API tools faq
paste
Advertisement
Guest User

christag ASA 5505 config

a guest
Jan 18th, 2011
296
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.04 KB | None | 0 0
raw download clone embed print report
  1. ASA Version 8.2(1)
  2. !
  3. hostname bdlasa
  4. domain-name BDNet.com
  5. enable password FFFFFFFUUUUUUUUUUUU encrypted
  6. passwd CCCCCCCCCCCCKYOU encrypted
  7. names
  8. dns-guard
  9. !
  10. interface Vlan1
  11. nameif management
  12. security-level 100
  13. ip address 192.168.35.1 255.255.255.0
  14. management-only
  15. !
  16. interface Vlan2
  17. nameif outside
  18. security-level 0
  19. ip address 2x.xx.xx.10 255.255.255.248
  20. !
  21. interface Vlan12
  22. nameif inside
  23. security-level 100
  24. ip address 192.168.0.254 255.255.255.0
  25. !
  26. interface Ethernet0/0
  27. switchport access vlan 2
  28. !
  29. interface Ethernet0/1
  30. switchport access vlan 12
  31. !
  32. interface Ethernet0/2
  33. switchport access vlan 12
  34. !
  35. interface Ethernet0/3
  36. switchport access vlan 12
  37. !
  38. interface Ethernet0/4
  39. switchport access vlan 12
  40. !
  41. interface Ethernet0/5
  42. !
  43. interface Ethernet0/6
  44. switchport access vlan 12
  45. !
  46. interface Ethernet0/7
  47. switchport access vlan 12
  48. !
  49. ftp mode passive
  50. clock timezone EST -5
  51. clock summer-time EDT recurring
  52. dns domain-lookup management
  53. dns domain-lookup outside
  54. dns domain-lookup inside
  55. dns server-group DefaultDNS
  56. name-server 192.168.0.5 //LAN DNS Server
  57. name-server 1xx.xx.xxx.138 //ISP DNS Server
  58. name-server 1xx.xx.xx.4 //ISP DNS Server
  59. domain-name BDNet.com
  60. access-list outside_1_cryptomap extended permit ip 192.168.0.0 255.255.255.0 192.168.100.0 255.255.255.0
  61. access-list inside_nat0_outbound extended permit ip 192.168.0.0 255.255.255.0 192.168.100.0 255.255.255.0
  62. pager lines 24
  63. logging asdm informational
  64. mtu management 1500
  65. mtu outside 1500
  66. mtu inside 1500
  67. no failover
  68. icmp unreachable rate-limit 1 burst-size 1
  69. no asdm history enable
  70. arp timeout 14400
  71. global (outside) 1 interface
  72. nat (management) 1 0.0.0.0 0.0.0.0
  73. nat (inside) 0 access-list inside_nat0_outbound
  74. nat (inside) 1 0.0.0.0 0.0.0.0
  75. route outside 0.0.0.0 0.0.0.0 2x.xx.xx.9 1 //Gateway to cable modem
  76. timeout xlate 3:00:00
  77. timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  78. timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  79. timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  80. timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  81. timeout tcp-proxy-reassembly 0:01:00
  82. dynamic-access-policy-record DfltAccessPolicy
  83. http server enable
  84. http 192.168.0.0 255.255.255.0 inside
  85. http 192.168.35.0 255.255.255.0 management
  86. no snmp-server location
  87. no snmp-server contact
  88. snmp-server enable traps snmp authentication linkup linkdown coldstart
  89. crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  90. crypto ipsec security-association lifetime seconds 28800
  91. crypto ipsec security-association lifetime kilobytes 4608000
  92. crypto map outside_map 1 match address outside_1_cryptomap
  93. crypto map outside_map 1 set peer 2xx.xx.xx.6
  94. crypto map outside_map 1 set transform-set ESP-AES-256-MD5
  95. crypto map outside_map interface outside
  96. crypto isakmp enable outside
  97. crypto isakmp policy 10
  98. authentication pre-share
  99. encryption aes
  100. hash md5
  101. group 1
  102. lifetime 86400
  103. telnet timeout 5
  104. ssh timeout 5
  105. console timeout 0
  106. dhcpd address 192.168.35.2-192.168.35.5 management
  107. dhcpd enable management
  108. !
  109. dhcprelay server 192.168.0.5 inside
  110.  
  111. threat-detection basic-threat
  112. threat-detection statistics access-list
  113. no threat-detection statistics tcp-intercept
  114. webvpn
  115. username christag password OHaIWtfOMGbBqZ 6 encrypted privilege 15
  116. tunnel-group 2xx.xx.xx.6 type ipsec-l2l
  117. tunnel-group 2xx.xx.xx.6 ipsec-attributes
  118. pre-shared-key *
  119. !
  120. class-map inspection_default
  121. match default-inspection-traffic
  122. !
  123. !
  124. policy-map type inspect dns preset_dns_map
  125. parameters
  126. message-length maximum 512
  127. policy-map global_policy
  128. class inspection_default
  129. inspect dns preset_dns_map
  130. inspect ftp
  131. inspect h323 h225
  132. inspect h323 ras
  133. inspect rsh
  134. inspect rtsp
  135. inspect esmtp
  136. inspect sqlnet
  137. inspect skinny
  138. inspect sunrpc
  139. inspect xdmcp
  140. inspect sip
  141. inspect netbios
  142. inspect tftp
  143. !
  144. service-policy global_policy global
  145. prompt hostname context
  146. Cryptochecksum:327ed6bdefeb06d6e508a40a51ded402
  147. : end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!