誤刪Cisco IOS文件恢復

手賤把公司ASA防火牆IOS文件刪除了，趕忙在同型號防火牆下載IOS文件後恢復故障。記錄一下過程。

rommon #1> ？ 

Variables: Use "sync" to store in NVRAM 
ADDRESS= local IP address 
CONFIG= config file path/name 
GATEWAY= gateway IP address 
IMAGE= p_w_picpath file path/name 
LINKTIMEOUT= Link UP timeout (seconds) 
PKTTIMEOUT= packet timeout (seconds) 
PORT= ethernet interface port 
RETRY= Packet Retry Count (Ping/TFTP) 
SERVER= server IP address 
VLAN= enable/disable DOT1Q tagging on the selected port 

rommon #2> ADDRESS=192.168.0.2 （由於是TFFP上傳，因此防火牆設置爲客戶機） 
rommon #3> GATEWAY=192.168.0.1 （網關） 
rommon #4> IMAGE=asa802-k8.bin （導入IOS的名稱） 
rommon #5> SERVER=192.168.0.1 （服務器IP，也就是你的PC） 
rommon #6> sync （保存） 
Updating NVRAM Parameters... 

rommon #7> ping 192.168.0.1 

Sending 20, 100-byte ICMP Echoes to 192.168.0.1, timeout is 4 seconds: 
?!!!!!!!!!!!!!!!!!!! 
Success rate is 95 percent (19/20) 
確認線路是否連通，開啓TFTP軟件 （這裏說明下我測試是ASA5505 因此接的E0/0口。不知道設備該接什麼口能夠用set看「PORT=Ethernet0/0」） 
rommon #8> tftpdnld （上傳） 
ROMMON Variable Settings: 
ADDRESS=192.168.0.2 
SERVER=192.168.0.1 
GATEWAY=192.168.0.1 
PORT=Ethernet0/0 
VLAN=untagged 
IMAGE=asa802-k8.bin 
CONFIG= 
LINKTIMEOUT=20 
PKTTIMEOUT=4 
RETRY=20 

tftp asa802-k8.bin@192.168.0.1 via 192.168.0.1 
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 

導入後設備重啓，如今有了IOS 能進去 
Type help or '?' for a list of available commands. 
ciscoasa> en 
但如今IOS也沒有裝入設備，而是從tftp引導啓動設備，斷開TFTP服務器就會重新進入監控模式。這一點當設備啓動完畢後能夠用show version命令看到： 
System p_w_picpath file is "tftp://192.168.0.1/asa802-k8.bin" 

如今須要把IOS存入設備，可是如今防火牆和PC已經不能通訊 
ciscoasa# ping 192.168.0.1 
Type escape sequence to abort. 
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds: 
No route to host 192.168.0.1 

Success rate is 0 percent (0/1) 
由於剛纔是在監控模式下，如今須要配置讓PC和防火牆重新通訊（具體型號具體設置，下面已我手上的5505爲例） 

interface Vlan1 
nameif inside 
security-level 100 
ip address 192.168.1.1 255.255.255.0 
! 
interface Vlan2 
nameif outside 
security-level 0 
ip address 192.168.0.2 255.255.255.0 
! 
interface Ethernet0/0 
switchport access vlan 2 
如今測試 
ciscoasa# ping 192.168.1.1 
Type escape sequence to abort. 
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: 
!!!!! 
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms 
已經能通訊，下面拷貝IOS和ASDM存入設備 

ciscoasa# copy tftp://192.168.0.1/asa802-k8.bin disk0:/asa802-k8.bin 

Address or name of remote host ? 

Source filename ? 

Destination filename ? 

Accessing tftp://192.168.0.1/asa802-k8.bin. ... !!!!!!!!!!!!!!!!!!! 
由於刪除的是flash 如今還須要導入ASDM （注意ASDM和IOS的兼容，不兼容以下圖） 
進行ciscoasa# copy tftp://192.168.0.1/asa802-k8.bin disk0:/asa802-k8.bin一直報錯。

ciscoasa# show flash:

Initializing disk0: cache, please wait...Failed (Invalid DOS media or no media in slot error).

%Error show flash: (Failed to initialize the Inode table)

ciscoasa# dir disk0:

%Error opening disk0:/ (Invalid DOS media or no media in slot)

ciscoasa# fsck flash:

Initializing disk0: cache, please wait...Failed (Invalid DOS media or no media in slot error).

Internal error, inode table initialization for flash: failed with error Invalid DOS media or no media in slot

%Error checking flash: (Invalid DOS media or no media in slot)

WARNING: Restoring security context mode failed.

最後使用ciscoasa# format flash: 命令後正常。

ciscoasa# copy tftp://192.168.0.1/asdm-602.bin disk0://asdm-602.bin Address or name of remote host ? Source filename ? Destination filename ? Accessing tftp://192.168.0.1/asdm-602.bin.. ... !!!!!!!!!!!!!!!!!!! 如今能夠看見IOS之後在設備上 ciscoasa# show version Cisco Adaptive Security Appliance Software Version 8.2(1) Compiled on Tue 05-May-09 22:45 by builders System p_w_picpath file is "disk0:/asa821-k8.bin" Config file at boot was "startup-config" ciscoasa# show flash: --#-- --length-- -----date/time------ path 3 4096 Aug 26 2009 17:41:50 log 10 4096 Aug 26 2009 17:41:56 crypto_archive 11 4096 Aug 26 2009 17:59:06 coredumpinfo 12 43 Aug 27 2009 09:13:02 coredumpinfo/coredump.cfg 78 16275456 Aug 26 2009 18:07:50 asa802-k8.bin 80 7598456 Aug 27 2009 09:05:54 asdm-602.bin 設置啓動文件 ciscoasa (config)# boot system disk0:/asa802-k8.bin 設置IOS ciscoasa (config)# asdm p_w_picpath disk0:/asdm602.bin 設置ASDM ciscoasa (config)# reload 從新啓動，配置生效