Terms of Use For FixedByVonnie

By proceeding to access fixedByVonnie.com, you expressly acknowledge, and agree to, all of the following:

fixedByVonnie.com is a personal website and blog owned by Security Plus Pro LLC, which is being presented for informational purposes only. The views on this website are solely those of the website owner (and not those of any employer or of any professional associations affiliated with the website owner).  Any views expressed in this website and any information presented on this website, or in any of its blog entries, should not be relied on for any purpose whatsoever other than as the personal opinions of the website owner.  The website owner expressly disclaims any and all liability for any information presented on this site.  The owner of this website and its blog posts shall not be held liable, and shall be held harmless, for any errors or omissions in any information or representations contained in this website, or in any of its blog entries.  The website owner also expressly disclaims any liability for the current or future availability of any such information. The website owner makes no representations as to the accuracy or completeness of any information on this website or which may be found by following any link on this website. The website owner shall not be held liable for any losses, injuries, damages, claims, or causes of action, from the display or use of any information on this website or in any of its blog entries. If you use the information on this website, or on any of its blog entries, you do so solely at your own risk.

How to setup an 5520 ASA 5.2 in GNS 3 version 1.3 - fixedByVonnie

How to setup an 5520 ASA 5.2 in GNS 3 version 1.3

Would it be nice if you could console into a virtual ASA 5520 running ASA 8.4.2?  You could setup NAT, site-to-site VPNs with virtual hosts and go crazy with firewall rules.  The answer is yes, you can and I’m about to show you how I did it on my Mac OS X 10.10 host using GNS3.

Here’s what I did to get this working…

After downloading and installing GNS3 we need to get the ASA 5.2 image.  You’ll have to manually unpack the ASA 5.2 image before you can use it.  I won’t go into the details of that here but there are several websites that show you how to do that.

Getting the ASA 5.2 image files

The most reliable way to get the image is to login to the Cisco.com download center with valid SMARTnet entitlements and download the .bin file directly.

Download Cisco ASA BIN

Alternatively, you can setup a TFTP server on your workstation, plug it into the switchport of a real ASA 5520 and type:

copy flash: tftp:

then type in the appropriate filename and enter the IP address of your TFTP server (your workstation IP).  Do the same thing for the ASDM file.  You can easily view the file names by typing dir at the console.  Then you can power down your real physical ASA, unpack the the images and play with them inside your GNS3 sandbox.

Finally, the last option is to download the pre-unpacked ASA images and use them directly in GNS3.  In no way am I condoning software piracy so make sure you have a valid SMARTnet contract with Cisco before you download it.  You can find an unpacked version of ASA 8.4.2 on Mediafire.

Setting up the Quick Emulator (Qemu)

Before we can run the ASA in GNS3 1.3 we need to create the virtual hard drive where the ASA software will live.

On my Mac I went browsed to the Qemu directory:

cd /Applications/GNS3.app/Contents/Resources/qemu/bin

and ran qemu-img to create a 512MB virtual solid state drive.

sudo ./qemu-img create FLASH 512M

Creating the ASA in GNS3

Next, I fired up GNS3 as root:

sudo /Applications/GNS3.app/Contents/MacOS/GNS3

The next thing we need to do is actually create the ASA appliance in GNS3.  I pressed Command + , (comma) to open my GNS3 preferences and chose QEMU VMs from the drop down menu in the left pane.


In the right pane, I clicked New and picked ASA 8.4(2) from the QEMU VM type drop down menu.


Give your ASA a cute little name.  I’m not feeling very creative today so I just named it the drab name: ASA.

ASA Name

Keep the default QEMU binary and memory settings and go on to the Linux boot specific settings.

QEMU binary and memory settings

If you correctly unpacked the .bin files you should have a -initrd.gz file which is your RAM disk and a –vmlinuz file which is your Kernel image file.  Browse to both files and click Finish.

GNS3 ASA8.4.2

Now we just need to do a few little things to make sure everything works.

Back in the GNS3 QEMU VMs preferences pane click Edit to modify the VM you just created.

Your General Settings should show:

  •  Your VM Name
  • RAM which should be 1,024MB
  • Qemu binary should be the x86_64 version.

GNS3 ASA 8.4.2 Working Setup

Under the HDD tab, browse to the 512MB virtual flash drive you created earlier.

ASA 8.4.2 Working Setup 2

Under the Network tab, crank up the interfaces to 8 and make sure the adapter type is set to Intel Gigabit Ethernet (e1000).

By the way, if after creating the wizard you notice your ASA get’s stuck in a long reboot loop, try dropping the adapters from 8 to the default 4.  When I changed mine to 8 I noticed a lot of IRQ adapter conflicts.  So you might have to use 4.

Network tab in GNS3

And finally under the Advanced settings tab make sure Activate CPU throttling is disabled and the the additional settings options says this exactly:

-icount auto -hdachs 980,16,32 -vga -none -vnc none

GNS3 ASA 8.4.2. Working Setup 2

And now my friend. You are done!

Click OK and drag out your shiny new ASA 5520 appliance onto the GNS3 workspace.

ASA 8.4.2 started in GNS3

And check it out now – it’s the funk soul brother…

GNS3 ASA 8.4.2. Running right


Connect with Vonnie on Twitter

Posted in Hardware, Mac OS X 10.10 Yosemite, Mac OS X 10.8 Mountain Lion, Mac OS X 10.9 Mavericks, Windows, Windows 8, Windows 8.1 Tagged with: , ,
  • Alex

    This line “-icount auto -hdachs 980,16,32 -vga -none -vnc none” results in a failed terminal connection. I use “-icount auto -hdachs 980,16,32 -nographic”, which is a default.