Skip navigation
Login   |   Register
Cisco Learning Home > Certifications > Security (CCNA Security) > Discussions


This Question is Not Answered 1 Correct Answer available (4 pts) 2 Helpful Answers available (2 pts)
2518 Views 0 Replies Latest reply: Aug 21, 2011 6:19 PM by Luciano RSS

Currently Being Moderated

Trying to Simmulate PIX Firewall with GNS3

Aug 21, 2011 6:19 PM

Luciano 41 posts since
Dec 17, 2010

Hi Everybody,


      I'm trying to start in the PIX/ASA Firewalling world. In order to do that, I'm trying to setup a small sample lab, following this tutorial: (btw: GREAT TUTORIAL..!).


      So, I first configured GNS3, setting up a LAN (pixfirewall ip's:, vbox hostonly adapter's ip's: I'm being able to ping in both ways.




      After loading the asdm image, enabling http server, telling which the asdm image is, and configuring username and password,  I'm not being able to connect to the web interface (I'm getting this error with chrome (with other browsers I get, basically, the same error):

SSL connection error

Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.)

Just in case, the Chrome configuration is set to use ssl 3.0 and tls 1.0



Besides, when trying to acces throug ASDM Launcher, I get the following error: Unable to launch ASDM from Remote host closed connection during Handshake



I ran Wireshark to capture the Three Way Handshake. I attach you both captures for the ASDM and Web Interaction.

     I hope anyone can help me. Honestly I'm going crazy trying to figure where the mistake is.




running-configuration of the Pix Firewall:


pixfirewall# sh runn

: Saved


PIX Version 7.2(4)


hostname pixfirewall

enable password 8Ry2YjIyt7RRXU24 encrypted

passwd 2KFQnbNIdI.2KYOU encrypted



interface Ethernet0


no nameif

no security-level

no ip address


interface Ethernet1

speed 100

duplex full

nameif inside

security-level 100

ip address


interface Ethernet2


no nameif

no security-level

no ip address


interface Ethernet3


no nameif

no security-level

no ip address


interface Ethernet4


no nameif

no security-level

no ip address


ftp mode passive

pager lines 24

mtu inside 1500

icmp unreachable rate-limit 1 burst-size 1

asdm image flash:/asdm-524.bin

no asdm history enable

arp timeout 14400

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

http server enable

http inside

http inside

http inside

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet timeout 5

ssh timeout 5

console timeout 0

username lvaschetti password s7VIXfcZb8QdyRjZ encrypted privilege 15



prompt hostname context


: end



More Like This

  • Retrieving data ...

Bookmarked By (0)