GNS3 : How to emulate ASA 8.4(2) under QEMU

July 7th, 2012

In this blog post, i will cover in detail how you can setup QEMU settings under GNS3 to emulate ASA 8.4(2). It has been made possible by a user “dmz” from 7200emu.hacki forum. Credit goes to him . Basically we will be using a patch which will automatically extract the kernel and initrd of ASA version 8.4(2). You can use resulting ASA initrd & kernel on any OS where you have installed GNS3.

DISCLAIMER: All information provided here are solely for self-education and investigation purposes. Provided AS-IS without any warranties.

I’m using Ubuntu 10.04 (LTS) although you can use pretty much any Linux Distros available out there.

Cisco Secure ACS 5.X Deployment Guide E-Book

Software Versions Used:

Here we are using latest GNS3 build 0.8.2. Cisco Software Versions you need (download from you CCO account ) are :

  • asa842-k8.bin
  • asdm-645-206.bin

 Step 1:

(Right Click to view large image)

Download the script here , & first unpack the file (resulting in a shell script)  and then make it executable as shown here

gunzip repack.sh.gz
chmod +x repack.sh

 

Step 2:

Run the script as a Root user.

./repack.sh asa842-k8.bin

This will create three files in current directory as shown above

  • asa842-vmlinuz – extracted kernel
  • asa842-initrd-original.gz – original extracted initrd
  • asa842-initrd.gz – patched initrd

Step 3:

Next move to GNS3 & Specify following values :
Qemu Options : -icount auto
Initrd : asa842-initrd.gz
Kernel :asa842-vmlinuz
Kernel cmd Line : ide_generic.probe_mask=0×01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536

 

 

Step 4 : Launch GNS3 Topology

Launch GNS3 topology , start ASA & then console into it.

Step 5 : Basic ASA Settings

Configure basic hostname & interface configurations & make sure ‘show version’ output reveals proper ASA Model information.

Basic Interface settings are as follows :

In following blog post, i will cover setup for ASDM, licensing & some best practices.
Rate if helpful ! Thanks!

Related Posts

Fax Online    Send article as PDF   

Tags: , , , , , ,

 Posted by Tariq Ahmad  ASA, CCIE Sec, GNS3  19 Comments

Fatal error: Uncaught CurlException: 60: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed thrown in /home/content/b/r/a/brainbump/html/wp-content/plugins/seo-facebook-comments/facebook/base_facebook.php on line 825