Cisco Adaptive Security Virtual Appliance (ASAv) is a powerful firewall solution for network security. EVE-NG provides a great environment to emulate Cisco ASAv for learning, certification preparation, or testing. This guide outlines the steps to add Cisco ASAv to EVE-NG and obtain a trial license.
By following these steps, you can successfully add Cisco ASAv to your EVE-NG environment. With ASAv, you can simulate advanced security scenarios, enhance your skills, and prepare for certifications like CCIE Security.
Table of Contents
- Download Cisco ASAv Image
- Upload the ASAv Image to EVE-NG
- Enable Telnet Acess instead of VNC
- Fix Permission
- Ass ASAv Node in EVE-NG
- Obtain a Cisco ASAv Trial License
- Troubleshooting
Step 1: Download Cisco ASAv Image
- From Cisco Website:
- Visit Cisco Software Central and download the desired version of the ASAv
.qcow2image (e.g.,asav952-204.qcow2).
- Visit Cisco Software Central and download the desired version of the ASAv
- From Alternate Source:
- For educational purposes, you may find direct links to ASAv images on trusted community platforms.
Step 2: Upload the ASAv Image to EVE-NG
1. Transfer the Image:
Use FileZilla or WinSCP to upload the ASAv .qcow2 image to your EVE-NG server.
2. Create the Directory:
SSH into the EVE-NG server and create a directory for the ASAv image:
mkdir -p /opt/unetlab/addons/qemu/asav-941-200
3. Move and Rename the Image:
Navigate to the temporary upload location (e.g., /root/tmp) and move the image:
mv asav952-204.qcow2 /opt/unetlab/addons/qemu/asav-941-200/virtioa.qcow2
Step 3: Enable Telnet Access Instead of VNC
1. Install Required Tools:
Update your EVE-NG server and install the necessary tools:
apt-get update apt-get install libguestfs-tools
2. Modify the ASAv Image: Navigate to the image directory:
cd /opt/unetlab/addons/qemu/asav-941-200/
3. Use guestfish to modify the image:
guestfish -a virtioa.qcow2 run
4. Enable Telnet Access:
Once the ASAv image loads, execute the following commands in the guestfish shell:
mount /dev/sda2 / touch /use_ttyS0 umount / exit
Step 4: Fix Permissions
Clean and Fix Permissions: Run the following command to set the correct permissions for the ASAv directory:
/opt/unetlab/wrappers/unl_wrapper -a fixpermissions
Step 5: Add ASAv Node in EVE-NG
- Access the EVE-NG Web Interface:
- Open a browser and log in to the EVE-NG web UI.
- Create or Open a Lab:
- Create a new lab or open an existing one.
- Add the ASAv Node:
- In the node configuration menu, select Cisco ASAv from the node list and add it to the lab topology.
- Start the Node:
- Power on the ASAv node and connect to its console to verify the configuration.
Step 6: Obtain a Cisco ASAv Trial License
Cisco provides a 30-day free trial license for ASAv. You can obtain it using one of the following methods:
- Contact Cisco:
- Reach out to Cisco Support and request a trial license.
- Cisco Smart License Portal:
- If you have access to Cisco’s Smart License Portal, log in and request a trial license.
Troubleshooting
- ASAv Not Booting:
- Ensure the image is correctly named as
virtioa.qcow2. - Verify the directory structure and permissions.
- Ensure the image is correctly named as
- Telnet Not Working:
- Recheck the steps to enable Telnet and verify the
guestfishmodifications.
- Recheck the steps to enable Telnet and verify the
- ASAv Node Missing in EVE-NG:
- Ensure the directory is correctly named, and permissions are fixed.