For me labs are the most important part of my pursuit of certification. I am a visual learner more than anything else and I find doing labs is a great way to learn and it also helps you remember topics and commands. Another important part is troubleshooting your lab, when you first configure something chances are it wont work fist time round so you have to think about what steps you have taken in configuring the lab and start troubleshooting the issues. What a great way to learn.
So what is the best way to practice using labs? The lab rental model is good if you don’t have the physical hardware, it can be expensive to buy and run in your own home lab, the other option is to run virtual labs on your own PC at home and its the one I use.
I built my own PC which was another great learning experience. It has a i5 Intel processor, with 16G of RAM, 250G SSD, ASRock Motherboard….I wont bore you with all the details but its a powerful enough machine.
So what is the best software out there to run on your own PC? I use a combination of software depending on what I am doing. I use Packet Tracer for every quick and basic labs. I also run GNS3 which is for more complex labs which I used a lot for my CCNP R&S certification exams.
But the latest one I am using is Unified Networking Labs or UNL for short. To run the UNL software you must use VMWare or VirtualBox and need a powerful PC depending on the complexity of the lab you want to run. You can download the software from http://www.unetlab.com/ if you are interested in trying it out.
So why UNL? Well it supports a lot of the security appliances you need to use for the CCNA Security exam. ACS, ASA, ASAv, Cisco Switches IOU, Cisco Routers to name a few. It is really important to get some hands on experience on the ASA in particular and also its GUI interface the ASDM.
Unified Network Labs
Below I will show you what it looks like and also setup the ASA and a Virtual Windows Machine to access the ASDM from all within the UNL system.
I wont go into detail on how to install the software as the UNL website does a really good job of that and also provides videos as well.
Once you start the VMWare for UNL you log onto the system via your browser. Username/Password is admin/unl.
Once logged in you’ll get the following screen.
To create a new lab click on Actions and ‘Add a new lab’
After naming your lab and saving it it will appear in your list, double click on the lab and then select Open.
On the left hand side click the plus button to add an object and select node. Select ASAv from the list to add it to the lab, do this again and select Windows to add a virtual Windows machine. Next select the link icon to add a link between the nodes.
Next step is to Start the nodes by right clicking on them and selecting Start. Now the fun begins configuring the ASAv and Windows machine so we can not only configure the ASAv via the CLI but also using the ASDM GUI.
First thing we need to do is configure the ASAv node. I am using putty here.
First step, configure the management interface that is connected to the Windows machine. Here I gave it an IP address of 192.168.1.200/24.
I then enable http server and also told the ASA what network is allowed to connect to it.
What isn’t shown in the screen capture above is configuring a username and password to use via the ASDM. The command for this is:
#username admin password admin123 privilege 15
You also need to tell the ASDM how to authenticate the user and what database to use. I’m just using the local ASA one.
#aaa authenticate http console LOCAL
That is it ! now save your configuration using wr command.
Next the Windows machine. I connect to it via Remote Desktop Viewer (I run Linux on my home PC)
Nothing special here apart from the fact that you need to have the Windows machine on the same network as the ASA. Open up Network Connections and enter in an IP address in the 192.168.1.0 subnet. I used 192.168.1.201/24.
Once configured run a quick ping test.
Double click on the ASDM icon to launch the ASDM and configure the IP address as the IP address you gave the management interface on the ASAv in my case 192.168.1.200 and the username/password of admin/admin123.
Bingo ! I am now connected to the ASAv via the ASDM GUI.
I hope you find this useful. Any questions just ask in the comments section.
NOTE: You need to download and install the different images you want to use in the UNL system via the Cisco website just like you have to do with GNS3. The UNL website has a HOW-TO guide on how to import them into the system.