一、ASA防火墙破译密码:
(1)准备环境:PCCOM口,连设备CONSOLE口,打开超级终端,参数还原默认值:端口速率9600b/s,数据位:8,无奇偶校验,然后启动ASA
(2)等待出现:
use baeak or esc to interrrupt boot.
use space to begin boot immediately.
按ESC键进入rommon状态:
rommon #0>
输入:
rommon #0>confreg 0x41(绕过NVRAM启动)
出现
update config register(0x41)in nvram...
rommon #1>reload
启动成功后,进入asa以后:
ciscoasa>enable
密码为空:
ciscoasa#sh run
ciscoasa#copy startup-config running-config
#config terminal
设置新密码:
#enable password benet(密码)
修改回原来的配置寄存器值:
asa(config)#config-register 0x11(从NVRAM启动)
保存配置文件
asa(config)#copy running-config startup-config
-------------------------------------------------------------------
二、IOS升级
(1)确保PC机能够telnet到ASA
(2)在PC机上运行Cisco TFTP Server(IP:192.168.0.100),将asa802-k8.bin放到相应的目录
(3)备份现有的文件
asa#copy run tftp://192.168.0.100/running-config
asa#copy start tftp://192.168.0.100/startup-config
asa#copy flash:/asa723-k8.bin tftp://192.168.0.100/asa723-k8.bin
(4)升级
asa#copy tftp://192.168.0.100/asa802-k8.bin flash:/asa802-k8.bin
adress or name of remoter host(192.168.0.100):回车
source filename[asa802-k8.bin]?回车
Destination filename[asa802-k8.bin]?回车
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
asa#dir
asa(config)#boot system disk0:/asa802-k8.bin
asa#copy run start
asa#reload
