This article provides step-by-step guide for setting Cisco ASAv Virtual Appliance on VMware - Workstation, Player or Fusion. Thanks go to the original author of the idea of copying deployed ASAv files from vSphere datastore to a local host.
Prerequisites:
a) VMware vSphere 5.x with the following components
• ESXi Server
• vCenter Server
• vSphere Web Client or vSphere Client for Windows or Linux
b) VMware Workstation or VMware Player or VMware Fusion
c) Cisco ASAv Virtual Appliance - asav922.ova
1. Deploy ASAv with vSphere Client
a) File-> Deploy OVF Template-> select path to ovf template
b) Select configuration (1. vCPU standalone) and Thin Provision.
c) Configure Network Cards.
d) Power on ASAv virtual machine.
When OVF XMML parsing is finished, ASAv reboots. After boot, installation is finished and you can power off a virtual machine.
2. Copy ASAv files from Datastore to Local Host
Click on Inventory and select the option Datastores and Datastore Clusters. Browse Data store and navigate to ASAv directory.
Picture 1 - ASAv Files in Datastore
Download all the files from directory to a local host with installed VMware Workstation.
3. Convert Virtual Disks
The following files were copied to a local host directory.
Picture 2 - Size of Virtual Disks Before Conversion
When we check the content of the file ASAv922.vmdk, we can see that virtual disk type is vmfs.
Picture 3 - Virtual Disk Type - vmfs
Although vmfs format can be directly used by VMware Workstation we will convert it to monolithicSparse type in order to reduce its size. To do this we will use offline disk manipulation utility - vmware-vdiskmanager that is included in VMware Workstation.
Use the commands bellow to convert virtual disks to single growable virtual disks.
$ vmware-vdiskmanager -r ASAv922.vmdk -t 0 ../ASAv922.vmdk
$ vmware-vdiskmanager -r ASAv922_1.vmdk -t 0 ../ASAv922_1.vmdk
Replace old virtual disk with the new ones and delete flat vmdk files that are not needed anymore.
$ mv ../ASAv922* .
$ rm *flat*
4. Import Configuration File
Start VMware Workstation and navigate to the Files -> Open. Select path to vmx file. VMware Workstation should be able to import settings successfully. Once you power on the virtual machine, click an option I copied it.
Picture 4 - Dialog Menu
End.
Nice write up, thanks for the great how-to w/this setup...
Is the expected behavior after a 'write-erase' on the ASAv to infinitely loop? I noticed that after I get everything up and running, if I invoke a write-erase and reload the ASA, it just loops. (ERROR: OVF environment unavailable, errno: 2). OVF XML parsing for device configuration - FAIL... cannot read OVF.,, yadda yadda).
Is there a better way to clear the configuration if you want to restart the configuration from scratch? Should I just take a snapshot of the VM once I have applied the standard config and licensing to it? Is there a better way to handle this that you are aware of?
Thanks!
At the beginning of boot process grub menu appears.
Select the second option - boot ASAv with no configuration load.
ASA will bot with empty configuration.
Thanks for the quickly reply...
I seem to get the same error message... That is, regardless of what option within the GRUB menu I select, the ASA VM just loops, ...indefinitely. I'm assuming the 'wr er' command deletes some file(s) that the VM requires in order to successfully boot?!? Please see screenshot below.
https://i.imgur.com/in9qzmP.png
Thanks again!
I think so. That's why you can't use the command 'wr er'. Just reboot ASA and select the second option. Then save your new blank config and let ASA to boot with default first grub option. After boot config should be empty, right?
Thank you... Using the command 'write erase' on this virtual appliance seems to bork the entire instance... As you made reference to already, if you want to start over using a clean slate/config, don't write-erase the config, ... simply reboot the VM instance and select the the second option within the GRUB menu.
I appreciate your help -
I did File>Deploy OVF File, I browse to 9.2.1 ova file (I downloaded from cisco)
and Hit next but I get the following error message:
"This OVF Package uses features that are not supported when deploying directly to an ESX Host
The OVF Package requires support for OVF Properties."
Please assist
Lmatt,
According to the ASAv 9.3 Quick Install Guide page 2-1, you cannot install the ASAv directly on an ESXi host without using vCenter.
how do I install vcenter?
couldnt load the ova file,
it states the package doesnt have ovf properties that doesnt support deploy directl
to esx host.
i downloaded the ova package directly from cisco.
please help
This is incredible work you've done here. Really impressive. Thank you for the write up.
I've made multiple attempts to convert the VMWare files to Virtualbox to no avail. Do you have any pointers on how to get it working?
No luck with Vbox either. I tried to build ASAv VirtualBox machine copying the settings from ASAv running on VMware Workstation - two SCSI disks - ASAv922.vmdk and ASAv922_1.vmdk, one CPU, 2048 MB RAM and four virtio-net NICs. ASAv is freezing during the boot and there is message "Platform F1-GENERIC" in console.
Thanks for the response. I did wind up with the same configuration you're showing here. The VM monitor shows "Loading (hd0,0)/asa921-smp-k8.bin... Booting..." and stays there. I have noticed that the GRUB screen doesn't come up in VBox like it does in VMWare. I wonder if this is a GRUB issue or if VBox just has an issue with the way this is split up into two SCSI drives. If I run into any solution, I'll be sure to post here.
Trying to install ASAv931.ova on VM Workstation 10, comes up with an error " Did not pass OVF specification conformance or Virtual Hardware compliance checks, Retry to relex OVF specification and virtual hardware compliance checks and try to import again"
Retry will show : Line 330 Unsupported element property."
Not sure for a possible fix. How to get it working ?
You must use vSphere Client to deploy it on ESXi server. Read the article.
Great work Radovan. But in this case you are wrong. The "unsupported property" refers to the xml tag property in the ovf file - which is a 2.0 specification to the protocol. The asav931.ova is different than what you are using. Basically, for the 9.31 you have a choice of 8 types of asas to load - IF the vmware application supported 2.0 of the specification. He has to manually go in and delete the 7 of those 8 "property"-ies which give you those 8 choices. Also someone has messed up the .ova file and put syntax errors on line 451 and line 458 of the xml parsed .ovf file. I got mine working in vmplayer7.0, fails workstation 11.0 and am dropping down to 10.0 to try that.
The errors are reported as line 451 and 458. But fixing it requires to look for:
i
-->
There's 2 syntax errors there - delete them.
Trying again, the errors are reported as line 451 and line 458. The capitol L will represent the less than sign and the capitol R will represent the greater than sign, so its:
L Words here R i
L Words here R
L Words here R
L Words here R
L Words here R -->
delete those 2 syntax errors
Hi Joe,
how did you started the ASAv on VMwarePlayer ? I tried it also with asav931.ova and VmwarePlayer 7 and got the following error : "Failed to open virtual machine: Line 330: Unsupported element 'Property'."
Did you changed anything in the .ova file ?
Thank you !
I get the same error in vmware workstation 10 and also in 11.
"Line 330 Unsupported element property."
Anyone knows a solution?
You must use 64-bit Windows with hardware virtualization enabled in the bios
I got this up and running with 9.3.1, huge thanks for the guide. Has anyone running this noticed abnormally high CPU utilization with this VM running in workstation? Within the ASA (show processes cpu-usage) was not showing anything abnormal however the VM was pegged at 100% of its 1vCPU (25% of the overall of the Core i7 on my laptop).
The CPU utilization is normal following bootup however once I push even the smallest amount of traffic through it the CPU instantly pegs and stays there. Shut down the VM and the utilization drops back down to nothing. With my setup I am bridging the ASA "Outside" and running one VM on a separate vmswitch which is routing its traffic through the ASA to access network and internet resources.
Hi Brain!
I got the same issue as yours (high CPU utilisation by VM running ASAv) except that I'm using VMWare Fusion 8 Pro and ASAv 9.5. Did you solve the issue somehow?
Hi,
i wanted to use ASAv in qemu so I started some research. I used a VMworkstation version from ASAv 9.21. First I wasted some time trying to mount the .vmdk images as SCSI disks in qemu as VMware shows them as SCSI disks.
Then I started to take a closer look into the images.
First I converted the disk images:
/usr/local/bin/qemu-img convert -O raw ASAv-0.vmdk ASAv-0.img
/usr/local/bin/qemu-img convert -O raw ASAv.vmdk ASAv.img
fdisk -l ASAv.img
Disk ASAv.img: 268 MB, 268435456 bytes
128 heads, 32 sectors/track, 128 cylinders, total 524288 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Device Boot Start End Blocks Id System
ASAv.img1 * 4096 524287 260096 b W95 FAT32
fdisk -l ASAv-0.img
Disk ASAv-0.img: 8589 MB, 8589934592 bytes
128 heads, 32 sectors/track, 4096 cylinders, total 16777216 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Device Boot Start End Blocks Id System
ASAv-0.img1 4096 16777215 8386560 b W95 FAT32
Now I was even able to mount both images to take a closer look.
sudo mount -t vfat -o loop,ro,offset=2097152 ./ASAv.img /mnt/
ls /mnt/
asa921-smp-k8.bin asdm-72145.bin boot
ls /mnt/boot/
grub grub.conf
cat /mnt/boot/grub.conf
timeout 10
title bootflash:/asa921-smp-k8.bin
rootnoverify (hd0,0)
kernel (hd0,0)/
title bootflash:/asa921-smp-k8.bin with no configuration load
rootnoverify (hd0,0)
kernel (hd0,0)/ passwd_recover
end
sudo mount -t vfat -o loop,ro,offset=2097152 ./ASAv-0.img ./mnt2/
ls
coredumpinfo FSCK0001.REC FSCK0004.REC FSCK0007.REC FSCK0010.REC FSCK0013.REC FSCK0016.REC FSCK0019.REC FSCK0022.REC log
csco_config FSCK0002.REC FSCK0005.REC FSCK0008.REC FSCK0011.REC FSCK0014.REC FSCK0017.REC FSCK0020.REC FSCK0023.REC
FSCK0000.REC FSCK0003.REC FSCK0006.REC FSCK0009.REC FSCK0012.REC FSCK0015.REC FSCK0018.REC FSCK0021.REC FSCK0024.REC
So i though to give it a try and started it with qemu:
sudo /usr/bin/qemu-system-x86_64 -name ASAv -m 2048 -hda /home/ubuntu/ASAv.img -hdb /home/ubuntu/ASAv-0.img -serial telnet:127.0.0.1:5006,server,nowait -device e1000,mac=00:00:ab:4b:cb:00,netdev=gns3-0 -netdev socket,id=gns3-0,udp=127.0.0.1:10008,localaddr=127.0.0.1:40006
It boots and performs even a filesystem Check on /dev/hda1 and /dev/hdb1, but then at some point i see a core dump. But just before it states that there is no interface.
Great! I'll have closer look later.
Any luck getting it to run in anything other than VMWare? Would be nice to get it into GNS3. I have prereq b) and c), but I don't have a) at the moment either, which is a pretty hefty prereq if I want to run it in VMWarePlayer.
Sorry, Greg so far no luck.
After I run the virtual ASA device on Vmware Workstation. I have got a problem with notification as follows:
Assertion "_vf_mode_init" failed: file "vf_api.c", line 135 core0 same core snap_count=1 signo=6 RIP=7ffffecd43fb
My vASA rebooted continuously because of the problem.
So, who can help me to resolve the problem ? Thank you so much.
I have exactly the same problem. Did you find a fix to this issue?? Your input will be much appreciated. Thanks
I have got exactly same problem as @Kim Do above. After I run the virtual ASA device on VMware Workstation v11 and power on the VM, it apparently boots fine and gets to the point where it discovers there are 4 NICs, and after that it creates a dump. This is the exact wording of error message:
Assertion "_vf_mode_init" failed: file "vf_api.c", line 135 core0 same core snap_count=1 signo=6 RIP=7ffffecd43fb
ASAv reboots continuously and every time the error message is same.
Any fix for that please?? Thanks!
Having the same problem ^^^^. Anyone able to figure this out? Thanks,
Had the same issue myself when importing 9.2.1 into VMWare Workstation 12. If you set the number of cores per processor to 2 from the default of 1 on the VM Settings then it should boot up and present you with the ciscoasa> prompt.
HTH's
Million thanks
Aijaz
Why I use VMware Workstation load ASAv 921 OVA file kept rebooting, no matter what I select the first or second boot startup item entry。
Hi,
I also have the same issue with ASAv rebooting constantly with same error message. It was working fine (on vmware ws ver 11) but I recently upgraded to VMWare WS ver12 and since the the issue started. Just tried it on my linyx vmware ws ver 11 and the asav works...Will try and downgrade my windows version to v 11 again and give feedback...
Ciao
JC
Hi All,
No luck...same issue...I tried a new version of ASAv as well....
This really hurts...
Ciao
JC
Increase the allocated RAM for the VM
Hi,
For VMWare issue, I fixed it by enabling VT-D support under CPU in the VM Settings, hope this helps
After some tests I realize it seems that 64 bit vmware versions are having issues with ASAv. I noticed many crash in v11, v12, but runs smooth on v9 and v10.
I had a good running system last year with VMware Workstation v10. In September of 2015, I switched to a new systems with Workstation v11.
I am able to run ASAv 941-205 on v11 but get sporadic high CPU on my host (laptop with an i7). I have been thinking it was my new hardware as I was also experiencing system crashes for awhile. I fixed the system crash but still have issues with ASAv.
Is there any other confirmation/insights that ASAv runs better on v10 vs v11 or v12? It will be an effort for me to switch back.
Was it a fix for high loading a CPU?
How can I run ASA under VMWare Workstation 11? Is It possible?
After you import the VM upgrade the virtual hardware and 9.6.2 will run under Workstation 12.5.2
Anyone tried to import ASA 9.1.5 into ESXi/Workstation, i am getting the following error:
Unknown error, please try again. If the problem persists, please contact VMware Technical Support and provide C:\Users\******\AppData\Local\Temp\vmware-******\ovftool.log.
Same error i am getting in VMWare in Ubuntu...and ESxi does not import the ISO file with this...and says that essential disk is missing..
Any help will be much appreciated>