• Password recovery for the switch

• password recovery for the switch

Specific steps:

1. Unplug the switch

Because the switch does not have a power switch, the switch can only be restarted by disconnecting the power supply.

2. Once the power is plugged in, press and hold the "mode" button on the switch, and when you see the "switch:" Command prompt on the configuration screen, you can release the "mode" key. This means that you have entered a simple iOS dedicated to failback, because no password, normal iOS cannot enter, so you can only do some parameter settings here. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image002 "border=" 0 "alt=" clip_ image002 "src=" http://s3.51cto.com/wyfs02/M00/77/8F/wKioL1ZpiSODGVjAAAAgpQIYRX8230.jpg "height=" "/>

3. Use the command "Flash_init" above to initialize Flash. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image004 "border=" 0 "alt=" clip_ image004 "src=" http://s3.51cto.com/wyfs02/M01/77/90/wKiom1ZpiSTBtDTsAAAaunxu_nY445.jpg "height="/>

4. Change the Config.text file name to Config.old. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image006 "border=" 0 "alt=" clip_ image006 "src=" http://s3.51cto.com/wyfs02/M01/77/8F/wKioL1ZpiSWR8HkAAAAIaStffpA657.jpg "height="/>

Note: The factory setting of the Cisco switch is no password, the various passwords are set later, the switch's password is stored in the Flash configuration file config.text.

5. Restart the switch using the command "boot" command. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image008 "border=" 0 "alt=" clip_ image008 "src=" http://s3.51cto.com/wyfs02/M02/77/8F/wKioL1ZpiSXhbKEVAAAHL0aeuFw039.jpg "height="/>

Note:the "boot" command can only be used in this mode.

Now you can go to iOS, but to do this, password recovery is not complete, because there are not only passwords in the configuration file, there are many other parameter settings, you must restore these parameters.

6. Change the name of the configuration file back. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image010 "border=" 0 "alt=" clip_ image010 "src=" http://s3.51cto.com/wyfs02/M01/77/90/wKiom1ZpiSWAp_-9AAAIeLZUT70497.jpg "height="/>

Note: The configuration file must be called Config.text.

7. Manually load the configuration file. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image012 "border=" 0 "alt=" clip_ image012 "src=" http://s3.51cto.com/wyfs02/M02/77/90/wKiom1ZpiSagadAoAAAIp4m_5nI172.jpg "height="/>

You can then use the command "write" to save it. ：

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image014 "border=" 0 "alt=" clip_ image014 "src=" http://s3.51cto.com/wyfs02/M00/77/91/wKiom1ZpiSaC9noJAAAHMfyW6hg116.jpg "height="/>

8. After the configuration file is loaded, you need to enter the configuration mode to modify the password, finally save the configuration, complete the password recovery.

• iOS backup for routing and swapping

Specific steps:

1. Install the TFTP software on one host, then run the TFTP software and click on the button labeled Red box:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image016 "border=" 0 "alt=" clip_ image016 "src=" http://s3.51cto.com/wyfs02/M00/77/8F/wKioL1ZpiSeynn4AAAAVed0RdMU581.jpg "height=" 171 "/>

2. Click the button labeled Red box and select the root directory of the TFTP to store the backup iOS files.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image017 "border=" 0 "alt=" clip_ image017 "src=" http://s3.51cto.com/wyfs02/M01/77/91/wKiom1ZpiSjzRzjnAAA4PND6znM948.jpg "height=" 185 "/>

3. Configure an IP address for the same network segment for both the TFTP server and the switch. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image018 "border=" 0 "alt=" clip_ image018 "src=" http://s3.51cto.com/wyfs02/M01/77/8F/wKioL1ZpiSqAZfGoAABA7LY5rKE116.jpg "height=" 244 "/>

4. in the switch's privileged mode, enter "Copy Flash tftp" to back up iOS. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image020 "border=" 0 "alt=" clip_ image020 "src=" http://s3.51cto.com/wyfs02/M02/77/91/wKiom1ZpiSuDZzs1AAAtnSSreMM121.jpg "height="/>

When you press ENTER to confirm, a row of exclamation points appears, indicating that iOS is being backed up.

5. After the backup is successful, you can see the backed up iOS files at the root of the TFTP server. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image022 "border=" 0 "alt=" clip_ image022 "src=" Http://s3.51cto.com/wyfs02/M02/77/8F/wKioL1ZpiSyhZBslAAAgbjV1Bpo472.jpg "height=" 182 "/>

L Exchange routes for iOS upgrade

Specific steps:

1. Store The new version of the iOS file in the root directory of the TFTP server.

2. ensure that the switch and the TFTP server are able to communicate.

3. in the switch's privileged mode, enter the command "copy TFTP flash" to upgrade iOS. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image024 "border=" 0 "alt=" clip_ image024 "src=" http://s3.51cto.com/wyfs02/M00/77/91/wKiom1ZpiS2Qa_wCAAA7DvsUXTM905.jpg "height=" 108 "/>

When you press ENTER to confirm, a row of exclamation points appears, indicating that the new iOS file is being transferred to Flash.

L Recovery switch iOS system

The iOS of the analog switch is completely damaged. in privileged mode of the switch, use the command "delete" to delete the iOS file. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image026 "border=" 0 "alt=" clip_ image026 "src=" http://s3.51cto.com/wyfs02/M02/77/8F/wKioL1ZpiTGAcpnbAAAL2KcbxGA341.jpg "height=" "/>"

Then use the command "reload" to restart the switch. ：

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image028 "border=" 0 "alt=" clip_ image028 "src=" http://s3.51cto.com/wyfs02/M01/77/8F/wKioL1ZpiTHhYqW8AAAHNhuk8Ns142.jpg "height="/>

Specific steps:

1. because the device's iOS file is corrupted, the process of loading iOS will inevitably fail, and the prompt "switch:" appears in the configuration interface. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image030 "border=" 0 "alt=" clip_ image030 "src=" http://s3.51cto.com/wyfs02/M02/77/91/wKiom1ZpiTKDae2TAAAOEP9ZXTA800.jpg "height="/>

2. at this prompt, enter the command "Flash_init" to initialize the flash. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image032 "border=" 0 "alt=" clip_ image032 "src=" http://s3.51cto.com/wyfs02/M02/77/91/wKiom1ZpiTLCTknNAAAHZZ8_bXQ183.jpg "height="/>

3. transfer iOS files via the Xmodem protocol. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image034 "border=" 0 "alt=" clip_ image034 "src=" http://s3.51cto.com/wyfs02/M02/77/8F/wKioL1ZpiTOzK0qrAAAIvKPXnqs853.jpg "height="/>

When you press ENTER to confirm, the letter "C" appears in the configuration interface, indicating that the device is ready to accept iOS files.

4. set xmodem options for HyperTerminal

In the HyperTerminal drop-down menu "Send", click "Send File", select the iOS file path and the Xmodem protocol in the popup dialog box. alternatively: right mouse on the HyperTerminal interface, in the popup menu, select "Send File", select the iOS file path and the Xmodem protocol in the popup dialog box. ：

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image035 "border=" 0 "alt=" clip_ image035 "src=" http://s3.51cto.com/wyfs02/M00/77/91/wKiom1ZpiTPxVY1HAAAnoPImQP8305.jpg "height=" "/>"

Note: This step is recommended to follow the previous step, do not stay in the middle.

5. when the "send" file is clicked, the transmission takes about one hours. :

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image036 "border=" 0 "alt=" clip_ image036 "src=" http://s3.51cto.com/wyfs02/M02/77/8F/wKioL1ZpiTWDn5bTAAAxc9pHIOU437.jpg "height=" 158 "/>

6. After the file transfer is successful, a prompt appears:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;margin:0px;padding-left:0px ;p adding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image038 "border=" 0 "alt=" clip_ image038 "src=" http://s3.51cto.com/wyfs02/M00/77/8F/wKioL1ZpiTWjXam7AAAMuohnjJU498.jpg "height="/>

7. Restart the switch

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image040 "border=" 0 "alt=" clip_ image040 "src=" http://s3.51cto.com/wyfs02/M01/77/8F/wKioL1ZpiTbyQcULAAAHNgXhX9U933.jpg "height="/>

n internal components of the router

1. Processor

Like a computer, a router running iOS also contains a "central processing Unit" (CPU), and the CPUs of different series and models vary. The router's processor is responsible for performing the work required to process the package, such as routing discovery, routing forwarding, and routing decisions. The speed at which a router processes packets depends largely on the type of processor.

2. Memory

All routers have some form of storage installed, and there are 4 types of storage in the router:

? RAM : random access memory, equivalent to the memory of the computer. Contains the software and data structures that the router is working in RAM, the main software running in RAM is the iOS image and configuration file (Running-config), and also contains the routing table and data buffers. RAM is volatile and the content that is stored is lost once a power outage occurs.

? ROM : read-only memory. Some micro-code, such as bootstrap and post code, that is used to start and maintain the basic functions of the router resides in the ROM. ROM is non-volatile and does not lose content even when power is turned off.

? Flash : Flash, equivalent to the computer's hard disk, mainly used to store the iOS software image, to maintain the normal operation of the router. As long as the flash capacity is sufficient, multiple iOS images can be saved to provide multiple boot options. Flash memory is non-volatile and is not lost even if the power is turned off.

? NVRAM : Non-volatile random access memory. Primarily used to store boot configuration files (startup-config). The contents of the NVRAM are not lost in power loss. When the router shuts down the power, NVRAM uses the built-in battery to maintain the data. Another important element in NVRAM is the configuration register, which is used to control how the router starts.

n Boot process for Cisco routers

1. Power-on self-Test (POST)

This event is a series of hardware self-tests to verify that all parts of the router are working properly. During detection, the router also determines which hardware is running. The post executes the micro-code residing in the system ROM.

2. Load Run Autonomous boot (Bootstrap) code

Self-guided code is used to perform subsequent events, such as locating, loading, and running the iOS software. After iOS is mounted and running, the self-booting code is not used until the next time the router reloads or power on.

3. find iOS software

The boot code determines where the iOS software running is placed. The flash is the normal location for the iOS image, and the configuration register and configuration file (in NVRAM) help determine where the iOS is mirrored and decide what image file to boot with.

4. loading iOS software

After Bootstrap found the right iOS software, it loaded the iOS software into RAM and started running.

5. Find the configuration

The default is to look for a valid configuration in NVRAM. If no configuration is found in the NVRAM, try to find the configuration from the TFTP server. If it is not found, enter setup mode.

N Basic Command Introduction

1. Show Running-config

This command is used to view the current configuration information for the switch, abbreviated to SH run.

2. Show Startup-config

This command is used to display saved configuration information, which can be abbreviated to SH star. Startup-config is actually a file stored in NVRAM (Non-volatile RAM, nonvolatile memory), and a single battery in the router is continuously powering the NVRAM, so the routers are still stored in the NVRAM even if they are rebooted or powered off.

3. copy running-config startup-config

This command is used to save the current configuration information. Although the configuration made to the router takes effect in a timely manner, if you reboot, the changes will all disappear. This requires the command copy run star to save the current configuration information, copy the Running-config file in RAM into the Startup-config file in the NVRAM, and the advantage is that the configuration content of the router is saved. Even if the router restarts, it can revert to the configured state, and a command is equivalent to this command-write (WR).

4. Erase NVRAM

This command is used to delete the saved configuration information, which is equivalent to "Delete Nvram:startup-config".

n password settings for routers and switches

1. Configure the console port password

The way to configure passwords for routers and switches is similar.

Switch (config) # line console 0

Switch (config-line) # password 123456

Switch (config-line) # Login

When the switch, router is configured from the console port, the switch, the router will prompt for the password, if the input is not correct will not be able to configure the switch.

2. Configure the privileged mode password

The commands for configuring privileged mode passwords are as follows:

Switch (config) # enable password 123

or configure it in the following ways:

Switch (config) # enable secret 456

The difference between the two commands is that the password configured by the former is plaintext and the latter is encrypted.

When all two passwords are configured, only the secret password will take effect, and the password password does not take effect.

When entering privileged mode, the switch and router will prompt for a password and will not be able to enter privileged mode if the password is entered incorrectly. Only enter the correct password to enter privileged mode.

n remote management of routers and switches

1. Configure the management IP

Because the router is a three-tier device, you can configure the IP address directly on its interface, so use the interface address directly as the management IP.

For layer two switches, the management IP address must be configured.

Assuming the management IP address is 192.168.10.10, the configuration command is as follows:

Switch (config) # interface VLAN 1

Switch (config-if) # IP address 192.168.10.10 255.255.255.0

Switch (config-if) # no shutdown

This is equivalent to configuring an IP address on the switch that the administrator can log on to the switch on the Telnet IP address. for two-tier devices, this configuration is important because two-tier devices cannot be configured with various excuses for IP addresses, so administrators can only manage two-tier devices through this IP address.

2. Configure the vty password

When remote Telnet logs on to a device, it can be verified by vty (virtual type Terminal, dummy types terminal) password. Because you do not want illegal users to remotely log on to their devices for configuration, it is necessary to configure the vty password, and, based on security considerations, if the vty password is not configured on a Cisco device, it is not possible to remotely log in with the following configuration:

Switch (config) # line vty 0 4

Switch (config-line) # password 123456

Switch (config-line) # Login

Similar to the previous console port password configuration, where line vty 0 4 means that the five virtual ports VTY0, VTY1, VTY2, VTY3, and VTY4 are allowed to enter simultaneously, "Vty 0 4" can be understood as 0 virtual consoles from Vty 4 to vty five.

3. Configure the default gateway

If the administrator host is not on the same network segment as the switch to be managed, you must specify a default gateway for the switch, or you cannot implement remote logins.

If the default gateway for the switch is 192.168.2.254, configure the following:

Switch (config) # IP default-gateway 192.168.2.254

4. Configure the encrypted plaintext password

Like the console port password, the Enable password password, the vty password are clear in the configuration information, can be viewed using the show Run command, but it is not secure, so the actual work is generally used in the "service Password-encryption"command to encrypt these plaintext passwords.

Switch (config) # service password-encryption

n IOS Naming conventions

The general form of naming is: Aaaaa-bbbb-cc-dddd.ee, where the characters represent the following meanings:

? AAAAA : This set of characters represents the hardware platform that iOS applies to, for example:

C2600:2600 Series Routers

C2960:CATALYST2960 Series Switches

? BBBB : This set of characters represents the set of features that iOS contains

Starting with the 12.3 version (router) or the 12.2S version (switch), Cisco has packaged a number of features (packaging) policies to simplify the selection. The KB (vpn-des) attribute set begins to be superseded by the K9 (Vpn-3des/aes) attribute set.

Router products from the 800 to 3800 series include the following eight feature packs: IP base, IP Voice, Advanced Security, SP Services, Advanced IP Services, Enterprise Base, Enterprise Services and advanced Enterprise Services. The Router factory defaults to load the IP Base Feature Pack. Each Feature pack contains an attribute set, such as the set of attributes that the IP Base Feature Pack includes: DSL, Ethernet switching, Inter-vlan 802.1q routing, VLANs trunking.

Similar to routers, multilayer switch products also include multiple feature packs, but layer 2 base and LAN base two feature packs are available on tier two switches, and the Layer 2 base Feature Pack is loaded by default on a two-tier switch factory.

? CC : This set of characters indicates how the iOS software works and the compression format

The first "C" indicates which memory type the iOS executes in, for example:

F :Flash

m : Ram

R : Rom

The second "C" shows how to compress, for example:

Z :zip compression

W :Stac Compression

? DDDD : This set of characters represents the iOS software version

The current and newer versions are: 12.2, 12.3, 12.4.

? EE : This set of characters represents the suffix of an iOS file, such as. bin.

let's look at an actual iOS file name:C2800nm-ipbase-mz.124-3i.bin, which has the following meanings:

? c2800nm represents a hardware platform for Cisco 2800 series routers

? Ipbase indicates that the feature set for the Ipbase package is loaded

? m means running in RAM andz means that iOS files are compressed in zip format

? 124-3i means iOS software version is 12.4 (3i)

? The . Bin represents the iOS software suffix.

n Query The SN of the product

SN (Serial number, product serial numbers) is globally unique to a device and is a serial number that is written to the device by the manufacturer of the device to uniquely identify the device. You can find the SN from the box on the device when you purchase the device, or by the command "show version".

router# Show version

• Password recovery for the switch