Few years ago I wrote article about how to setup CISCO ASA in GNS3 , and recently I realized that, instructions are not compatible with newest GNS3. The Original article can be found from here on my old blog . So I though to re create new tutorial on my WordPress blog.
Following download file contains required images for CISCO ASA 8.4 and ASDM 6.4 bin file.
[1] Download CISCO ASA image for GNS3
here is the link :- http://www.mediafire.com/download/c228c2sjdyrkwf3/ASA_842.7z
This file contain with initrd, vmlinuz and asdm 6.4
In any case above links are not working use following alternative link to download the file :-
link 1 :- http://ge.tt/9RjhgNs/v/0?c
link 2 :- https://www.box.com/s/3fybjit5jsudhwyvqwz8
[2] Download & Install GNS3
You can download latest version from
http://www.gns3.net/download/
or
http://sourceforge.net/projects/gns-3/files/GNS3/
[3] Configure GNS3 for CISCO ASA
(i) Open GNS3, then select “Edit” –> “Preferences..”
(ii) Expand “QEMU” and choose “QEMU VMs” then select “New”
(iii) Select ASA 8.4 from the drop down and continue. you may need to set NAME for ASA and define RAM for it.
(iv) Finally You need to give file location of Initial RAM disk (initrd) and Kernel image (vmlinuz).
[4] Configure activation keys
you can use one of below activation key
0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5
0xb23bcf4a 0x1c713b4f 0x7d53bcbc 0xc4f8d09c 0x0e24c6b6
for example :-
1 2 3 4 |
ciscoasa#config terminal ciscoasa(config)#activation-key 0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5 ciscoasa(config)#wr ciscoasa(config)#exit |
Now we have successfully installed CISCO ASA 8.4 on GNS3 and ready to have some fun from ASA 🙂
13 comments
Skip to comment form ↓
dominusorbis
April 4, 2016 at 5:33 am (UTC 5.5) Link to this comment
any idea why i’m getting this error?
Initializing cgroup subsys cpu
Linux version 2.6.29.6 (builders@bld-releng-05a) (gcc version 4.3.4 (crosstool-NG-1.5.0) ) #1 PREEMPT Wed Jun 15 17:19:01 MDT 2011
KERNEL supported cpus:
Intel GenuineIntel
AMD AuthenticAMD
NSC Geode by NSC
Cyrix CyrixInstead
Centaur CentaurHauls
Transmeta GenuineTMx86
Transmeta TransmetaCPU
UMC UMC UMC UMC
BIOS-provided physical RAM map:
BIOS-e820: 0000000000000000 – 000000000009fc00 (usable)
BIOS-e820: 000000000009fc00 – 00000000000a0000 (reserved)
BIOS-e820: 00000000000f0000 – 0000000000100000 (reserved)
BIOS-e820: 0000000000100000 – 000000003ffe0000 (usable)
BIOS-e820: 000000003ffe0000 – 0000000040000000 (reserved)
BIOS-e820: 00000000fffc0000 – 0000000100000000 (reserved)
last_pfn = 0x3ffe0 max_arch_pfn = 0x100000
RAMDISK: 3e975000 – 3ffdf637
Allocated new RAMDISK: 003a1000 – 01a0b637
Move RAMDISK from 000000003e975000 – 000000003ffdf636 to 003a1000 – 01a0b636
615MB HIGHMEM available.
407MB LOWMEM available.
mapped low ram: 0 – 197fe000
low ram: 00000000 – 197fe000
bootmap 00001000 – 00004300
(7 early reservations) ==> bootmem [0000000000 – 00197fe000]
#0 [0000000000 – 0000001000] BIOS data page ==> [0000000000 – 0000001000]
#1 [0000100000 – 000039ed10] TEXT DATA BSS ==> [0000100000 – 000039ed10]
#2 [000039f000 – 00003a1000] INIT_PG_TABLE ==> [000039f000 – 00003a1000]
#3 [000009fc00 – 0000100000] BIOS reserved ==> [000009fc00 – 0000100000]
#4 [0000007000 – 0000008000] PGTABLE ==> [0000007000 – 0000008000]
#5 [00003a1000 – 0001a0b637] NEW RAMDISK ==> [00003a1000 – 0001a0b637]
#6 [0000001000 – 0000005000] BOOTMAP ==> [0000001000 – 0000005000]
Zone PFN ranges:
DMA 0x00000000 -> 0x00001000
Normal 0x00001000 -> 0x000197fe
HighMem 0x000197fe -> 0x0003ffe0
Movable zone start PFN for each node
early_node_map[2] active PFN ranges
0: 0x00000000 -> 0x0000009f
0: 0x00000100 -> 0x0003ffe0
Allocating PCI resources starting at 50000000 (gap: 40000000:bffc0000)
Built 1 zonelists in Zone order, mobility grouping on. Total pages: 259967
Kernel command line: -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9 600 bigphysarea=65536
Enabling fast FPU save and restore… done.
Enabling unmasked SIMD FPU exception support… done.
Initializing CPU#0
PID hash table entries: 2048 (order: 11, 8192 bytes)
Fast TSC calibration using PIT
Detected 999.976 MHz processor.
Console: colour dummy device 80×25
console [ttyS0] enabled
Dentry cache hash table entries: 65536 (order: 6, 262144 bytes)
Inode-cache hash table entries: 32768 (order: 5, 131072 bytes)
allocated 5242240 bytes of page_cgroup
please try cgroup_disable=memory option if you don’t want
Memory: 745612k/1048448k available (1715k kernel code, 301528k reserved, 623k data, 156k init, 630664k highmem )
virtual kernel memory layout:
fixmap : 0xfffed000 – 0xfffff000 ( 72 kB)
pkmap : 0xff800000 – 0xffc00000 (4096 kB)
vmalloc : 0xf7ffe000 – 0xff7fe000 ( 120 MB)
lowmem : 0xde000000 – 0xf77fe000 ( 407 MB)
.init : 0xde34c000 – 0xde373000 ( 156 kB)
.data : 0xde2acca6 – 0xde348938 ( 623 kB)
.text : 0xde100000 – 0xde2acca6 (1715 kB)
Checking if this processor honours the WP bit even in supervisor mode…Ok.
Calibrating delay loop (skipped), value calculated using timer frequency.. 1999.95 BogoMIPS (lpj=999976)
Security Framework initialized
Mount-cache hash table entries: 512
Initializing cgroup subsys cpuacct
Initializing cgroup subsys memory
CPU: L1 I Cache: 64K (64 bytes/line), D cache 64K (64 bytes/line)
CPU: L2 Cache: 512K (64 bytes/line)
Intel machine check architecture supported.
Intel machine check reporting enabled on CPU#0.
CPU: AMD QEMU Virtual CPU version 2.4.0 stepping 03
Checking ‘hlt’ instruction… OK.
Freeing SMP alternatives: 0k freed
net_namespace: 668 bytes
NET: Registered protocol family 16
PCI: PCI BIOS revision 2.10 entry at 0xfd40f, last bus=0
PCI: Using configuration type 1 for base access
bio: create slab at 0
PCI: Probing PCI hardware
pci 0000:00:01.3: quirk: region 0600-063f claimed by PIIX4 ACPI
pci 0000:00:01.3: quirk: region 0700-070f claimed by PIIX4 SMB
pci 0000:00:01.0: PIIX/ICH IRQ router [8086:7000]
NET: Registered protocol family 2
IP route cache hash table entries: 16384 (order: 4, 65536 bytes)
TCP established hash table entries: 65536 (order: 7, 524288 bytes)
TCP bind hash table entries: 65536 (order: 6, 262144 bytes)
TCP: Hash tables configured (established 65536 bind 65536)
TCP reno registered
NET: Registered protocol family 1
Unpacking initramfs…Clocksource tsc unstable (delta = 123992321 ns)
done
Freeing initrd memory: 22953k freed
platform rtc_cmos: registered platform RTC device (no PNP device found)
Machine check exception polling timer started.
highmem bounce pool size: 64 pages
HugeTLB registered 4 MB page size, pre-allocated 0 pages
bigphysarea: Allocated 65536 pages at 0xe0400000.
msgmni has been set to 271
io scheduler noop registered
io scheduler anticipatory registered (default)
io scheduler deadline registered
io scheduler cfq registered
pci 0000:00:00.0: Limiting direct PCI/PCI transfers
pci 0000:00:01.0: PIIX3: Enabling Passive Release
pci 0000:00:01.0: Activating ISA DMA hang workarounds
Serial: 8250/16550 driver, 4 ports, IRQ sharing disabled
serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
loop: module loaded
pcnet32.c:v1.35 21.Apr.2008 tsbogend@alpha.franken.de
tun: Universal TUN/TAP device driver, 1.6
tun: (C) 1999-2004 Max Krasnyansky
Uniform Multi-Platform E-IDE driver
ide_generic: enforcing probing of I/O ports upon user request
ide: forcing hda as a disk (980/16/32)
admin
April 6, 2016 at 9:04 pm (UTC 5.5) Link to this comment
Not sure! Are you running GNS3 on Centos ?
dominusorbis
April 6, 2016 at 9:07 pm (UTC 5.5) Link to this comment
no, it’s on windows 10. I’m trying to use the ASA image listed above, but the device won’t boot completely giving me the above mentioned error.
all the other images I have, c7200 for example, work just fine.
dsdds
April 24, 2016 at 1:20 am (UTC 5.5) Link to this comment
SOLVE
https://gns3.com/qa/how-to-run-asa-on-gns3-running-a
hemant
May 26, 2016 at 2:05 am (UTC 5.5) Link to this comment
WHATS THE PASSWORD TO PRIVILEGE MODE
anonymous
June 5, 2016 at 9:45 pm (UTC 5.5) Link to this comment
just hit enter when asked for password to access privileged mode, there’s none set.
Vivek
June 8, 2016 at 11:07 pm (UTC 5.5) Link to this comment
Thanks….I searched for password for 15 minutes on google. only need to enter
Sajeer Mohammed
June 30, 2016 at 12:38 pm (UTC 5.5) Link to this comment
How to add ASA 8.4(2) firewall in GNS3 1.4.6 | ASA 5520 in GNS3 1.4.6
PTG
August 17, 2016 at 12:08 pm (UTC 5.5) Link to this comment
Thanks for great article. But i have one query…. Is it legal to use activation key?
AYAZ BAYRAMOV
September 8, 2016 at 5:37 pm (UTC 5.5) Link to this comment
Thanks man, it works.
Sourav Poddar
December 28, 2016 at 1:30 am (UTC 5.5) Link to this comment
C:\Program Files\GNS3\qemu-2.4.0>QEMU-IMG CREATE FLASH 512M
qemu-img: Command not found: CREATE
Try ‘qemu-img –help’ for more information
Ajay Lokre
March 16, 2017 at 2:47 am (UTC 5.5) Link to this comment
please write “CREATE” as create
try in small letter, it will work. It worked for me
Isaac
January 23, 2017 at 10:25 pm (UTC 5.5) Link to this comment
Guys, I’ve been trying to set up site-to-site vpn by asdm on gns3,but I don’t see any traffic from this configuration…. Are there any limitations becausa that line ” total vpn peers” …. Does anyone know tell me something about that?