Scribd Logo
Upload

Welcome to Scribd!

  • Cisco ASA 8.4(2) on GNS3 1.x.x with ASDM 7.1(1) Setup

    Uploaded by

    Ngọc Ngọc
    376 views9 pages
    1) The document provides step-by-step instructions for setting up a Cisco ASA firewall in GNS3 and connecting to its management interface using ASDM. 2) It describes downloading the ASA image files, configuring Qemu settings, and activating a full license on the ASA instance in GNS3. 3) It then explains how to configure a loopback adapter on the host computer, set up a TFTP server, and use ASDM to manage the ASA by downloading the ASDM application and connecting to the ASA's management interface.

    Original Description:

    cisco ASA

    Original Title

    Cisco ASA 8.4(2) on GNS3 1.x.x With ASDM 7.1(1)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1) The document provides step-by-step instructions for setting up a Cisco ASA firewall in GNS3 and connecting to its management interface using ASDM. 2) It describes downloading the ASA image files, configuring Qemu settings, and activating a full license on the ASA instance in GNS3. 3) It then explains how to configure a loopback adapter on the host computer, set up a TFTP server, and use ASDM to manage the ASA by downloading the ASDM application and connecting to the ASA's management interface.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    376 views9 pages

    Cisco ASA 8.4(2) on GNS3 1.x.x with ASDM 7.1(1) Setup

    Uploaded by

    Ngọc Ngọc
    1) The document provides step-by-step instructions for setting up a Cisco ASA firewall in GNS3 and connecting to its management interface using ASDM. 2) It describes downloading the ASA image files, configuring Qemu settings, and activating a full license on the ASA instance in GNS3. 3) It then explains how to configure a loopback adapter on the host computer, set up a TFTP server, and use ASDM to manage the ASA by downloading the ASDM application and connecting to the ASA's management interface.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 9

    Edited by Xuan Ly NGUYEN THE

    Cisco ASA 8.4(2) on GNS3 1.x.x with ASDM 7.1(1)

    I. CLI Setup

    * This assumes you have a default GNS3 install on Windows 7/8/8.1/10. For this tutorial
    my version of GNS3 is 1.x.x-All in one.

    1. Download ASA 8.42 files from my source (beam.to/ronglon), after downloading and
    unzipping, we have 2 files: asa842-initrd.gz; asa842-vmlinuz

    2. Open GNS3, browse to Edit  Preferences  QEMU and select ASA tab

    3. Enter any Identifier name. For example: asa842

    4. Enter 1024 for RAM

    5. Type the following parameters into Qemu Options:

    -vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32

    6. Browse to your downloaded files, assign asa842-initrd.gz for Initrd and asa842-vmlinuz
    for Kernel

    7. Type the following parameters into Kernel cmd line

    no-hlt -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb


    console=ttyS0,9600 bigphysarea=65536

    8. Now click Save then OK

    9. Drag Cisco ASA to your workspace  right click on it  click Start

    DUT – ITF – Communication and Network Division Page 1


    Edited by Xuan Ly NGUYEN THE

    10. Right click on ASA  click Console. If everything has been configured properly, it will
    boot normally like this:

    11. Default license is accepted

    12. Type enable to activate privileged mode, when password required, just press Enter

    13. Activate full license by typing as follows:

    activation-key 0xb23bcf4a 0x1c713b4f 0x7d53bcbc 0xc4f8d09c 0x0e24c6b6

    Waiting 15  20 minutes, activation key will be accepted like this:

    DUT – ITF – Communication and Network Division Page 2


    Edited by Xuan Ly NGUYEN THE

    14. Now type write memory then reboot ASA by using reload command

    15. During the reboot, it will take some time for key validation phase. Nothing to be
    worried. Wait for 15-20 minutes.

    DUT – ITF – Communication and Network Division Page 3


    Edited by Xuan Ly NGUYEN THE

    16. Now you have a full-fledged Cisco ASA Firewall running inside your computer

    DUT – ITF – Communication and Network Division Page 4


    Edited by Xuan Ly NGUYEN THE

    II. ASDM GUI Setup in Windows

    1. Setup a loopback adapter


    a. Open a command prompt as Administrator (Right-click run as Administrator)
    b. Type hdwwiz.exe to open the Add Hardware Wizard
    c. Click Next once opened
    d. Choose "Install the hardware that I manually select from a list (Advanced)" and
    click Next
    e. Select "Network adapters" and click Next
    f. Select "Microsoft" under Manufacturer and "Microsoft Loopback Adapter" under
    Network Adapter
    g. Reboot Windows

    2. Configure the loopback adapter: IP: 172.16.1.2/24 Gateway: 172.16.1.1

    3. Create the following diagram in GNS3:

    4. Configure your Cloud use the loopback adapter

    5. Before turning on the ASA, connecting devices

    * You will get an error if you try to add a link while the ASA is running

    6. Configure the interface you linked to the switch with an IP address in the
    same subnet as your loopback adapter
    en // no password, just press enter
    conf t
    int gi 0
    ip address 172.16.1.1 255.255.255.0
    nameif management
    management-only
    no shut
    end
    wr

    DUT – ITF – Communication and Network Division Page 5


    Edited by Xuan Ly NGUYEN THE

    7. Now ping the loopback adapter at 172.16.1.2

    * If you cannot ping, make sure that Qemu and Qemu Wrapper are allowed

    through the Windows Firewall or just turn off the firewall

    8. Download ASDM 7.11 file from my source (beam.to/ronglon)

    Filename: asdm-711.bin File size: 17,789,808

    9. Open your TFTP server (I use TFTPD32 because it's free and works well)

    10. Click Browse to folder containing ASDM file in TFTP Server Tab

    In the TFTP Client tab, enter 172.16.1.1 for Host and 69 for Port (TFTP = UDP: 69)

    DUT – ITF – Communication and Network Division Page 6


    Edited by Xuan Ly NGUYEN THE

    11. From the ASA console, copy the ASDM bin file to the flash

    copy tftp://172.16.1.2/asdm-711.bin flash

    Wait for a few minutes to complete copying. You could check your copied

    file by using “show flash” command

    12. Set the ASA to load the ASDM at next boot, enable the HTTP server and

    setup access:

    conf t

    asdm image flash:asdm-711.bin

    http server enable

    http 172.16.1.2 255.255.255.255 management

    username cisco password cisco privilege 15 //or any username/password

    end

    wr

    13. Reboot the ASA: reload

    14. While the ASA is rebooting, configure the security of Java:

    Start  Java  Configure Java  Security  Edit Site List  Add https://172.16.1.1 

    OK

    DUT – ITF – Communication and Network Division Page 7


    Edited by Xuan Ly NGUYEN THE

    15. Once the ASA is rebooted, open the web browser then enter https://172.16.1.1

    * Note: Java may ask for upgrading to the latest version, just click Later

    Choose “Install ASDM Launcher” to download the installer then install it.

    16. ASDM-IDM Launcher will start automatically after setting up. If not, just
    double click ASDM icon in your Desktop. Now enter the IP of ASA and your
    configured account.

    DUT – ITF – Communication and Network Division Page 8


    Edited by Xuan Ly NGUYEN THE

    Security Warning dialog will appear, just click Continue

    If everything is success, you would get the GUI of ASDM as following:

    DUT – ITF – Communication and Network Division Page 9

    You might also like