Cisco3845路由器登陆问题
Cisco3845路由器,一般使用在大中型分支机构中,路由器出厂默认安装了Cisco SDM模块(路由器及安全配置工具),这样,在登陆时就会出现如下提示:
———————————————————————–
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username “cisco”
with the password “cisco”. The default username and password have a privilege level of 15.Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.username <myuser> privilege 15 secret 0 <mypassword>
no username ciscoReplace <myuser> and <mypassword> with the username and password you want to use.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
———————————————————————–
User Access VerificationUsername:
使用用户名和密码都为cisco来登陆路由器,然后再添加用户,再使用no username cisco命令将默认用户cisco删除,如果你没有创建用户,而直接将cisco用户删除再保存了配置,下次进入后使用cisco路由器就不能登陆了。
经过查看路由器配置,con和vty口的配置如下:
line con 0
login local
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet
发现是在con和vty口上使用了login local认证,这样就会使用cisco sdm来认证,所以,这里只需将login local修改为login,就可以跳过cisco sdm的认证,如下:
enable password 15 cisco
!
line con 0
password cisco
login
line aux 0
line vty 0 4
password cisco
login
transport input telnet
line vty 5 15
password cisco
login
transport input telnet
现在进不去路由器,只能通过修改enable密码的方法来进入路由器,再进行以下的修改:
1、将电脑与路由器的console口相连,启动路由器,按下[ctrl]+[break],如下,出现rommon命令提示符:
System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2006 by cisco Systems, Inc.System Bootstrap, Version 12.4(13r)T11, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2008 by cisco Systems, Inc.Total memory size = 256 MB – DIMM0 = 256 MB, DIMM1 = 0 MB
c3845 platform with 262144 Kbytes of main memory
Main memory is configured to 72/0(dimm 0/1) bit mode with ECC enabled
Upgrade ROMMON initializedmonitor: command “boot” aborted d
monitor: command “boot” aborted due to user interrupt
rommon 1 >
2、输入confreg,如下,记录下0x2102,do you wish处选择no
rommon 1 > confreg
Configuration Summary
(Virtual Configuration Register: 0x2102)
enabled are:
load rom after netboot fails
console baud: 9600
boot: image specified by the boot system commands
or default to: cisco2-c3845do you wish to change the configuration? y/n [n]:
3、通过confreg命令来修改配置寄存器的值,使路由器忽略NVRAM中的启动配置文件。输入confreg 0x2142来修改寄存器值,再输入i重启路同器,如下:
rommon 2 > confreg 0x2142
rommon 3 > i
4、启动后会进入用户exec模式,出现系统配置对话柜时输入no跳过,如下:
— System Configuration Dialog —
Would you like to enter the initial configuration dialog? [yes/no]: no
Press RETURN to get started!
5、使用enable命令进入配置模式,再使用sh run命令查看,这时会发现配置全部消失,因为这里是跳过NVRAM来启动路由器的,使用copy命令将NVRAM中的配置文件复制到现在的启动(running-config)配置文件中,
Router>en
Router#copy startup-config running-config
6、接下来对running-config配置文件进行修改,按照上面分析的,修改为:
enable password 15 cisco
!
line con 0
password cisco
login
line aux 0
line vty 0 4
password cisco
login
transport input telnet
line vty 5 15
password cisco
login
transport input telnet
这样,下次就可以直接使用cisco密码来进行认证了。
7、接下来做配置的保存工作,首先恢复配置寄存器的值0x2102,再保存配置,这里需使用write memory,完成后重启路由器,就可以使用cisco来登陆了。
Router#copy running-config startup-config
Router#configure terminal
Router(config)#config-register 0x2102
Router(config)#end
Router#write memory
Router#reload
版权声明:
作者:SE_Ning
链接:https://www.cnesa.cn/1017.html
来源:CNESA
文章版权归作者所有,未经允许请勿转载。
共有 0 条评论