Appendix: GNS3 Basics
In this chapter, we will be going through the basics in GNS3. Try to play with and familiarize yourself with this environment as this is a good tool for network simulations.
Adding a FortiGate Firewall to GNS3
- Start by adding a new template.
- We want to install it from the GNS3 Server, so keep the option default and then press next.
- On the next window, search for “FortiGate”, and select the option under “Firewalls”, then click “Install.”
- Press “Next” on this screen:
- Press “Next” on this screen:
- Tick the “Allow custom files” box.
- Click “Yes” on this screen:
- Highlight a random version.
- Click “Create a new version.”
- Create a new custom version and select optional name for it.
- Press OK on this one, too:
- Press OK again.
- Click on any empty30G file, and click Download. Save that file to your computer.
- Scroll down to your custom version and click the arrow on the left:
- Click the FGT filename under your custom version and click “Import.”
- Navigate to your downloaded FortiGate Firewall image and click “Open.”
- Still under your custom version, click “Import” on the empty30G file.
- Navigate to your downloaded empty30G file and click “Open.”
- After that, highlight the custom version again and click “Next.”
- Click “Yes” on this window:
- Then click “Finish.”
Configuring Your Palo Alto Firewall Template and Adding the Device
- Let’s start by modifying the GNS3 template of the Palo Alto firewall by right clicking the existing template, and clicking on “Configure template.”
- Make sure the max amount of RAM is set to at least 4096MB, and the amount of vCPUs are at least 2.
- Now close the window, and drag in the Palo Alto device from the left hand pane.
- Once you’ve dragged in the Palo Alto device, right click it, then click “Start.”
Keep in mind that this device takes a while to start.
Webterm Installation
-
- Let’s begin by clicking “New template” on the bottom left hand of GNS3.
- We want to install this into the GNS3 VM. Click on the option to “Install an appliance from the GNS3 Server,” then click next.
- On the next window, search for “webterm,” select the option under “guests,” then click “Install.”
- On the next screen, ensure that “Install the appliance on the GNS3 VM” is already selected, then click “Next.”
- On the next screen, click “Finish.”
After that, it should appear under all devices in GNS3
- Let’s begin by clicking “New template” on the bottom left hand of GNS3.
Configuring Your Webterm Device with a Static IP
- Drag in the webterm device from the left pane. Then once it finishes downloading the docker file, right click it and select “Edit config.”
- A window will pop up containing the device’s network configuration. We want to modify this file to match the specified IP address. The final modification should look like a little like this:
After these modifications, click on the save button on the bottom right of the window.
Configuring a Webterm DHCP Client
We just need to uncomment these 2 lines to enable DHCP. Click on save and we are done.
Connecting Devices in GNS3
Please see the example below:[1]
Using NAT in GNS3
The NAT device in GNS3 will allow devices in our virtual topology to communicate with the internet. This device is under the all devices section of GNS3.
Make sure you select the GNS3 VM as the option whenever you see this window (applies for all devices)
Using Kali in GNS3
Sometimes we need to use Kali to demonstrate an attack. Please keep in mind that Kali is used strictly for testing purposes, and should not be used as a daily driver, to hack your friends, or to pretend to look cool.
- Let’s begin by clicking “New template” on the bottom left hand of GNS3.
- We want to install this into the GNS3 VM. Click on the option to “Install an appliance from the GNS3 Server,” then click “Next.”
- On the next window, search for “kali”, and select the non “CLI” option.
- On the next screen, ensure that “Install the appliance on the GNS3 VM” is already selected, then click “Next.”
- “Next” again:
- Expand the “2019” option, and download both missing files.
- After that, import the downloaded file to the specified 2019 selection.
- It should take a second, but GNS3 will start to load up the ISO into the GNS3 VM.
- After that, click the 2019 version again, then click “Next.”
- Then click “Finish.”
Using WordPress in GNS3
Sometimes we need a basic webserver to demonstrate website functionality. This can be accomplished using the WordPress appliance in GNS3. Start by clicking the new template button on the bottom of the page.
We want to install an appliance from the GNS3 server.
Look up “WordPress,” then click “Install.”
Just press next for the following dialogue boxes, and you should now have WordPress!
Running WordPress
After changing the interface configuration, start the machine. You will see a dialogue box:
Press enter and you’ll see the device under some basic configuration. Once you get to the prompt, you can exit that window, and you will have WordPress ready!
Using Switches in GNS3
Usually we just use switches to connect multiple devices together in GNS3. However, it can also be used for VLANs. Start by dragging one in and double clicking it.
Here you can see that they are all basically untagged. To configure a specific port, simply double click your desired port
Configure the necessary settings for them (access is for tagging, dot1q is for trunking).
Click on add to Apply the changes.
Then click Apply and OK.
- If using an offline version of the book, navigate to https://opentextbc.ca/fortigatefirewall/back-matter/appendix/ in order to see this animated example. ↵