네트워크/패켓트레이서 LAB

패스워드 복구 및 IOS 업로드 예제

김정우 강사(카카오톡 : kim10322) 2015. 2. 17. 13:44



@패스워드 복구 및 IOS 업로드 예제 I.pkt

@패스워드 복구 및 IOS 업로드 예제 II.pkt


@라우터 부팅 모드.txt





@패스워드 복구 및 IOS 업로드 예제


1. 패스워드 복구

2. IOS 다운로드

3. IOS 업로드

4. Rommon 모드에서 IOS 업로드





@ 0x2102


2. Bootstrap
3. IOS 찾기
4. OS 로딩
5. NVRAM 참조


@ 0x2142 <- 패스워드 복구


2. Bootstrap
3. IOS 찾기
4. OS 로딩


Ex1) 패스워드 복구 예제


 - R1에서 동작하기 위한 설정들은 유지되어야 한다.


0. Rommon 모드


  라우터 전원 off -> on

  Ctrl+Break 키


rommon 1 > confreg 0x2142
rommon 2 >
rommon 2 > reset



1. startup-config -> running-config


Router#copy start run



2. 사용 중인 인터페이스 -> no shutdown 실시



3. 패스워드 재설정


enable secret cisco
line con 0
 password ciscocon
line vty 0 4
 password ciscovty



4. NVRAM 설정 저장


Router#copy run start



5. 부팅 모드 0x2102 변경


R1(config)#config-register 0x2102

R1#show version




Ex2) Cisco IOS 다운로드 예제


 - R1 Flash 메모리에 저장되어 있는 'c2600-i-mz.122-28.bin' Cisco IOS를 TFTP 서버-2에 저장하도록 하자.


R2#show flash

System flash directory:
File  Length   Name/status
  3   5571584  c2600-i-mz.122-28.bin
  2   28282    sigdef-category.xml
  1   227537   sigdef-default.xml
[5827403 bytes used, 58188981 available, 64016384 total]
63488K bytes of processor board System flash (Read/Write)

R2#copy flash tftp
Source filename []? c2600-i-mz.122-28.bin
Address or name of remote host []?
Destination filename [c2600-i-mz.122-28.bin]?

Writing c2600-i-mz.122-28.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 5571584 bytes]

5571584 bytes copied in 0.106 secs (52562000 bytes/sec)




Ex3) Cisco IOS 업로드 예제


 - 현재 R3가 사용하는 IOS를 TFTP 서버-3을 이용하여 'c2600-advipservicesk9-mz.124-15.T1.bin'로 업그레이드를

   실시하도록 하자.



 - 기존 IOS 백업 실시


R3#show flash

System flash directory:
File  Length   Name/status
  3   5571584  c2600-i-mz.122-28.bin
  2   28282    sigdef-category.xml
  1   227537   sigdef-default.xml
[5827403 bytes used, 58188981 available, 64016384 total]
63488K bytes of processor board System flash (Read/Write)

R3#copy flash tftp
Source filename []? c2600-i-mz.122-28.bin
Address or name of remote host []?
Destination filename [c2600-i-mz.122-28.bin]?

Writing c2600-i-mz.122-28.bin....!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 5571584 bytes]

5571584 bytes copied in 3.113 secs (1789000 bytes/sec)



 - 새로운 IOS 업로드 실시


R3#copy tftp flash
Address or name of remote host []?
Source filename []? c2600-advipservicesk9-mz.124-15.T1.bin
Destination filename [c2600-advipservicesk9-mz.124-15.T1.bin]?

Accessing tftp://
Loading c2600-advipservicesk9-mz.124-15.T1.bin from !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ~  중간 생략 ~

[OK - 33591768 bytes]

33591768 bytes copied in 0.613 secs (5753665 bytes/sec)

R3#show flash

System flash directory:
File  Length   Name/status
  4   33591768 c2600-advipservicesk9-mz.124-15.T1.bin
  3   5571584  c2600-i-mz.122-28.bin
  2   28282    sigdef-category.xml
  1   227537   sigdef-default.xml
[39419171 bytes used, 24597213 available, 64016384 total]
63488K bytes of processor board System flash (Read/Write)


 - 기존 IOS 삭제 및 재부팅


R3#delete flash:c2600-i-mz.122-28.bin
Delete filename [c2600-i-mz.122-28.bin]?
Delete flash:/c2600-i-mz.122-28.bin? [confirm]

R3#show flash

System flash directory:
File  Length   Name/status
  4   33591768 c2600-advipservicesk9-mz.124-15.T1.bin
  2   28282    sigdef-category.xml
  1   227537   sigdef-default.xml
[33847587 bytes used, 30168797 available, 64016384 total]
63488K bytes of processor board System flash (Read/Write)




~ 중간 생략 ~


R3#show version





Ex4) Cisco IOS 업로드 예제


 - 현재 R3 Flash 메모리에 IOS가 없는 상태이다. R3 TFTP 서버-4를 이용하여 'c2600-advipservicesk9-mz.124-15.T1.bin'

   를 업로드하도록 하자.



rommon 1 >
rommon 1 > dir flash:
         File size           Checksum   File name
     28282 bytes (0x6e7a)     0x6e7a    sigdef-category.xml
    227537 bytes (0x378d1)    0x78d4    sigdef-default.xml


rommon 3 > tftpdnld

Missing or illegal ip address for variable IP_ADDRESS
Illegal IP address.

usage: tftpdnld
  Use this command for disaster recovery only to recover an image via TFTP.
  Monitor variables are used to set up parameters for the transfer.
  (Syntax: "VARIABLE_NAME=value" and use "set" to show current variables.)
  "ctrl-c" or "break" stops the transfer before flash erase begins.

  The following variables are REQUIRED to be set for tftpdnld:
            IP_ADDRESS: The IP address for this unit
        IP_SUBNET_MASK: The subnet mask for this unit
       DEFAULT_GATEWAY: The default gateway for this unit
           TFTP_SERVER: The IP address of the server to fetch from
             TFTP_FILE: The filename to fetch

  The following variables are OPTIONAL:
          TFTP_VERBOSE: Print setting. 0=quiet, 1=progress(default), 2=verbose
      TFTP_RETRY_COUNT: Retry count for ARP and TFTP (default=7)
          TFTP_TIMEOUT: Overall timeout of operation in seconds (default=7200)
         TFTP_CHECKSUM: Perform checksum test on image, 0=no, 1=yes (default=1)
         FE_SPEED_MODE: 0=10/hdx, 1=10/fdx, 2=100/hdx, 3=100/fdx, 4=Auto(deflt)


rommon 4 >
rommon 4 > IP_ADDRESS=
rommon 5 > IP_SUBNET_MASK=
rommon 7 > TFTP_SERVER=
rommon 8 > TFTP_FILE=c2600-advipservicesk9-mz.124-15.T1.bin


rommon 9 > tftpdnld

           TFTP_FILE: c2600-advipservicesk9-mz.124-15.T1.bin

Invoke this command for disaster recovery only.
WARNING: all existing data in all partitions on flash will be lost!

Do you wish to continue? y/n:  [n]:  y


~ 중간 생략 ~


rommon 10 > dir flash:
         File size           Checksum   File name
  33591768 bytes (0x20091d8)  0x93d8    c2600-advipservicesk9-mz.124-15.T1.bin

rommon 11 > reset