Now that most of my TV shows are done for the season, I can finally get back into studying mode and really start focusing on my next form of torture. For the past few weeks and months I’ve just been maintaining a base knowledge of the Service Provider material, particularly MPLS, but never really embracing or absorbing the knowledge. When you aren’t really pressured to achieve a goal, your sense of urgency is much more relaxed and almost non-existent.
A little more than a year ago, I wrote about the ‘PIX Emulator with Qemu‘ posting. Since then I’ve only touched the emulator once on my machine, but have found through reading various forums that it has evolved and now supports ASA. The only way for me to really tell was to try and build another emulated instance for myself.
For my 1st attempt, I installed a vmware session running CentOS Server v4.6 to use as my base install, but as soon as I tried to run Qemu, I ending up hosing the instance because Qemu wants to run its’ own version of vmlinuz. I read that I could use a mounted USB drive to separate the vmlinuz files, but I wanted to keep the hardware aspect of the installation down to a minimum and just use a single folder on my drive. For my 2nd attempt, I ran a clean install of Windows XP and Qemu worked fine. The only issue I had with running this XP instance was it felt bloated. For my 3rd attempt, I ran Qemu in a Windows 2003 Web Edition version which seemed a tad bit faster than XP. In a linux world, if I had a vmware session running in runlevel3, memory usage would be fine-tuned and performance wouldn’t even be an issue. I was determined I could find a faster Windows solution.
Digging around a bit, I found 2 modified versions of Windows, TinyXP and Micro2003 (MK3), created by eXPerience. You really have to search for each one, but when you find the ISOs off bittorrent you will be very pleased with the results. For my 4th attempt I chose to use MK3 since the ISO was only 100MB. This version of Windows is completely stripped down of unnecessary dll files and services and boots up in less than 5 minutes. Someone at MS should take notes because this is how their OS should operate.
To start, I created a vmware session as depicted below.
You’ll notice that I installed a USB Controller with this vmware session. The file list below can be downloaded in advance to save some time and just copied from a USB drive. It’s up to you.
Once your MK3 installation is loaded, proceed to Google and download the files within the session:
WinPcap_4_0_2.exe –> WinPcap libraries are necessary for Dynamips and Dynagen.
dynagen-0.11.0_win_setup.exe –> If you plan on tying routers and switches to your ASA, you’ll need this.
npptools.zip –> This file is necessary for running ‘dynamips -e’ later to determine your interfaces. Once you find it, copy it to your C:\Windows\System folder.
Firefox Setup 2.0.0.14.exe –> Opera comes installed in MK3 but will become problematic once npptools.dll is added to your Windows directory.
3cdv2r10.zip –> 3CDAEMON application or any other TFTP program you would like to use.
wrar371.exe –> You’ll need this to extract the asa.zip file.
asa.zip –> You need to register a userid at the Hacki forum. Go to the ‘HOWTOs‘ forum and look for ThumperCisco’s article “How to Run Cisco ASA on Windows” where you’ll find the asa.zip or qemu.zip files.
putty.exe –> MK3 doesn’t come with telnet.exe so you’ll need one.
To speed up the vmware interfaces, edit your .vmx file and add:
ethernet0.virtualDev = “e1000″
ethernet1.virtualDev = “e1000″
To continue, you should watch the video ‘Emulating 2 ASAs with Active/Active key on Windows XP‘ created by Anderson Alves. If you don’t feel like watching the video, here’s a brief summary of the steps that I remembered:
1. Created 3 MS loopback adapters and renamed them to Lo1, Lo2, and Lo3 respectively
2. Extracted asa.zip to a folder
3. Ran ‘dynamips -e’ to figure out the NPF values my loopback adapters
4. Edited the ASA-nolina_WIN.bat file:
@echo off
ECHO Telnet to 127.0.0.1 on port 1234 to access ASA Console
ECHO ——————————————————
ECHO * * * * * * * *DO NOT CLOSE THIS WINDOW* * * * * * * *
qemupcap -L . -hda FLASH1 -hdachs 980,16,32 -kernel vmlinuz -initrd asa-nolina.gz -m 256 –no-kqemu -append “auto nousb ide1=noprobe bigphysarea=16384 console=ttyS0,9600n8 hda=980,16,32″ -net nic,vlan=0,model=pcnet,macaddr=00:aa:00:00:01:01 -net pcap,vlan=0,ifname=\Device\NPF_{73E6A630-EF98-4CBB-8C30-A60FA09DF59F} -net nic,vlan=1,model=pcnet,macaddr=00:aa:00:00:01:02 -net pcap,vlan=1,ifname=\Device\NPF_{8588A37C-458A-4E0F-84B9-92900F7D46AA} -net nic,vlan=2,model=pcnet,macaddr=00:aa:00:00:01:03 -net pcap,vlan=2,ifname=\Device\NPF_{837D83B9-3C96-4E21-A860-50FBA9134EDD} -net nic,vlan=3,model=pcnet,macaddr=00:aa:00:00:01:04 -net pcap,vlan=3,ifname=\Device\NPF_{6BAB0ACC-7806-4F33-8877-9C5804931194} -serial telnet::1234,server,nowait
5. Ran ASA-nolina_WIN.bat
6. Telnetted to 127.0.0.1 port 1234 in putty
7. Putty will appear blank, hit <Enter> to go to the #-prompt
8. Turn up your interfaces:
# ifconfig eth0 up
# ifconfig eth1 up
# ifconfig eth2 up
9. Change to where the files are:
# cd /mnt/disk0
10. Run your emulated ASA:
# ./lina_monitor
If you want to downgrade or upgrade your ASA, you need to create your own FLASH1 file. Just Google around and find the procedure.
