Copyright © 2016 VIT, All Rights Reserved. VIT and its logo are trademarks of Victorian Institute of Technolog 1 IT NE 2006 Implementing Firewall Technologies LAB 4 - A WEEK - 7 CONTENTSIT NE 2005 Assessments Copyright © 2016 VIT, All Rights Reserved. VIT and its logo are trademarks of Victorian Institute of Technolog 2 Week 6 Implementing ASA Objective: Import and configure Cisco ASAv with GNS3 Deploy and configure Cisco ASAv with GNS3 by following instructions in https://youtu.be/GM_VmmkCEag?t=1m47s video. Additional Notes (before starting router confugration, perform following steps for ASA configuration) Initial configuration after ASA import Configure the ASAv for telnet access delicate After creating new Lab project based on above video, Power ASA on and double click it to open the TightVNC viewer. The ASAv will automatically reboot once during the initial power-up after "determining the device platform". After the second boot, it will stop at the ciscoasa> prompt. Once you get that you are ready to move to the next step.IT NE 2005 Assessments Copyright © 2016 VIT, All Rights Reserved. VIT and its logo are trademarks of Victorian Institute of Technolog 3 The ASAv serial port is disabled by default. The software seems to require a file on the root of Disk0: called use_ttyS0 to enable the serial interface. The easiest way to add this is to clone the existing \coredumpinfo\coredump.cfg file and rename it. Use these commands to clone it: ciscoasa#conf t ciscoasa(config)# cd coredumpinfo ciscoasa(config)# copy coredump.cfg disk0:/use_ttyS0 (that's S zero not S and the letter O) Verify the file exists with the command dir disk0:/IT NE 2005 Assessments Copyright © 2016 VIT, All Rights Reserved. VIT and its logo are trademarks of Victorian Institute of Technolog 4 Once it is there, reload the ASA. There is no need to save the config at this point. We just want the ASA to reload with that file in place. It should show the GRUB boot loader, and boot, but the interaction will stop with the message "Lina to use serial port /dev/ttyS0 for console IO". At this point, it has transferred the interactive control to the serial port.IT NE 2005 Assessments Copyright © 2016 VIT, All Rights Reserved. VIT and its logo are trademarks of Victorian Institute of Technolog 5 Power the ASAv off. Right click it, and select configure. Change the console type from vnc to telnet. You must power the ASAv off to do this. You can change it with the device powered on, but it will throw the error "No connection could be made because the target machine actively refused it" if you try to launch the console and will not connect. Click Apply > OK to save. Power the ASAv back on and double click to open the console. It will take 30-45 seconds before any output will appear. The GRUB boot screen and boot process won't show in the serial port output. The serial port isn't active until the ASA software loads. My Surface pro takes 30 seconds to show output.IT NE 2005 Assessments Copyright © 2016 VIT, All Rights Reserved. VIT and its logo are trademarks of Victorian Institute of Technolog 6