ASA 8.02 in Vmware Workstation - NETSEC


Learning, Sharing, Creating

Cybersecurity Memo

Friday, December 23, 2011

ASA 8.02 in Vmware Workstation

Here are all related posts in this blog:

1. Found a post regarding ASA on vm solution in which says write issue has been resolved.
Going to try it today and will post a update. DSL_ASA ISO file can download from this link.
Created vmware in vmware version 7.1.0 build-261024. All configuration is listed in the following pictures:

It is use COM to do output. Named Pipe TCP Proxy or vmwaregateway.exe will help VMWARE to transfer COM output to a TCP port. At host machine, do telnet localhost PORT. Then DSL interface should be up. Enter ./asa/bin/lina (there is . in the command, do not forget for those new to linux)to go into ASA interface.

ciscoasa> en
ciscoasa# show ver
Cisco Adaptive Security Appliance Software Version 8.0(2)
Compiled on Fri 15-Jun-07 19:29 by builders
System image file is "Unknown, monitor mode tftp booted image"
Config file at boot was "startup-config"
ciscoasa up 4 mins 5 secs
Hardware:   , 128 MB RAM, CPU Pentium 4 2804 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB
0: Ext: Ethernet0/0         : address is 000c.2918.e2fa, irq 255
1: Ext: Ethernet0/1         : irq 255
2: Ext: Ethernet0/2         : irq 255
3: Ext: Ethernet0/3         : irq 255
4: Ext: Ethernet0/4         : irq 255
5: Ext: Ethernet0/5         : irq 255
VLANs                        : 200
Failover                     : Active/Active
3DES-AES                     : Enabled
Security Contexts            : 20
GTP/GPRS                     : Enabled
VPN Peers                    : 5000
WebVPN Peers                 : 2500
ADV END SEC                  : Enabled
Serial Number: 123456789AB
Running Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
Configuration register is 0x0
Configuration has not been modified since last system restart.

2. ftp FLAHS1 (from post file into you linuxLive CD system. Run following command:
dd if=FLASH1 of=/dev/hda

note: Please make sure you are using IDE mode for your vmdk file. Also 0.256G should be enough for your virtual ide disk.

3. Save file. Wr won't work. Please use following command to try. Your disk0 should have right file structure to allow you save file. Unfortunately, copy run to start is not work as expected. 

asa802(config)# wr
Building configuration...
Cryptochecksum: c36d1836 b550a452 0b1a8782 bc03594f

%Error opening disk0:/.private/startup-config ()
Error executing command

Even tried to copy running-config disk0:/.private/startup-config, got same error.

found a way to do copy:
asa802(config)# copy running-config disk0:/.private/startup-config1
Source filename [running-config]?
Destination filename [/.private/startup-config1]?
Cryptochecksum: 25eef8d7 63159cf2 e2b20271 786bb932
1964 bytes copied in 2.240 secs (982 bytes/sec)

Dont forget to set boot from startup-config1

boot config disk0:/.private/startup-config1

4. reload your vm, your change should be able to survive a reboot. CPU is really low.

 All your nic can be connected to this vm without any problem. Not sure multicast issue existing or not. will try and post later.

Note: ASA 8.4.2 has been running quite good in my machine with BES resolved CPU issue.