等待出現:
use baeak or esc to interrrupt boot.
use space to begin boot immediately.
按ESC鍵進入rommon狀態:
rommon #0>
輸入:
rommon #0>confreg 0x41(繞過NVRAM啓動)
出現
update config register(0x41)in nvram...
rommon #1>reload
啓動成功後,進入asa以後:
ciscoasa>enable
密碼爲空:
ciscoasa#sh run
ciscoasa#copy startup-config running-config
#config terminal
設置新密碼:
#enable password benet(密碼)
修改回原來的配置寄存器值:
asa(config)#config-register 0x11(從NVRAM啓動)
保存配置文件
asa(config)#copy running-config startup-config
-------------------------------------------------------------------
二、IOS升級
(1)確保PC機能夠telnet到ASA
(2)在PC機上運行Cisco TFTP Server(IP:192.168.0.100),將asa802-k8.bin放到相應的目錄
(3)備份現有的文件
asa#copy run tftp://192.168.0.100/running-config
asa#copy start tftp://192.168.0.100/startup-config
asa#copy flash:/asa723-k8.bin tftp://192.168.0.100/asa723-k8.bin
(4)升級
asa#copy tftp://192.168.0.100/asa802-k8.bin flash:/asa802-k8.bin
adress or name of remoter host(192.168.0.100):回車
source filename[asa802-k8.bin]?回車
Destination filename[asa802-k8.bin]?回車
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
asa#dir
asa(config)#boot system disk0:/asa802-k8.bin
asa#copy run start
asa#reload
---------------------------------------------------------------------------