Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Result of the command: "show running-config"
- : Saved
- :
- ASA Version 8.2(1)
- !
- hostname ciscoasa
- names
- dns-guard
- !
- interface Vlan1
- nameif inside
- security-level 100
- ip address dhcp
- !
- interface Vlan2
- nameif outside
- security-level 0
- ip address 100.10.20.235 255.255.255.0
- !
- interface Ethernet0/0
- switchport access vlan 2
- !
- same-security-traffic permit inter-interface
- access-list no-nat extended permit ip 172.16.1.0 255.255.255.0 10.10.0.0 255.255.255.0
- access-list VPN_splitunnelacl standard permit 172.16.1.0 255.255.255.0
- mtu inside 1500
- mtu outside 1500
- ip local pool VPN 10.10.0.1-10.10.0.10 mask 255.255.255.252
- icmp unreachable rate-limit 1 burst-size 1
- no asdm history enable
- arp timeout 14400
- global (inside) 2 interface
- global (outside) 1 interface
- nat (inside) 0 access-list no-nat
- nat (inside) 1 0.0.0.0 0.0.0.0
- route outside 0.0.0.0 0.0.0.0 100.10.20.1 1
- route inside 172.16.1.0 255.255.255.255 172.16.1.254 1
- route outside 0.0.0.0 0.0.0.0 172.16.1.254 tunneled
- dynamic-access-policy-record DfltAccessPolicy
- http server enable
- http 172.16.1.0 255.255.255.0 inside
- no snmp-server location
- no snmp-server contact
- snmp-server enable traps snmp authentication linkup linkdown coldstart
- crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac
- crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport
- crypto ipsec transform-set TRANS_ESP_3DES_MD5 esp-3des esp-md5-hmac
- crypto ipsec transform-set TRANS_ESP_3DES_MD5 mode transport
- crypto ipsec security-association lifetime seconds 28800
- crypto ipsec security-association lifetime kilobytes 4608000
- crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
- crypto dynamic-map outside_dyn_map 20 set transform-set TRANS_ESP_3DES_SHA TRANS_ESP_3DES_MD5
- crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
- crypto map outside_map interface outside
- crypto isakmp enable outside
- crypto isakmp policy 10
- authentication pre-share
- encryption 3des
- hash sha
- group 2
- lifetime 86400
- telnet timeout 5
- ssh timeout 5
- console timeout 0
- dhcpd auto_config outside
- !
- dhcpd address 172.16.1.10-172.16.1.41 inside
- !
- threat-detection basic-threat
- threat-detection statistics access-list
- no threat-detection statistics tcp-intercept
- webvpn
- group-policy DefaultRAGroup internal
- group-policy DefaultRAGroup attributes
- dns-server value 172.16.1.1 172.16.1.254
- vpn-tunnel-protocol l2tp-ipsec
- split-tunnel-policy tunnelspecified
- split-tunnel-network-list value VPN_splitunnelacl
- vpn-group-policy DefaultRAGroup
- tunnel-group DefaultRAGroup general-attributes
- address-pool VPN
- default-group-policy DefaultRAGroup
- tunnel-group DefaultRAGroup ipsec-attributes
- pre-shared-key *
- tunnel-group DefaultRAGroup ppp-attributes
- no authentication chap
- authentication ms-chap-v2
- !
- class-map inspection_default
- match default-inspection-traffic
- !
- !
- policy-map type inspect dns preset_dns_map
- parameters
- message-length maximum 512
- policy-map global_policy
- class inspection_default
- inspect dns preset_dns_map
- inspect ftp
- inspect h323 h225
- inspect h323 ras
- inspect rsh
- inspect rtsp
- inspect esmtp
- inspect sqlnet
- inspect skinny
- inspect sunrpc
- inspect xdmcp
- inspect sip
- inspect netbios
- inspect tftp
- !
- service-policy global_policy global
- prompt hostname context
- Cryptochecksum:a1417758a0b191120cdd7021f8eb5fbc
- : end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement