API tools faq
paste
Advertisement
Guest User

Cisco ASA Output

a guest
Jul 5th, 2012
475
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.85 KB | None | 0 0
raw download clone embed print report
  1. interface Vlan1
  2. no nameif
  3. no security-level
  4. no ip address
  5. !
  6. interface Vlan2
  7. nameif Outside
  8. security-level 0
  9. ip address 192.168.251.66 255.255.255.252
  10. !
  11. interface Vlan3
  12. nameif inside
  13. security-level 100
  14. ip address 192.168.5.1 255.255.255.252
  15. !
  16. interface Ethernet0/0
  17. description ### Outside ###
  18. switchport access vlan 2
  19. !
  20. interface Ethernet0/1
  21. description ### Inside ###
  22. switchport access vlan 3
  23. !
  24. interface Ethernet0/2
  25. shutdown
  26. !
  27. interface Ethernet0/3
  28. shutdown
  29. !
  30. interface Ethernet0/4
  31. shutdown
  32. !
  33. interface Ethernet0/5
  34. shutdown
  35. !
  36. interface Ethernet0/6
  37. shutdown
  38. !
  39. interface Ethernet0/7
  40. shutdown
  41. !
  42. ftp mode passive
  43. access-list acl_out extended permit tcp any host 222.22.2.209 eq www
  44. access-list acl_out extended permit tcp any host 222.22.2.215 eq www
  45. access-list acl_out extended permit tcp any host 222.22.2.215 eq https
  46. access-list acl_out extended permit tcp any host 222.22.2.215 eq pop3
  47. access-list acl_out extended permit tcp any host 222.22.2.215 eq smtp
  48. access-list acl_out extended permit tcp any host 222.22.2.213 eq www
  49. access-list acl_out extended permit tcp any host 222.22.2.213 eq 8880
  50. access-list acl_out extended permit tcp any host 222.22.2.213 eq 8111
  51. access-list acl_out extended permit tcp any host 222.22.2.213 eq 8444
  52. access-list acl_out extended permit tcp any host 222.22.2.213 eq 8333
  53. access-list acl_out extended permit icmp any any
  54. access-list acl_out extended permit gre any any
  55. access-list acl_out extended permit tcp any any eq pptp
  56. access-list acl_out extended permit tcp any host 222.22.2.215 eq 3389
  57. access-list acl-out extended permit tcp any host 222.22.2.210 eq www
  58. access-list acl-out extended permit tcp any host 222.22.2.210 eq ssh
  59. access-list acl-out extended permit tcp any host 222.22.2.211 eq ssh
  60. access-list acl-out extended permit tcp any host 222.22.2.211 eq www
  61. pager lines 24
  62. mtu Outside 1500
  63. mtu inside 1500
  64. ip local pool vpnpool 192.168.50.10
  65. icmp unreachable rate-limit 1 burst-size 1
  66. no asdm history enable
  67. arp timeout 14400
  68. global (Outside) 1 222.22.2.214
  69. nat (inside) 1 0.0.0.0 0.0.0.0
  70. static (inside,Outside) tcp 222.22.2.213 8444 192.168.0.10 3389 netmask 255.255.255.255
  71. static (inside,Outside) tcp 222.22.2.213 8333 192.168.0.180 3389 netmask 255.255.255.255
  72. static (inside,Outside) tcp 222.22.2.209 www 192.168.0.111 www netmask 255.255.255.255
  73. static (inside,Outside) tcp 222.22.2.213 www 192.168.0.18 www netmask 255.255.255.255
  74. static (inside,Outside) tcp 222.22.2.213 8880 192.168.0.111 8880 netmask 255.255.255.255
  75. static (inside,Outside) tcp 222.22.2.213 8111 192.168.0.113 www netmask 255.255.255.255
  76. static (inside,Outside) tcp 222.22.2.210 ssh 192.168.0.67 ssh netmask 255.255.255.255
  77. static (inside,Outside) tcp 222.22.2.210 www 192.168.0.67 www netmask 255.255.255.255
  78. static (inside,Outside) 222.22.2.215 192.168.0.35 netmask 255.255.255.255
  79. static (inside,Outside) 222.22.2.211 192.168.1.119 netmask 255.255.255.255
  80. access-group acl_out in interface Outside
  81. route Outside 0.0.0.0 0.0.0.0 192.168.251.65 1
  82. route inside 192.168.0.0 255.255.252.0 192.168.5.2 1
  83. timeout xlate 3:00:00
  84. timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  85. timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  86. timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  87. timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  88. timeout tcp-proxy-reassembly 0:01:00
  89. dynamic-access-policy-record DfltAccessPolicy
  90. no snmp-server location
  91. no snmp-server contact
  92. snmp-server enable traps snmp authentication linkup linkdown coldstart
  93. crypto ipsec transform-set FirstSet esp-3des esp-md5-hmac
  94. crypto ipsec security-association lifetime seconds 28800
  95. crypto ipsec security-association lifetime kilobytes 4608000
  96. crypto dynamic-map dyn1 1 set transform-set FirstSet
  97. crypto dynamic-map dyn1 1 set reverse-route
  98. crypto map mymap 1 ipsec-isakmp dynamic dyn1
  99. crypto map mymap interface Outside
  100. crypto isakmp enable Outside
  101. crypto isakmp policy 1
  102. authentication pre-share
  103. encryption 3des
  104. hash sha
  105. group 2
  106. lifetime 86400
  107. telnet 192.168.0.0 255.255.255.0 inside
  108. telnet 192.168.3.0 255.255.255.0 inside
  109. telnet 192.168.5.0 255.255.255.252 inside
  110. telnet timeout 5
  111. ssh timeout 5
  112. console timeout 0
  113.  
  114. threat-detection basic-threat
  115. threat-detection statistics access-list
  116. no threat-detection statistics tcp-intercept
  117. tunnel-group vpngroup type remote-access
  118. tunnel-group vpngroup general-attributes
  119. address-pool vpnpool
  120. tunnel-group vpngroup ipsec-attributes
  121. pre-shared-key *
  122. !
  123. class-map inspection_default
  124. match default-inspection-traffic
  125. !
  126. !
  127. policy-map global_policy
  128. class inspection_default
  129. inspect h323 ras
  130. inspect rsh
  131. inspect rtsp
  132. inspect esmtp
  133. inspect sqlnet
  134. inspect skinny
  135. inspect sunrpc
  136. inspect xdmcp
  137. inspect sip
  138. inspect netbios
  139. inspect tftp
  140. inspect pptp
  141. !
  142. prompt hostname context
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!