Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- interface Vlan1
- no nameif
- no security-level
- no ip address
- !
- interface Vlan2
- nameif Outside
- security-level 0
- ip address 192.168.251.66 255.255.255.252
- !
- interface Vlan3
- nameif inside
- security-level 100
- ip address 192.168.5.1 255.255.255.252
- !
- interface Ethernet0/0
- description ### Outside ###
- switchport access vlan 2
- !
- interface Ethernet0/1
- description ### Inside ###
- switchport access vlan 3
- !
- interface Ethernet0/2
- shutdown
- !
- interface Ethernet0/3
- shutdown
- !
- interface Ethernet0/4
- shutdown
- !
- interface Ethernet0/5
- shutdown
- !
- interface Ethernet0/6
- shutdown
- !
- interface Ethernet0/7
- shutdown
- !
- ftp mode passive
- access-list acl_out extended permit tcp any host 222.22.2.209 eq www
- access-list acl_out extended permit tcp any host 222.22.2.215 eq www
- access-list acl_out extended permit tcp any host 222.22.2.215 eq https
- access-list acl_out extended permit tcp any host 222.22.2.215 eq pop3
- access-list acl_out extended permit tcp any host 222.22.2.215 eq smtp
- access-list acl_out extended permit tcp any host 222.22.2.213 eq www
- access-list acl_out extended permit tcp any host 222.22.2.213 eq 8880
- access-list acl_out extended permit tcp any host 222.22.2.213 eq 8111
- access-list acl_out extended permit tcp any host 222.22.2.213 eq 8444
- access-list acl_out extended permit tcp any host 222.22.2.213 eq 8333
- access-list acl_out extended permit icmp any any
- access-list acl_out extended permit gre any any
- access-list acl_out extended permit tcp any any eq pptp
- access-list acl_out extended permit tcp any host 222.22.2.215 eq 3389
- access-list acl-out extended permit tcp any host 222.22.2.210 eq www
- access-list acl-out extended permit tcp any host 222.22.2.210 eq ssh
- access-list acl-out extended permit tcp any host 222.22.2.211 eq ssh
- access-list acl-out extended permit tcp any host 222.22.2.211 eq www
- pager lines 24
- mtu Outside 1500
- mtu inside 1500
- ip local pool vpnpool 192.168.50.10
- icmp unreachable rate-limit 1 burst-size 1
- no asdm history enable
- arp timeout 14400
- global (Outside) 1 222.22.2.214
- nat (inside) 1 0.0.0.0 0.0.0.0
- static (inside,Outside) tcp 222.22.2.213 8444 192.168.0.10 3389 netmask 255.255.255.255
- static (inside,Outside) tcp 222.22.2.213 8333 192.168.0.180 3389 netmask 255.255.255.255
- static (inside,Outside) tcp 222.22.2.209 www 192.168.0.111 www netmask 255.255.255.255
- static (inside,Outside) tcp 222.22.2.213 www 192.168.0.18 www netmask 255.255.255.255
- static (inside,Outside) tcp 222.22.2.213 8880 192.168.0.111 8880 netmask 255.255.255.255
- static (inside,Outside) tcp 222.22.2.213 8111 192.168.0.113 www netmask 255.255.255.255
- static (inside,Outside) tcp 222.22.2.210 ssh 192.168.0.67 ssh netmask 255.255.255.255
- static (inside,Outside) tcp 222.22.2.210 www 192.168.0.67 www netmask 255.255.255.255
- static (inside,Outside) 222.22.2.215 192.168.0.35 netmask 255.255.255.255
- static (inside,Outside) 222.22.2.211 192.168.1.119 netmask 255.255.255.255
- access-group acl_out in interface Outside
- route Outside 0.0.0.0 0.0.0.0 192.168.251.65 1
- route inside 192.168.0.0 255.255.252.0 192.168.5.2 1
- timeout xlate 3:00:00
- timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
- timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
- timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
- timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
- timeout tcp-proxy-reassembly 0:01:00
- dynamic-access-policy-record DfltAccessPolicy
- no snmp-server location
- no snmp-server contact
- snmp-server enable traps snmp authentication linkup linkdown coldstart
- crypto ipsec transform-set FirstSet esp-3des esp-md5-hmac
- crypto ipsec security-association lifetime seconds 28800
- crypto ipsec security-association lifetime kilobytes 4608000
- crypto dynamic-map dyn1 1 set transform-set FirstSet
- crypto dynamic-map dyn1 1 set reverse-route
- crypto map mymap 1 ipsec-isakmp dynamic dyn1
- crypto map mymap interface Outside
- crypto isakmp enable Outside
- crypto isakmp policy 1
- authentication pre-share
- encryption 3des
- hash sha
- group 2
- lifetime 86400
- telnet 192.168.0.0 255.255.255.0 inside
- telnet 192.168.3.0 255.255.255.0 inside
- telnet 192.168.5.0 255.255.255.252 inside
- telnet timeout 5
- ssh timeout 5
- console timeout 0
- threat-detection basic-threat
- threat-detection statistics access-list
- no threat-detection statistics tcp-intercept
- tunnel-group vpngroup type remote-access
- tunnel-group vpngroup general-attributes
- address-pool vpnpool
- tunnel-group vpngroup ipsec-attributes
- pre-shared-key *
- !
- class-map inspection_default
- match default-inspection-traffic
- !
- !
- policy-map global_policy
- class inspection_default
- inspect h323 ras
- inspect rsh
- inspect rtsp
- inspect esmtp
- inspect sqlnet
- inspect skinny
- inspect sunrpc
- inspect xdmcp
- inspect sip
- inspect netbios
- inspect tftp
- inspect pptp
- !
- prompt hostname context
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement