Gns3 Asav

IT Network

Gns3 Asav Appliance

  • ASAv on GNS3 Hello All, i have set up a GNS3 with ASAv but for some reason i cannot ping the local pc interface that means it won't allow me to use the GUI. I cannot ping the ASA interface neither ping the local interface from the FW.
  • Establecer ASAv 9.7.1 en GNS3 2.1.0 - VMWare Workstation - GNS3 VMPlaylist: https://www.youtube.com/playlist?list=PLl7PZYPUh5LazHprZltqwf9UOKlL-vRH4Download.
  • For this article, I will show you how to integrate the VMware ASAv with a network I have in GNS3. Note: There is a way to run ASA 8.4(2) in VMware but that is not the focus of this article. I am running the Cisco ASAv which is built as a virtual appliance. First, we need to sort out the VMware networking.

There are many problems were experienced when using Cisco ASAv firewall virtual servers in GNS3 network simulation software. Fortunately, all of those issues had been fixed in GNS3 VM virtual machines security. In this article will present you about how to configure Cisco ASAv firewall virtual servers image with qcow2 virtual security appliance format in GNS3 VM virtual server.

Configuring GNS3 for ASAv Firewall Virtual Servers. Go to “Edit“, click on “Preferences“.On preferences window, under “QEMU” option click on “Qemu VMs” and then click “New” to add to Cisco ASAv firewall virtual servers qcow2 image of the virtual firewall appliance. GNS3 ASA setup: Import and configure Cisco ASAv with GNS3 In this video I show you how to download, import and configure a Cisco ASA with GNS3. Free software worth $200: https://goo.gl/613TUF.

Cisco ASAv firewall virtual servers is referring to Adaptive Security Virtual Appliance (ASAv) of Cisco virtual security appliance firewall product. Even though it is a virtual security appliance, yet it brings a full firewall managed security services functionality the same as hardware appliance to a virtualized environments with a secured traffic and multi-tenant environments. It is very easy and fast for disaster recovery comparing to hardware appliance since it is running on server virtualization or in an data center virtualization.

In this article of configuring ASAv firewall virtual servers, it is assumed that:

a. you already have GNS3 VM virtual server installed up and running on your computer. In case that you don’t, please refer to this link. Installing GNS3 VM on VMware Workstation
b. you have already downloaded Cisco ASAv virtual machines security qcow2 image (asav941-203.qcow2, asav971.qcow2, or asav981-5.qcow2), a hda file from the Cisco website. Cisco service contract is needed to be able to download it.

Go to “Edit“, click on “Preferences“. On preferences window, under “QEMU” option click on “Qemu VMs” and then click “New” to add to Cisco ASAv firewall virtual servers qcow2 image of the virtual firewall appliance.

Selection the option of “Run the IOS on the GNS3 VM” to run Cisco ASAv on GNS3 VM virtual machines security. Then, click “Next” to continue.

Give a Name the firewall virtual servers, “ASAv94” as in this article, click “Next” to continue.

Select the x86_64 Qemu binary and set the RAM to 2048 BM. click “Next” to continue. ASAv firewall virtual servers need at lease 2048 MB of RAM to works.

Gns3 Asav Image Download

Select “New Image”, then browse to the locate where you had download ASAv firewall virtual servers qcow2 file (asav941-203.qcow2), and click “Open” to upload the file to your GNS3 VM virtual server. Once it has finished uploading, click “Finish”.

On preferences window, under “QEMU” option click on “Qemu VMs” and then click “Edit” to edit some configuration for new added Cisco ASAv firewall virtual servers qcow2 image virtual firewall appliance.

Under the “General Settings” On Symbol section, browse for ASA symbol. On Category section, select “Security Devices“. On Console type section, choose “vnc” option. In section 4 of this article will talk about telnet for console access.

Under the “Network” tab within the QEMU VM configuration, Install 6 network card adapters for ASAv firewall virtual servers by setting number 6 to Adapters section. Set the first ASAv firewall virtual servers interface name to Management0. In the Name format section set it to Gi0{0}. Then, click “OK“. Click “OK” again to save the configuration.

ASAv firewall virtual servers now should appear under “Security Devices” window on the main GNS3 screen . Let create a new project to see if ASAv firewall virtual servers image is working properly.

After we power on the ASAv firewall virtual servers, it will automatically reboot once during the initial power-up. This happen after it finished determining the device platform. It will stop at the ciscoasa> prompt after the second boot as in bellow picture.

Now you can start playing with ASAv firewall virtual servers as a network security tools in your lab for what ever you wish for.

Working with ASAv firewall virtual servers via VNC isn’t really sound comfortable for me. I would prefer to work with it via telnet access instead.

To work with ASAv firewall virtual servers through telnet, we need serial port to be enabled. Unfortunately, ASAv firewall virtual servers serial port is disabled by default. However, we still can manually enable it. We need to create a file on the root of Disk0: called use_ttyS0 to enable the serial interface. The easiest way to accomplish this is to clone the existing coredumpinfocoredump.cfg file and rename it. To clone it, use the following commands. That S0 is capital letter S and number zero 0 not S and the letter O. Verify that the file is cloned successfully with the command dir.

ciscoasa#copy disk0:/coredumpinfo/coredump.cfg use_ttyS0

Now you can shutdown your ASAv firewall virtual servers and change the console type from “vnc” to “telnet” instead by right click ASAv, and select configure. We don’t need to save the configuration of ASAv firewall virtual servers at this point.

Power on your ASAv firewall virtual servers back, right click on it and choose console to open the access. ASAv firewall virtual servers needs sometime to boot up. After it finished booting up, you will see something as the following.

Now you should be able to configure ASAv firewall virtual servers in qcow2 image format with GNS3 VM virtual server. It is really a great network security tools to do your ASAv firewall lab with firewall virtual servers before you start working with your production ASA firewall. That is all about configuring ASAv firewall virtual servers with GNS3 VM virtual server for now. If you have any questions or suggestions you can always leave your comments below. I will try all of my best to review and reply them. Thank you and enjoy your ASAv lab on GNS3 VM.



Related posts:

November 7, 2014srijit

This tutorial will help you setup your CCNA, CCNP or CCIE Security Lab with Cisco ASA 8.4 which is currently supported by the latest version of GNS3.

  1. Download the source files here.
  2. Extract them and place them in the GNS3 images directory.
    For example : C:Users<user name>GNS3imagesQEMU
  3. Go to Edit -> Preference -> QEMU -> QEMU VMs
  4. Click New -> Give Name -> Set type
  1. Assign RAM (>=1024 MB)
  2. Select the boot files.

  3. Kernel Command Line :

    Options :

  4. Press Ok. Then Drag Cisco ASA to workspace.
  5. Right click on it. Click start.
  6. Go to console view. If everything is configured correctly it will start booting. If anyone is curious to see the boot sequence click here.
  7. Default license is accepted.
  8. Issue the following commands sequentially.
  9. This will take 15-20 minutes roughly. It could take more time.
  10. During the reboot, it will take some time during key validation phase. Nothing to be worried. Wait for atleast 15-20 mins.
  11. Now your ASA will be licensed properly.

    So now you have a full fledged Cisco ASA Firewall running inside your computer.