7200emu.hacki.at

[vikas]

Running Cisco ASA on Windows

Dear All ,

This is Step-by-Step way for running Cisco ASA on Windows , May be it could be useful for beginners .

Download QEMU For Windows

http://www.h6.dion.ne.jp/~kazuw/qemu-win/qemu-0.9.0-windows.zip

Extract the Zip File and you will get a folder named “qemu-0.9.0-windows “

Download UnixUtils

http://rapidshare.com/files/83156329/UnixUtils.rar.html

Extract the Contents of the file UnixUtils.rar in a folder and copy all the files in this folder to the qemu folder where there are file like qemu.exe , qemu-img.exe etc

Put the file asa802-k8.bin also at the same place where there are file like qemu.exe , qemu-img.exe etc

Now Double-Click Setup.bat , Just wait for some seconds and the promt will tell you to telnet to 127.0.0.1 on the port 4444 .

telnet 127.0.0.1 4444 and you should be greeted with the ASA Prompt !

The Next time you woul like to run ASA , Just run the Cisco ASA.bat file


If you find any problems please let me know

Thanks

Vikas

[routerpimp]

Thanks for the tutorial. I have a Q.

Will the ASAs run decently in a VM running Windows XP?

Is there a tutorial somewhere showing how to get the ASA running on Linux?

Thanks bud,

routerpimp

[denmarcj]

Thank you very much vikas

[freedp]

ciscoasa(config-if)# nameif inside
ERROR: open(np/port/id/1/-1) failed.
ERROR: open() failed.
ERROR: Failed to initialize interface inside
ERROR: Add interface failed.

[thumpercisco]

same as above

i2c_read_byte_w_wait() error, slot = 0x4, device = 0xb0, address = 0 byte count = 1. Reason: I2C_SMBUS_UNSUPPORT

Total SSMs found: 0
Ignoring PCI card in slot:0 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:1 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:2 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:3 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:4 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:5 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:6 (vendor:0x0 deviceid:0x0)

Total NICs found: 6
Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 0 - verify the support in kernel

Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 1 - verify the support in kernel

Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 2 - verify the support in kernel

Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 3 - verify the support in kernel

Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 4 - verify the support in kernel

Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 5 - verify the support in kernel

Cisco Adaptive Security Appliance Software Version 8.0(2)
Cannot open interface card (media_ethernet/port/id/0)
pix_idb_create: Unable to get link capabilities 0
pix_idb_create: Unable to get nic_stats for port 0
Cannot open interface card (media_ethernet/port/id/1)
pix_idb_create: Unable to get link capabilities 1
pix_idb_create: Unable to get nic_stats for port 1
Cannot open interface card (media_ethernet/port/id/2)
pix_idb_create: Unable to get link capabilities 2
pix_idb_create: Unable to get nic_stats for port 2
Cannot open interface card (media_ethernet/port/id/3)
pix_idb_create: Unable to get link capabilities 3
pix_idb_create: Unable to get nic_stats for port 3
Cannot open interface card (media_ethernet/port/id/4)
pix_idb_create: Unable to get link capabilities 4
pix_idb_create: Unable to get nic_stats for port 4
Cannot open interface card (media_ethernet/port/id/5)
pix_idb_create: Unable to get link capabilities 5
pix_idb_create: Unable to get nic_stats for port 5

open or write(ffsdev/2/write/32) failed
Could not initialize system files in flash.
i2c_read_byte_w_suspend() error, slot = 0x4, device = 0xb0, address = 0 byte count = 1. Reason: I2C_SMBUS_UNSUPPORT
i2c_read_byte_w_suspend() error, slot = 0x4, device = 0xb0, address = 0 byte count = 1. Reason: I2C_SMBUS_UNSUPPORT
Type help or '?' for a list of available commands.
ciscoasa>

[thumpercisco]

Any help with this please vikas for correctly referencing my nic for working .bat
I can telnet to asa but cannot configure interfaces.

[vikas]

Dear thumpercisco ,

I have posted the same problem in the original ASA Emulation forum but have not received a reply yet , I am also getting the same problem , I also used the "qemu" file developed by mmm for windows and replaced the file in the qemu directory with that one , but i am also getting the same problem .

[thumpercisco]

I got the below bat file to work and recognize ASA interfaces, which are configurable and UP, but cannot ping to ASA or from ASA. I can ping the tap0 interface the ASA is using.
Does someone know the command to add for bridging the asa through the tap to windows?
using winvista

qemu bat:
@echo off
ECHO MD5 Cheksum
md5 asa802-k8.bin
hexdump -C asa802-k8.bin > asa802-k8.hd
grep "1f 8b 08 00 1d" asa802-k8.hd
ls -la asa802-k8.bin
tail -c 13334352 asa802-k8.bin > asa802-k8.gz
gzip -d asa802-k8.gz
cpio -i --make-directories < asa802-k8
qemu-img create FLASH 256M
CLS
ECHO Telnet to 127.0.0.1 on port 4444 to access ASA Console
ECHO -------------------------------------------------------
ECHO * * * * * * *DO NOT CLOSE THIS WINDOWS* * * * * * * *
qemu -L . -hda FLASH -hdachs 980,16,32 -kernel vmlinuz -initrd asa802-k8 -m 256 --no-kqemu

-append "auto nousb ide1=noprobe bigphysarea=16384 console=ttyS0,9600n8 hda=980,16,32" -

net nic,vlan=0,macaddr=00:aa:00:00:02:01,model=pcnet -net

tap,vlan=0,script=if1up,ifname=tap0 -net nic,vlan=1,macaddr=00:aa:00:00:02:02,model=pcnet

-net tap,vlan=1,script=if1up,ifname=tap1 -net

nic,vlan=2,macaddr=00:aa:00:00:02:03,model=pcnet -net tap,vlan=2,script=if1up,ifname=tap2

-net nic,vlan=3,macaddr=00:aa:00:00:02:04,model=pcnet -net

tap,vlan=3,script=if1up,ifname=tap3 -net nic,vlan=4,macaddr=00:aa:00:00:02:05,model=pcnet

-net tap,vlan=4,script=if1up,ifname=tap4 -serial telnet::4444,server,nowait

.net with vlan1 ipadd set for ping and msloopback attached to switch for ping:
[127.0.0.1:7200]

workingdir = C:\Program Files\Dynamips\sample_labs\switching\ethsw2

[[3640]]
image = \Program Files\Dynamips\images\C3640-JS.BIN
ram = 160

[[Router SW1]]
model = 3640
slot0 = NM-16ESW
F0/3 = NIO_gen_eth:\Device\NPF_{B84A09A4-9AC6-4113-A304-52EDB75E6350} #msloopback
F0/4 = NIO_gen_eth:\Device\NPF_{599AEB12-CC29-40E5-A67D-EB8E11DF201C} #tap0

[gnasreddine]

Hi guys,

i dont know where to find the right vmlinuz file !!!!

Help me !!!

[vikas]

Hi gnasreddine

Just follow the instructions in the original post , the vmlinuz file will be automatically created for you and you will be able to connect to the ASA Prompt .

The problem is that , it is not recognising the interfaces .

Thanks

[thumpercisco]

[vikas]

Hi thumpercisco ,

did you tried the qemu.exe created by mmm for the ASA , it has the pcap implementation to bridge it with the hot nics ..

I tried that but was not successfull , also could you please tell me that
when you run the bat file and connect to the asa prompt and try to
do "no sh" on one of its interface , does it comes up successfully ?

I am getting an error something like "-ioctl/" as posted previously .

thanks for the help

[thumpercisco]

I tried the pcap also with qemu.exe change, no work and get error
Unpacking initramfs...<0>Kernel panic - not syncing: bad gzip magic .

when I change back to original qemu.exe and use tap I get ASA interface config (ipadd,nameif,noshut) but cannot connect to host windows, in .net which references tap interface I can only ping to tap not to ASA or from ASA.

Will keep trying, maybe someone can come up with pemu files needed with this.

[thumpercisco]

ok - did some digging and found an old post
http://7200emu.hacki.at/viewtopic.php?t=4088
Post subject: Add -net udp for qemu/jqemu
rar files can be downloaded there

used attached setup bat and booted with same errors of vlan not connected to host network and magic header (yes I gzip and gzip -d asa802)

hopefully this will help make progress toward win/qemu/asa working

[freedp]

The Link is Fine