Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ASA Version 8.2(1)
- !
- hostname bdlasa
- domain-name BDNet.com
- enable password FFFFFFFUUUUUUUUUUUU encrypted
- passwd CCCCCCCCCCCCKYOU encrypted
- names
- dns-guard
- !
- interface Vlan1
- nameif management
- security-level 100
- ip address 192.168.35.1 255.255.255.0
- management-only
- !
- interface Vlan2
- nameif outside
- security-level 0
- ip address 2x.xx.xx.10 255.255.255.248
- !
- interface Vlan12
- nameif inside
- security-level 100
- ip address 192.168.0.254 255.255.255.0
- !
- interface Ethernet0/0
- switchport access vlan 2
- !
- interface Ethernet0/1
- switchport access vlan 12
- !
- interface Ethernet0/2
- switchport access vlan 12
- !
- interface Ethernet0/3
- switchport access vlan 12
- !
- interface Ethernet0/4
- switchport access vlan 12
- !
- interface Ethernet0/5
- !
- interface Ethernet0/6
- switchport access vlan 12
- !
- interface Ethernet0/7
- switchport access vlan 12
- !
- ftp mode passive
- clock timezone EST -5
- clock summer-time EDT recurring
- dns domain-lookup management
- dns domain-lookup outside
- dns domain-lookup inside
- dns server-group DefaultDNS
- name-server 192.168.0.5 //LAN DNS Server
- name-server 1xx.xx.xxx.138 //ISP DNS Server
- name-server 1xx.xx.xx.4 //ISP DNS Server
- domain-name BDNet.com
- access-list outside_1_cryptomap extended permit ip 192.168.0.0 255.255.255.0 192.168.100.0 255.255.255.0
- access-list inside_nat0_outbound extended permit ip 192.168.0.0 255.255.255.0 192.168.100.0 255.255.255.0
- pager lines 24
- logging asdm informational
- mtu management 1500
- mtu outside 1500
- mtu inside 1500
- no failover
- icmp unreachable rate-limit 1 burst-size 1
- no asdm history enable
- arp timeout 14400
- global (outside) 1 interface
- nat (management) 1 0.0.0.0 0.0.0.0
- nat (inside) 0 access-list inside_nat0_outbound
- nat (inside) 1 0.0.0.0 0.0.0.0
- route outside 0.0.0.0 0.0.0.0 2x.xx.xx.9 1 //Gateway to cable modem
- timeout xlate 3:00:00
- timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
- timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
- timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
- timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
- timeout tcp-proxy-reassembly 0:01:00
- dynamic-access-policy-record DfltAccessPolicy
- http server enable
- http 192.168.0.0 255.255.255.0 inside
- http 192.168.35.0 255.255.255.0 management
- no snmp-server location
- no snmp-server contact
- snmp-server enable traps snmp authentication linkup linkdown coldstart
- crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
- crypto ipsec security-association lifetime seconds 28800
- crypto ipsec security-association lifetime kilobytes 4608000
- crypto map outside_map 1 match address outside_1_cryptomap
- crypto map outside_map 1 set peer 2xx.xx.xx.6
- crypto map outside_map 1 set transform-set ESP-AES-256-MD5
- crypto map outside_map interface outside
- crypto isakmp enable outside
- crypto isakmp policy 10
- authentication pre-share
- encryption aes
- hash md5
- group 1
- lifetime 86400
- telnet timeout 5
- ssh timeout 5
- console timeout 0
- dhcpd address 192.168.35.2-192.168.35.5 management
- dhcpd enable management
- !
- dhcprelay server 192.168.0.5 inside
- threat-detection basic-threat
- threat-detection statistics access-list
- no threat-detection statistics tcp-intercept
- webvpn
- username christag password OHaIWtfOMGbBqZ 6 encrypted privilege 15
- tunnel-group 2xx.xx.xx.6 type ipsec-l2l
- tunnel-group 2xx.xx.xx.6 ipsec-attributes
- pre-shared-key *
- !
- class-map inspection_default
- match default-inspection-traffic
- !
- !
- policy-map type inspect dns preset_dns_map
- parameters
- message-length maximum 512
- policy-map global_policy
- class inspection_default
- inspect dns preset_dns_map
- inspect ftp
- inspect h323 h225
- inspect h323 ras
- inspect rsh
- inspect rtsp
- inspect esmtp
- inspect sqlnet
- inspect skinny
- inspect sunrpc
- inspect xdmcp
- inspect sip
- inspect netbios
- inspect tftp
- !
- service-policy global_policy global
- prompt hostname context
- Cryptochecksum:327ed6bdefeb06d6e508a40a51ded402
- : end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement