«

»

Dec 21

How to setup CISCO ASA in GNS3

Few years ago I wrote article about how to setup CISCO ASA in GNS3 , and recently I realized that, instructions are not compatible with newest GNS3. The Original article can be found from here on my old blog . So I though to re create new tutorial on my WordPress blog.
Following download file contains required images for CISCO ASA 8.4 and ASDM 6.4 bin file.

[1] Download CISCO ASA image for GNS3

here is the link :- http://www.mediafire.com/download/c228c2sjdyrkwf3/ASA_842.7z
This file contain with initrd, vmlinuz and asdm 6.4

In any case above links are not working use following alternative link to download the file :-
link 1 :-  http://ge.tt/9RjhgNs/v/0?c
link 2 :-  https://www.box.com/s/3fybjit5jsudhwyvqwz8

[2] Download & Install GNS3

You can download latest version from
http://www.gns3.net/download/
or
http://sourceforge.net/projects/gns-3/files/GNS3/

[3] Configure GNS3 for CISCO ASA

(i) Open GNS3, then select “Edit” –> “Preferences..

(ii) Expand “QEMU” and choose “QEMU VMs” then select “New

(iii) Select ASA 8.4 from the drop down and continue. you may need to set NAME for ASA and define RAM for it.

QEMU ASA

 

 

 

 

 

 

 

 

(iv) Finally You need to give file location of Initial RAM disk (initrd) and Kernel image (vmlinuz).

 

QEMU VM template

 

 

 

 

 

 

 

 

[4] Configure activation keys

you can use one of below activation key
0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5
0xb23bcf4a 0x1c713b4f 0x7d53bcbc 0xc4f8d09c 0x0e24c6b6

for example :-

Now we have successfully installed CISCO ASA 8.4 on GNS3 and ready to have some fun from ASA  🙂

13 comments

Skip to comment form

  1. dominusorbis

    any idea why i’m getting this error?

    Initializing cgroup subsys cpu
    Linux version 2.6.29.6 (builders@bld-releng-05a) (gcc version 4.3.4 (crosstool-NG-1.5.0) ) #1 PREEMPT Wed Jun 15 17:19:01 MDT 2011
    KERNEL supported cpus:
    Intel GenuineIntel
    AMD AuthenticAMD
    NSC Geode by NSC
    Cyrix CyrixInstead
    Centaur CentaurHauls
    Transmeta GenuineTMx86
    Transmeta TransmetaCPU
    UMC UMC UMC UMC
    BIOS-provided physical RAM map:
    BIOS-e820: 0000000000000000 – 000000000009fc00 (usable)
    BIOS-e820: 000000000009fc00 – 00000000000a0000 (reserved)
    BIOS-e820: 00000000000f0000 – 0000000000100000 (reserved)
    BIOS-e820: 0000000000100000 – 000000003ffe0000 (usable)
    BIOS-e820: 000000003ffe0000 – 0000000040000000 (reserved)
    BIOS-e820: 00000000fffc0000 – 0000000100000000 (reserved)
    last_pfn = 0x3ffe0 max_arch_pfn = 0x100000
    RAMDISK: 3e975000 – 3ffdf637
    Allocated new RAMDISK: 003a1000 – 01a0b637
    Move RAMDISK from 000000003e975000 – 000000003ffdf636 to 003a1000 – 01a0b636
    615MB HIGHMEM available.
    407MB LOWMEM available.
    mapped low ram: 0 – 197fe000
    low ram: 00000000 – 197fe000
    bootmap 00001000 – 00004300
    (7 early reservations) ==> bootmem [0000000000 – 00197fe000]
    #0 [0000000000 – 0000001000] BIOS data page ==> [0000000000 – 0000001000]
    #1 [0000100000 – 000039ed10] TEXT DATA BSS ==> [0000100000 – 000039ed10]
    #2 [000039f000 – 00003a1000] INIT_PG_TABLE ==> [000039f000 – 00003a1000]
    #3 [000009fc00 – 0000100000] BIOS reserved ==> [000009fc00 – 0000100000]
    #4 [0000007000 – 0000008000] PGTABLE ==> [0000007000 – 0000008000]
    #5 [00003a1000 – 0001a0b637] NEW RAMDISK ==> [00003a1000 – 0001a0b637]
    #6 [0000001000 – 0000005000] BOOTMAP ==> [0000001000 – 0000005000]
    Zone PFN ranges:
    DMA 0x00000000 -> 0x00001000
    Normal 0x00001000 -> 0x000197fe
    HighMem 0x000197fe -> 0x0003ffe0
    Movable zone start PFN for each node
    early_node_map[2] active PFN ranges
    0: 0x00000000 -> 0x0000009f
    0: 0x00000100 -> 0x0003ffe0
    Allocating PCI resources starting at 50000000 (gap: 40000000:bffc0000)
    Built 1 zonelists in Zone order, mobility grouping on. Total pages: 259967
    Kernel command line: -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9 600 bigphysarea=65536
    Enabling fast FPU save and restore… done.
    Enabling unmasked SIMD FPU exception support… done.
    Initializing CPU#0
    PID hash table entries: 2048 (order: 11, 8192 bytes)
    Fast TSC calibration using PIT
    Detected 999.976 MHz processor.
    Console: colour dummy device 80×25
    console [ttyS0] enabled
    Dentry cache hash table entries: 65536 (order: 6, 262144 bytes)
    Inode-cache hash table entries: 32768 (order: 5, 131072 bytes)
    allocated 5242240 bytes of page_cgroup
    please try cgroup_disable=memory option if you don’t want
    Memory: 745612k/1048448k available (1715k kernel code, 301528k reserved, 623k data, 156k init, 630664k highmem )
    virtual kernel memory layout:
    fixmap : 0xfffed000 – 0xfffff000 ( 72 kB)
    pkmap : 0xff800000 – 0xffc00000 (4096 kB)
    vmalloc : 0xf7ffe000 – 0xff7fe000 ( 120 MB)
    lowmem : 0xde000000 – 0xf77fe000 ( 407 MB)
    .init : 0xde34c000 – 0xde373000 ( 156 kB)
    .data : 0xde2acca6 – 0xde348938 ( 623 kB)
    .text : 0xde100000 – 0xde2acca6 (1715 kB)
    Checking if this processor honours the WP bit even in supervisor mode…Ok.
    Calibrating delay loop (skipped), value calculated using timer frequency.. 1999.95 BogoMIPS (lpj=999976)
    Security Framework initialized
    Mount-cache hash table entries: 512
    Initializing cgroup subsys cpuacct
    Initializing cgroup subsys memory
    CPU: L1 I Cache: 64K (64 bytes/line), D cache 64K (64 bytes/line)
    CPU: L2 Cache: 512K (64 bytes/line)
    Intel machine check architecture supported.
    Intel machine check reporting enabled on CPU#0.
    CPU: AMD QEMU Virtual CPU version 2.4.0 stepping 03
    Checking ‘hlt’ instruction… OK.
    Freeing SMP alternatives: 0k freed
    net_namespace: 668 bytes
    NET: Registered protocol family 16
    PCI: PCI BIOS revision 2.10 entry at 0xfd40f, last bus=0
    PCI: Using configuration type 1 for base access
    bio: create slab at 0
    PCI: Probing PCI hardware
    pci 0000:00:01.3: quirk: region 0600-063f claimed by PIIX4 ACPI
    pci 0000:00:01.3: quirk: region 0700-070f claimed by PIIX4 SMB
    pci 0000:00:01.0: PIIX/ICH IRQ router [8086:7000]
    NET: Registered protocol family 2
    IP route cache hash table entries: 16384 (order: 4, 65536 bytes)
    TCP established hash table entries: 65536 (order: 7, 524288 bytes)
    TCP bind hash table entries: 65536 (order: 6, 262144 bytes)
    TCP: Hash tables configured (established 65536 bind 65536)
    TCP reno registered
    NET: Registered protocol family 1
    Unpacking initramfs…Clocksource tsc unstable (delta = 123992321 ns)
    done
    Freeing initrd memory: 22953k freed
    platform rtc_cmos: registered platform RTC device (no PNP device found)
    Machine check exception polling timer started.
    highmem bounce pool size: 64 pages
    HugeTLB registered 4 MB page size, pre-allocated 0 pages
    bigphysarea: Allocated 65536 pages at 0xe0400000.
    msgmni has been set to 271
    io scheduler noop registered
    io scheduler anticipatory registered (default)
    io scheduler deadline registered
    io scheduler cfq registered
    pci 0000:00:00.0: Limiting direct PCI/PCI transfers
    pci 0000:00:01.0: PIIX3: Enabling Passive Release
    pci 0000:00:01.0: Activating ISA DMA hang workarounds
    Serial: 8250/16550 driver, 4 ports, IRQ sharing disabled
    serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
    loop: module loaded
    pcnet32.c:v1.35 21.Apr.2008 tsbogend@alpha.franken.de
    tun: Universal TUN/TAP device driver, 1.6
    tun: (C) 1999-2004 Max Krasnyansky
    Uniform Multi-Platform E-IDE driver
    ide_generic: enforcing probing of I/O ports upon user request
    ide: forcing hda as a disk (980/16/32)

    1. admin

      Not sure! Are you running GNS3 on Centos ?

      1. dominusorbis

        no, it’s on windows 10. I’m trying to use the ASA image listed above, but the device won’t boot completely giving me the above mentioned error.

        all the other images I have, c7200 for example, work just fine.

  2. hemant

    WHATS THE PASSWORD TO PRIVILEGE MODE

  3. anonymous

    just hit enter when asked for password to access privileged mode, there’s none set.

    1. Vivek

      Thanks….I searched for password for 15 minutes on google. only need to enter

  4. Sajeer Mohammed

    How to add ASA 8.4(2) firewall in GNS3 1.4.6 | ASA 5520 in GNS3 1.4.6

  5. PTG

    Thanks for great article. But i have one query…. Is it legal to use activation key?

  6. AYAZ BAYRAMOV

    Thanks man, it works.

  7. Sourav Poddar

    C:\Program Files\GNS3\qemu-2.4.0>QEMU-IMG CREATE FLASH 512M
    qemu-img: Command not found: CREATE
    Try ‘qemu-img –help’ for more information

    1. Ajay Lokre

      please write “CREATE” as create
      try in small letter, it will work. It worked for me

  8. Isaac

    Guys, I’ve been trying to set up site-to-site vpn by asdm on gns3,but I don’t see any traffic from this configuration…. Are there any limitations becausa that line ” total vpn peers” …. Does anyone know tell me something about that?

Leave Your Thought Here