How beneficial is it to practice on an actual ASA?
NetworkNewb
Member Posts: 3,298 ■■■■■■■■■□
So for those that have passed the new CCNA:Security, did you practice on an actual ASA at all? (Either using GNS3 or a physical one)
I'm going through the CBT Nugget videos and was having a pain last night getting the ASA to load into GNS3. Was using just the information on the videos to set it up. I'm extremely new to using GNS3 btw. I finally got it working around midnight last night (sort of at least...). To the point I could get the console. But for some reason it was asking me to setup the ip address, mask, gateway, etc. right upon starting the ASA console though. Like I couldn't go anywhere if I didn't set those. I didn't have anything connected to the ASA so was a little confused by that. Debating on buying one at this point, not sure if its needed though.
I plan on buying the boson exam and sounds like they have some lab simulations on there. Also, I already purchased the "Implementing Cisco Network Security (IINS) v3.0" from Cisco but waiting til I get done with the CBT videos before going into that. Not exactly sure how much ASA simulation they have.
I'm going through the CBT Nugget videos and was having a pain last night getting the ASA to load into GNS3. Was using just the information on the videos to set it up. I'm extremely new to using GNS3 btw. I finally got it working around midnight last night (sort of at least...). To the point I could get the console. But for some reason it was asking me to setup the ip address, mask, gateway, etc. right upon starting the ASA console though. Like I couldn't go anywhere if I didn't set those. I didn't have anything connected to the ASA so was a little confused by that. Debating on buying one at this point, not sure if its needed though.
I plan on buying the boson exam and sounds like they have some lab simulations on there. Also, I already purchased the "Implementing Cisco Network Security (IINS) v3.0" from Cisco but waiting til I get done with the CBT videos before going into that. Not exactly sure how much ASA simulation they have.
Comments
-
AMD4EVER
Member Posts: 64 ■■□□□□□□□□
ASAv is a good alternative to using it in GNS3. I was having no luck with that either nor was the Packet Tracer version of it sufficient. ASAv was pretty easy to setup. I posted a little info on my experience in the threads below if you are interested
http://www.techexams.net/forums/ccna-security/116769-ccna-security-lab.html
http://www.techexams.net/forums/ccna-security/117092-download-asdm-asav.html -
NetworkNewb
Member Posts: 3,298 ■■■■■■■■■□
Thanks! I'll definitely check that out tonight. I'm not confident I have mine setup correctly and don't really plan on dropping $150 on an actual one. So I'm down to trying that!
-
koz24
Member Posts: 766 ■■■■□□□□□□
NetworkNewb wrote: »qemu .
Strange, I'm using qemu too and mine doesn't ask me to set up anything like IP addresses. When it first boots up it drops me to the # prompt and then you have to entercd /mnt/disk0/ mnt/disk0/lina_monitor
]And then it boots up. It might be the image you are using -
NetworkNewb
Member Posts: 3,298 ■■■■■■■■■□
Yea, could be. I'm using the one they used right in the CBT Nuggets video. I definitely could see if I can find another one though. Good idea
It definitely seems very strange though. -
koz24
Member Posts: 766 ■■■■□□□□□□
NetworkNewb wrote: »Yea, could be. I'm using the one they used right in the CBT Nuggets video. I definitely could see if I can find another one though. Good idea
It definitely seems very strange though.
Just want to throw VIRL out there as an option as well. I do most of my ASA and XRV work on VIRL now. It's great if you get sick of dealing with images and VMs and qemu
-
kmusk01
Member Posts: 23 ■□□□□□□□□□
I just finished setting up the ASA per CBTNuggets video and it would drop me to the initial startup prompts like you. If you turn the ASA off and then back on, go to console and don't hit a single key. Once it fully loads up it should give you a Yes No option for initial setup. Type in No and then you will be thrown to the normal prompt. If for some reason you get stuck in the prompts, just fill them out with whatever as you will be changing them anyways to match the video's
Also when in the ASA within GNS3, save the config by doing a wr mem, then save the project in GNS3. If you don't the next time you open GNS3 and load the ASA it will go back to initial config and none of your settings will be there.
If you continue to follow the videos you will see that Keith is able to get a router/pc to ping through the ASA to the outside world. I was never able to get that to work in the beginning, but 3 videos later when you go over MPF you make a change and it will work
I have physical access to an ASA at work, but using GNS3 is just so much easier and convenient for me.
I also have the new Lab Manual and have done the first Lab. Eventually you will need and ASA, so try to get it working in GNS3. I created a base lab from the book so I don't have to recreate the lab each time. Just open the base lab up first in GNS3, then do a save as and name it whatever the next lab # is. Will save you lots of time. Same can be true for the CBTNuggets Video's.
Ken~ -
NetworkNewb
Member Posts: 3,298 ■■■■■■■■■□
Nice! thank you kmusk01! Glad to hear someone was getting the same thing I was and you got around it. It took me awhile to get it to even get to that point with the ASA, I hope thats all it takes. I'm going to be pretty happy if it is!
-
Archon
Member Posts: 183 ■■■□□□□□□□
Due to Cisco's recent ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability a lot of companies have been buying newer model ASA's so there might be a flood of them on eBay soon
-
NetworkNewb
Member Posts: 3,298 ■■■■■■■■■□
Kmusk01's instructions worked!
just had to start it up, let it run through everything, shut down, start it up again, then I was able to tell it "No" on the initial setup.
Had a sick kid and sick wife so didn't get to do anything else with it last night. Think I maybe getting sick too unfortunately... Gonna be a rough weekend I think. Your the man though kmusk01!
