Setting up ASA inside GNS3

Setting up ASA inside GNS3 has been simplified by the GNS3 team, as now you just need to have the appropriate Initrd and Kernel files then you are good to go.

Prequisites:

1. GNS3
2. asa842-initrd.gz
3. asa842-vmlinuz

*** I cant provide the ASA files ***

After you have the required files, just fire up GNS3 and point it to the right path.

GNS3 > Edit > Preferences > Qemu > ASA >

Under the ASA Settings, Preconfiguration .. select the proper version you are trying to load. Eg. 8.0(2) or 8.4(2)

All the RAM, Number of NICs, NIC model and Qemu Options will be automatically populated.

Then under ASA Specific Settings, select the path to the Initrd and Kernel files.

Finally click Save and you will see the setting save under ASA Images.

Click OK to close the Preference window.

To test out your setting, go the device tab and click on the Firewall icon and you will notice the ASA firewall icon has color and no longer grayed out.

Drag and drop the ASA firewall icon to the Workspace and Run it .. then double click on the icon and it shall open the console via the default Putty application

Happy learning !

CA Root Certificate is missing error

 

After the installation of the Cisco AnyConnect Secure Mobility 3.1, upon the execution of the client the below error pops up.

Unable to validate Cisco AnyConnect Secure Mobility components. CA Root Certificate is missing.

AnyConnect Secure Mobility Client must verify that all loaded components have been certified by Cisco. Your system does not have the latest root certificates from Verisign, which are required to validate the authenticity of the software. Please download VeriSign Class 3 Public Primary Certification Authority - G5 from http://www.verisign.com/support/roots.html or contact your administrator.

We need to manually install a VeriSign Certification Authority into Windows. The "Root 3 / VeriSign Class 3 Primary CA - G5" to be exact.

1. Go to the Verisign certificate page. [LINK]
2. Find the section named "Root 3 / VeriSign Class 3 Primary CA - G5".
   At the end of that section, find the link for Download Root Now and right-click it and save the file to your Desktop or Download folder.

1. Find the downloaded file, and rename it from "PCA-3G5.pem" to "PCA-3G5.crt" (change the filename extension to .crt).
2. Double-click the PCA-3G5 file.
3. Result: The Certificate information window should open.
   Press the Install Certificate button. A Certificate Import Wizard will open. You can click Next or Finish to go through the Import Wizard.