Thursday, 30 May 2013
How to Configure ASDM for cisco ASA firewall in GNS3
ASA firewall can be configured from the command line as well as GUI is also available for the configuration ASA. ASDM (Adaptive security device manager) is the software that can be used to configure ASA graphically. In previous post I told how to use the ASA firewall in gns3, in this post we will discuss the integration of ASDM with ASA in gns3.
Steps:
1. First of all download the required image file of ASDM from the following link.
Asdm-641.bin
2. Now open the GNS3, drag ASA firewall, a cloud and an Ethernet switch in the topology field of GNS3 and connect them as shown in the following diagram.
3. In the cloud we will use the Microsoft loopback adapter to virtually connect our real pc with the ASA FIREWALL because the ASDM software will be installed on the ASA FIREWALL as well as our computer.
4. To select Microsoft loopback adapter right click on cloud icon and select configure. Now in the window that opened on the left side click on the C1 or whatever the cloud number is and then from the dropdown select the Microsoft loopback adapter and add it. Apply and ok.
Topology diagram after connections.
5. Now start the ASA Firewall and from command line assign the ip address on the e0 interface , likewise on the Microsoft loopback adapter use the ip address of same network.
In our case we will use the following two ip addresses
ASA interface – 192.168.10.1/24
Microsoft adapter – 192.168.10.2/24
Setting ip address on interface e0.
Ciscoasa>enable
Password:
Ciscoasa#configure terminal
Ciscoasa(config)#interface gigabitethernet 0
Ciscoasa(config-if)#ip address 192.168.10.1 255.255.255.0
Ciscoasa(config-if)#nameif maatisolution
Ciscoasa(config-if)#security-level 0
Ciscoasa(config-if)#no shutdown
6. After configuring the ip address on ASA interface and Microsoft loopback adapter test the ping connectivity between the two. ASA should be able to ping the loopback adapter. If problem persists try turning off the window’s firewall and then try again.
7. Now we will upload the ASDM image downloaded in first step to the ASA flash using TFTP server software installed on windows. We will use tftpd32 as the tftp server software.
Run the tftpd32 and set the two parameters as follows.
Current directory : the folder where you placed the file downloaded in first step
Server interface : 192.168.10.2 // this is the Microsoft loopback adapter.
8. On ASA firewall use the following command to download the ASDM image file from tftp server.
Ciscoasa(config)#copy tftp: disk0:
Address or name of remote host[]? 192.168.10.2
Source filename[]? Asdm-641.bin //this is the name of file which we downloaded in the first step.
Destination filename[]? Asdm-641.bin //the destination filename can be anything with extension .bin but remember the name you given. We will use the same name.
Now the ASA will download the file and the will be written to it’s flash memory.
9. After the completion of 8th step the following commands need to be issued on the ASA command line.
Setting the ASDM imagefile path
Ciscoasa(config)#asdm image disk0:/asdm-641.bin
Ciscoasa(config)#http server enable
Ciscoasa(config)#http 192.168.10.0 255.255.255.0 maatisolution // here maatisolution is the name of interface.
10. Now open your web browser and in the address bar fill in the url : https://192.168.10.1 remember all the adapters other than Microsoft loopback adapter are inactive or disabled.
The following webpage will be opened
11. Download the ASDM and install it.
12. Now run the ASDM and put the ip address of ASA interface in it leave the password field blank as we didn’t used any password.
Click ok and you will find your ASA in GUI mode.
