This article How to Connect GNS3 to a Physical Network is a no nonsense step by step guide to setting up a full hands on GNS3 lab for the serious network engineer or student. This How to Connect GNS3 to a Physical Network lab is what it says on the tin. Routing, Switching, Firewall Security, Infrastructure, Virtualisation and Internet all made possible by this advanced lab created by some of the smartest network engineers of today.

How to Connect GNS3 to a Physical Network | Connecting Switch Uplink Interfaces (Introduction)

Trust me, we understand your frustration. You really want a handson lab but GNS3 has some gotcha’s, and it’s no longer economically efficient to have a lot of kit so what do you do? Thank God, we have the answer in the steps below. It will cost you next to nothing but guaranteed to give you the full blown hands-on experience without any compromises.

You will be able to create a myriad of labs, change network topologies without much effort and extra configuration. This lab is suitable for a business, university or individuals. It’s vendor agnostic and so can support your Next-Generation ASA Firewall, Sonic Wall, Juniper, Palo Alto, HP Aruba Switch, Cisco Catalyst Switches, Windows Servers and to make it even more interesting, if it has an interface, you can lab it.

The advantage here is that you can practice full switching and routing protocols like HSRP | GLBP | VRRP, STP, OSPF, EIGRP to name but a few.

Let us put together our kit list (Some of these you may already have at your disposal)

Hardware Kit

• 1 x Desktop Computer or Workstation with Expansion Slots (If you own a laptop, you will need USB C to Ethernet Adapters) – Not truly reliable hence the workstation preference.
• 2 x 4 Port PCI-E 1Gbps Network Interface Card | 2 Access Buildings
• 2 x Access Switches | Cisco Catalyst Switches or HPE Aruba Switches | Vendor Agnostic

Software and Operating System

• Microsoft Windows
• Linux Ubuntu
• GNS3 Application

Figure 1.0 – Connect Network Device to Ethernet Adapter

Figure 1.1 – 4 Port Ethernet Adapter

Figure 1.2 – Connect Switch Uplink Interfaces

Interface 47 and 48 are our respective uplinks to Core Routers R1 and R2 respectively. To make the interface layer 3 or routed, the following configuration converts them to routed interfaces.

Example of Configuration

switch(config)# interface Fa0/47 
switch(config-if)# no switchport 
switch(config-if)# 

switch(config)# interface Fa0/48
switch(config-if)# no switchport 
switch(config-if)# 

Figure 1.3 – Uplinks of Switches 1 and 2

Access Switch 1

switch(config)# interface 47 
switch(config-if)# untagged vlan 1008
switch(config-if)# ip address 172.16.254.10

switch(config)# interface 48
switch(config-if)# untagged vlan 1012
switch(config-if)# ip address 172.16.254.14

Access Switch 2

switch(config)# interface 47 
switch(config-if)# untagged vlan 1016
switch(config-if)# ip address 172.16.254.18

switch(config)# interface 48
switch(config-if)# untagged vlan 1020
switch(config-if)# ip address 172.16.254.22

Figure 1.4 – Switches Uplinks at back of Desktop connected to Physical Interfaces

Step 1 – Connect Ethernet Interfaces to Desktop Network Adapters

How to Connect GNS3 to a Physical Network | Configuring Physical Network Interfaces (Part 1)

Identify Interfaces on your computer

Command: nmcli dev status

# nmcli dev status
DEVICE  TYPE      STATE         CONNECTION
eth1    ethernet  connected     eth1
eth0    ethernet  connected     eth0
eth2    ethernet  disconnected  --
lo      loopback  unmanaged     --

Command: ifconfig

eno1: flags=4099  mtu 1500
        ether 40:a8:f0:49:7b:0a  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 20  memory 0xf7c00000-f7c20000  

lo: flags=73  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 24697  bytes 24138502 (24.1 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 24697  bytes 24138502 (24.1 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Step 2 – Configure IP Addresses for Uplink Interfaces

How to Connect GNS3 to a Physical Network | Configuring IP Addresses for Network Interfaces (Part 2)

Step 3 – Connect Uplinks to Core Routers

How to Connect GNS3 to a Physical Network | Connecting Switch Uplinks to Core Routers (Part 3)

Step 4 – Test Connectivity with Pings

How to Connect GNS3 to a Physical Network | Test Connectivity with ICMP Pings (Part 4)

Download the full lab here: Connecting GNS3 to Physical Network – Multilayer Network Access Design

Related Post:How to Connect GNS3 to Internet

IoT a matter of fact has become a common place in all spheres of human interaction. They are in our refrigerators, cars, gardens, submarines, space probes and robots, they are just everywhere and for a good reason mainly. Before we get super excited and you must be, let us start with the recommended requisites.

Clone Repository for Needed Code | This has been provided by Microsoft

git clone --recursive https://github.com/azure-rtos/getting-started.git

Prepare Your Build Environment

To install the tools:

From File Explorer, navigate to the following path in the repo and run the setup script named get-toolchain.bat:

getting-started\tools\get-toolchain.bat

After the installation, open a new console window to recognize the configuration changes made by the setup script. Use this console to complete the remaining programming tasks in the quickstart. You can use Windows CMD, PowerShell, or Git Bash for Windows.

Run the following code to confirm that CMake version 3.14 or later is installed.

cmake --version

Now that your build environment seem to be correctly setup, go through the next steps to get your local environment setup.

Install Azure IoT Explorer on Your Computer
This part requires a utility called the Azure IoT Explorer which must be installed on your computer. In this demonstration, I have installed the Windows version of the program on my operating system.

Create Azure IoT Hub
This part requires the creation of Azure IoT Hub which could be done using the CLI or Web UI. I will do this using the Web UI but provide the commands for the same in CLI. Follow along;

Successfully Created Azure IoT Hub

Add Device to Azure IoT Hub

Get Connection String

$ az iot hub connection-string  show --hub-name mxchip-device-iot-hub.azure-devices.net

Copy the connection string without the surrounding quotation characters.

{
  "connectionString": "HostName=mxchip-device-iot-hub.azure-devices.net;SharedAccessKeyName=iothubowner;SharedAccessKey=UPEgplrCL+zQyabcdefgHiJkWqEXc2vOqulTAQ1k="
}
[ ~ ]$ 

Add Hubs on IoT Explorer using the connection string

Before continuing to the next section, confirm that you’ve copied the following values:

hostName
deviceId
primaryKey

I made a note of the following elements;

HostName: mxchip-device-iot-hub.azure-devices.net
Device ID : mxchipaz366
Primary Key : KUTkSnC6Sn0vVieeabcdefghijkllU9ko0XCOwKy4= 

Configure Connection on Local Repo
Open the following file in a text editor:

getting-started\MXChip\AZ3166\app\azure_config.h

Comment out the following line near the top of the file as shown:

// #define ENABLE_DPS

Set the Wi-Fi constants to the following values from your local environment.

WIFI_SSID	{Your Wi-Fi SSID}
WIFI_PASSWORD	{Your Wi-Fi password}
WIFI_MODE	{One of the enumerated Wi-Fi mode values in the file}

Set the Azure IoT device information constants to the values that you saved after you created Azure resources.

IOT_HUB_HOSTNAME	{Your Iot hub hostName value}
IOT_DPS_REGISTRATION_ID	{Your Device ID value}
IOT_DEVICE_SAS_KEY	{Your Primary key value}

Build the image
In your console or in File Explorer, run the script rebuild.bat at the following path to build the image:

getting-started\MXChip\AZ3166\tools\rebuild.bat

After the build completes, confirm that the binary file was created in the following path:

getting-started\MXChip\AZ3166\build\app\mxchip_azure_iot.bin

Follow the steps here.

Launch Termite and check connectivity
My device is on COM5. You can check for that in Command Prompt by typing mode.

Successful Connection to Azure IoT Hub

Check Telemetry on Azure IoT Explorer

Check Telemetry on Termite

Simulate Device Telemetry

Simply copy paste the following command to Azure Cloud Shell. It will start simulating device as it’s sending messages to IoT Hub. You can click ‘Start’ button from the Telemetry page to start monitoring the events.

az iot device simulate --device-id mxchipdevkitaz3166 --login "HostName=**cloudmxchipiot-01.azure-devices.net;SharedAccessKeyName=iothubowner;SharedAccessKey=slKRd09jokVHPXNjDabcdeEfgHizDhmq8="

View Telemetry Received from IoT Device

az iot hub monitor-events --output table --device-id mxchipaz366 --hub-name mxchip-device-iot-hub

Starting event monitor, filtering on device: mxchipaz366, use ctrl-c to stop...
event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    magnetometerX: -445.5
    magnetometerY: 531
    magnetometerZ: 496.5

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    accelerometerX: -377.04
    accelerometerY: -917.31
    accelerometerZ: -130.66

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    gyroscopeX: -770
    gyroscopeY: -420
    gyroscopeZ: 770

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    humidity: 60.61
    pressure: 1014.05
    temperature: 19.88

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    magnetometerX: -408
    magnetometerY: 504
    magnetometerZ: 495

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    accelerometerX: -380.33
    accelerometerY: -915.85
    accelerometerZ: -129.93

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    gyroscopeX: -1190
    gyroscopeY: 630
    gyroscopeZ: 2800

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    humidity: 60.2
    pressure: 1014.04
    temperature: 20.2

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    magnetometerX: -417
    magnetometerY: 531
    magnetometerZ: 486

Communicate with your IoT Device
Run the az iot hub invoke-device-method command, and specify the method name and payload. For this method, setting method-payload to true turns on the LED, and setting it to false turns it off.

az iot hub invoke-device-method --device-id mxchipaz366 --method-name setLedState --method-payload true --hub-name mxchip-device-iot-hub

az iot hub invoke-device-method --device-id mxchipaz366 --method-name setLedState --method-payload true --hub-name mxchip-device-iot-hub
{
  "payload": {},
  "status": 200
}

There are advanced aspects to provisioning IoT devices and the following guide helps you do just that.
Create a new IoT Hub Device Provisioning Service
https://learn.microsoft.com/en-gb/azure/iot-dps/quick-setup-auto-provision#create-a-new-iot-hub-device-provisioning-service

When you encounter this error;

"ERROR: azure_iot_nx_client_dps_entry"

then it is likely you did not comment out #define ENABLE_DPS.

GNS3 labs must be rich and cover contexts of networking which gives great hands-on experience for the student and professional alike. Imagine being able to configure site-to-site vpns between your ASAv and a Cloud Instance, and being able to perform a myriad of tasks in order to understand how the real world expectation might be between the chosen technologies?

The beauty of scalability that comes with virtualised appliances in network design architectures to prove a concept or test and troubleshoot scenarios?

With the Cisco® Adaptive Security Virtual Appliance (ASAv), you have the flexibility to choose the performance you need for your business. ASAv is the virtualized option of our popular ASA solution and offers security in traditional physical data centers and private and public clouds. Its scalable VPN capability provides access for employees, partners, and suppliers—and protects your workloads against increasingly complex threats with world-class security controls.

Create the initial master template for your ASAv

Download the ASAv qcow2 file with the OS version of your choice from Cisco.com.
Open GNS3 and click on File > + New Template >

Select Firewalls from the GNS3 Appliances List

Install the Appliance on GNS3 VM as Recommended

Choose “Default” for the VM type and hit next. Name the VM (ASAV 9.8.1 for example) and hit next. Select the x86_64 Qemu binary and set the RAM to 2048mb. Hit next.

Select ASAv Version and Install and Click Next

GNS3 would locally locate the downloaded *qcow2 appliance and populate the list for you to make a choice. Select your ASAv version and click Next.

Click Next and Continue

It is a good idea to trial your idea with a single ASAv and once this has worked out well, apply it to the master template as the gold image for future replica ASAv firewalls.

Create a new GNS3 Project

Drag ASAv into Workspace

Right click on ASAv and change the symbol (this is an optional step)

Select Symbol for your ASAv,change the category to Security Devices, and set the console type to vnc. We will change this to telnet later in the guide as we apply this to our master ASAv appliance.

Select vnc from the drop down to set console type to vnc

Uncheck Use as linked base VM(This is recommended initially until you’ve got it all working as should)

(It is recommended to perform all the necessary configurations before enabling this option which will make newer instances inherit the global settings. We shall do it as the final step once we get each bit done.)

Configure Cisco ASAv on GNS3 for Hands-on Labs

Start the ASAv and Click open with Console

Configure Terminal

Set Telness Access: Follow steps below

copy coredump.cfg from the coredumpinfo directory to disk0:/

ciscoasav#conf t
ciscoasav#cd disk0:/coredumpinfo/
ciscoasav#copy coredump.cfg disk0:/use_ttyS0

Verify you work (always check if what you did worked)

ciscoasav# dir disk0:/

Directory of disk0:/

10     drwx  4096         07:29:52 Dec 18 2020  smart-log
8      drwx  4096         07:28:58 Dec 18 2020  log
11     drwx  4096         07:29:56 Dec 18 2020  coredumpinfo
7      -rwx  59           07:36:44 Dec 18 2020  use_ttyS0

1 file(s) total size: 59 bytes
8571076608 bytes total (8549355520 bytes free/99% free)

ciscoasav# 

Once the above steps are completed, go ahead and configure the master template. Now that we are happy that the telnet access works,

Set Console Type to Telnet

Now that you have set the use_ttyS0 on the ASAv, go ahead and power the ASAv off.

You must power the ASAv off to do this. You can change it with the device powered on, but you would encounter the error “No connection could be made because the target machine actively refused it”.

Click the Advanced settings tab. Uncheck the “Use as a linked base VM” box. We will check this later in the guide. Click OK then Apply > OK to save the device. This device will be configured as the “master template” for the ASAv.

Configure the ASAv for telnet access

Close the preferences page, click Apply > OK to save the template.

Now that we have Cisco ASAv working exceptionally well in GNS3, let us now go into configuring a sample Cisco ASA 5506-X Deployment Topology.

Figure 1.0 Sample Cisco ASA 5506-X Deployment Topology

In this lab we shall Configure ASAv for the Internet using the following configuration sample.

Figure 1.1: ASA 5506-X Factory Default Configuration

!
interface GigabitEthernet1/0
 nameif inside
 security-level 100
 ip address 192.168.1.254 255.255.255.0 
!

interface GigabitEthernet1/1
 nameif outside
 security-level 0
 ip address dhcp setroute 
!

!
dns domain-lookup outside
dns server-group DefaultDNS
 name-server 8.8.8.8 
 name-server 8.8.4.4 
object network obj_any
 subnet 0.0.0.0 0.0.0.0
!


!
object network obj_any
 nat (inside,outside) dynamic interface
route outside 0.0.0.0 0.0.0.0 8.8.8.8 1
!


!
dhcpd address 192.168.1.100-192.168.1.200 inside
dhcpd dns 8.8.8.8 8.8.4.4 interface inside
dhcpd enable inside
!


!
class-map inspection_default
 match default-inspection-traffic
!

!
policy-map global_policy
 class inspection_default
  inspect icmp 
!

Thanks for stopping by to read this article on how to Configure Cisco ASAv on GNS3 for Hands-on Labs. Below is a related article: How to Configure Cisco ASA 5506-X for Internet

Have you been faced with a task laced with many prefixes you find intimidating? Well, you are in the right place at the right time to improve your understanding of subnetting once and for all.

You can read more on the subject broadly from Cisco’s website here.

Step by step guide to IP Subnetting Video

Below is a simple 6 step by step method I use to perform subnetting calculations.

Let us look at this question below;

1: You have been given an IP Address 10.20.4.13/29 and been asked to find out the following pieces;

1. Subnet Address
2. First Valid Host Address
3. Last Valid Host Address
4. Broadcast Address
5. Subnet Mask

How to Calculate Subnet Mask from IP Address Step by Step

Step 1: Find Subnet Number
Subtract Prefix Number from /32
32-29=3

Calculate Subnet Mask
8 Bits – 3 Bits = 5 Bits(Network Bits Turned On)

You might be asking why 8 Bits, 8 Bits are required for each octet.

Step 2: Find Subnet Size
Raise 2 to the power of deduction (8-3 =5 Bits). Let’s call the bits n!
2**n = Subnet Size
2**5 = Subnet Sizes for each subnet.
2*2*2 = 8

Note: 8 is the block size for the subnet so for example, the increments will now be 0 8 16 32 40 and so on!

Step 3: Find Broadcast Address
Subnet Size – 1
(2**n) – 1 = Broadcast Address
(2**3) – 1 = (8-1) = 7

Step 4: Locate IP Address Subnet
Identify Subnet Block for IP Address:
Where in each increment is the address 10.20.4.13/29 located 0 8 16 32 40?

13 falls between 8 and 16 and therefore the address is in the valid host range of the subnet 10.20.4.8/29

Step 5: Calculate Valid Hosts | How to calculate number of hosts in the subnet
2**n – 2 = Valid Host Range
2**3 – 2 = (8-2) = 6

Answer for question now is as follows;

Subnet Address: 10.20.4.8/29
Min Host Address: 10.20.4.9/29
Max Host Address: 10.20.4.14/29
Broadcast Address: 10.20.4.15/29

There you have it. A simple 6 step by step guide to subnetting effectively.

Related Posts:

How to connect GNS3 to a Physical Network Step by Step