The Cisco ASA Version 8.4(2) is now supported in QEMU, thanks to the experts at several sites including hacki.at specially 'dmz' for bringing the ASA 8.4 QEMU emulation to the masses.
Here it goes:
Here it goes:
- Download ASA Version 8.4.2 from Cisco in the base directory (You need to have appropriate credentials), or need to know from where to download.
- Download repack.v4.sh.tar script from 7200emu.hacki.at (link provided at the end) in the src directory, you can google it as well and unpack the file using the following steps:
tar –xvf repack.v4.sh.tar
chmod +rx repack.v4.sh
Goto Base Directory and run the repack script
with ASA bin file:
sudo sh ../src/repack.v4.sh
asa842-k8.bin
· You will be provided with 2 new files, vmlinuz
and initrd from the ASA OS. These will be used to start your ASA:
Create an ASA Flash Disk, use the following
procedure:
cd base
dd if=/dev/zero of=asa-842.img bs=1048576 count=256
cp asa-842.img asa1-842.img
cp asa-842.img asa2-842.img
Use a similar script for creating the ASA
Instances, the first instance is called ASA1:
/usr/local/bin/qemu -hda base/asa1-842.img -m 1024 \
-kernel base/asa842-vmlinuz \
-initrd base/asa842-initrd.gz \
-nographic \
-cpu coreduo \
-icount auto \
-hdachs 980,16,32 \
-append "ide_generic.probe_mask=0x01
ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600
bigphysarea=65536" \
-net
nic,vlan=1,model=pcnet,macaddr=00:aa:00:00:01:01 \
-net udp,vlan=1,sport=30001,dport=20001,daddr=127.0.0.1
\
-net
nic,vlan=2,model=pcnet,macaddr=00:aa:00:00:01:02 \
-net udp,vlan=2,sport=30002,dport=20002,daddr=127.0.0.1
\
-net
nic,vlan=3,model=pcnet,macaddr=00:aa:00:00:01:03 \
-net udp,vlan=3,sport=30003,dport=20003,daddr=127.0.0.1
\
-net
nic,vlan=4,model=pcnet,macaddr=00:aa:00:00:01:04 \
-net
udp,vlan=4,sport=30004,dport=20004,daddr=127.0.0.1
The above script will start the first ASA Instance in the running
window session and will have 4 Network Interfaces which will be attached to
VLAN1, VLAN2,VLAN3 and VLAN4 respectively. The QEMU’s UDP NET IO feature has
been utilized to direct all traffic to different UDP Ports i.e. 30001, 30002,
30003 and 30004 for the respective VLANs.
The 2nd Instance of ASA should have the script
similar to:
/usr/local/bin/qemu -hda base/asa2-842.img -m 1024 \
-kernel base/asa842-vmlinuz \
-initrd base/asa842-initrd.gz \
-nographic \
-cpu coreduo \
-icount auto \
-hdachs 980,16,32 \
-append "ide_generic.probe_mask=0x01
ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600
bigphysarea=65536" \
-net nic,vlan=5,model=pcnet,macaddr=00:aa:00:00:01:01
\
-net udp,vlan=5,sport=30005,dport=20005,daddr=127.0.0.1
\
-net nic,vlan=6,model=pcnet,macaddr=00:aa:00:00:01:02
\
-net udp,vlan=6,sport=30006,dport=20006,daddr=127.0.0.1
\
-net nic,vlan=7,model=pcnet,macaddr=00:aa:00:00:01:03
\
-net udp,vlan=7,sport=30007,dport=20007,daddr=127.0.0.1
\
-net nic,vlan=8,model=pcnet,macaddr=00:aa:00:00:01:04
\
-net udp,vlan=8,sport=30008,dport=20008,daddr=127.0.0.1
This will finish up the ASA Preparation and both instances
of ASA can now be started. I prefer to have the above script into two separate files:
START_ASA1
START_ASA2
The Script allows ASA to boot into the same window, i usually prefer to do SSH to the Linux VM from the HOST and execute the above scripts in separate putty sessions to have two ASA's running.
START_ASA1
START_ASA2
The Script allows ASA to boot into the same window, i usually prefer to do SSH to the Linux VM from the HOST and execute the above scripts in separate putty sessions to have two ASA's running.
Next Step is to TFTP the ASDM File to the ASA Flash, it requires Windows XP VM to be able to communicate with the ASA Management Interface, which
will be done when we setup the Management, in the later sections. Its the easier part.
References:
http://7200emu.hacki.at/viewtopic.php?t=9074
References:
http://7200emu.hacki.at/viewtopic.php?t=9074
Startup Output:
[root@centos ccie]# ./START-ASA1-842
net_dudp_init(30001,127.0.0.1,20001)
net_dudp_init(30002,127.0.0.1,20002)
net_dudp_init(30003,127.0.0.1,20003)
net_dudp_init(30004,127.0.0.1,20004)
Initializing cgroup subsys cpu
Linux version 2.6.29.6 (builders@bld-releng-05a) (gcc version 4.3.4 (crosstool-NG-1.5.0) ) #1 PREEMPT Wed Jun 15 17:19:01 MDT 2011
KERNEL supported cpus:
Intel GenuineIntel
AMD AuthenticAMD
NSC Geode by NSC
Cyrix CyrixInstead
Centaur CentaurHauls
Transmeta GenuineTMx86
Transmeta TransmetaCPU
UMC UMC UMC UMC
BIOS-provided physical RAM map:
BIOS-e820: 0000000000000000 - 000000000009f000 (usable)
BIOS-e820: 000000000009f000 - 00000000000a0000 (reserved)
BIOS-e820: 00000000000e8000 - 0000000000100000 (reserved)
BIOS-e820: 0000000000100000 - 000000003fff0000 (usable)
BIOS-e820: 000000003fff0000 - 0000000040000000 (ACPI data)
BIOS-e820: 00000000fffc0000 - 0000000100000000 (reserved)
last_pfn = 0x3fff0 max_arch_pfn = 0x100000
RAMDISK: 3e980000 - 3ffef34c
Allocated new RAMDISK: 003a1000 - 01a1034c
Move RAMDISK from 000000003e980000 - 000000003ffef34b to 003a1000 - 01a1034b
615MB HIGHMEM available.
407MB LOWMEM available.
mapped low ram: 0 - 197fe000
low ram: 00000000 - 197fe000
bootmap 00001000 - 00004300
(7 early reservations) ==> bootmem [0000000000 - 00197fe000]
#0 [0000000000 - 0000001000] BIOS data page ==> [0000000000 - 0000001000]
#1 [0000100000 - 000039ed10] TEXT DATA BSS ==> [0000100000 - 000039ed10]
#2 [000039f000 - 00003a1000] INIT_PG_TABLE ==> [000039f000 - 00003a1000]
#3 [000009fc00 - 0000100000] BIOS reserved ==> [000009fc00 - 0000100000]
#4 [0000007000 - 0000008000] PGTABLE ==> [0000007000 - 0000008000]
#5 [00003a1000 - 0001a1034c] NEW RAMDISK ==> [00003a1000 - 0001a1034c]
#6 [0000001000 - 0000005000] BOOTMAP ==> [0000001000 - 0000005000]
Zone PFN ranges:
DMA 0x00000000 -> 0x00001000
Normal 0x00001000 -> 0x000197fe
HighMem 0x000197fe -> 0x0003fff0
Movable zone start PFN for each node
early_node_map[2] active PFN ranges
0: 0x00000000 -> 0x0000009f
0: 0x00000100 -> 0x0003fff0
Allocating PCI resources starting at 50000000 (gap: 40000000:bffc0000)
Built 1 zonelists in Zone order, mobility grouping on. Total pages: 259983
Kernel command line: ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536
Enabling fast FPU save and restore... done.
Enabling unmasked SIMD FPU exception support... done.
Initializing CPU#0
PID hash table entries: 2048 (order: 11, 8192 bytes)
Fast TSC calibration using PIT
Detected 1000.035 MHz processor.
Console: colour dummy device 80x25
console [ttyS0] enabled
Dentry cache hash table entries: 65536 (order: 6, 262144 bytes)
Inode-cache hash table entries: 32768 (order: 5, 131072 bytes)
allocated 5242560 bytes of page_cgroup
please try cgroup_disable=memory option if you don't want
Memory: 745612k/1048512k available (1715k kernel code, 301548k reserved, 623k data, 156k init, 630728k highmem)
virtual kernel memory layout:
fixmap : 0xfffed000 - 0xfffff000 ( 72 kB)
pkmap : 0xff800000 - 0xffc00000 (4096 kB)
vmalloc : 0xf7ffe000 - 0xff7fe000 ( 120 MB)
lowmem : 0xde000000 - 0xf77fe000 ( 407 MB)
.init : 0xde34c000 - 0xde373000 ( 156 kB)
.data : 0xde2acca6 - 0xde348938 ( 623 kB)
.text : 0xde100000 - 0xde2acca6 (1715 kB)
Checking if this processor honours the WP bit even in supervisor mode...Ok.
Calibrating delay loop (skipped), value calculated using timer frequency.. 2000.07 BogoMIPS (lpj=1000035)
Security Framework initialized
Mount-cache hash table entries: 512
Initializing cgroup subsys cpuacct
Initializing cgroup subsys memory
CPU: L1 I cache: 32K, L1 D cache: 32K
CPU: L2 cache: 4096K
Intel machine check architecture supported.
Intel machine check reporting enabled on CPU#0.
CPU: Genuine Intel(R) CPU T2600 @ 2.16GHz stepping 08
Checking 'hlt' instruction... OK.
Freeing SMP alternatives: 0k freed
net_namespace: 668 bytes
NET: Registered protocol family 16
PCI: PCI BIOS revision 2.10 entry at 0xfb430, last bus=0
PCI: Using configuration type 1 for base access
bio: create slab at 0
PCI: Probing PCI hardware
pci 0000:00:01.3: quirk: region b000-b03f claimed by PIIX4 ACPI
pci 0000:00:01.3: quirk: region b100-b10f claimed by PIIX4 SMB
pci 0000:00:01.0: PIIX/ICH IRQ router [8086:7000]
pci 0000:00:02.0: BAR 0: can't allocate resource
NET: Registered protocol family 2
IP route cache hash table entries: 16384 (order: 4, 65536 bytes)
TCP established hash table entries: 65536 (order: 7, 524288 bytes)
TCP bind hash table entries: 65536 (order: 6, 262144 bytes)
TCP: Hash tables configured (established 65536 bind 65536)
TCP reno registered
NET: Registered protocol family 1
Unpacking initramfs... done
Freeing initrd memory: 22972k freed
platform rtc_cmos: registered platform RTC device (no PNP device found)
Machine check exception polling timer started.
highmem bounce pool size: 64 pages
HugeTLB registered 4 MB page size, pre-allocated 0 pages
bigphysarea: Allocated 65536 pages at 0xe0400000.
msgmni has been set to 271
io scheduler noop registered
io scheduler anticipatory registered (default)
io scheduler deadline registered
io scheduler cfq registered
pci 0000:00:00.0: Limiting direct PCI/PCI transfers
pci 0000:00:01.0: PIIX3: Enabling Passive Release
pci 0000:00:01.0: Activating ISA DMA hang workarounds
Serial: 8250/16550 driver, 4 ports, IRQ sharing disabled
serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
loop: module loaded
pcnet32.c:v1.35 21.Apr.2008 tsbogend@alpha.franken.de
pcnet32 0000:00:03.0: found PCI INT A -> IRQ 11
pcnet32: PCnet/PCI II 79C970A at 0xc020, 00:aa:00:00:01:01 assigned IRQ 11.
eth0: registered as PCnet/PCI II 79C970A
pcnet32 0000:00:04.0: found PCI INT A -> IRQ 9
pcnet32: PCnet/PCI II 79C970A at 0xc040, 00:aa:00:00:01:02 assigned IRQ 9.
eth1: registered as PCnet/PCI II 79C970A
pcnet32 0000:00:05.0: found PCI INT A -> IRQ 11
pci 0000:00:01.3: IRQ routing conflict: have IRQ 9, want IRQ 11
pcnet32: PCnet/PCI II 79C970A at 0xc060, 00:aa:00:00:01:03 assigned IRQ 11.
eth2: registered as PCnet/PCI II 79C970A
pcnet32 0000:00:06.0: found PCI INT A -> IRQ 9
pcnet32: PCnet/PCI II 79C970A at 0xc080, 00:aa:00:00:01:04 assigned IRQ 9.
eth3: registered as PCnet/PCI II 79C970A
pcnet32: 4 cards_found.
tun: Universal TUN/TAP device driver, 1.6
tun: (C) 1999-2004 Max Krasnyansky
Uniform Multi-Platform E-IDE driver
ide_generic: enforcing probing of I/O ports upon user request
ide: forcing hda as a disk (980/16/32)
hda: QEMU HARDDISK, ATA DISK drive
ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
ide-gd driver 1.18
hda: max request size: 512KiB
hda: 524288 sectors (268 MB) w/256KiB Cache, CHS=980/16/32
hda: cache flushes supported
hda: hda1
TCP cubic registered
NET: Registered protocol family 17
RPC: Registered udp transport module.
RPC: Registered tcp transport module.
802.1Q VLAN Support v1.8 Ben Greear
All bugs added by David S. Miller
TIPC: Activated (version 1.6.4 compiled Jun 15 2011 17:18:15)
NET: Registered protocol family 30
TIPC: Started in single node mode
Using IPI Shortcut mode
Freeing unused kernel memory: 156k freed
Write protecting the kernel text: 1716k
Write protecting the kernel read-only data: 504k
Starting kernel event manager...
Clocksource tsc unstable (delta = 538654672 ns)
Loading hardware drivers...
Intel(R) PRO/1000 Network Driver - version 7.3.21-k3-NAPI
Copyright (c) 1999-2006 Intel Corporation.
e100: Intel(R) PRO/100 Network Driver, 3.5.23-k6-NAPI
e100: Copyright(c) 1999-2006 Intel Corporation
loaded.
Initializing random number generator... done.
Starting network...
eth0: link up
device eth0 entered promiscuous mode
eth1: link up
device eth1 entered promiscuous mode
eth2: link up
device eth2 entered promiscuous mode
eth3: link up
device eth3 entered promiscuous mode
dosfsck 2.11, 12 Mar 2005, FAT32, LFN
Starting check/repair pass.
Starting verification pass.
/dev/hda1: 130 files, 10719/65463 clusters
dosfsck(/dev/hda1) returned 0
FAT: "posix" option is obsolete, not supported now
TIPC: Started in network mode
TIPC: Own node address <1.1.1>, network identity 1234
TIPC: Enabled bearer, discovery domain <1.1.0>, priority 10
msrif: module license 'Cisco Systems, Inc' taints kernel.
msrif module loaded.
Starting Likewise Service Manager
Processor memory 654311424, Reserved memory: 62914560
WARNING: LINA Monitor notification queue not created
No such file or directory
IMAGE ERROR: An error occurred when reading the controller type
Total NICs found: 4
secstore_buf_fill: Error reading secure store - buffer 0xddfffb28, size 0x14
key_nv_init: read returned error 1, len 129
L4TM: Unknown ASA Model
Verify the activation-key, it might take a while...
Running Permanent Activation Key: 0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 100 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 5000 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 5000 perpetual
Total VPN Peers : 0 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
This platform has an ASA 5520 VPN Plus license.
Cisco Adaptive Security Appliance Software Version 8.4(2)
_le_open: fd:4, name:eth0
---Device eth0 (fd: 4) opened succesful!
_le_open: fd:8, name:eth1
---Device eth1 (fd: 8) opened succesful!
_le_open: fd:9, name:eth2
---Device eth2 (fd: 9) opened succesful!
_le_open: fd:10, name:eth3
---Device eth3 (fd: 10) opened succesful!
****************************** Warning *******************************
This product contains cryptographic features and is
subject to United States and local country laws
governing, import, export, transfer, and use.
Delivery of Cisco cryptographic products does not
imply third-party authority to import, export,
distribute, or use encryption. Importers, exporters,
distributors and users are responsible for compliance
with U.S. and local country laws. By using this
product you agree to comply with applicable laws and
regulations. If you are unable to comply with U.S.
and local laws, return the enclosed items immediately.
A summary of U.S. laws governing Cisco cryptographic
products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by
sending email to export@cisco.com.
******************************* Warning *******************************
Copyright (c) 1996-2011 by Cisco Systems, Inc.
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Reading from flash...
!.Crashinfo is NOT enabled on Full Distribution Environment
*** Output from config line 88, "crashinfo save disable"
Cryptochecksum (unchanged): d90ae365 0a888859 a896c519 09b83bb9
COREDUMP UPDATE: open message queue fail: No such file or directory/2
Type help or '?' for a list of available commands.
ASA1>
ASA1>
net_dudp_init(30001,127.0.0.1,20001)
net_dudp_init(30002,127.0.0.1,20002)
net_dudp_init(30003,127.0.0.1,20003)
net_dudp_init(30004,127.0.0.1,20004)
Initializing cgroup subsys cpu
Linux version 2.6.29.6 (builders@bld-releng-05a) (gcc version 4.3.4 (crosstool-NG-1.5.0) ) #1 PREEMPT Wed Jun 15 17:19:01 MDT 2011
KERNEL supported cpus:
Intel GenuineIntel
AMD AuthenticAMD
NSC Geode by NSC
Cyrix CyrixInstead
Centaur CentaurHauls
Transmeta GenuineTMx86
Transmeta TransmetaCPU
UMC UMC UMC UMC
BIOS-provided physical RAM map:
BIOS-e820: 0000000000000000 - 000000000009f000 (usable)
BIOS-e820: 000000000009f000 - 00000000000a0000 (reserved)
BIOS-e820: 00000000000e8000 - 0000000000100000 (reserved)
BIOS-e820: 0000000000100000 - 000000003fff0000 (usable)
BIOS-e820: 000000003fff0000 - 0000000040000000 (ACPI data)
BIOS-e820: 00000000fffc0000 - 0000000100000000 (reserved)
last_pfn = 0x3fff0 max_arch_pfn = 0x100000
RAMDISK: 3e980000 - 3ffef34c
Allocated new RAMDISK: 003a1000 - 01a1034c
Move RAMDISK from 000000003e980000 - 000000003ffef34b to 003a1000 - 01a1034b
615MB HIGHMEM available.
407MB LOWMEM available.
mapped low ram: 0 - 197fe000
low ram: 00000000 - 197fe000
bootmap 00001000 - 00004300
(7 early reservations) ==> bootmem [0000000000 - 00197fe000]
#0 [0000000000 - 0000001000] BIOS data page ==> [0000000000 - 0000001000]
#1 [0000100000 - 000039ed10] TEXT DATA BSS ==> [0000100000 - 000039ed10]
#2 [000039f000 - 00003a1000] INIT_PG_TABLE ==> [000039f000 - 00003a1000]
#3 [000009fc00 - 0000100000] BIOS reserved ==> [000009fc00 - 0000100000]
#4 [0000007000 - 0000008000] PGTABLE ==> [0000007000 - 0000008000]
#5 [00003a1000 - 0001a1034c] NEW RAMDISK ==> [00003a1000 - 0001a1034c]
#6 [0000001000 - 0000005000] BOOTMAP ==> [0000001000 - 0000005000]
Zone PFN ranges:
DMA 0x00000000 -> 0x00001000
Normal 0x00001000 -> 0x000197fe
HighMem 0x000197fe -> 0x0003fff0
Movable zone start PFN for each node
early_node_map[2] active PFN ranges
0: 0x00000000 -> 0x0000009f
0: 0x00000100 -> 0x0003fff0
Allocating PCI resources starting at 50000000 (gap: 40000000:bffc0000)
Built 1 zonelists in Zone order, mobility grouping on. Total pages: 259983
Kernel command line: ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536
Enabling fast FPU save and restore... done.
Enabling unmasked SIMD FPU exception support... done.
Initializing CPU#0
PID hash table entries: 2048 (order: 11, 8192 bytes)
Fast TSC calibration using PIT
Detected 1000.035 MHz processor.
Console: colour dummy device 80x25
console [ttyS0] enabled
Dentry cache hash table entries: 65536 (order: 6, 262144 bytes)
Inode-cache hash table entries: 32768 (order: 5, 131072 bytes)
allocated 5242560 bytes of page_cgroup
please try cgroup_disable=memory option if you don't want
Memory: 745612k/1048512k available (1715k kernel code, 301548k reserved, 623k data, 156k init, 630728k highmem)
virtual kernel memory layout:
fixmap : 0xfffed000 - 0xfffff000 ( 72 kB)
pkmap : 0xff800000 - 0xffc00000 (4096 kB)
vmalloc : 0xf7ffe000 - 0xff7fe000 ( 120 MB)
lowmem : 0xde000000 - 0xf77fe000 ( 407 MB)
.init : 0xde34c000 - 0xde373000 ( 156 kB)
.data : 0xde2acca6 - 0xde348938 ( 623 kB)
.text : 0xde100000 - 0xde2acca6 (1715 kB)
Checking if this processor honours the WP bit even in supervisor mode...Ok.
Calibrating delay loop (skipped), value calculated using timer frequency.. 2000.07 BogoMIPS (lpj=1000035)
Security Framework initialized
Mount-cache hash table entries: 512
Initializing cgroup subsys cpuacct
Initializing cgroup subsys memory
CPU: L1 I cache: 32K, L1 D cache: 32K
CPU: L2 cache: 4096K
Intel machine check architecture supported.
Intel machine check reporting enabled on CPU#0.
CPU: Genuine Intel(R) CPU T2600 @ 2.16GHz stepping 08
Checking 'hlt' instruction... OK.
Freeing SMP alternatives: 0k freed
net_namespace: 668 bytes
NET: Registered protocol family 16
PCI: PCI BIOS revision 2.10 entry at 0xfb430, last bus=0
PCI: Using configuration type 1 for base access
bio: create slab
PCI: Probing PCI hardware
pci 0000:00:01.3: quirk: region b000-b03f claimed by PIIX4 ACPI
pci 0000:00:01.3: quirk: region b100-b10f claimed by PIIX4 SMB
pci 0000:00:01.0: PIIX/ICH IRQ router [8086:7000]
pci 0000:00:02.0: BAR 0: can't allocate resource
NET: Registered protocol family 2
IP route cache hash table entries: 16384 (order: 4, 65536 bytes)
TCP established hash table entries: 65536 (order: 7, 524288 bytes)
TCP bind hash table entries: 65536 (order: 6, 262144 bytes)
TCP: Hash tables configured (established 65536 bind 65536)
TCP reno registered
NET: Registered protocol family 1
Unpacking initramfs... done
Freeing initrd memory: 22972k freed
platform rtc_cmos: registered platform RTC device (no PNP device found)
Machine check exception polling timer started.
highmem bounce pool size: 64 pages
HugeTLB registered 4 MB page size, pre-allocated 0 pages
bigphysarea: Allocated 65536 pages at 0xe0400000.
msgmni has been set to 271
io scheduler noop registered
io scheduler anticipatory registered (default)
io scheduler deadline registered
io scheduler cfq registered
pci 0000:00:00.0: Limiting direct PCI/PCI transfers
pci 0000:00:01.0: PIIX3: Enabling Passive Release
pci 0000:00:01.0: Activating ISA DMA hang workarounds
Serial: 8250/16550 driver, 4 ports, IRQ sharing disabled
serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
loop: module loaded
pcnet32.c:v1.35 21.Apr.2008 tsbogend@alpha.franken.de
pcnet32 0000:00:03.0: found PCI INT A -> IRQ 11
pcnet32: PCnet/PCI II 79C970A at 0xc020, 00:aa:00:00:01:01 assigned IRQ 11.
eth0: registered as PCnet/PCI II 79C970A
pcnet32 0000:00:04.0: found PCI INT A -> IRQ 9
pcnet32: PCnet/PCI II 79C970A at 0xc040, 00:aa:00:00:01:02 assigned IRQ 9.
eth1: registered as PCnet/PCI II 79C970A
pcnet32 0000:00:05.0: found PCI INT A -> IRQ 11
pci 0000:00:01.3: IRQ routing conflict: have IRQ 9, want IRQ 11
pcnet32: PCnet/PCI II 79C970A at 0xc060, 00:aa:00:00:01:03 assigned IRQ 11.
eth2: registered as PCnet/PCI II 79C970A
pcnet32 0000:00:06.0: found PCI INT A -> IRQ 9
pcnet32: PCnet/PCI II 79C970A at 0xc080, 00:aa:00:00:01:04 assigned IRQ 9.
eth3: registered as PCnet/PCI II 79C970A
pcnet32: 4 cards_found.
tun: Universal TUN/TAP device driver, 1.6
tun: (C) 1999-2004 Max Krasnyansky
Uniform Multi-Platform E-IDE driver
ide_generic: enforcing probing of I/O ports upon user request
ide: forcing hda as a disk (980/16/32)
hda: QEMU HARDDISK, ATA DISK drive
ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
ide-gd driver 1.18
hda: max request size: 512KiB
hda: 524288 sectors (268 MB) w/256KiB Cache, CHS=980/16/32
hda: cache flushes supported
hda: hda1
TCP cubic registered
NET: Registered protocol family 17
RPC: Registered udp transport module.
RPC: Registered tcp transport module.
802.1Q VLAN Support v1.8 Ben Greear
All bugs added by David S. Miller
TIPC: Activated (version 1.6.4 compiled Jun 15 2011 17:18:15)
NET: Registered protocol family 30
TIPC: Started in single node mode
Using IPI Shortcut mode
Freeing unused kernel memory: 156k freed
Write protecting the kernel text: 1716k
Write protecting the kernel read-only data: 504k
Starting kernel event manager...
Clocksource tsc unstable (delta = 538654672 ns)
Loading hardware drivers...
Intel(R) PRO/1000 Network Driver - version 7.3.21-k3-NAPI
Copyright (c) 1999-2006 Intel Corporation.
e100: Intel(R) PRO/100 Network Driver, 3.5.23-k6-NAPI
e100: Copyright(c) 1999-2006 Intel Corporation
loaded.
Initializing random number generator... done.
Starting network...
eth0: link up
device eth0 entered promiscuous mode
eth1: link up
device eth1 entered promiscuous mode
eth2: link up
device eth2 entered promiscuous mode
eth3: link up
device eth3 entered promiscuous mode
dosfsck 2.11, 12 Mar 2005, FAT32, LFN
Starting check/repair pass.
Starting verification pass.
/dev/hda1: 130 files, 10719/65463 clusters
dosfsck(/dev/hda1) returned 0
FAT: "posix" option is obsolete, not supported now
TIPC: Started in network mode
TIPC: Own node address <1.1.1>, network identity 1234
TIPC: Enabled bearer
msrif: module license 'Cisco Systems, Inc' taints kernel.
msrif module loaded.
Starting Likewise Service Manager
Processor memory 654311424, Reserved memory: 62914560
WARNING: LINA Monitor notification queue not created
No such file or directory
IMAGE ERROR: An error occurred when reading the controller type
Total NICs found: 4
secstore_buf_fill: Error reading secure store - buffer 0xddfffb28, size 0x14
key_nv_init: read returned error 1, len 129
L4TM: Unknown ASA Model
Verify the activation-key, it might take a while...
Running Permanent Activation Key: 0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 100 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 5000 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 5000 perpetual
Total VPN Peers : 0 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
This platform has an ASA 5520 VPN Plus license.
Cisco Adaptive Security Appliance Software Version 8.4(2)
_le_open: fd:4, name:eth0
---Device eth0 (fd: 4) opened succesful!
_le_open: fd:8, name:eth1
---Device eth1 (fd: 8) opened succesful!
_le_open: fd:9, name:eth2
---Device eth2 (fd: 9) opened succesful!
_le_open: fd:10, name:eth3
---Device eth3 (fd: 10) opened succesful!
****************************** Warning *******************************
This product contains cryptographic features and is
subject to United States and local country laws
governing, import, export, transfer, and use.
Delivery of Cisco cryptographic products does not
imply third-party authority to import, export,
distribute, or use encryption. Importers, exporters,
distributors and users are responsible for compliance
with U.S. and local country laws. By using this
product you agree to comply with applicable laws and
regulations. If you are unable to comply with U.S.
and local laws, return the enclosed items immediately.
A summary of U.S. laws governing Cisco cryptographic
products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by
sending email to export@cisco.com.
******************************* Warning *******************************
Copyright (c) 1996-2011 by Cisco Systems, Inc.
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Reading from flash...
!.Crashinfo is NOT enabled on Full Distribution Environment
*** Output from config line 88, "crashinfo save disable"
Cryptochecksum (unchanged): d90ae365 0a888859 a896c519 09b83bb9
COREDUMP UPDATE: open message queue fail: No such file or directory/2
Type help or '?' for a list of available commands.
ASA1>
ASA1>
No comments:
Post a Comment