Here is a workaround of installing Cisco ASA 8.4 on GNS3 version 1.2.1 and Cisco ASDM and troubleshooting Tips.
Notes:
Windows7 Pro
8G memory with i5
SSD
GNS3 1.2.1
1. Basic GNS3 install
– GNS3 ver 1.2 should be installed before goes step 2.
2. Create new ASA
– Go to Edit > Preference > QEMU > QEMU VMs and click New
– RAM size : Change to 1024
– Qemu binary : Use "qemu-system-x86_64w.exe
3. Disk image
– In order to use flash: or diak0:, you need to create a virtual FLASH drive.
– Go to "C:\Program Files\GNS3-121\qemu-2.1.0" directory (in this example)
– From DOS prompt "qemu-img.exe create FLASH 256M"
– Copy the FLASH file to C:\Program Files\GNS3-121\QEMU\ (in this example)
4. Network setting
– Add Adapters : 5
* Known issue – "show interface" will crash ASA, Some people said Do not put interface more than 4. However, still an issue
5. Advanced settings
– I don’t remember where I got *.initrd and kernel files, but googling will give you an idea.
– Kernel command line :
-append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536 ide1=noprobe no-hlt
– Additional settings
-vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32
– OKay to complete a ASA VM setup.
6. Basic configuration
– Drag ASA icon to main configuration board.
– Start ASA 8.4 : It will take a minute to boot up
– Before configure ASA further details, make sure your configuration is being saved when you issue "copy run start"
ciscoasa> en
password:
ciscoasa# copy running-config startup-config
ciscoasa# copy startup-config flash:
ciscoasa# dir
Directory of disk0:/
5 drwx 4096 13:22:34 Dec 13 2014 log
10 drwx 4096 13:22:42 Dec 13 2014 coredumpinfo
82 -rwx 196 13:22:42 Dec 13 2014 upgrade_startup_errors_201412131322.log
83 -rwx 2092 13:27:22 Dec 13 2014 startup-config
– Try to change hostname and save it, and reload it to see new configuration has saved correctly.
* if ASA didn’t save "startup-config", create FLASH again.
7. Troubleshooting & Errors
– Install ASDM
; Tried 7.x (asdm-731-101.bin, asdm-721.bin, asdm-716.bin), but none of works.
Error message "ASDM did not recognize device model ASA 5520"
Try asdm-649-103.bin, that is the only works for me. (don’t forget to add IP on JAVA security tab)
– 2nd ASA
; if you want to run two ASAs, you will have to change the Qemu options on the second firewall as below
Qemu Options: -vnc :2 none -vga none -m 1024 -icount auto -hdachs 980,16,32
– If no network connectivity or ping to result ????
; Reload or power off/on
– ASA doesn’t sync to Terminal (Important)
; When you are reloading ASA in any reason, it doesn’t sync or blank screen on your teminal. Try power on ASA when you see 1s on the top of your teminal screen.
– Loading ASDM, then error "404 page not found"
; Once you changed ASDM file, you must reload ASA.
– Execute "Show Interface" command
; It will crash ASA. Use "show int ip brief" instead of
– To use VPN-3DES-AES
; You need an activation key for the function (from googling)
ciscoasa(config)#activation-key 0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5
– Useful commands
sh crypto isakmp policy
The www.ipBalance.com runs by a volunteer group with IT professionals and experts at least over 25 years of experience developing and troubleshooting IT in general. ipBalance.com is a free online resource that offers IT tutorials, tools, product reviews, and other resources to help you and your need.
