How to Restore IOS on your Cisco Device using TFTP
How to Restore IOS on your Cisco Device using TFTP
As I often recommend, it is a great thing to practice your Cisco configurations on live gear. There is much live gear to be had if you peruse the online auction sites. I do recommend that you make sure there is a non-DOA guarantee on the gear, so that you have recourse if it shows up dead. If you have the option to request a console cable with the purchase (and you don’t already have one) make sure to include that as well. Hopefully it comes with the IOS already resident as well.
Today’s tip deals with restoring (or upgrading) the IOS using tftpdnld, from within rommon mode. As long as you are in possession of the IOS, you are in good shape. If you already own the device, it would be the sensible thing to copy off the IOS just in case your existing copy somehow gets corrupted.
Now to get the IOS back onto the device. There are many articles on the web dealing with this process so I am not really divulging any never-before-seen secrets. However, I would like to show how the steps look as we go through the process for those who truly have never done it before.
Connect to your device using the well documented settings:
Baud rate : 9600 (bits per second)
Data bits : 8
Parity : none
Stop bits : 1
Flow control : none
If the router boots directly into rommon, it is quite likely that there is no IOS file in flash. You can issue the dir flash: command from within rommon to verify this. If you do not see a file named xxxxx.bin, then you have no IOS.
The next step is to configure a TFTP server which will provide the transfer mechanism of the IOS to the router. There is a great free TFTP Server available online from Philippe Jounin at http://tftpd32.jounin.net/ There is both a 32 bit and 64 bit version available. Verify that it is installed and running and reachable over the network by the router. This will mean attaching an ethernet cable to interface FastEthernet 0/0 on your router. If you have created a backup copy of the Cisco IOS as noted above, you are ready to proceed with these steps. If not, you will need to find another way to obtain the IOS. If these steps are being taken within a corporate environment, it is likely a SmartNet (or some type of support) agreement exists between your organization and Cisco. If that is the case, Cisco provides the IOS files at their website for registered customers. Once the IOS is in the TFTP root directory, you can proceed with the recovery operation.
From within rommon, you can easily verify the current environment settings by issuing the command ‘set’ and hitting return. This will give you a rundown of the current values for the pieces that matter to us for these steps. Here are the relevant values: (These statements are case-sensitive!)
IP_ADDRESS =10.1.10.100 (IP address to be used by router)
IP_SUBNET_MASK =255.255.0.0 (Mask to be used by router)
TFTP_SERVER=10.1.10.120 (IP Address of your TFTP Server machine)
TFTP_FILE=xxxxxxxxxxxxxxxx.bin (Name of IOS file)
The easy way to enter the IOS filename is to browse to the tftp root folder on your tftp server (which is usually the same box from which you have established a console session). To easily determine the TFTP Root directory in TFTPD click the Show Dir button
Then click the Explorer button
This will launch an instance of Windows Explorer with the selected directory being the TFTP Root folder. Locate the IOS (.bin) file and click it once and then click again to highlight the name of the file. Right click and copy the filename, then paste it into the above command in rommon. If you don’t use this method to copy the filename, you can manually enter the filename, being careful not to mis-type anything. Once all the above is entered, again from within rommon, type the command ‘tftpdnld’
You will see a confirmation message that lists the values you just entered. If they are correct, then enter ’y’ for yes and hit Enter.
It looks like this:
rommon x > tftpdnld
Invoke this command for disaster recovery only. WARNING: all existing data in all partitions on flash will be lost! Do you wish to continue? y/n: [n]:
If successful, you will see the following output in your console session window:
You should also see a confirmation message (indicating that file copying is occurring) similar to this one inside your TFTP Server window. Here is what it looks like in TFTPD64 from Ph. Jounin:
Once the copying is complete (which takes just a couple of minutes or less using this method), the following lines will be displayed:
File reception completed. Copying file c2600-adventerprisek9-mz.124-23.bin to flash. Erasing flash at 0x604c0000
At this point flash is automatically erased. This takes from two to five minutes depending on the size of flash memory.
Once flash is erased, the next message looks like this:
program flash location 0x60020000
Flash is now programmed using the uploaded IOS file. On my device (2621XM with IOS file size 29928068 bytes) this took about 23 minutes.
Once that portion is complete, you are returned to a rommon prompt. Just type the command ‘reset’ and the device will reboot into the newly copied IOS file.
One thing I wish to add regarding the IP addressing used in this document. The addresses given are examples. The addresses you use in your recovery efforts can be any IP addressing scheme that matches your environment. The important thing to remember is that the IP address of the TFTP Server and the IP address used inside rommon to identify the device must be in the same network. Other than that, you can set things however you wish.
You May Also Like
This content is from our CompTIA Network + Video Certification Training Course. Start training today! In this video, CompTIA Network + instructor Rick Trader demonstrates how to use cable testers in network environments. Let’s look at some tools that we can use to test our different cables in our environment. Cable Testers Properly Wired Connectivity … Continue reading Cable Testers and How to Use them in Network Environments
In this video, you will gain an understanding of Agile and Scrum Master Certification terminologies and concepts to help you make better decisions in your Project Management capabilities. Whether you’re a developer looking to obtain an Agile or Scrum Master Certification, or you’re a Project Manager/Product Owner who is attempting to get your product or … Continue reading Agile Methodology in Project Management
How does an investigator hunt down and identify unknown malware? In this recording of our IT Security training webinar on April 21, 2015, Security expert Mike Danseglio (CISSP / CEH) performed several malware investigations on infected computers and identify symptoms, find root cause, and follow the leads to determine what’s happening. He demonstrated his preferred … Continue reading Detailed Forensic Investigation of Malware Infections – April 21, 2015