VIRL ASAv with ASDM
I had many requests to demonstrate how to use the ASDM GUI to manage an ASAv running inside of VIRL. Here is the video demonstration of how to do it. Enjoy!
I had many requests to demonstrate how to use the ASDM GUI to manage an ASAv running inside of VIRL. Here is the video demonstration of how to do it. Enjoy!
In this video, we will examine the configuration of the ASAv for basic practice that would be appropriate for training such as CCNA Security.
This video walks you through adding the Cisco ASAv to EVE-NG per the instructions I outlined for you at my blog – here. Have fun!
I am going to need some ASAv action in EVE-NG next week for a project I am working on. Here are the steps I hope work! 😋 I grabbed these from the EVE-NG site and added my own elaboration where I thought necessary.
I will try and shoot a video of these steps next week as well.
Step 1: Acquire the asav941-200.qcow2 or asav952-204.qcow2 files for EVE-NG use
Step 2: Fire up WinSCP or FileZilla and connect to the EVE-NG IP address for FTP purposes
Step 3: Upload the appropriate .qcow2 from Step 1 to the root of the EVE-NG system
Step 4: Create the directory in EVE-NG for the ASAv image storage:
mkdir -p /opt/unetlab/addons/qemu/asav-941-200
Step 5: Move the image to that directory:
mv asav941-200.qcow2 /opt/unetlab/addons/qemu/asav-941-200/virtioa.qcow2
Step 6: Run these commands to enable Telnet access instead of VNC:
apt-get update
apt-get install libguestfs-tools
cd /opt/unetlab/addons/qemu/asav-941-200/
guestfish -a virtioa.qcow2
run
mount /dev/sda2 /
touch /use_ttyS0
umount /
exit
Step 7: Clean and fix permissions:
/opt/unetlab/wrappers/unl_wrapper -a fixpermissions
That does it! The image should now be ready for addition as a Node in the EVE-NG Web client. Happy lobbing!
One of the topics that will be featured in my upcoming CBT Nuggets module, Border Gateway Protocol (BGP) – Advertising NLRI, manual route summarization in BGP. This post serves (as well as more to follow) cover the highlights of the video coverage.
There are two methods of performing aggregation with BGP on a Cisco router. You can create a static route that represents the aggregate and then advertise that route using the network command. Or, you can use the aggregate-address command.
Here is an example of the static route approach:
router bgp 65100 network 192.168.192.0 mask 255.255.248.0 neighbor 192.168.1.220 remote-as 65200 ! ip classless ip route 192.168.192.0 255.255.248.0 Null0
Notice how the static route directs to the bit bucket (Null0). This is because it is not an actual network destination. It is an artificial construct to permit the route in the routing table so we can use the network command in BGP. There will be more specific entries in the routing table covered by this advertised summary and the router can follow those instructions. Should all the more specific entries be removed, then the static route has traffic discarded for the summary (this is the desired behavior, typically).
With the aggregate-address command approach, you ensure component routes of the summary exist in the BGP table (thanks to the network statement or redistribution), and the summary address is advertised via BGP. Here is an example:
router bgp 65100 aggregate-address 192.168.192.0 255.255.248.0 summary-only redistribute eigrp 100 neighbor 192.168.1.220 remote-as 65200
Note that if you forget the summary-only keyword with the aggregate-address command, you will advertise the summary as well as the specific routes. A future post will demonstrate when this approach might be useful.
In this video, I walk you through the activation process for Cisco VIRL.
That’s right – there is finally a new version of VIRL in town. In this video, I demonstrate installing the new version.