Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- asdm image disk0:/asdm-508.bin
- asdm location 10.0.3.0 255.255.255.0 inside
- asdm location 10.0.0.1 255.255.255.255 inside
- asdm location 68.188.97.153 255.255.255.255 guest
- asdm location 192.168.1.0 255.255.255.0 outside
- asdm location 192.168.1.0 255.255.255.0 guest
- asdm location 68.188.97.153 255.255.255.255 outside
- asdm location 192.168.1.0 255.255.255.0 inside
- no asdm history enable
- : Saved
- :
- ASA Version 7.0(8)
- !
- hostname asaxo
- domain-name bethesdahealth.org
- enable password asdfsdfsf encrypted
- passwd sdfsdfsf encrypted
- names
- dns-guard
- !
- interface Ethernet0/0
- speed 100
- duplex full
- nameif outside
- security-level 0
- ip address 67.152.145.227 255.255.255.224
- !
- interface Ethernet0/1
- speed 100
- duplex full
- nameif inside
- security-level 100
- ip address 10.0.0.2 255.255.252.0
- !
- interface Ethernet0/2
- no nameif
- no security-level
- no ip address
- !
- interface Ethernet0/2.172
- vlan 172
- nameif guestmgmt
- security-level 80
- ip address 172.16.0.1 255.255.255.0
- !
- interface Ethernet0/2.173
- vlan 173
- nameif guest
- security-level 10
- ip address 172.17.0.1 255.255.255.0
- !
- interface Management0/0
- nameif management
- security-level 100
- ip address 192.168.1.1 255.255.255.0
- management-only
- !
- !
- time-range test
- !
- ftp mode passive
- clock timezone CST -6
- clock summer-time CDT recurring 1 Sun Apr 2:00 last Sun Oct 2:00
- same-security-traffic permit intra-interface
- object-group network PrivateIPs
- network-object 10.0.0.0 255.0.0.0
- network-object 172.16.0.0 255.240.0.0
- network-object 192.168.0.0 255.255.0.0
- access-list inside_nat0_outbound extended permit ip any 10.0.3.0 255.255.255.0
- access-list inside_nat0_outbound extended permit ip 10.0.0.0 255.255.252.0 host 68.188.97.153
- access-list inside_nat0_outbound extended permit ip 10.0.0.0 255.255.252.0 192.168.1.0 255.255.255.0
- access-list inside_nat0_outbound extended permit ip 10.0.0.0 255.0.0.0 192.168.1.0 255.255.255.0
- access-list inside_nat0_outbound extended permit ip 10.1.0.0 255.255.255.0 192.168.1.0 255.255.255.0
- access-list bethMB_splitTunnelAcl standard permit any
- access-list inbound extended permit icmp any any echo-reply
- access-list inbound extended permit icmp any any source-quench
- access-list inbound extended permit icmp any any unreachable
- access-list inbound extended permit icmp any any time-exceeded
- access-list inbound extended permit tcp any host 67.152.145.228 eq https
- access-list inbound extended permit tcp any host 67.152.145.229 eq smtp
- access-list inbound extended permit tcp any host 67.152.145.228 eq pptp
- access-list inbound extended permit gre any host 67.152.145.228
- access-list inbound extended permit ah any host 67.152.145.228
- access-list inbound extended permit tcp any host 67.152.145.232 eq https
- access-list inbound extended permit tcp any host 67.152.145.233 eq 3389
- access-list inbound extended permit tcp any host 67.152.145.233 eq https
- access-list inbound extended permit tcp any host 67.152.145.234 eq https
- access-list inbound extended permit udp host 10.2.0.246 any eq isakmp
- access-list inbound extended permit udp host 10.2.0.246 any eq 4500
- access-list guestmgmt extended permit icmp any any echo-reply
- access-list guestmgmt extended permit icmp any any source-quench
- access-list guestmgmt extended permit icmp any any unreachable
- access-list guestmgmt extended permit icmp any any time-exceeded
- access-list guestmgmt extended permit 97 host 172.16.0.10 host 10.0.75.10
- access-list guestmgmt extended permit udp host 172.16.0.10 host 10.0.75.10 eq 1666
- access-list guestmgmt extended deny ip any object-group PrivateIPs
- access-list guestmgmt extended permit ip any any
- access-list guestmgmt_nat0_outbound extended permit ip any 10.0.3.0 255.255.255.0
- access-list guest extended permit udp any any eq bootpc
- access-list guest extended permit udp any any eq bootps
- access-list guest extended permit udp any any eq domain
- access-list guest extended permit tcp any any eq domain
- access-list guest extended permit tcp 172.17.0.0 255.255.255.0 any eq www
- access-list guest extended permit tcp 172.17.0.0 255.255.255.0 any eq https
- access-list guest extended permit tcp any host 67.152.145.228 eq https
- access-list guest extended permit tcp any host 67.152.145.229 eq smtp
- access-list guest extended permit tcp any host 67.152.145.228 eq pptp
- access-list guest extended permit gre any host 67.152.145.228
- access-list guest extended permit ah any host 67.152.145.228
- access-list guest extended permit tcp any host 67.152.145.232 eq https
- access-list guest extended permit tcp any host 67.152.145.233 eq 3389
- access-list guest extended permit tcp any host 67.152.145.233 eq https
- access-list guest extended permit tcp any host 67.152.145.234 eq https
- access-list guest extended deny ip any any
- access-list limitguest extended permit ip 172.17.0.0 255.255.255.0 any
- access-list limitguest extended permit ip any 172.17.0.0 255.255.255.0
- access-list limitguest extended permit ip any host 67.152.145.253
- access-list limitguest extended permit ip host 67.152.145.253 any
- access-list guest_nat0_outbound extended permit ip 10.0.0.0 255.255.0.0 192.168.1.0 255.255.255.0
- access-list outside_cryptomap_1 extended permit ip 10.0.0.0 255.255.0.0 192.168.1.0 255.255.255.0
- access-list inside_nat0_outside extended permit ip any 192.168.1.0 255.255.255.0
- access-list inside_nat0_outside extended permit ip any 192.168.0.0 255.255.0.0
- access-list outside_nat0_outbound extended permit ip 10.0.0.0 255.0.0.0 192.168.1.0 255.255.255.0
- access-list outside_nat0_inbound extended permit ip 10.0.0.0 255.0.0.0 192.168.1.0 255.255.255.0
- pager lines 24
- logging enable
- logging monitor warnings
- logging buffered warnings
- logging asdm informational
- mtu outside 1500
- mtu inside 1500
- mtu management 1500
- mtu guestmgmt 1500
- mtu guest 1500
- ip local pool MBCGIT 10.0.3.5-10.0.3.254 mask 255.255.252.0
- asdm image disk0:/asdm-508.bin
- no asdm history enable
- arp timeout 14400
- global (outside) 10 interface
- global (outside) 20 67.152.145.253
- nat (outside) 0 access-list outside_nat0_outbound
- nat (outside) 0 access-list outside_nat0_inbound outside
- nat (inside) 0 access-list inside_nat0_outbound
- nat (inside) 10 0.0.0.0 0.0.0.0
- nat (guestmgmt) 0 access-list guestmgmt_nat0_outbound
- nat (guest) 0 access-list guest_nat0_outbound
- nat (guest) 20 172.17.0.0 255.255.255.0
- static (inside,outside) 67.152.145.229 10.0.0.15 netmask 255.255.255.255
- static (inside,outside) 67.152.145.230 10.0.0.5 netmask 255.255.255.255
- static (inside,outside) 67.152.145.232 10.0.0.7 netmask 255.255.255.255
- static (inside,outside) 67.152.145.234 10.0.0.38 netmask 255.255.255.255
- static (inside,outside) 67.152.145.233 10.1.0.216 netmask 255.255.255.255
- static (inside,outside) 67.152.145.228 10.0.0.64 netmask 255.255.255.255
- static (inside,guestmgmt) 10.0.0.0 10.0.0.0 netmask 255.0.0.0
- static (inside,guest) 67.152.145.229 10.0.0.15 netmask 255.255.255.255
- static (inside,guest) 67.152.145.230 10.0.0.5 netmask 255.255.255.255
- static (inside,guest) 67.152.145.232 10.0.0.7 netmask 255.255.255.255
- static (inside,guest) 67.152.145.234 10.0.0.38 netmask 255.255.255.255
- static (inside,guest) 67.152.145.233 10.1.0.216 netmask 255.255.255.255
- static (inside,guest) 67.152.145.228 10.0.0.64 netmask 255.255.255.255
- access-group inbound in interface outside
- access-group guestmgmt in interface guestmgmt
- access-group guest in interface guest
- route outside 192.168.1.0 255.255.255.0 192.168.1.1 1
- route outside 0.0.0.0 0.0.0.0 67.152.145.225 1
- route inside 10.0.76.0 255.255.255.0 10.0.0.1 1
- route inside 10.0.75.0 255.255.255.0 10.0.0.1 1
- route inside 10.9.0.0 255.255.0.0 10.0.0.1 1
- route inside 10.6.0.0 255.255.0.0 10.0.0.1 1
- route inside 10.4.0.0 255.255.0.0 10.0.0.1 1
- route inside 10.3.0.0 255.255.0.0 10.0.0.1 1
- route inside 10.2.0.0 255.255.0.0 10.0.0.1 1
- route inside 10.7.0.0 255.255.0.0 10.0.0.1 1
- route inside 10.5.0.0 255.255.0.0 10.0.0.1 1
- route inside 10.1.0.0 255.255.0.0 10.0.0.1 1
- route inside 10.9.5.0 255.255.255.0 10.0.0.1 1
- route inside 10.9.0.0 255.255.252.0 10.0.0.1 1
- route inside 10.7.0.0 255.255.255.0 10.0.0.1 1
- route inside 10.6.0.0 255.255.255.0 10.0.0.1 1
- route inside 10.5.0.0 255.255.255.0 10.0.0.1 1
- route inside 10.4.0.0 255.255.255.0 10.0.0.1 1
- route inside 10.3.0.0 255.255.255.0 10.0.0.1 1
- route inside 10.2.0.0 255.255.255.0 10.0.0.1 1
- route inside 10.1.0.0 255.255.255.0 10.0.0.1 1
- timeout xlate 3:00:00
- timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
- timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
- timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
- timeout uauth 0:05:00 absolute
- group-policy bethMB internal
- group-policy bethMB attributes
- dns-server value 12.127.16.68
- split-tunnel-policy tunnelspecified
- split-tunnel-network-list value bethMB_splitTunnelAcl
- webvpn
- username mbcg password Ssdfsdfsdf encrypted privilege 15
- username mbcg attributes
- vpn-group-policy bethMB
- webvpn
- http server enable
- http 10.0.0.0 255.255.252.0 inside
- http 192.168.1.0 255.255.255.0 management
- snmp-server host inside 10.1.0.99 community bhg2012
- no snmp-server location
- no snmp-server contact
- snmp-server community sdfsdfsf
- snmp-server enable traps snmp authentication linkup linkdown coldstart
- crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
- crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
- crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
- crypto ipsec security-association lifetime seconds 28800
- crypto ipsec security-association lifetime kilobytes 4608000
- crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
- crypto dynamic-map outside_dyn_map 20 set security-association lifetime seconds 28800
- crypto dynamic-map outside_dyn_map 20 set security-association lifetime kilobytes 4608000
- crypto map outside_map 1 match address outside_cryptomap_1
- crypto map outside_map 1 set pfs group1
- crypto map outside_map 1 set peer 68.188.97.153
- crypto map outside_map 1 set transform-set ESP-3DES-SHA
- crypto map outside_map 1 set security-association lifetime seconds 28800
- crypto map outside_map 1 set security-association lifetime kilobytes 4608000
- crypto map outside_map 1 set nat-t-disable
- crypto map outside_map interface outside
- isakmp enable outside
- isakmp policy 10 authentication pre-share
- isakmp policy 10 encryption 3des
- isakmp policy 10 hash sha
- isakmp policy 10 group 2
- isakmp policy 10 lifetime 86400
- isakmp nat-traversal 20
- tunnel-group bethMB type ipsec-ra
- tunnel-group bethMB general-attributes
- address-pool MBCGIT
- default-group-policy bethMB
- tunnel-group bethMB ipsec-attributes
- pre-shared-key sdfsdfsdf
- tunnel-group 68.188.97.153 type ipsec-l2l
- tunnel-group 68.188.97.153 ipsec-attributes
- pre-shared-key sdfsdfsf
- telnet 10.0.0.0 255.255.252.0 inside
- telnet timeout 5
- ssh 68.143.191.75 255.255.255.255 outside
- ssh 68.143.191.77 255.255.255.255 outside
- ssh 198.200.139.235 255.255.255.255 outside
- ssh 10.0.0.0 255.255.252.0 inside
- ssh 10.1.0.0 255.255.255.0 inside
- ssh timeout 60
- console timeout 0
- management-access inside
- dhcpd address 172.17.0.20-172.17.0.254 guest
- dhcpd dns 8.8.8.8 8.8.4.4
- dhcpd lease 7200
- dhcpd ping_timeout 50
- dhcpd enable guest
- !
- class-map limitguest-class
- match access-list limitguest
- class-map inspection_default
- match default-inspection-traffic
- !
- !
- policy-map global_policy
- class inspection_default
- inspect dns maximum-length 512
- inspect ftp
- inspect h323 h225
- inspect h323 ras
- inspect rsh
- inspect rtsp
- inspect sqlnet
- inspect skinny
- inspect sunrpc
- inspect xdmcp
- inspect sip
- inspect netbios
- inspect tftp
- class class-default
- policy-map limitguest-policy
- class limitguest-class
- police 1000000 150000 conform-action drop
- !
- service-policy global_policy global
- service-policy limitguest-policy interface outside
- service-policy limitguest-policy interface guest
- Cryptochecksum:09640b352758050259d55d4d8bd6ba41
- : end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement