In this article I'm going to detail how to setup and run a Cisco PIX firewall in GNS3 on OS X. As of writing Pemu which is the software used to emulate the PIX currently doesn't support OS X. So in order to get our PIX running we'll need to build either a local or remote virtual machine with a supported OS for running Pemu. For the purposes of this article we'll use VirtualBox with an Ubuntu 9.04 guest OS. We will be using the asa723-k8.bin IOS image for this tutorial.

We'll start by first ensuring we have everything ready to go on OS X before we move to building our virtual machine. The software requirements and there download locations are listed here:

OS X Software:

• GNS3 OS X Package - http://www.gns3.net/download
• VirtualBox OS X Binary - http://www.virtualbox.org/wiki/Downloads
• Cisco Image Unpacker Source Code - http://www.gns3.net/download

Ubuntu Software:

• Ubuntu ISO - http://www.ubuntu.com/getubuntu/download
• GNS3 Source Package - http://www.gns3.net/download
• Pemu Linux Binary Package - http://www.gns3.net/download

First install the GNS OS X package, followed by the VirtualBox OS Binary package.

Next you need to extract the ASA IOS file using the Cisco Image Unpacker. Download the Cisco Image Unpacker Source Code and extract it to a convienient location. Then copy your ASA IOS into the extracted Cisco Image Unpacker directory. Once there open a terminal windows from the Applications->Utilities folder and run the following command from inside the Cisco Image Unpacker directory:

python unpack.py --format ASA7 asa723-k8.bin

This will create a file called asa723-k8.bin.unpacked in the same directory. This is the file that we'll be using with pemu.

At this point will now build our Ubuntu virtual Machine. I used the desktop edition of Ubuntu so I would have gnome but you could use the server addition to cut the resource requirements down even more. Once you've installed Ubuntu, make sure you also install the VirtualBox Guest Additions:

1. Open VirtualBox from your Applications directory.
2. Click New, and click next.
3. Enter a name and select the Linux Operating System, and Ubuntu Version. Click Next.
4. Drag the slider to select the amount of RAM you would like the VM to use, I used 800MB. Click Next.
5. On the Virtual Hard Disk screen accept the defaults and click Next.
6. Click Next, leave Dynamically Expanding Storage selected and click Next.
7. Select the location to store the Virtual Disk and use the slider to set the size you would like. Click Next.
8. Click Finish and click Finish again.
9. Once the Virtual Machine is created click it and click Settings.
10. Click Storage, click CD/DVD-ROM. Select Mount CD/DVD Drive.
11. Select ISO Image File, click the folder icon, click Add, Locate your Ubuntu ISO and click Open.
12. Click Select.
13. Click Network, change Attached to Host-only Adapter and click OK.
14. Start Start, and run through the Ubuntu Install.

Once you have Ubuntu running, grab the GNS3 source package and extract that to anywhere you like, and copy the pemu folder from inside the package to /home/username/

Next extract the pemu Linux Binary package contents to: /home/username/pemu/

Once you've completed your ubuntu installation, copy the asa723-k8.bin.unpacked file to the ubuntu Virtual machine. I chose to use SCP to do this, which requires the openssh server be installed. Copy this into the /home/username/pemu folder.

Open GNS3 on OS X, go to GNS3 > Preferences. Go to Pemu, enter the IP address of you ubuntu VM in the Host for an external pemuwrapper: box, Set the Working Directory: to /tmp. Under the Defaults PIX settings section, enter the path /home/username/pemu/asa723-k8.bin.unpacked. The rest you can leave as is.

Jump back into your Ubuntu vm and start pemu by running the following command from a terminal window.

python /home/username/pemu/pemuwrapper.py

Jump back to GNS3 on OS X and drag a PIX firewall over onto the project screen and press play. Your PIX should successfuly start. The first thing you'll want to do after its loaded is add the activation key to enable the featues you want. To do this enter the following commands:

enable
wr
activation-key 0x00000000 0x00000000 0x00000000 0x00000000
wr