Sunday, March 31, 2013

emulate CISCO ASA 8.4 on GNS3


This tutorial is outdated. New tutorial can be found at http://www.tectut.com/2015/12/how-to-setup-cisco-asa-in-gns3/  . It is our new blog :-)

Today, I would like to share how to setup ASA 8.4 Firewall on GNS3.

[1] Download asa image for GNS3

here is the link :- http://www.mediafire.com/download/c228c2sjdyrkwf3/ASA_842.7z
This file contain with initrd, vmlinuz and asdm 6.4

In any case above link is not working use below alternative link to download the file :-
link 1 :-  http://ge.tt/9RjhgNs/v/0?c
link 2 :- https://www.box.com/s/3fybjit5jsudhwyvqwz8



[2] Download & Install GNS3


You can download latest version from
http://www.gns3.net/download/
or
http://sourceforge.net/projects/gns-3/files/GNS3/


[3] Configure GNS3 for ASA


go to "Edit" --> "Preferences..."
On "Preferences" window, select "Qemu" and then choose "ASA" from the tabs

Fill the ASA setting & ASA Specific Settings as below . Screen capture is attached for your reference.




GNS3 Preferences













Qemu Options  & Kernel cmd line is important


Identifier name :     ( you can give any name )
RAM :     1024MB  ( at least 1024MB)
Qemu Options :     -vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32
Kernel cmd line :     -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536

Click " save " and then "OK" and exit form that window.
drag and drop ASA firewall into work enviroment and run, It may take some time to boot please be patient !


[4] Configure activation keys


you can use one of below activation key
0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5
0xb23bcf4a 0x1c713b4f 0x7d53bcbc 0xc4f8d09c 0x0e24c6b6

for example :-

ciscoasa#conf t
ciscoasa(config)#activation-key 0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5
ciscoasa(config)#wr
ciscoasa(config)#exit

now it is done.

21 comments:

  1. Hi,, thanks .... 1st time i am running cisco ASA image.... till now i was using pix image......as well as oi can do labs based on ASA software 8.4 which is little different config then 8.2////


    thanks for the post...very helpful.


    rgds,
    sahib

    ReplyDelete
  2. Hi there,
    I tried first time this ASA image , it works perfect .
    Thanks a lot :-)
    cheers

    ReplyDelete
  3. Please help.. Its not working form me.. its stopped after the mount command as instructed. I'm using windows XP..

    Please press Enter to activate this console.
    # cd /mnt/disk0
    # ls
    lina lina_monitor
    # pd
    -ash: pd: not found
    # pwd
    /mnt/disk0
    # /mnt/disk0/lina_monitor

    Processor memory 728686592, Reserved memory: 41943040 (DSOs: 0 + kernel: 41943040)
    Guest RAM start: 0xb4800080
    Guest RAM end: 0xdd400000
    LINA unit number: 1
    Guest RAM brk: 0xb4801000

    MKDIR failed No such file or directory for /var/log/
    Welcome to LINA - ( F1-on-Linux platform ) desktop version!

    ********************************************************************
    * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING *
    * *
    * This product is for Cisco internal use ONLY!!! *
    * *
    * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING *
    ********************************************************************

    i2c_read_byte_w_wait() error, slot = 0x4, device = 0xb0, address = 0 byte count = 1. Reason: RT

    Total SSMs found: 0
    Ignoring PCI card in slot:0 (vendor:0x0 deviceid:0x0)
    Ignoring PCI card in slot:1 (vendor:0x0 deviceid:0x0)
    Ignoring PCI card in slot:2 (vendor:0x0 deviceid:0x0)
    Ignoring PCI card in slot:3 (vendor:0x0 deviceid:0x0)
    Ignoring PCI card in slot:4 (vendor:0x0 deviceid:0x0)
    Ignoring PCI card in slot:5 (vendor:0x0 deviceid:0x0)
    Ignoring PCI card in slot:6 (vendor:0x0 deviceid:0x0)

    Total NICs found: 6
    setup_irq: irq handler mismatch






    Unable to open /proc/irq/15/irq error: Device or resource busy
    Panic: kernel - intr_establish: open interupt descriptor irq 15


    -----------------------------------------------
    Traceback output aborted.
    Flushing first exception frame:
    Abort: Assert failure
    vector 0x00000000
    edi 0x0000000f
    esi 0xb4e4a7c8
    ebp 0xb47f7658
    esp 0xb47f764c
    ebx 0x000000e5
    edx 0xb47f7690
    ecx 0x00000006
    eax 0x00000000
    error code n/a
    eip 0xdd6a72a1
    cs 0x00000073
    eflags 0x00000246
    CR2 0x00000000
    Nested traceback attempted via signal, from:
    Page fault: Address not mapped
    vector 0x0000000e
    edi 0xb47f70db
    esi 0xb47f70bf
    ebp 0xb47f6fe8
    esp 0xb47f6fa0
    ebx 0xb47f70bf
    edx 0x08acd5d8
    ecx 0x00000000
    eax 0x00000000
    error code 0x00000004
    eip 0x0805ee77
    cs 0x00000073
    eflags 0x00000286
    CR2 0x00000084

    An internal error occurred. Specifically, a programming assertion was
    violated. Copy the error message exactly as it appears, and get the
    output of the show version command and the contents of the configuration
    file. Then call your technical support representative.

    assertion "_vf_mode_init" failed: file "vf_api.c", line 99



    Rebooting....
    Restarting system.
    .

    ReplyDelete
  4. just hit "[ENTER]" key. I guess there is no password

    ReplyDelete
  5. i can't download. it says the user is out of bandwidth

    ReplyDelete
  6. This comment has been removed by the author.

    ReplyDelete
  7. Hey what are you guys using for Qemu? It keeps telling me "failed to start qemu"

    ReplyDelete
    Replies
    1. That's because you're not using the GNS3 all-in-one file. Get qemu from gns3.net/qemu, expand it and point the qemu and qemu-img path's in GNS3 appropriately. It'll work.

      Delete
  8. Everything works ok, I use the version of GNS3 0.8.5 select preconfiguration ASA 8.4(2) and follow the instructions.

    Tested with Win7 64 Bits and WinXP 32 Bits

    Thanks

    ReplyDelete
  9. Thank you! its working for me as well. it failed in first 3 attempts but surprisingly with same setting it started! wondering why it did not start first. anyways thanks ! :) am using GNS3 0.8.6 latest all in one version and Win 7 64 bit

    ReplyDelete
  10. THanks it is great.

    ReplyDelete
  11. Thanks friend its really very useful for me.

    ReplyDelete
  12. Hi!
    I 'm not able to create a managment interface, Can you help me?

    ReplyDelete
  13. Hi i have 1024 Mb RAM in PC will it work or not? As i have installed the file and putty the session but it is giving me the network connection refused...restarting in 4..3..2..1 sec and this continues for long time for 30 min.. Please help me..

    ReplyDelete
  14. as above instructions I did same but m while dragging asa on work area page it giving me error " connection lost"

    ReplyDelete
  15. activation-key 0x9933e843 0x88a03a01 0xdd60b0f8 0xd2886c64 0x0f28fd93

    ReplyDelete

Related Posts