Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- : Saved
- : Written by enable_15 at 00:37:03 UTC ???? 1 1993
- : Call-home enabled from prompt by enable_15 at 00:37:03 UTC ???? 1 1993
- :
- ASA Version 8.4(2)
- !
- hostname CORP-ASA
- domain-name theccnas.com
- enable password NeRTTKjVCdf18jre encrypted
- names
- !
- interface Ethernet0/0
- switchport access vlan 2
- !
- interface Ethernet0/1
- switchport access vlan 1
- !
- interface Ethernet0/2
- switchport access vlan 3
- !
- interface Ethernet0/3
- switchport access vlan 1
- !
- interface Ethernet0/4
- switchport access vlan 1
- !
- interface Ethernet0/5
- switchport access vlan 1
- !
- interface Ethernet0/6
- switchport access vlan 1
- !
- interface Ethernet0/7
- switchport access vlan 1
- !
- interface Vlan1
- nameif inside
- security-level 100
- ip address 192.168.1.1 255.255.255.0
- !
- interface Vlan2
- nameif outside
- security-level 0
- ip address 209.165.200.253 255.255.255.240
- !
- interface Vlan3
- no forward interface Vlan1
- nameif dmz
- security-level 70
- ip address 10.1.1.254 255.255.255.0
- !
- object network dmz-dns-server
- host 10.1.1.5
- object network dmz-web-server
- host 10.1.1.2
- object network inside-nat
- subnet 192.168.1.0 255.255.255.0
- !
- route outside 0.0.0.0 0.0.0.0 209.165.200.254 1
- !
- access-list OUTSIDE-TO-DMZ extended permit tcp any host 10.1.1.2 eq www
- access-list OUTSIDE-TO-DMZ extended permit tcp any host 10.1.1.5 eq domain
- access-list OUTSIDE-TO-DMZ extended permit udp any host 10.1.1.5 eq domain
- access-list OUTSIDE-TO-DMZ extended permit icmp any any echo-reply
- access-list OUTSIDE-TO-DMZ extended permit tcp host 198.133.219.35 host 10.1.1.2 eq ftp
- !
- !
- access-group OUTSIDE-TO-DMZ in interface outside
- object network dmz-dns-server
- nat (dmz,outside) static 209.165.200.242
- object network dmz-web-server
- nat (dmz,outside) static 209.165.200.241
- object network inside-nat
- nat (inside,outside) dynamic interface
- !
- !
- !
- !
- class-map inspection_default
- match default-inspection-traffic
- !
- policy-map global_policy
- class inspection_default
- inspect http
- !
- service-policy global_policy global
- !
- telnet timeout 5
- ssh timeout 5
- !
- dhcpd auto_config outside
- !
- dhcpd address 192.168.1.5-192.168.1.35 inside
- dhcpd enable inside
- !
- !
- !
- !
- !
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement