Beruflich Dokumente
Kultur Dokumente
http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-...
XeruNetworks
Its all about networks
GNS3 Security ASA VPN Routing & Switching EIGRP Stackwise Tips Voice Call Manager CME Licencing Wireless
ASA 8.3/8.4 NAT Migration Lab Guide ASA 8.3/8.4 NAT Migration Lab Guide Lab 1.0 Mar 05
1 trong 10
18/04/2013 1:23 PM
http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-...
7. Add the adapter as per following after selecting and press OK.
8. Drop an ethernet switch the topology. If you dont do this and try drawing a direct connection between Firewall and Cloud it will come up with error saying 'Devices does not support this type of NIO. Use an ETHSW to bridge the connection to the NIO Instead. 9. Connect both Cloud and Firewall to the Switch as following
10. Now start all devices in GNS and use following commands on the firewall to give it an IP. ciscoasa# config t ciscoasa(config)# int gi ciscoasa(config)# int gigabitEthernet 0 ciscoasa(config-if)# ip address 10.10.10.1 255.255.255.0 ciscoasa(config-if)# nameif management ciscoasa(config-if)# no shut 11. Now, go back to Windows 7 and open 'Network and Sharing Centre', Click on Change adapter settings and Change the IP Address of the Loopback adapater as following
2 trong 10
18/04/2013 1:23 PM
http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-...
12. You will have to turn off your PC firewall as you will be copying ASDM to ASA firewall. If you dont know this, stop studying networking or stop the Windows Firewall Service or if that doesnt work then Base Filtering Service. 13. Now you PC is ready to talk to firewall, lets try. ciscoasa# ping 10.10.10.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/6/20 ms ciscoasa# 14. OK, Now the next step is to copy ASDM to Firewall. If you already have TFTP Server installed, cool otherwise Download and start this TFTP Application from following website http://tftpd32.jounin.net/tftpd32_download.html 15. Download ASDM from Cisco website or any other dodgy source you have. I have ASDM 6.4(7) downloaed. 16. On the TFTP application browse to the folder where you have downloaded ASDM. 17. On the firewall use following command to download TFTP Image. ciscoasa# copy tftp flash Address or name of remote host []? 10.10.10.2 Source filename []? asdm-647.bin Destination filename [asdm-647.bin]? Accessing tftp://10.10.10.2/asdm647.bin!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Output Omited Writing current ASDM file disk0:/asdm-647.bin !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Output Omited 17902288 bytes copied in 56.500 secs (319683 bytes/sec) ciscoasa# 18. Set the Firewall to Load the ASDM at next reboot and also identify the management Station IP address ciscoasa# sh flash # length date/time path 2 4096 Mar 05 2012 13:40:42 log 9 4096 Mar 05 2012 13:40:47 coredumpinfo 10 59 Mar 05 2012 13:40:47 coredumpinfo/coredump.cfg 11 196 Mar 05 2012 13:40:47 upgrade_startup_errors_201203051340.log 12 17902288 Mar 05 2012 14:00:48 asdm-647.bin 268136448 bytes total (250191872 bytes free) ciscoasa# config t ciscoasa(config)# asdm image flash:asdm-647.bin ciscoasa(config)# http server enable ciscoasa(config)# http 10.10.10.2 255.255.255.255 management ciscoasa(config)# username cisco password cisco privilege 15 19. use 'wr' command and then reload the firewall using 'reload' command
3 trong 10
18/04/2013 1:23 PM
http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-...
20. Launch
your browser and go to https://10.10.10.1 (Disable Proxy if you are using any)
21. Download and Install ASDM App from website you browsed to. 22. Launch the ASDM and here you go
You can follow the post below if you want to connect two GNS3 on two different PCs together or to connect an external device on physcial network to the GNS3 network. http://www.xerunetworks.com/2012/03/connect-gns3-network-to-real-networks-other-gns3-network/ You can use follwoing Lab guide for NAT migration from pre ASA 8.2 to 8.4 http://www.xerunetworks.com/2012/03/asa-8384-nat-migration-lab-guide/ CISCO2951/K9 $3375 NEW
Cisco 2951 Router Price New Stock 8000+ Buyers Worldwide! 1 Year Warr Router-switch.com/_CISCO2951/K9
Related Posts
ASA 8.3 / 8.4 Double NAT / Source Destination NAT Migration Lab Guide Lab 1.4 ASA 8.3/8.4 NAT Migration Lab Guide Lab 1.3 ASA 8.3/8.4 NAT Migration Lab Guide Lab 1.2 ASA 8.3/8.4 NAT Migration Lab Guide Lab 1.1 ASA 8.3/8.4 NAT Migration Lab Guide Lab 1.0
Share this:
1.
Learner
April 1, 2013 at 12:36 pm (UTC 1) Reply I am newbie to GNS3 and have setup an ASA lab. I am unable to ping any of the ASA and Router interface from PC with loopback adapter. I have disabled firewall on my PC, but still no rescue. Please help me on how to access ASA and Router from PC. My configuration is as follows. I have tried to apply access-list 101 in all the manner to ASA, but no help.
4 trong 10
18/04/2013 1:23 PM
http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-...
PC loopback IP address: 10.10.10.2 Netmask: 255.255.255.0 ASA configuration is as follows. ASA(config)# show run : Saved : ASA Version 8.0(2) ! hostname ASA enable password **************** encrypted names ! interface Ethernet0/0 nameif Inside security-level 100 ip address 10.10.10.1 255.255.255.0 ! interface Ethernet0/1 nameif Outside security-level 0 ip address 192.168.1.1 255.255.255.0 ! passwd **************** encrypted boot config disk0:/.private/startup-config ftp mode passive access-list 101 extended permit icmp any any echo access-list 101 extended permit icmp any any echo-reply pager lines 24 mtu Inside 1500 mtu Outside 1500 no failover icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 static (Inside,Outside) 192.168.1.0 10.10.10.0 netmask 255.255.255.0 access-group 101 in interface Inside access-group 101 out interface Inside access-group 101 in interface Outside access-group 101 out interface Outside ! router rip network 10.0.0.0 network 192.168.1.0 default-information originate version 2 no auto-summary ! timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout uauth 0:05:00 absolute dynamic-access-policy-record DfltAccessPolicy no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart no crypto isakmp nat-traversal telnet timeout 5 ssh timeout 5 console timeout 0 threat-detection basic-threat threat-detection statistics access-list ! ! prompt hostname context Cryptochecksum:******************************* : end ASA(config)# show rip database 0.0.0.0 0.0.0.0 auto-summary 0.0.0.0 0.0.0.0 redistributed [0] via 0.0.0.0, 10.0.0.0 255.0.0.0 auto-summary 10.10.10.0 255.255.255.0 directly connected, Ethernet0/0 192.168.1.0 255.255.255.0 auto-summary 192.168.1.0 255.255.255.0 directly connected, Ethernet0/1
5 trong 10
18/04/2013 1:23 PM
http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-...
Router configuration is as follows. Router# show run Building configuration Current configuration : 900 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Router ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ip cef ! ! ! ! no ip domain lookup ip domain name lab.local ! multilink bundle-name authenticated ! ! ! ! ! archive log config hidekeys ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 192.168.1.2 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! router rip version 2 network 192.168.1.0 default-information originate no auto-summary ! ip forward-protocol nd ! ! no ip http server no ip http secure-server ! ! ! ! ! ! control-plane ! ! ! line con 0 exec-timeout 0 0 privilege level 15
6 trong 10
18/04/2013 1:23 PM
http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-...
logging synchronous line aux 0 exec-timeout 0 0 privilege level 15 logging synchronous line vty 0 4 login ! ! end Router#show ip rip database 0.0.0.0/0 auto-summary 0.0.0.0/0 [1] via 192.168.1.1, 00:01:40, FastEthernet0/0 10.0.0.0/8 auto-summary 10.10.10.0/24 [1] via 192.168.1.1, 00:01:40, FastEthernet0/0 192.168.1.0/24 auto-summary 192.168.1.0/24 directly connected, FastEthernet0/0
2.
krish
March 25, 2013 at 5:49 pm (UTC 1) Reply I am stuck at step 12. Not able to ping the firewall from PC. I have disabled windows firewall. Disabled kaspersky. Tried Base Filtering Service. I have GNS3 virtual box edition..PC OS:windows 7 ciscoasa(config)# ping 10.10.10.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds: ????? Success rate is 0 percent (0/5) Please help me out..
3.
krish
March 24, 2013 at 4:04 pm (UTC 1) Reply i properly did 1 to 11 steps u mentioned above. but when i try to ping 10.10.10.2 in ASA its not pinging. i checked firewall status, and base filter status.
4.
javalogicuser
March 12, 2013 at 7:35 am (UTC 1) Reply ASAD, that just means that since the ASA is powered on and the interface is up, you wont be able to add any links to the device. Stop your ASA and try to add the link again.
5.
Ciscoloon
6.
Herlander
7 trong 10
18/04/2013 1:23 PM
http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-...
March 11, 2013 at 5:20 pm (UTC 1) Reply Id like to have someone give me an answer to my question. Im reading lot of comments people saying that they were able to make asa 8.4 work in windows 7 64 bit, but Im the same error message lina_bigphysarea_size: open /proc/bigphysarea failed, error 2 Ive tried in 3 different PC running windows 7 64 bit none were successful. But I tried once in a PC with windows XP Pro and works with no problem.
7.
ASAD
March 10, 2013 at 9:46 am (UTC 1) Reply i have just installed ASA in gns properly but when i connect the ASA to switch interface it gives me the Dynamips error qemuwrapper doesnt support hot link add could any one tell me about the problem. . thanks
1.
Mr.T
March 12, 2013 at 9:40 am (UTC 1) Reply Turn off your ASA, add the link and torn it on again. Previous 1 3 4 5 1. Setup ASA in GNS3 for capture and export to Wireshark | CCNP Gubbins March 22, 2013 at 6:34 pm (UTC 1) Link to this comment Reply [...] = Setup ASA in GNS3 http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-stepguide/ = setup ASA with ASDM http://m.youtube.com/watch?v=VQ0YvL2F7yU = basic ASA [...] 2. Connect GNS3 Network to Real Networks / Other GNS3 Network - My Tech World My Tech World March 18, 2012 at 2:15 am (UTC 1) Link to this comment Reply [...] http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-step-guide/ [...] 3. Cisco ASA 8.4 on GNS3 My Tech World March 12, 2012 at 9:32 pm (UTC 1) Link to this comment Reply [...] you have ASA running in GNS and want to play with ASDM, here is the guide to follow http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-step-guide/ I have posted a LAB Guide for migrating NAT from 8.2 to 8.3/8.4 Version, which is still work in [...]
Leave a Reply
Recent Posts
Converting Prompts for UCCX 7 Duplex Mismatch How varying Duplex/Speed settings can effect connectivity? Dont span high volume traffic to WS-X6548-GE-TX or WS-X6148-GE-TX oversubscribed line cards
8 trong 10
18/04/2013 1:23 PM
http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-...
Outlook.com Dont change your primary email address and how to revert back if you already did Best Email App for Android ICS
Popular Posts
Cisco ASA 8.4 on GNS3 134,915 view(s) ASA 8.4 with ASDM on GNS3 Step by Step Guide 76,313 view(s) Outlook.com Dont change your primary email address and how to revert back if you already did 26,342 view(s) Cisco 5508 WLC Configuration LAB WPA2, Guest Access, FlexConnect (aka H-REAP) 18,699 view(s) ASA 8.3/8.4 NAT Migration Lab Guide
14,652 view(s)
Sponsored Links
Thit b mng gi r, tt
nvc.vn NVC @ cung cp+lp t+mng. thit b mng swith,cp, gi r tt
Categories
ASA CME EIGRP GNS3 Licencing Routing & Switching Security Stackwise Tips Uncategorized Voice VPN Wireless
Archives
November 2012 August 2012 June 2012 May 2012 March 2012 February 2012 January 2012 December 2011 September 2011 August 2011 June 2011 March 2011 February 2011 November 2010 October 2010 July 2010 June 2010 May 2010
Recent Comments
arminmacxmin on Cisco ASA 8.4 on GNS3 Mazhar on Cisco ASA 8.4 on GNS3 J L on Outlook.com Dont change your primary email address and how to revert
9 trong 10
18/04/2013 1:23 PM
http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-...
back if you already did Mauricio on Cisco ASA 8.4 on GNS3 Mauricio on Cisco ASA 8.4 on GNS3
Blog Calendar
March 2012 M TW T F S S 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Feb May
Meta
Log in Entries RSS Comments RSS WordPress.org
Copyright
2013 XeruNetworks. Return to top Powered by WordPress and the Graphene Theme.
10 trong 10
18/04/2013 1:23 PM