How to unpack asa*.bin for using in GNS3?

[ig-loginov]

I unpack asa944-16-smp-k8.bin using bin.py and get two files asa944-16-smp-k8-initrd-original.gz and asa944-16-smp-k8-vmlinuz. When I'm trying to run them in GNS3 I have an error INIT: version 2.88 booting Starting udev [ 9.928700] udevd[505]: starting version 182 [ 10.855231] ACPI: PCI Interrupt Link [LNKB] enabled at IRQ 10 [ 10.947480] e1000_uio(e1000_pci.0.2.0): user interrupt driver successfully loaded. Configuring network interfaces... done. Populating dev cache no cdrom devices [ 13.722192] tipc: Started in network mode [ 13.722721] tipc: Own node address <1.1.1>, network identity 1234 [ 13.725539] tipc: Enabled bearer <eth:tap0>, discovery domain <1.1.0>, priority 10 info: Running in kvm virtual environment. /asa/scripts/vm_lib: line 221: /mnt/disk0/system-serial-number: No such file or directory cp: cannot stat '/mnt/disk0/system-serial-number': No such file or directory [ 15.584344] IHM: Initializing Interface Helper Module [ 15.584403] IHM: registering chr device [ 15.584470] Module registered 251, from (pid 1079) [ 15.760572] 988.760510 [2606] netmap_init run mknod /dev/netmap c 10 60 # error 0 [ 15.761156] netmap: loaded module

Loading...

Starting image verification [ 20.781129] traps: lina_monitor[1141] trap invalid opcode ip:40f4da sp:7fffffffe3f8 error:0 in lina_monitor[400000+26000] /tmp/run_cmd: line 5: 1141 Illegal instruction (core dumped) cgexec -g memory:privileged -g cpuset:restricted/lina /asa/bin/lina_monitor -l INIT: Switching to runlevel: 6 INIT: Sending processes the TERM signal Deconfiguring network interfaces... done. Sending all processes the TERM signal... Sending all processes the KILL signal... Deactivating swap... Unmounting local filesystems... Rebooting... [ 32.317855] Restarting system. [ 32.317855] reboot: machine restart

I'm using these args: Kernel Command Line: no-hlt -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536 Option: -vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32

Please help to run asa in GNS3 using bin file!

[saidelike]

It is theoretically possible to use your method to load an ASA image into GNS3 but the currently documented way is to use the .qcow2 instead of the .bin, at least for the versions where it exists. See https://github.com/nccgroup/asatools/blob/master/tutorial.md

[ig-loginov]

I understand but I want to know how to load .bin.

[saidelike]

Any particular reason? The .bin is inside the .qcow2...

[ig-loginov]

Could explain detailed how I can run asa*.bin in GNS3?

[fidgetingbits]

I believe we've never been able to get a regular .bin to work properly inside GNS3, at least do do what we wanted. Some will boot and we can get gdb running, but then networking won't work, etc. And to be clear by "a regular .bin" I mean one that doesn't come from inside a .qcow2 file. If you're running a .bin that comes from inside a .qcow2, you may as well used the .qcow2.

That said, the approach was to just tick a box that causes GNS3 to let you specify a specific flash disk, kernel binary and initrd image.

The flash disk you can create using qemu-img. On linux this is just like qemu-img create FLASH-XXX 512M.

The initrd and kernel filie you can extract from any firmware .bin you want to run using bin.py -u -f <asaXXX.bin>

Then when you create a new ASA firewall in GNS3 you should be able to tick a box that says 'This is a legacy ASA VM', which will then let you specify the path to the flash disk and extracted files in the firewall settings.

Beyond that we can't give you any better instructions, because things didn't work reliably for debugging and networking at the same time, so we stopped going down that route.

If you do figure out how to get non-ASAv images working reliably, especially if you can get networking and debugging working simultaneously, we'd be really interested to hear about it.