It is currently Mon Dec 18, 2017 5:15 am


All times are UTC




Post new topic Reply to topic  [ 35 posts ]  Go to page Previous  1, 2, 3, 4
Author Message
 Post subject: Re: ASA 8.4(2) on QEMU from 7200emu.hacki.at
PostPosted: Sat Sep 29, 2012 11:07 am 
Offline

Joined: Fri Sep 28, 2012 3:26 pm
Posts: 2
Oh well I guess that I shot from the hip here......

My biggest problem appears to have been with having my Windows7 firewall running at the same time as trying to get the ASA working on GNS3.

So for anyone out there with niggling issues regarding interfaces that just will not work on your ASA running on GNS3 just make sure that your Windows firewall is turned off.

Good Luck.




Top
 Profile  
 
 Post subject: Re: ASA 8.4(2) on QEMU from 7200emu.hacki.at
PostPosted: Tue Nov 06, 2012 12:54 pm 
Offline

Joined: Thu Oct 18, 2012 6:38 pm
Posts: 21
Hi guys

I successfully installed Qemu and ASA 8.4 following various guides that I found on Internet
Everything is fine but ...not persistent. That means that when I enter the license key that works, I managed to install ASDM as well but Qemu is not saving the changes. After rebooting I have to enter the license again and to reconfigure ASA

Could anyone of you please tell me what to do to have the configuration permanently saved and the ASDM file permanently installed?
Alternatively please point me to the page that I should read if there is any, I could not find anything in this sense. Most of the people complain about not being able to use wr mem at all

When I use wr mem I do not receive any error and ASA preserves the configs if I reboot the appliance. If I kill the qemu process then everything is lost.


thanks
PF

GNS3 0.8.3
ASA 8.4(2)
Qemu 0.14.1

kernel_cmdline = -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536


PS: after reading this thread again I suspect that my problem has something to do with the flash file
How can I obtain such a flash file? How do you reuse one?


Top
 Profile  
 
 Post subject: Re: ASA 8.4(2) on QEMU from 7200emu.hacki.at
PostPosted: Tue Nov 06, 2012 6:27 pm 
Offline

Joined: Thu Oct 18, 2012 6:38 pm
Posts: 21
I solved this one
see my post in the hacki.at formum
(search by username PF4haki)


Top
 Profile  
 
 Post subject: Re: ASA 8.4(2) on QEMU from 7200emu.hacki.at
PostPosted: Tue Apr 23, 2013 3:23 pm 
Offline

Joined: Tue Apr 23, 2013 3:20 pm
Posts: 1
Hi,

I'm having issue in setting up an ASA to work with my GNS3. Everytime I start the console it looks like it's starting but when it goes to the point where in it's initializing random number generator it looks like it's loading but then I am getting a message failed to boot and it will reboot again then it simply goes into cycle just like that. Any suggestion will be much appreciated. I am running Windows 7 32-bit by the way.


Top
 Profile  
 
 Post subject: Re: ASA 8.4(2) on QEMU from 7200emu.hacki.at
PostPosted: Wed Apr 09, 2014 8:19 am 
Offline

Joined: Wed Apr 09, 2014 8:10 am
Posts: 1
Hi,
I am running a ASA 8.4.2 on my ESXi 5 Server.
I used the extract scipt. Everything lookes fine, but I can't start the ASDM.
I always get the message:

asdm did not recognize device model ASA 5520 pleas see the screenshot

I am using asdm-716.bin

here is what I have done:

ciscoasa(config)# copy tftp://192.168.1.10/asdm-716.bin flash:/asdm.bin

Zapp(config)# http server enable
Zapp(config)# http 192.168.1.0 255.255.255.0 inside
Zapp(config)# username admin password Cisco privilege 15

here the boot output:

Quote:
pci 0000:00:18.6: PCI bridge, secondary bus 0000:21
pci 0000:00:18.6: IO window: disabled
pci 0000:00:18.6: MEM window: 0xfba00000-0xfbafffff
pci 0000:00:18.6: PREFETCH window: disabled
pci 0000:00:18.7: PCI bridge, secondary bus 0000:22
pci 0000:00:18.7: IO window: disabled
pci 0000:00:18.7: MEM window: 0xfb600000-0xfb6fffff
pci 0000:00:18.7: PREFETCH window: disabled
NET: Registered protocol family 2
IP route cache hash table entries: 16384 (order: 4, 65536 bytes)
TCP established hash table entries: 65536 (order: 7, 524288 bytes)
TCP bind hash table entries: 65536 (order: 6, 262144 bytes)
TCP: Hash tables configured (established 65536 bind 65536)
TCP reno registered
NET: Registered protocol family 1
Unpacking initramfs... done
Freeing initrd memory: 22975k freed
platform rtc_cmos: registered platform RTC device (no PNP device found)
Machine check exception polling timer started.
highmem bounce pool size: 64 pages
HugeTLB registered 4 MB page size, pre-allocated 0 pages
bigphysarea: Allocated 65536 pages at 0xe0400000.
msgmni has been set to 271
io scheduler noop registered
io scheduler anticipatory registered (default)
io scheduler deadline registered
io scheduler cfq registered
pci 0000:00:00.0: Limiting direct PCI/PCI transfers
Serial: 8250/16550 driver, 4 ports, IRQ sharing disabled
serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
serial8250: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A
loop: module loaded
pcnet32.c:v1.35 21.Apr.2008 [email protected]
tun: Universal TUN/TAP device driver, 1.6
tun: (C) 1999-2004 Max Krasnyansky <[email protected]>
Uniform Multi-Platform E-IDE driver
ide_generic: enforcing probing of I/O ports upon user request
ide: forcing hda as a disk (980/16/32)
hda: VMware Virtual IDE Hard Drive, ATA DISK drive
ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
ide-gd driver 1.18
hda: max request size: 128KiB
hda: 83886080 sectors (42949 MB) w/32KiB Cache, CHS=980/16/32
hda: hda1
TCP cubic registered
NET: Registered protocol family 17
RPC: Registered udp transport module.
RPC: Registered tcp transport module.
802.1Q VLAN Support v1.8 Ben Greear <[email protected]>
All bugs added by David S. Miller <[email protected]>
TIPC: Activated (version 1.6.4 compiled Jun 15 2011 17:18:15)
NET: Registered protocol family 30
TIPC: Started in single node mode
Using IPI Shortcut mode
Freeing unused kernel memory: 156k freed
Write protecting the kernel text: 1716k
Write protecting the kernel read-only data: 504k
Starting kernel event manager...
Loading hardware drivers...
Initializing random number generator... done.
Starting network...
dosfsck 2.11, 12 Mar 2005, FAT32, LFN
Starting check/repair pass.
Starting verification pass.
/dev/hda1: 98 files, 1481/65518 clusters
dosfsck(/dev/hda1) returned 0
FAT: "posix" option is obsolete, not supported now
TIPC: Started in network mode
TIPC: Own node address <1.1.1>, network identity 1234
TIPC: Enabled bearer <eth:tap0>, discovery domain <1.1.0>, priority 10
msrif: module license 'Cisco Systems, Inc' taints kernel.
msrif module loaded.
Starting Likewise Service Manager
Processor memory 654311424, Reserved memory: 62914560
IMAGE ERROR: An error occurred when reading the controller type
Ignoring PCI device in slot:0 (ven:0x8086 dev:0x7190 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x8086 dev:0x7191 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x8086 dev:0x7110 rev:0x08)
Ignoring PCI device in slot:0 (ven:0x8086 dev:0x7111 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x8086 dev:0x7113 rev:0x08)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x0405 rev:0x00)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x0790 rev:0x02)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)
Ignoring PCI device in slot:0 (ven:0x15ad dev:0x07a0 rev:0x01)

Total NICs found: 3
i82574L rev00 Gigabit Ethernet @ irq09 dev 0 index 02 MAC: 000c.296a.6199
i82574L rev00 Gigabit Ethernet @ irq10 dev 0 index 01 MAC: 000c.296a.618f
i82574L rev00 Gigabit Ethernet @ irq11 dev 0 index 00 MAC: 000c.296a.6185
secstore_buf_fill: Error reading secure store - buffer 0xddfffb28, size 0x14
key_nv_init: read returned error 1, len 129
L4TM: Unknown ASA Model
(set interval) setting zero expiration time 0x0a32aca0
Verify the activation-key, it might take a while...
Running Permanent Activation Key: 0xb23bcf4a 0x1c713b4f 0x7d53bcbc 0xc4f8d09c 0x0e24c6b6

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 100 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
Security Contexts : 5 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 25 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 5000 perpetual
Total VPN Peers : 0 perpetual
Shared License : Enabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Enabled perpetual
UC Phone Proxy Sessions : 10 perpetual
Total UC Proxy Sessions : 10 perpetual
Botnet Traffic Filter : Enabled perpetual
Intercompany Media Engine : Enabled perpetual

This platform has an ASA 5520 VPN Plus license.


Cisco Adaptive Security Appliance Software Version 8.4(2)

****************************** Warning *******************************
This product contains cryptographic features and is
subject to United States and local country laws
governing, import, export, transfer, and use.
Delivery of Cisco cryptographic products does not
imply third-party authority to import, export,
distribute, or use encryption. Importers, exporters,
distributors and users are responsible for compliance
with U.S. and local country laws. By using this
product you agree to comply with applicable laws and
regulations. If you are unable to comply with U.S.
and local laws, return the enclosed items immediately.

A summary of U.S. laws governing Cisco cryptographic
products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by
sending email to [email protected].
******************************* Warning *******************************

Copyright (c) 1996-2011 by Cisco Systems, Inc.

Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Reading from flash...
!Crashinfo is NOT enabled on Full Distribution Environment
*** Output from config line 65, "crashinfo save disable"

Cryptochecksum (unchanged): 1e7d2fde fe301354 3df3110b f57c584f
Type help or '?' for a list of available commands.
Zapp>


and here is my config:

Quote:
Zapp# show running-config
: Saved
:
ASA Version 8.4(2)
!
hostname Zapp
enable password 8Ry2... encrypted
passwd 2KFQ...
names
!
interface GigabitEthernet0
nameif inside
security-level 100
ip address 192.168.1.240 255.255.255.0
!
interface GigabitEthernet1
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet2
shutdown
no nameif
no security-level
no ip address
!
ftp mode passive
pager lines 24
mtu inside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
username adm password fkF.... encrypted
username admin password UET... encrypted privilege 15
!
!
prompt hostname context
no call-home reporting anonymous
crashinfo save disable
Cryptochecksum:1e7...
: end


can anyone please help me with this...?

Update:
It works with this ASDM Version:
Cisco Adaptive Security Appliance Software Version 8.4(2)
Device Manager Version 7.1(5)100




Attachments:
Unbenannt.PNG
Unbenannt.PNG [ 46.05 KiB | Viewed 4222 times ]
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 35 posts ]  Go to page Previous  1, 2, 3, 4

All times are UTC


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group

phpBB SEO