How to implement ASA Firewall without any errors
Then the only option remains as W10 OS. It will not harmful and protect your files and folders. Therefore we have to search for the best GNS3 version to run on the W10 platform. My friend has been installing various versions of GNS3. Some versions are not supported. Some versions are giving errors and bugs. Sometimes, ASA firewall working but cannot implement a Palo Alto firewall. Yesterday he came to my home and requested me to support him to install the best version of GNS3 which is compatible with W10. Hence I did some researches and investigate the best version which can satisfy my friend’s requirement. Today I’m going to share in detailed step by step procedure to select the best version and make your ASA lab.
System information: Core i5, 8 Gen laptop with 8 GB RAM, Windows 10 Pro OS and 1.2.3 GNS3 version.
Prerequisite: I have downloaded the GNS3 1.2.3-all-in-one version and installed it on the hard disk. You can search in Google to download these files (asa842-initrd, asa842-vmlinuz, asdm-647.bin). Installed tftpd64 server in C: driver and copy asdm file to tftp folder.
Create Microsoft KM-TEST Loopback network adapter and configure the IP address as 10.10.10.44/24 and give 10.10.10.1 as default the gateway IP address.
STEP I - ASA files upload to GNS3: Right-click on the GNS3 desktop icon and select Run as administrator to start the simulation.
Go to Edit > Preferences > QEMU > QEMU VMs > Select new to add ASA firewall.
In QEMU VM configuration, ASA advanced settings > Linux boot specific settings. Here we are going to add the prerequisite download files as mentioned above. Configure the kernel command line and options with the below parameters.
Initial RAM disk (initrd) : asa842-initrd
Kernel image : asa842-vmlinuz
Kernel command line : no-hlt -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536
Options : -vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32
STEP II - GNS3 topology diagram: Drag and drop the ASA firewall onto GNS3 worksheet, attached ASA interface to Ethernet switch and then connect it into the MS-Loopback network adapter.
STEP III - Configuration: Right-click on the ASA firewall and click on start. Then it will boot the firewall and open the CMD to configure the firewall.
# configure terminal
# Interface GigaEthernet 0
# ip address 10.10.10.1 255.255.255.0
# nameif inside
# no shutdown
# end
Now ASA the interface has configured with an IP address. You can verify the configuration by doing a PING from your physical machine to the ASA interface IP address. If you cannot PING from ASA to MS-Loopback, you have to check the Windows firewall settings.
STEP IV - Upload ASDM file into flash: Open the TFTP server and select the MS-Loopback IP address. Enter # copy tftp://10.10.10.44/asdm-647.bin flash: command to copy the asdm file into flash. After completing the upload of the file, you have configured the privilege level to access the ASA via the web console.
# configure terminal
# asdm image flash:asdm-647.bin
# http server enable
# http 10.10.10.44 255.255.255.255 inside
# username abc password abc privilege 15
STEP V - Accessing ASA firewall via ASDM: Save your configuration and GNS3 worksheet. Enter https://10.10.10.1 in the web browser to load ASDM. Here you can download the ASDM launcher. After installing the ASDM, you can open up the ASDM launcher by double clicking on it. Provide user credentials to access ASA firewall.
No comments