It is currently Sat Dec 07, 2019 5:23 am


All times are UTC




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: How to setup ASA on QEMU through GNS3
PostPosted: Fri Feb 14, 2014 10:58 pm 
Offline

Joined: Wed Dec 11, 2013 9:58 pm
Posts: 27
Here are directions and screenshots for setting up qemu on Linux. The installation was on a 64 bit version of Mint. This applies to Gns 0.8.6 with qemu 1.6.2.

1. Qemu - make sure that the following is used
qemu path: /usr/local/bin/qemu-system-i386
qemu-img: /usr/local/bin/qemu-img
2. ASA
NICs: 6
NIC Model: e1000
ASA RAM-memory: 1024
qemu options: -vnc none -vga none -icount auto -hdachs 980,16,32 -cpu coreduo -nographic
Kernel cmd line:ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536 ide1=noprobe no-hlt




Top
 Profile  
 
 Post subject: Re: How to setup qemu in gns3
PostPosted: Sat Feb 15, 2014 4:51 pm 
Offline

Joined: Mon Jan 27, 2014 7:41 pm
Posts: 19
The subject of this HOWTO should be "How to setup ASA on QEMU through GNS3".

ASA version: 8.4(2)
QEMU version 1.6.2
GNS3 version 0.8.6
OS: 64-bit Linux Mint, unknown version (approximately Mint 16)

1st step: get the ASA 8.4(2) binary image. The file you are looking for is the following: "asa842-k8.bin".
2nd step: get a script which will extract the initrd file and the linux kernel from the asa842-k8.bin image. A script floating around on the Internet is named repack.v4.sh. The most common form of the script is actually zippped, which means you will have to unzip it first, and then actually give the script "execute" permissions.
Code:
$ wget http://www.----------.net/misc/repack.v4.sh.gz
--2014-02-15 18:08:09--  http://www.----------.net/misc/repack.v4.sh.gz
Resolving www.----------.net (www.----------.net)... 68.178.254.226
Connecting to www.----------.net (www.----------.net)|68.178.254.226|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2050 (2.0K) [application/x-sh]
Saving to: `repack.v4.sh.gz.1'

100%[=================================================================================>] 2,050       --.-K/s   in 0.001s 

2014-02-15 18:08:12 (2.63 MB/s) - `repack.v4.sh.gz.1' saved [2050/2050]

[email protected]:~$ mkdir asa.on.qemu.GNS3
[email protected]:~$ mv repack.v4.sh.gz asa.on.qemu.GNS3/repack.v4.sh.gz
[email protected]:~$ cd asa.on.qemu.GNS3/
[email protected]:~/asa.on.qemu.GNS3$ gunzip repack.v4.sh.gz
[email protected]:~/asa.on.qemu.GNS3$ alias ll='ls -alF'
[email protected]:~/asa.on.qemu.GNS3$ ll
total 24588
drwxrwxr-x  2 wizard wizard     4096 Feb 15 18:10 ./
drwxr-xr-x 40 wizard wizard     4096 Feb 15 18:08 ../
-rw-------  1 wizard wizard 25159680 Feb 15 18:10 asa842-k8.bin
-rw-rw-r--  1 wizard wizard     4560 Jul  7  2012 repack.v4.sh

In linux, to set execution rights to a file, we use the chmod command:
Code:
[email protected]:~/asa.on.qemu.GNS3$ chmod +x repack.v4.sh
[email protected]:~/asa.on.qemu.GNS3$ ll
total 119516
drwxrwxr-x  2 wizard wizard     4096 Feb 15 18:33 ./
drwxr-xr-x 40 wizard wizard     4096 Feb 15 18:08 ../
-rw-------  1 wizard wizard 25159680 Feb 15 18:10 asa842-k8.bin
-rwxrwxr-x  1 wizard wizard     4558 Feb 15 18:28 repack.v4.sh*
[email protected]:~/asa.on.qemu.GNS3$

Another version of the repack script can be found after reading this great blog post http://binarynature.blogspot.com/2014/01/create-cisco-asa-vmware-fusion.html

3rd step: Before running the script, you have to make sure that you need everything for the script to run. So execute the following commands and make sure you get the proper output:
Code:
[email protected]:~/asa.on.qemu.GNS3$ which mkisofs
/usr/bin/mkisofs
[email protected]:~/asa.on.qemu.GNS3$ which xxd
/usr/bin/xxd
[email protected]:~/asa.on.qemu.GNS3$ cat repack.v4.sh | grep ISOLINUX_BIN=
ISOLINUX_BIN=/usr/share/syslinux/isolinux.bin

On my Ubuntu box now, isolinux.bin is not located in the location that the script is actually looking for it. So i have to change the script a bit to point to the proper isolinux.bin location:
Code:
[email protected]:~/asa.on.qemu.GNS3$ vi ./repack.v4.sh
[email protected]:~/asa.on.qemu.GNS3$ cat repack.v4.sh | grep ISOLINUX_BIN=
ISOLINUX_BIN=/usr/lib/syslinux/isolinux.bin

4th step: Get the script and the asa842-k8.bin image into the same directory, and execute the script as root. I have no clue as to why you need to run the script as root, but the script complains if you run as a regular user, and it didn't work for me when I ran the script as a regular user. You should do that by executing the following commands:
Code:
[email protected]:~/asa.on.qemu.GNS3$ sudo ./repack.v4.sh asa842-k8.bin
Repack script version: 4
Detected syslinux/cdrtools - ISO will be created
1359344+0 records in
1359344+0 records out
1359344 bytes (1.4 MB) copied, 1.99157 s, 683 kB/s
23697936+0 records in
23697936+0 records out
23697936 bytes (24 MB) copied, 34.717 s, 683 kB/s
/tmp/tmp.N3BcXEIlhb ~/asa.on.qemu.GNS3

gzip: /home/wizard/asa.on.qemu.GNS3/asa842-initrd-original.gz: decompression OK, trailing garbage ignored
114476 blocks
114476 blocks
114476 blocks
~/asa.on.qemu.GNS3
/tmp/tmp.xURDtQo9DP ~/asa.on.qemu.GNS3
I: -input-charset not specified, using utf-8 (detected in locale settings)
Size of boot image is 4 sectors -> No emulation
21.05% done, estimate finish Sat Feb 15 18:30:13 2014
42.00% done, estimate finish Sat Feb 15 18:30:13 2014
63.01% done, estimate finish Sat Feb 15 18:30:13 2014
83.96% done, estimate finish Sat Feb 15 18:30:13 2014
Total translation table size: 2048
Total rockridge attributes bytes: 0
Total directory bytes: 2048
Path table size(bytes): 26
Max brk space used 0
23825 extents written (46 MB)
~/asa.on.qemu.GNS3
[email protected]:~/asa.on.qemu.GNS3$
[email protected]:~/asa.on.qemu.GNS3$ ll
total 119512
drwxrwxr-x  2 wizard wizard     4096 Feb 15 18:30 ./
drwxr-xr-x 40 wizard wizard     4096 Feb 15 18:08 ../
-rw-rw-r--  1 wizard wizard 23521205 Feb 15 18:30 asa842-initrd.gz
-rw-rw-r--  1 wizard wizard 23520615 Feb 15 18:30 asa842-initrd-original.gz
-rw-------  1 wizard wizard 25159680 Feb 15 18:10 asa842-k8.bin
-rw-rw-r--  1 wizard wizard  1359344 Feb 15 18:29 asa842-vmlinuz
-rw-r--r--  1 root   root   48793600 Feb 15 18:30 asa.iso
-rwxrwxr-x  1 wizard wizard     4558 Feb 15 18:28 repack.v4.sh*
[email protected]:~/asa.on.qemu.GNS3$

the created files will be later entered into GNS3, and GNS3 will invoke QEMU and tell QEMU to use these files to emulate the ASA. Of the created files, we only care for asa842-initrd.gz and asa842-vmlinuz

5th step: Once you get these, you need to make sure you have GNS3 and QEMU installed:
Code:
[email protected]:~/asa.on.qemu.GNS3$ gns3 --version
gns3 0.8.6
[email protected]:~/asa.on.qemu.GNS3$ qemu-system-i386 --version
QEMU emulator version 1.7.0, Copyright (c) 2003-2008 Fabrice Bellard
[email protected]:~/asa.on.qemu.GNS3$ dynamips --version | grep version
Cisco Router Simulation Platform (version 0.2.10-amd64/Linux stable)
[email protected]:~/asa.on.qemu.GNS3$


5.5th step: You should at this point verify that the ASA will fly with your installed QEMU. To do this, issue the following command:
Code:
/usr/local/bin/qemu-system-i386 -name ASA1 -m 1024 -kernel ./asa842-vmlinuz -initrd ./asa842-initrd.gz -append "ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536 ide1=noprobe no-hlt" -netdev user,id=mynet0 -netdev user,id=mynet1 -netdev user,id=mynet2 -netdev user,id=mynet3 -netdev user,id=mynet4 -netdev user,id=mynet5 -device e1000,mac=00:00:ab:1a:f2:00,netdev=mynet0 -device e1000,mac=00:00:ab:df:12:01,netdev=mynet1 -device e1000,mac=00:00:ab:7e:73:02,netdev=mynet2 -device e1000,mac=00:00:ab:1c:9d:03,netdev=mynet3 -device e1000,mac=00:00:ab:db:25:04,netdev=mynet4 -device e1000,mac=00:00:ab:69:d8:05,netdev=mynet5 -serial telnet:127.0.0.1:4444,server,nowait -vnc none -vga none -icount auto -hdachs 980,16,32 -cpu coreduo -nographic

The above command of course assumes that the asa842-vmlinuz and asa842-initrd.gz files are in your current directory. If they are not, then change the command to point to their real location. After issuing the command you should be able to telnet into the ASA and verify that it does not crash, and it gives you a nice and clean ciscoasa> prompt. The port you have to telnet into was defined in the command above. Open a new terminal
Code:
[email protected]:~$ telnet 127.0.0.1 4444
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.

ciscoasa>
ciscoasa>

Once you get the ciscoasa> prompt, go back to the terminal that you used to start the qemu instance, and enter "quit" into the QEMU prompt to stop the process.

6th step: Start GNS3, Edit -> Preferences, and select the Qemu sub-window.
In the Qemu sub-window under the "General Settings" tab, in "Path to Qemuwrapper", enter the path into which GNS3 was installed. qemuwrapper is a Python script, installed by GNS3. In my case, it is located in /usr/share/gns3/qemuwrapper.py.
For "Path to qemu:" and "Path to qemu-img:" enter the path you get after issuing:
Code:
[email protected]:~/asa.on.qemu.GNS3$ which qemu-system-i386
/usr/local/bin/qemu-system-i386
[email protected]:~/asa.on.qemu.GNS3$ which qemu-img
/usr/local/bin/qemu-img

ASA is emulated as an i386 system. x86-64 is a superset of the i386, but just stick to what works for, and then try other settings.
Then press the "Test settings" button, and if everything is OK, you should get the following message:
All components have successfully started
(except pemu)

7th step: In the Qemu sub-window under the "ASA" tab, choose the initrd file that was created by the repack.v4 script, and the vmlinuz file that was created by the repack.v4 script. Make sure to select the asa842-initrd.gz file, not asa842-initrd-original.gz, because the original initrd is not patched.
Then apply the ASA 8.4(2) preconfiguration. This is the most crusial step. It should select all the proper settings.
The following are my personal adjustment of settings, and may not work for everyone. I came up with these myself, and are not the GNS3 default ones:
In the Qemu options line, enter the following:
-vnc none -vga none -icount auto -hdachs 980,16,32 -cpu coreduo -nographic
And in the "Kernel cmd line:" enter the following:
ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536 ide1=noprobe no-hlt
Important: Then press the "Save" button.

8th step:
In a new GNS3 topology, drag a new ASA, and a new GNS3 Ethernet switch. Connect all 6 ASA interfaces to the Ethernet switch. Start the ASA

It should work. If it does not, enter the following into a linux terminal:
Code:
ps aux | grep qemu

and post the command's output on this forum


Top
 Profile  
 
 Post subject: Re: How to setup ASA on QEMU through GNS3
PostPosted: Thu Jul 24, 2014 8:57 am 
Offline

Joined: Sat Jul 12, 2014 6:58 pm
Posts: 4
Hi guys,

I am trying to get ASA working in GNS3 on Linux Mint without success for several days now. I followed this HOWTO and got really close - the ASA boots up almost completely but then prints out an error, many lines of stack and memory dumps and then reboots.

When I test run the qemu from command line as advised in this guide the ASA boots up normally all the way into the prompt, however it does not work in GNS3.

Some lines of the error message (I will post the whole thing as an attachment):

Code:
core0: An internal error occurred.  Specifically, a programming assertion was
violated.  Copy the error message exactly as it appears, and get the
output of the show version command and the contents of the configuration
file.  Then call your technical support representative.
....
output omitted
....
REBOOT: open message queue fail: No such file or directory/2
REBOOT: enforce reboot...
Restarting system.
machine restart


Ouput of ps command:
Code:
fry-desktop Downloads # ps aux | grep asa
fry      11928  100 11.3 1990772 460880 ?      SNl  10:13   0:34 /usr/bin/qemu-system-i386 -name ASA4 -m 1024 -hda /tmp/ASA4/FLASH -kernel /home/fry/Downloads/asa842-vmlinuz -initrd /home/fry/Downloads/asa842-initrd.gz -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536 ide1=noprobe no-hlt -device e1000,mac=00:00:ab:5a:39:00 -device e1000,mac=00:00:ab:27:64:01 -device e1000,mac=00:00:ab:d2:22:02 -device e1000,mac=00:00:ab:d6:35:03 -device e1000,mac=00:00:ab:35:6d:04 -device e1000,mac=00:00:ab:0d:ba:05 -serial telnet:127.0.0.1:3005,server,nowait -vnc none -vga none -icount auto -hdachs 980,16,32 -cpu coreduo -nographic
root     11943  0.0  0.0  11860   928 pts/10   S+   10:14   0:00 grep --colour=auto asa
fry-desktop Downloads #

Software versions:
GNS3 version: 0.8.7
Qemu Version: 2.0.0+dfsg-2ubuntu1.1 (from repository)
Linux Mint 17 KDE 64bit

Anyone got any idea what am I doing wrong?

Thank you!
Fry


Attachments:
asa_error.txt [189.42 KiB]
Downloaded 376 times
Top
 Profile  
 
 Post subject: Re: How to setup ASA on QEMU through GNS3
PostPosted: Sun Aug 03, 2014 9:21 am 
Offline

Joined: Sun Aug 03, 2014 9:11 am
Posts: 1
Hi Fry!

I've found this error related to last e1000 network interface initialization. My workaround is to decrease the number of interfaces. For example, put 5 instead of default 6.

Good Luck,
Alexi




Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group

phpBB SEO