Connect to GNS3 from the Internet! - This 8-Bit Life
As if there wasn’t already endless possibilities to GNS3, today I want to take it one step further and show you how to access your GNS3 networks via the internet. I searched all over for a tutorial on how to do this but I could not find anything exactly like what I wanted to do. So I pieced a bunch of articles and videos together to create a single
Connecting to a GNS3 lab from the internet; why?
Well I will give you the reason I wanted to do it and then you can come up with your own reasons. I wanted to have a way to work on labs from anywhere. I also wanted a way to create a lab with bugs and then allow friends a chance to fix the lab without moving typologies and files around, adding another way to study.
You will need to have GNS3 up and running. I will not be covering how to set up GNS3. I will presume you have everything in order to run GNS3 normally on windows.
- First thing we will do is create two Microsoft loopback adapters. Yes two! Go to Computer Management- Device manager- right click your device name- click add legacy hardware.
2. Now click Install manually- next
3. Now click Network adapters- next
4. Next scroll down and highlight Microsoft- then find Loopback Adapter- click on it then click next
5. Click next then click finish. Once the install is complete restart your PC to ensure the Adapter will be properly identified by GNS3.
6. Now we will bridge the physical adapter to one of our loopback adapters (I have renamed my loopbacks to make it easier to ID them), I will be using Loopback0 to bridge to the outside world and Loopback1 to turn our router into a terminal server to allow us OOB (Out of Band, not Out of Body) access to all of our devices on the GNS3 work space. To bridge them, just hold “Ctrl” and click on both, now that both are highlighted, right click on either and select bridge. You will see another icon pop up labeled bridge. And that’s it for that one.
Now for our LoopBack1 we need to assign it an IP, I used 10.0.0.1 with a 255.255.255.0 mask. On the router side I will use 10.0.0.2. to change the IP on the loopback1 adapter right click- scroll down to ipv4 select it, properties, click the manual IP assignment radial button and assign the IP. (You can use whatever you want just not the 192.168.1.0/24 range)
7. Now let’s add the magic that allows you to reach the GNS3 network from the internet. First you will need to access your home router (assuming you have one because it would be insane if you were reading this and you do not have a wireless router at home o_O)
On this model, the port forwarding is listed under applications and gaming. Yours may differ but you are looking for “Port-forwarding.” Here we named our application “SSH.” The SSH protocol by default uses port 22. So I will forward port 22 traffic to the IP we assign to our GNS3 router Fa0/0 interface. Fa0/0 will be the interface we will be plugging into the cloud (more on that coming up). Enable the rule and save.
8. Now you will need to determine your Public IP address. Google will tell you, if you ask.
So now we have our public IP. We can use this IP on port 22 to then SSH to our GNS3 router via the internet.
Next is to set up our GNS3 router. Here is the topology we will be using. I will break down each part.
9. Let’s configure and add our Loopbacks to the Cloud first
10. Go ahead and cable them up and power on your router. Here is the config
en ! conf t ! hostname TerminalServer ! no ip domain-lookup ! int f0/0 ip add 192.168.1.114 255.255.255.0 no shut ! int f0/1 ip add 10.0.0.2 255.255.255.0 no shut ! ip route 0.0.0.0 0.0.0.0 192.168.1.1 ip route 10.0.0.0 255.255.255.0 FastEthernet0/1 ip route 192.168.1.0 255.255.255.0 FastEthernet0/0 ! ip domain name T8BL.com ! crypto key generate rsa ! should see this---> %SSH-5-ENABLED: SSH 1.99 has been enabled ! line con 0 login local logging synchronous no exec-timeout ! line vty 0 4 login local logging synchronous no exec-timeout ! exit ! username gns3 secret t8bl ! enable secret t8bl ! banner login # ______ __ ____ __ /\__ _\/'_ `\ /\ _`\ /\ \ \/_/\ \/\ \L\ \\ \ \L\ \\ \ \ \ \ \/_> _ <_\ \ _ <'\ \ \ __ \ \ \/\ \L\ \\ \ \L\ \\ \ \L\ \ \ \_\ \____/ \ \____/ \ \____/ \/_/\/___/ \/___/ \/___/.com #
11. Now we are ready to login from the internet. Open up your terminal emulator and set it up to use your public IP on port 22 and password only. Then connect.
You should be prompted to accept the self-signed RSA certificate we created and then you will be prompted again for the username and password we created as well.
BAM you are hitting your GNS3 Terminal Server from the Internet!
Since we set up the second Loopback, we can access any running device on the work space, even if we totally botch the configs while we are practicing something. (Hover your mouse over a device to view the console port.
You can see that even with R2 not connected to anything, we still have that OOB connection. It may be worth noting that GNS3 may not always use the same port numbers for consoles when you first drag your devices out. After you set them all up you can note what device is using what port and then save. When you load that topology up again the ports will be the same. If you want to earn some serious cool points with your co workers, download a ssh client/terminal emulator to your phone and log into your GNS3 lab… Mind=blown!
So now we have an Internet reachable OOB Terminal Server on GNS3!!!
I thank you for reading, see you next time for “The Poor Man’s guide to a Complete Network Management Deployment.” We will open source the @#$% out of a network and see if we can compete with the big boys of the network monitoring world!!!
Real quick add on for a request to use a web browser to connect.
First go grab the free “Secure Shell app” from Google and add it to your apps (must be signed into your gmail account)
The open the app and type in the username you created on your GNS3 router, along with your public IP address (google “what is my IP address” to figure out what it is)
At this point you will need to accept the self signed RSA key(***key note: if you look at the below screen shoot you will see this error, this is because we only created a 512 bit RSA key when we first built the Terminal server router. we will need to create a larger key and then we MUST clear this old key from chrome)
Create the larger key (Google Secure Shell asked for a minimum of 768 Bit) So I have opened a connection to the terminal server and re-built the key. (If this command is not the exact same on the IOS you are running, try “?” a few times with different variations of the “crypto key gen rsa” command. make sure you have you domain-name set as well.
Now lets delete the old RSA key out of Chrome so we do not get the “Nasty” error
We must open the Java console while on the Secure shell tab
This will delete the old RSA and you can now hit “R” to reconnect
The nice thing is once you have it all working anyone with the “Secure Shell” app can access the terminal server without having to download and install client software.