Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- : Saved
- :
- : Serial Number: JMX1606Z17U
- : Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz
- :
- ASA Version 9.2(4)14
- !
- hostname ASA5505
- enable password 8Ry2YjIyt7RRXU24 encrypted
- names
- ip local pool L2TP 192.168.100.10-192.168.100.254 mask 255.255.255.0
- !
- interface Ethernet0/0
- switchport access vlan 2
- !
- interface Ethernet0/1
- !
- interface Ethernet0/2
- !
- interface Ethernet0/3
- !
- interface Ethernet0/4
- !
- interface Ethernet0/5
- !
- interface Ethernet0/6
- !
- interface Ethernet0/7
- !
- interface Vlan1
- nameif inside
- security-level 100
- ip address 172.16.0.1 255.255.255.0
- !
- interface Vlan2
- nameif outside
- security-level 0
- ip address dhcp setroute
- !
- boot system disk0:/asa924-14-k8.bin
- ftp mode passive
- same-security-traffic permit inter-interface
- same-security-traffic permit intra-interface
- object network obj_any
- subnet 0.0.0.0 0.0.0.0
- object network L2TP-Pool
- subnet 192.168.100.0 255.255.255.0
- access-list ALL extended permit ip any any
- pager lines 24
- logging asdm informational
- mtu inside 1500
- mtu outside 1400
- icmp unreachable rate-limit 1 burst-size 1
- no asdm history enable
- arp timeout 14400
- no arp permit-nonconnected
- !
- object network obj_any
- nat (inside,outside) dynamic interface
- access-group ALL in interface outside
- timeout xlate 3:00:00
- timeout pat-xlate 0:00:30
- timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
- timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
- timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
- timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
- timeout tcp-proxy-reassembly 0:01:00
- timeout floating-conn 0:00:00
- dynamic-access-policy-record DfltAccessPolicy
- aaa-server servergroup1 protocol radius
- aaa-server servergroup1 (outside) host ***HOST_IP***
- key *****
- authentication-port 1812
- accounting-port 1813
- user-identity default-domain LOCAL
- aaa authentication ssh console LOCAL
- aaa authentication enable console LOCAL
- http server enable
- http 192.168.1.0 255.255.255.0 inside
- no snmp-server location
- no snmp-server contact
- sysopt connection tcpmss 1300
- crypto ipsec ikev1 transform-set my-transform-set esp-des esp-sha-hmac
- crypto ipsec ikev1 transform-set TRANS-ESP-3DES-SHA esp-3des esp-sha-hmac
- crypto ipsec ikev1 transform-set TRANS-ESP-3DES-SHA mode transport
- crypto ipsec security-association pmtu-aging infinite
- crypto dynamic-map OUTSIDE_DYN_MAP 10 set ikev1 transform-set TRANS-ESP-3DES-SHA
- crypto map OUTSIDE_MAP 65535 ipsec-isakmp dynamic OUTSIDE_DYN_MAP
- crypto map OUTSIDE_MAP interface outside
- crypto ca trustpool policy
- crypto isakmp nat-traversal 1500
- crypto ikev1 enable outside
- crypto ikev1 policy 5
- authentication pre-share
- encryption 3des
- hash sha
- group 2
- lifetime 86400
- telnet timeout 5
- no ssh stricthostkeycheck
- ssh 0.0.0.0 0.0.0.0 inside
- ssh ***HOST_IP*** 255.255.255.255 outside
- ssh timeout 30
- ssh version 2
- ssh key-exchange group dh-group14-sha1
- console timeout 0
- l2tp tunnel hello 100
- dhcpd dns 8.8.8.8
- dhcpd auto_config outside
- !
- dhcpd address 172.16.0.100-172.16.0.254 inside
- dhcpd enable inside
- !
- threat-detection basic-threat
- threat-detection statistics access-list
- no threat-detection statistics tcp-intercept
- group-policy DfltGrpPolicy attributes
- dns-server value 8.8.8.8
- vpn-tunnel-protocol l2tp-ipsec
- username dmitry password LkKW75sphPlbZKY9 encrypted
- tunnel-group DefaultRAGroup general-attributes
- address-pool L2TP
- authentication-server-group servergroup1
- strip-realm
- strip-group
- tunnel-group DefaultRAGroup ipsec-attributes
- ikev1 pre-shared-key *****
- tunnel-group DefaultRAGroup ppp-attributes
- no authentication chap
- authentication ms-chap-v2
- tunnel-group L2TP type remote-access
- !
- class-map inspection_default
- match default-inspection-traffic
- !
- !
- policy-map type inspect dns preset_dns_map
- parameters
- message-length maximum client auto
- message-length maximum 512
- policy-map global_policy
- class inspection_default
- inspect dns preset_dns_map
- inspect ftp
- inspect h323 h225
- inspect h323 ras
- inspect rsh
- inspect rtsp
- inspect esmtp
- inspect sqlnet
- inspect skinny
- inspect sunrpc
- inspect xdmcp
- inspect sip
- inspect netbios
- inspect tftp
- inspect ip-options
- !
- service-policy global_policy global
- prompt hostname context
- no call-home reporting anonymous
- Cryptochecksum:641b21e227dcf6b93410f461b6f62357
- : end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement