When configuring static routes on a Cisco ASA, you must also specify the egress interface and the command is just route, not ip route. There is two small differences on the ASA compared to a Cisco IOS based device. By routing 0.0.0.0/0 to a specific next-hop you can use this route as a “catch-all” for any traffic destined to a destination that does not have a longer match in the routing table. This route operates in the same manner as a default route on a Cisco IOS device. The most common static route you’ll see on a Cisco ASA is the default route. Static routing on the Cisco ASA can also support IP SLA tracking to ensure the next-hop is reachable however that is outside of the scope of the CCNA Security exam. You can configure the Cisco ASA to do static routing which is commonly used for a magnitude of scenarios such as default routes or vpn routing. I have encountered disk/flash issues occasionally when saving the running config, Cisco has a built in file check utility to fix these type of issues called the fsck utility.By default the Cisco ASA operates in “Routed” mode which by definition means it acts like a router but also has DPI firewall capabilities. This should now be copying over the ASDM image.Īlways use ‘copy running config startup config’ command to save configuration. ciscoasa# copy tftp flashĪddress or name of remote host ? 10.0.0.2 For this you will need to have the ASDM image on the XP machine and installed a simple TFTP Server such as SolarWinds-TFTP-Server.exe. We now need to copy the ASDM image to the ASA. Once the ASA is up check connectivity between it and the XP machine with a ping. Here is some initial configuration to get the ASA up and running. When you start the ASA apply these changes first: ciscoasa# copy running-config startup-configĪfter the second boot sequence you can start making configuration changes. vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32Īpply these changes on the first start up! You will have already added the initial RAM disk and Kernel image when added the ASA to GNS3. I have had various instability issues with ‘Active CPU throttling’ ticked, at times the console has hung, so if you find this happens to you untick this. Use 512MB and make sure the Qemu binary is set to use the latest exe:īrowse and select the FLASH file previously created. Now to configure the Qemu options, I use the below options: Setup your XP machine and import it into GNS3įirst we need to create a flash drive for our ASA, we can do this with qemu-img.exe as below: Install the latest version of GNS3 at this time I was using ‘GNS3-1.3.8-all-in-one.exe We will just be working very simply with a single ASA and an virtual XP machine directly connected, as below. For this example I will be assuming you have already added the ASA and a workstation like XP to GNS3 in order to access the ASDM. Here are the steps I have successfully used to get the Cisco ASA working correctly in GNS3. Not just working but to a point where it runs stable, be able to save the running configuration, save the project in GNS3 and then reopen it all back up and for the configuration to be there working. I have spent many hours reading various blog posts and articles in my quest to get the Cisco ASA working in GNS3.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |