![]() Connect the cloud to ethernet switch and connect ethernet switch to ASA.Īddress or name of remote host ? 10.10.10.2 ![]() Go into C1 and select loopback adapter from drop down and save. In GNS drag cloud onto pane and configure it. To setup ASDM you need to create Loopback adapter on PC Ģ) click Next in Welcome to the Add Hardware Wizardģ) Slect Install the hardware that I manually selected from a list (Advanced) and click nextĤ) Scroll down and select “Microsoft Adapters” click nextĥ) for manufacturer select Microsoft and Microsoft Loopback adapterĨ) right click loopback adapter go to ipv4 properties and enter ip: 10.10.10.1, SM: 255.255.255.0 ok. Nat (Inside,Outside) source dynamic HOME interface Although I created a default route I put everything in rip as I wanted to make sure everything knew about everything else. I accepted the default security levels that the ASA selected for the interfaces. This is the ASA config I applied to this topology: im very new to this so dont take it as gospel… Then start and console onto each router in turn. Have found that starting ASA and all routers at once causes problems, in fact running the virtual ASA results in general flakiness all round. Once the firewall is up and running use following activation keysĪctivation-key 0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5 (reload)Īctivation-key 0xb23bcf4a 0x1c713b4f 0x7d53bcbc 0xc4f8d09c 0x0e24c6b6 (this one takes ages! reload) (to open two ASAs change the qemu options on the 2nd firewall from -vnc none to -vnc :2) Kernel CMD line: -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536 Qemu Options: -vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32 Or find a pre-prepared copy online (hint: ) Setup GNS3 You can check the ASA compatibility matrix hereĮither obtain ASA image and then extract initrd and a Linux kernel following this method Its just that when you have the option to run ASDM as an applet or install it on your machine you will get an error that the ASDM version isnt compatible with your ASA version. But it still lets me practice configuring the ASA for ASDM and going to the page. THe copy of the ASDM i have is not compatible with the version of ASA im using. ![]() This post is based on material from the following sources He also explained how to troubleshoot to see if packets were hitting the interfaces by using a capture and that ICMP wouldnt work unless I configured it. Adam advised me to setup NAT and badabing! it all worked. However ASA could ping adjacent routers and all devices learned each others routes, but the routers couldnt ping or telnet anything except the adjacent ASA interface. ![]() ![]() I had misinterpreted the idea that high security zone traffic was allowed to pass to low security interfaces and return traffic would be permitted due to stateful inspection. Im very new to this so cant vouch for all the information in this post.Īlso must give props to my mate Adam for telling me to setup NAT on the ASA. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |