误删Cisco IOS文件恢复

手贱把公司ASA防火墙IOS文件删除了，赶忙在同型号防火墙下载IOS文件后恢复故障。记录一下过程。

rommon #1> ？ 

Variables: Use "sync" to store in NVRAM 
ADDRESS= local IP address 
CONFIG= config file path/name 
GATEWAY= gateway IP address 
IMAGE= p_w_picpath file path/name 
LINKTIMEOUT= Link UP timeout (seconds) 
PKTTIMEOUT= packet timeout (seconds) 
PORT= ethernet interface port 
RETRY= Packet Retry Count (Ping/TFTP) 
SERVER= server IP address 
VLAN= enable/disable DOT1Q tagging on the selected port 

rommon #2> ADDRESS=192.168.0.2 （由于是TFFP上传，因此防火墙设置为客户机） 
rommon #3> GATEWAY=192.168.0.1 （网关） 
rommon #4> IMAGE=asa802-k8.bin （导入IOS的名称） 
rommon #5> SERVER=192.168.0.1 （服务器IP，也就是你的PC） 
rommon #6> sync （保存） 
Updating NVRAM Parameters... 

rommon #7> ping 192.168.0.1 

Sending 20, 100-byte ICMP Echoes to 192.168.0.1, timeout is 4 seconds: 
?!!!!!!!!!!!!!!!!!!! 
Success rate is 95 percent (19/20) 
确认线路是否连通，开启TFTP软件 （这里说明下我测试是ASA5505 因此接的E0/0口。不知道设备该接什么口能够用set看“PORT=Ethernet0/0”） 
rommon #8> tftpdnld （上传） 
ROMMON Variable Settings: 
ADDRESS=192.168.0.2 
SERVER=192.168.0.1 
GATEWAY=192.168.0.1 
PORT=Ethernet0/0 
VLAN=untagged 
IMAGE=asa802-k8.bin 
CONFIG= 
LINKTIMEOUT=20 
PKTTIMEOUT=4 
RETRY=20 

tftp asa802-k8.bin@192.168.0.1 via 192.168.0.1 
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 

导入后设备重启，如今有了IOS 能进去 
Type help or '?' for a list of available commands. 
ciscoasa> en 
但如今IOS也没有装入设备，而是从tftp引导启动设备，断开TFTP服务器就会重新进入监控模式。这一点当设备启动完毕后能够用show version命令看到： 
System p_w_picpath file is "tftp://192.168.0.1/asa802-k8.bin" 

如今须要把IOS存入设备，可是如今防火墙和PC已经不能通讯 
ciscoasa# ping 192.168.0.1 
Type escape sequence to abort. 
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds: 
No route to host 192.168.0.1 

Success rate is 0 percent (0/1) 
由于刚才是在监控模式下，如今须要配置让PC和防火墙重新通讯（具体型号具体设置，下面已我手上的5505为例） 

interface Vlan1 
nameif inside 
security-level 100 
ip address 192.168.1.1 255.255.255.0 
! 
interface Vlan2 
nameif outside 
security-level 0 
ip address 192.168.0.2 255.255.255.0 
! 
interface Ethernet0/0 
switchport access vlan 2 
如今测试 
ciscoasa# ping 192.168.1.1 
Type escape sequence to abort. 
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: 
!!!!! 
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms 
已经能通讯，下面拷贝IOS和ASDM存入设备 

ciscoasa# copy tftp://192.168.0.1/asa802-k8.bin disk0:/asa802-k8.bin 

Address or name of remote host ? 

Source filename ? 

Destination filename ? 

Accessing tftp://192.168.0.1/asa802-k8.bin. ... !!!!!!!!!!!!!!!!!!! 
由于删除的是flash 如今还须要导入ASDM （注意ASDM和IOS的兼容，不兼容以下图） 
进行ciscoasa# copy tftp://192.168.0.1/asa802-k8.bin disk0:/asa802-k8.bin一直报错。

ciscoasa# show flash:

Initializing disk0: cache, please wait...Failed (Invalid DOS media or no media in slot error).

%Error show flash: (Failed to initialize the Inode table)

ciscoasa# dir disk0:

%Error opening disk0:/ (Invalid DOS media or no media in slot)

ciscoasa# fsck flash:

Initializing disk0: cache, please wait...Failed (Invalid DOS media or no media in slot error).

Internal error, inode table initialization for flash: failed with error Invalid DOS media or no media in slot

%Error checking flash: (Invalid DOS media or no media in slot)

WARNING: Restoring security context mode failed.

最后使用ciscoasa# format flash: 命令后正常。

ciscoasa# copy tftp://192.168.0.1/asdm-602.bin disk0://asdm-602.bin Address or name of remote host ? Source filename ? Destination filename ? Accessing tftp://192.168.0.1/asdm-602.bin.. ... !!!!!!!!!!!!!!!!!!! 如今能够看见IOS之后在设备上 ciscoasa# show version Cisco Adaptive Security Appliance Software Version 8.2(1) Compiled on Tue 05-May-09 22:45 by builders System p_w_picpath file is "disk0:/asa821-k8.bin" Config file at boot was "startup-config" ciscoasa# show flash: --#-- --length-- -----date/time------ path 3 4096 Aug 26 2009 17:41:50 log 10 4096 Aug 26 2009 17:41:56 crypto_archive 11 4096 Aug 26 2009 17:59:06 coredumpinfo 12 43 Aug 27 2009 09:13:02 coredumpinfo/coredump.cfg 78 16275456 Aug 26 2009 18:07:50 asa802-k8.bin 80 7598456 Aug 27 2009 09:05:54 asdm-602.bin 设置启动文件 ciscoasa (config)# boot system disk0:/asa802-k8.bin 设置IOS ciscoasa (config)# asdm p_w_picpath disk0:/asdm602.bin 设置ASDM ciscoasa (config)# reload 从新启动，配置生效