CCIE Quest

In this blog post, i will cover in detail how you can setup QEMU settings under GNS3 to emulate ASA 8.4(2). It has been made possible by a user “dmz” from 7200emu.hacki forum. Credit goes to him . Basically we will be using a patch which will automatically extract the kernel and initrd of ASA version 8.4(2). You can use resulting ASA initrd & kernel on any OS where you have installed GNS3.

DISCLAIMER: All information provided here are solely for self-education and investigation purposes. Provided AS-IS without any warranties.

I’m using Ubuntu 10.04 (LTS) although you can use pretty much any Linux Distros available out there.

Cisco Secure ACS 5.X Deployment Guide E-Book

Software Versions Used:

Here we are using latest GNS3 build 0.8.2. Cisco Software Versions you need (download from you CCO account ) are :

• asa842-k8.bin
• asdm-645-206.bin

 Step 1:

(Right Click to view large image)

Download the script here , & first unpack the file (resulting in a shell script)  and then make it executable as shown here

Step 2:

Run the script as a Root user.

This will create three files in current directory as shown above

• asa842-vmlinuz – extracted kernel
• asa842-initrd-original.gz – original extracted initrd
• asa842-initrd.gz – patched initrd

Step 3:

Next move to GNS3 & Specify following values :
Qemu Options : -icount auto
Initrd : asa842-initrd.gz
Kernel :asa842-vmlinuz
Kernel cmd Line : ide_generic.probe_mask=0×01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536

Step 4 : Launch GNS3 Topology

Launch GNS3 topology , start ASA & then console into it.

Step 5 : Basic ASA Settings

Configure basic hostname & interface configurations & make sure ‘show version’ output reveals proper ASA Model information.

Basic Interface settings are as follows :

In following blog post, i will cover setup for ASDM, licensing & some best practices.
Rate if helpful ! Thanks!

Tags: asa 8.4(2), ASDM, CCIE Security v4, cisco secure acs 5.X deployment guide, NAT, Qemu, ubuntu