Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- CoreNative(config)# sh run
- : Saved
- :
- ASA Version 8.2(5)
- !
- hostname CoreNative
- enable password .m1BRA2KFWinJYL5 encrypted
- passwd 2KFQnbNIdI.2KYOU encrypted
- names
- !
- interface Ethernet0/0
- switchport access vlan 2
- !
- interface Ethernet0/1
- switchport trunk allowed vlan 10-18
- switchport mode trunk
- !
- interface Ethernet0/2
- switchport access vlan 100
- switchport trunk native vlan 100
- !
- interface Ethernet0/3
- !
- interface Ethernet0/4
- !
- interface Ethernet0/5
- !
- interface Ethernet0/6
- switchport access vlan 200
- !
- interface Ethernet0/7
- !
- interface Vlan2
- nameif outside
- security-level 0
- ip address dhcp setroute
- !
- interface Vlan10
- nameif AuthUser
- security-level 80
- ip address 10.0.10.1 255.255.255.0
- !
- interface Vlan11
- nameif Management
- security-level 90
- ip address 10.0.11.1 255.255.255.0
- !
- interface Vlan12
- nameif WirelessAuth
- security-level 80
- ip address 10.0.12.1 255.255.255.0
- !
- interface Vlan13
- nameif WirelessGuest
- security-level 50
- ip address 10.0.13.1 255.255.255.0
- !
- interface Vlan14
- nameif Server
- security-level 60
- ip address 10.0.14.1 255.255.255.0
- !
- interface Vlan15
- nameif Storage
- security-level 60
- ip address 10.0.15.1 255.255.255.0
- !
- interface Vlan16
- nameif VoIP
- security-level 60
- ip address 10.0.16.1 255.255.255.0
- !
- interface Vlan18
- nameif Camera
- security-level 60
- ip address 10.0.18.1 255.255.255.0
- !
- interface Vlan100
- nameif Engineering
- security-level 100
- ip address 10.0.100.1 255.255.255.0
- !
- ftp mode passive
- clock timezone MST -7
- clock summer-time MDT recurring
- dns domain-lookup outside
- dns server-group DefaultDNS
- name-server x.x.x.x
- name-server x.x.x.x
- same-security-traffic permit inter-interface
- same-security-traffic permit intra-interface
- access-list inside_access_in extended permit ip any any
- access-list split-tunnel standard permit 192.168.1.0 255.255.255.0
- access-list splitVPN standard permit 192.168.1.0 255.255.255.0
- access-list Engineering_nat0_outbound extended permit ip 10.0.100.0 255.255.255.0 10.0.10.0 255.255.255.0
- pager lines 24
- logging enable
- logging asdm informational
- mtu inside 1500
- mtu outside 1500
- mtu AuthUser 1500
- mtu Management 1500
- mtu WirelessAuth 1500
- mtu WirelessGuest 1500
- mtu Server 1500
- mtu Storage 1500
- mtu VoIP 1500
- mtu Camera 1500
- mtu Engineering 1500
- ip local pool VPNpool 10.0.50.10-10.0.50.85 mask 255.255.255.0
- no failover
- icmp unreachable rate-limit 1 burst-size 1
- icmp permit any inside
- icmp permit any AuthUser
- icmp permit any Management
- icmp permit any WirelessAuth
- icmp permit any Storage
- icmp permit any Engineering
- no asdm history enable
- arp timeout 14400
- nat-control
- global (outside) 1 interface
- nat (AuthUser) 1 0.0.0.0 0.0.0.0
- nat (Management) 1 0.0.0.0 0.0.0.0
- nat (WirelessAuth) 1 0.0.0.0 0.0.0.0
- nat (Storage) 1 0.0.0.0 0.0.0.0
- nat (Engineering) 0 access-list Engineering_nat0_outbound
- nat (Engineering) 1 0.0.0.0 0.0.0.0
- access-group outside_access in interface outside
- timeout xlate 3:00:00
- timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
- timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
- timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
- timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
- timeout tcp-proxy-reassembly 0:01:00
- timeout floating-conn 0:00:00
- dynamic-access-policy-record DfltAccessPolicy
- aaa authentication ssh console LOCAL
- aaa local authentication attempts max-fail 16
- http server enable
- http 0.0.0.0 0.0.0.0 outside
- http 0.0.0.0 0.0.0.0 Engineering
- no snmp-server location
- no snmp-server contact
- snmp-server enable traps snmp authentication linkup linkdown coldstart
- telnet timeout 5
- ssh 0.0.0.0 0.0.0.0 inside
- ssh 0.0.0.0 0.0.0.0 outside
- ssh 0.0.0.0 0.0.0.0 Engineering
- ssh timeout 60
- console timeout 0
- management-access Engineering
- dhcpd auto_config outside
- !
- dhcpd address 192.168.1.5-192.168.1.149 inside
- dhcpd enable inside
- !
- dhcpd address 10.0.10.50-10.0.10.250 AuthUser
- dhcpd dns x.x.x.x interface AuthUser
- dhcpd auto_config outside interface AuthUser
- dhcpd enable AuthUser
- !
- dhcpd address 10.0.11.50-10.0.11.150 Management
- dhcpd auto_config outside interface Management
- dhcpd enable Management
- !
- dhcpd address 10.0.12.50-10.0.12.250 WirelessAuth
- dhcpd auto_config outside interface WirelessAuth
- dhcpd enable WirelessAuth
- !
- dhcpd address 10.0.13.50-10.0.13.100 WirelessGuest
- dhcpd auto_config outside interface WirelessGuest
- dhcpd enable WirelessGuest
- !
- dhcpd address 10.0.18.2-10.0.18.2 Camera
- dhcpd dns x.x.x.x interface Camera
- dhcpd enable Camera
- !
- dhcpd address 10.0.100.100-10.0.100.200 Engineering
- dhcpd dns x.x.x.x interface Engineering
- dhcpd enable Engineering
- !
- threat-detection basic-threat
- threat-detection statistics access-list
- no threat-detection statistics tcp-intercept
- ssl trust-point ASDM_TrustPoint0 outside
- webvpn
- enable inside
- enable outside
- anyconnect-essentials
- svc image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
- svc enable
- tunnel-group-list enable
- group-policy NativeVPN internal
- group-policy NativeVPN attributes
- dns-server value x.x.x.x
- vpn-tunnel-protocol svc webvpn
- split-tunnel-policy tunnelspecified
- split-tunnel-network-list value splitVPN
- default-domain value home.bbbbbl.com
- webvpn
- svc mtu 1200
- !
- class-map inspection_default
- match default-inspection-traffic
- !
- !
- policy-map type inspect dns preset_dns_map
- parameters
- message-length maximum client auto
- message-length maximum 512
- policy-map global_policy
- class inspection_default
- inspect dns preset_dns_map
- inspect ftp
- inspect h323 h225
- inspect h323 ras
- inspect rsh
- inspect rtsp
- inspect esmtp
- inspect sqlnet
- inspect skinny
- inspect sunrpc
- inspect xdmcp
- inspect sip
- inspect netbios
- inspect tftp
- inspect ip-options
- inspect icmp
- !
- service-policy global_policy global
- prompt hostname context
- : end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement