«

»

Feb 21

Cisco ASA 8.4 on GNS3

I struggled quite a lot of get ASA 8.4 working on GNS3. I had 8.0(2) working and was helping to test the configurations and VPNs but now wanted to get 8.4 running such that I can prepare myself for new NAT statements and migration from 8.0(2) to 8.4(2).

Here are the steps to get it working. All links to any images or keys are removed for legal reasons. Once its gone its gone.

1. Download the ASA 8.4 files for GNS3 from the following address

I am afraid you will have to search google for reputable sources to get firewall ASA842 image. Please dont ask here for the image.

2. Configure GNS3 as following. ( I am using Ver 0.8.2 Beta 2, Also Tested 8.3 with Windows 7 64 bit which worked without any issues).  Type the code below into relevant fields

 

Qemu Options: -vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32
Kernel cmd line: -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536
 
Configure the paths for Initrd and Kernel to where you have extracted the files.
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

3. Once the firewall is up and running use following activation keys

Again the activation keys are in public domain so get it using your search capabilities.

 

It will take a while (10-15 min) to accept the second activation key and will take the same time at first reboot.

That's all done and we have a working firewall to play with.

 

 

Now if you want to run two ASAs, you will have to change the Qemu options on the second firewall as below

Qemu Options: -vnc :2 none -vga none -m 1024 -icount auto -hdachs 980,16,32

 

Troubleshooting:

Please check the comments at the end of post where you will find different ways to resolve issues if you face any. Specially very helpfull comments from GD and are detailed below

 

Download and install the latest version of GNS3 0.8.2 after that download the •Qemu 0.13.0 patched 32 bits binary for Windows from
 
 
Copy and replace all downloaded qemu files and folders with existing qemu files and folders under GNS3 folder.

 

After you have ASA running in GNS and want to play with ASDM, here is the guide to follow

http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-step-guide/

 

and if you want to connect two GNS3 networks running on two different PCs, use following

http://www.xerunetworks.com/2012/03/connect-gns3-network-to-real-networks-other-gns3-network/

I have posted a LAB Guide for migrating NAT from 8.2 to 8.3/8.4 Version, which is still work in progress but has a lot of stuff already added into it

http://www.xerunetworks.com/2012/03/asa-8384-nat-migration-lab-guide/

349 comments

13 pings

Skip to comment form

  1. Rodrigo Moreno

    Really useful!! I’m new to GNS3 with a regular X86 laptop and it’s working all right!!

    Thanks a lot!!

  2. Vitumbiko

    I followed the above instructions but every time i fire up the ASA Quemu crashes, why is this so? am running GNS3 0.8.3.1

  3. CHANG

    Hi,

    After I turned on my loop back interface on my laptop, I could not see any settings on drop down menu from cloud.

    Any ideas?

    1. xerunetworks

      Reboot your machine

  4. angel

    thanks!!!

  5. Garry

    Thanks malikyounas for creating this image. It is great to have a sandbox to test things. The NAT changes are a pain, and add the fact Cisco documentation doesn’t match the software regarding NAT Exemption (plus it was hard to find out about vlans mentioned in my previous post).

    From the Cisco website…..

    ” For Version 8.4(2) and later—The unidirectional keyword is no longer added. Instead, the new no-proxy-arp and route-lookup keywords are added. Both the CSCtf89372 and CSCti36048 caveats are resolved in this release. ”

    I have to use “unidirectional” in this image which is 8.4(2) and in 8.6 which is on my firewall because the other commands don’t exist – but the one which is “no longer added” is still there!

  6. Aakil

    Its not working for me. I tried it on my current GNS and after reinstalling it but it did not work either way. It is showing below items again and again and did not work

    Traceback:
    0: 0x08061840
    1: 0x08061929
    2: 0x0806199e
    3: 0x08c9357c
    4: 0xffffe410
    5: 0x08062baf
    6: 0x08064096
    7: 0x08c936eb
    8: 0xffffe410
    9: 0x08c95c83
    10: 0x08404a5f
    11: 0x0806713d
    12: 0x08c92065
    13: 0x08c929a0
    14: 0xdcf566b5
    15: 0x0804d541
    ———————————————–
    REBOOT: open message queue fail: No such file or directory/2
    REBOOT: enforce reboot…

    Plz suggest

    1. Sulsa11

      I continuously get the following reboot. I am running windows 2008R2.

      Compiled on Wed 15-Jun-11 18:17 by builders
      Hardware: ASA 5520
      Crashinfo collected on 18:23:41.000 UTC Thu Jul 18 2013

      Traceback:
      0: 0x08061840
      1: 0x08061929
      2: 0x0806199e
      3: 0x08c9357c
      4: 0xffffe410
      5: 0x08062baf
      6: 0x08064096
      7: 0x08c936eb
      8: 0xffffe410
      9: 0x08c95c83
      10: 0x08404a5f
      11: 0x0806713d
      12: 0x08c92065
      13: 0x08c929a0
      14: 0xdcf566b5
      15: 0x0804d541
      ———————————————–
      REBOOT: open message queue fail: No such file or directory/2
      REBOOT: enforce reboot…

      1. Sulsa11

        Got it working. Deleted all preferences, downloaded the files again, and it started working. Don’t know why.

  7. msalax

    working perfectly fine for me…really appreciate this

  8. Garry

    figured out my vlan situation, have have to do sub interfaces
    Also can’t use Names in ACL or NAT statements, so that was a leaning experience too because the little knowledge I had was before version 8.3 (when big changes were made)

  9. Serg

    worked first time for me. Brilliant. Just need to figure out how to get VPC working. Do you have a guide for that?

1 13 14 15 16 17 21

Leave a Reply to Que Cancel reply

%d bloggers like this: