Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- :
- PIX Version 6.3(4)
- interface ethernet0 auto
- interface ethernet1 auto
- interface ethernet2 auto shutdown
- nameif ethernet0 outside security0
- nameif ethernet1 inside security100
- nameif ethernet2 intf2 security4
- enable password XXXXXXXXXXXXXXXXXXXX encrypted
- passwd XXXXXXXXXXXXXXXXXXX encrypted
- hostname WebbHousePix
- domain-name observerstd.com
- clock timezone BST 1
- fixup protocol dns maximum-length 512
- fixup protocol ftp 21
- no fixup protocol h323 h225 1720
- no fixup protocol h323 ras 1718-1719
- no fixup protocol http 80
- no fixup protocol rsh 514
- no fixup protocol rtsp 554
- no fixup protocol sip 5060
- no fixup protocol sip udp 5060
- no fixup protocol skinny 2000
- no fixup protocol sqlnet 1521
- no fixup protocol tftp 69
- names
- name 10.0.0.0 Internal_network
- name 10.0.0.121 Exchanger_Svr
- name 10.0.4.0 Stratford
- name 10.0.2.0 Bromsgrove
- name 10.0.1.0 Leamington
- object-group service Outbound_Internet tcp
- port-object eq www
- port-object eq ftp-data
- port-object eq domain
- port-object eq https
- port-object eq ftp
- port-object eq smtp
- port-object eq pop3
- object-group service DNS udp
- port-object eq domain
- object-group network Internal
- network-object Internal_network 255.255.255.0
- network-object Leamington 255.255.255.0
- network-object Bromsgrove 255.255.255.0
- network-object Stratford 255.255.255.0
- access-list inside_access_in permit icmp any any echo-reply
- access-list inside_access_in remark Allow outbound pings
- access-list inside_access_in remark Allow outbound DNS queries
- access-list inside_access_in permit ip Internal_network 255.255.255.0 any log
- access-list inside_access_in permit ip Leamington 255.255.255.0 any log
- access-list outside_access_in remark Allow ping response
- access-list outside_access_in permit icmp any any echo-reply
- access-list outside_access_in remark Allow traceroute response
- access-list outside_access_in permit icmp any any traceroute
- access-list outside_access_in permit ip 172.16.1.0 255.255.255.0 Internal_network 255.255.255.0
- access-list outside_access_in deny tcp interface outside eq pptp Internal_network 255.255.255.0
- access-list inside_outbound_nat0_acl permit ip Internal_network 255.255.255.0 172.16.1.0 255.255.255.0
- access-list inside_outbound_nat0_acl permit ip Internal_network 255.255.255.0 217.37.173.80 255.255.255.248
- pager lines 24
- logging on
- logging timestamp
- logging monitor debugging
- logging buffered debugging
- logging trap informational
- mtu outside 1500
- mtu inside 1500
- mtu intf2 1500
- ip address outside dhcp setroute retry 4
- ip address inside 10.0.0.6 255.255.255.0
- no ip address intf2
- ip verify reverse-path interface outside
- ip verify reverse-path interface inside
- ip audit info action alarm
- ip audit attack action alarm drop
- ip local pool pool1 172.16.1.1-172.16.1.254
- ip local pool pool2 192.168.55.1-192.168.55.2 mask 255.255.255.0
- pdm location Internal_network 255.255.255.0 outside
- pdm location Stratford 255.255.255.0 inside
- pdm location 82.47.103.xxx 255.255.255.255 outside
- pdm location Exchanger_Svr 255.255.255.255 inside
- pdm location 10.0.0.91 255.255.255.255 inside
- pdm location 172.16.1.0 255.255.255.0 outside
- pdm location 217.37.173.80 255.255.255.248 outside
- pdm location Bromsgrove 255.255.255.0 inside
- pdm location Leamington 255.255.255.0 inside
- pdm group Internal inside
- pdm logging debugging 100
- arp timeout 14400
- global (outside) 10 interface
- nat (inside) 0 access-list inside_outbound_nat0_acl
- nat (inside) 10 Internal_network 255.255.255.0 0 0
- nat (inside) 0 Leamington 255.255.255.0 0 0
- static (inside,outside) 80.194.82.63 Exchanger_Svr netmask 255.255.255.255 0 0
- access-group outside_access_in in interface outside
- access-group inside_access_in in interface inside
- route outside 0.0.0.0 0.0.0.0 82.47.103.209 1
- route inside Leamington 255.255.255.0 10.0.0.220 1
- route inside Bromsgrove 255.255.255.0 10.0.0.150 1
- route inside Stratford 255.255.255.0 10.0.0.150 1
- timeout xlate 3:00:00
- timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
- timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
- timeout uauth 0:05:00 absolute
- aaa-server TACACS+ protocol tacacs+
- aaa-server TACACS+ max-failed-attempts 3
- aaa-server TACACS+ deadtime 10
- aaa-server RADIUS protocol radius
- aaa-server RADIUS max-failed-attempts 3
- aaa-server RADIUS deadtime 10
- aaa-server LOCAL protocol local
- aaa authentication serial console LOCAL
- aaa authentication ssh console LOCAL
- aaa authentication telnet console LOCAL
- aaa authorization command LOCAL
- ntp server 204.34.198.40 source outside
- http server enable
- http Internal_network 255.255.255.0 inside
- snmp-server host inside 10.0.0.91
- snmp-server location Webb House
- no snmp-server contact
- snmp-server community public
- snmp-server enable traps
- floodguard enable
- sysopt connection permit-ipsec
- crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
- crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
- crypto map outside_map 1 ipsec-isakmp
- crypto map outside_map 1 set pfs group5
- crypto map outside_map 1 set peer 217.34.251.222
- crypto map outside_map 1 set transform-set ESP-3DES-MD5
- ! Incomplete
- crypto map outside_map interface outside
- isakmp enable outside
- onfig-mode
- isakmp key ******** address 217.37.173.xxx netmask 255.255.255.255 no-xauth no-config-mode
- isakmp key ******** address 217.46.159.xxx netmask 255.255.255.255 no-xauth no-config-mode
- isakmp key ******** address 217.46.159.xxx netmask 255.255.255.255 no-xauth no-config-mode
- isakmp key ******** address 217.37.221.xxx netmask 255.255.255.255 no-xauth no-config-mode
- isakmp key ******** address 81.149.219.xxx netmask 255.255.255.255 no-xauth no-config-mode
- isakmp identity address
- isakmp nat-traversal 3600
- isakmp policy 40 authentication pre-share
- isakmp policy 40 encryption 3des
- isakmp policy 40 hash md5
- isakmp policy 40 group 5
- isakmp policy 40 lifetime 86400
- vpngroup Hometest address-pool pool1
- vpngroup Hometest dns-server 10.0.0.253
- vpngroup Hometest default-domain osndom.local
- vpngroup Hometest idle-time 1800
- vpngroup Hometest password ********
- vpngroup Home_Access dns-server 10.0.0.253
- vpngroup Home_Access default-domain osndom.local
- vpngroup Home_Access idle-time 1800
- vpngroup Home_Access password ********
- telnet Internal_network 255.255.255.0 inside
- telnet timeout 5
- ssh timeout 5
- management-access inside
- console timeout 0
- vpdn username brendan password *********
- dhcpd lease 3600
- dhcpd ping_timeout 750
- dhcpd auto_config outside
- ---REMOVED FOR SECURITY------
- privilege show level 0 command version
- privilege show level 0 command curpriv
- privilege show level 3 command pdm
- privilege show level 3 command blocks
- privilege show level 3 command ssh
- privilege configure level 3 command who
- privilege show level 3 command isakmp
- privilege show level 3 command ipsec
- privilege show level 3 command vpdn
- privilege show level 3 command local-host
- privilege show level 3 command interface
- privilege show level 3 command ip
- privilege configure level 3 command ping
- privilege show level 3 command uauth
- privilege configure level 5 mode enable command configure
- privilege show level 5 command running-config
- privilege show level 5 command privilege
- privilege show level 5 command clock
- privilege show level 5 command ntp
- privilege show level 5 mode configure command logging
- privilege show level 5 command fragment
- terminal width 80
- Cryptochecksum:XXXXXXXXXXXXXXXXXXX
- : end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement