GNS3 on Azure 01: Setup GNS3 on Azure

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

Welcome to the first blog post in this new series on GNS3 in Azure. The first part of this series will cover how to setup GNS3 on Azure. I’ll share with you what works and what doesn’t so that you don’t have to waste your time finding out. I’ll then cover how to add appliances to GNS3 specifically using the Sophos network security appliances (the Sophos XG firewall and the Sophos UTM). I’ll then conclude by covering how to get internet connectivity working from within your lab environment.

For those that may not be aware, GNS3 is a great application that is used by hundreds of thousands of network engineers worldwide to emulate, configure, test and troubleshoot virtual and real networks (and hundreds of thousands is not an exxageration). It was originally developed by a guy named Jeremy Grossman, who originally created the application to help him to study for his CCNP exam.

On a personal level, GNS3 really helped me to develop my computer networking skills and I’ve used it to better understand a many networking protocols and concepts especially in my earlier days in IT. I’ve built complex and fully automated lab environments based on GNS3 in the past and I still use those environments till today but sadly as I moved around to different roles, I’ve not had the chance to redesign the earlier environments on the latest version of GNS3 until now. Which is where this series come in – As I’m getting rid of most of my physical servers that I used to use for testing and relying mainly on my Azure test environments,  I thought I’ll share the things that I’ve learned more recently with you around setting up a GNS3 lab environment on Azure.



  • Ensure that you have sufficient Azure resource quota (especially number of cores per region)
    • Azure subscription → Usage + Quotas
      • Filter for “Microsoft.Compute” provider; Location and select “Show all”

High-Level Steps

  • Deploy a Windows machine that will be used as our GNS3 Client on Azure
    • Disable IE Enhanced security
    • Install Putty
  • Deploy an Ubuntu server that will be used as our GNS3 Server on Azure
  • Install the GNS3 Client
    • For the GNS3 client, we’ll use a simple VM size
  • Install the GNS3 Server
    • For the GNS3 server, select one of the v3 VMs that supports nested virtualization in Azure
      • This is for performance reasons. Many vendor images like the Sophos XG firewall are nested devices running on QEMU
      • Also best to use VM sizes that supports accelerated networking for even better performance
      • Best to select SSDs for better performance (especially for the GNS3 server)
    • Verify Successful install
  • Configure your GNS3 client to use the GNS3 server
ai. Deploy a Windows machine that will be used as our GNS3 Client on Azure
  • Windows Server 2016 DC
    • VM Size: Standard_D2s_v3
    • VM Name: gns3-client
    • Resource Group: gns3-rg
    • Virtual Network: gns3-vnet
    • Subnet: gns3-vnet-sub1
      • 10.10.1/0/24
    • Needs public IP with RDP access
      • gns3-client-pip
      • No boot diagnostics
    • Log into VM and Disable IE Enhanced Security
    • Download and install Putty
aii. Deploy an Ubuntu server that will be used as our GNS3 Server on Azure
  • Ubuntu 16.04 LTS
    • Resource Group: gns3-rg (use existing)
    • VM Size: Standard_D16s_v3 (16 vcpus, 64 GB memory)
      • Or Standard_D8s_v3 (if using Azure Pass Voucher)
      • For better performance, select one of the v3 VMs that supports nested virtualization
        • Many vendor images are nested devices running on QEMU
    • Increase OS disk to 512GB
    • No NSG (Advanced)
    • No Public IP
    • Enabled Accelerated Networking
    • No diagnostics
    • Don’t use the new “18.04 LTS”. The script will fail at the end
    • Has to be Ubuntu LTS otherwise you’ll get this error: “This script can only be run on a Linux Ubuntu LTS release”
bi. Install the GNS3 Client
bii. Install the GNS3 server
  • SSH to the server (from the GNS3 client and run the following commands):

[code language=”bash”]
cd /tmp
bash –with-iou –with-i386-repository

bii. The details of arguments that you can pass to the script are:
–with-openvpn: Install Open VPN to allow access over insecure network (not needed in this case)
–with-iou: Install IOU
–with-i386-repository: Add i386 repositories require by IOU if they are not available on the system. Warning this will replace your source.list in order to use official ubuntu mirror
–help: Show the help
–unstable: Use the unstable repository (for installing beta, release candidate…)
biii. Verify success
  • Browse to “http://<ip>:3080/” (from a web browser on the GNS3 client). We should get the GNS3 server page.
  • netstat -antp | grep 3080 (on the GNS3 server)
c. Configure your GNS3 client to use the GNS3 server
  • Help –> Setup Wizard –> Run everything on a remote server
  • Local server
  • We can now upload images to the server


Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore


New Azure Container Instance Vulnerability — What to do?

Just yesterday, Microsoft disclosed a new (and yet to be clarified) Azure Container Instance vulnerability — From the information shared in the disclosure, it seems

Protecting against #ChaosDB

Cloud security researchers @sagitz and @nirohfeld who both work at Wiz recently discovered what I think is a major vulnerability that exploits the recent CosmosDB Jupyter notebook feature to

Do You Want To Boost Your Business?

drop us a line and keep in touch