API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 30th, 2020
743
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.39 KB | None | 0 0
raw download clone embed print report
  1. : Saved
  2. :
  3. : Serial Number: JMX1606Z17U
  4. : Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz
  5. :
  6. ASA Version 9.2(4)14
  7. !
  8. hostname ASA5505
  9. enable password 8Ry2YjIyt7RRXU24 encrypted
  10. names
  11. ip local pool L2TP 192.168.100.10-192.168.100.254 mask 255.255.255.0
  12. !
  13. interface Ethernet0/0
  14. switchport access vlan 2
  15. !
  16. interface Ethernet0/1
  17. !
  18. interface Ethernet0/2
  19. !
  20. interface Ethernet0/3
  21. !
  22. interface Ethernet0/4
  23. !
  24. interface Ethernet0/5
  25. !
  26. interface Ethernet0/6
  27. !
  28. interface Ethernet0/7
  29. !
  30. interface Vlan1
  31. nameif inside
  32. security-level 100
  33. ip address 172.16.0.1 255.255.255.0
  34. !
  35. interface Vlan2
  36. nameif outside
  37. security-level 0
  38. ip address dhcp setroute
  39. !
  40. boot system disk0:/asa924-14-k8.bin
  41. ftp mode passive
  42. same-security-traffic permit inter-interface
  43. same-security-traffic permit intra-interface
  44. object network obj_any
  45. subnet 0.0.0.0 0.0.0.0
  46. object network L2TP-Pool
  47. subnet 192.168.100.0 255.255.255.0
  48. access-list ALL extended permit ip any any
  49. pager lines 24
  50. logging asdm informational
  51. mtu inside 1500
  52. mtu outside 1400
  53. icmp unreachable rate-limit 1 burst-size 1
  54. no asdm history enable
  55. arp timeout 14400
  56. no arp permit-nonconnected
  57. !
  58. object network obj_any
  59. nat (inside,outside) dynamic interface
  60. access-group ALL in interface outside
  61. timeout xlate 3:00:00
  62. timeout pat-xlate 0:00:30
  63. timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  64. timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  65. timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  66. timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  67. timeout tcp-proxy-reassembly 0:01:00
  68. timeout floating-conn 0:00:00
  69. dynamic-access-policy-record DfltAccessPolicy
  70. aaa-server servergroup1 protocol radius
  71. aaa-server servergroup1 (outside) host ***HOST_IP***
  72. key *****
  73. authentication-port 1812
  74. accounting-port 1813
  75. user-identity default-domain LOCAL
  76. aaa authentication ssh console LOCAL
  77. aaa authentication enable console LOCAL
  78. http server enable
  79. http 192.168.1.0 255.255.255.0 inside
  80. no snmp-server location
  81. no snmp-server contact
  82. sysopt connection tcpmss 1300
  83. crypto ipsec ikev1 transform-set my-transform-set esp-des esp-sha-hmac
  84. crypto ipsec ikev1 transform-set TRANS-ESP-3DES-SHA esp-3des esp-sha-hmac
  85. crypto ipsec ikev1 transform-set TRANS-ESP-3DES-SHA mode transport
  86. crypto ipsec security-association pmtu-aging infinite
  87. crypto dynamic-map OUTSIDE_DYN_MAP 10 set ikev1 transform-set TRANS-ESP-3DES-SHA
  88. crypto map OUTSIDE_MAP 65535 ipsec-isakmp dynamic OUTSIDE_DYN_MAP
  89. crypto map OUTSIDE_MAP interface outside
  90. crypto ca trustpool policy
  91. crypto isakmp nat-traversal 1500
  92. crypto ikev1 enable outside
  93. crypto ikev1 policy 5
  94. authentication pre-share
  95. encryption 3des
  96. hash sha
  97. group 2
  98. lifetime 86400
  99. telnet timeout 5
  100. no ssh stricthostkeycheck
  101. ssh 0.0.0.0 0.0.0.0 inside
  102. ssh ***HOST_IP*** 255.255.255.255 outside
  103. ssh timeout 30
  104. ssh version 2
  105. ssh key-exchange group dh-group14-sha1
  106. console timeout 0
  107. l2tp tunnel hello 100
  108.  
  109. dhcpd dns 8.8.8.8
  110. dhcpd auto_config outside
  111. !
  112. dhcpd address 172.16.0.100-172.16.0.254 inside
  113. dhcpd enable inside
  114. !
  115. threat-detection basic-threat
  116. threat-detection statistics access-list
  117. no threat-detection statistics tcp-intercept
  118. group-policy DfltGrpPolicy attributes
  119. dns-server value 8.8.8.8
  120. vpn-tunnel-protocol l2tp-ipsec
  121. username dmitry password LkKW75sphPlbZKY9 encrypted
  122. tunnel-group DefaultRAGroup general-attributes
  123. address-pool L2TP
  124. authentication-server-group servergroup1
  125. strip-realm
  126. strip-group
  127. tunnel-group DefaultRAGroup ipsec-attributes
  128. ikev1 pre-shared-key *****
  129. tunnel-group DefaultRAGroup ppp-attributes
  130. no authentication chap
  131. authentication ms-chap-v2
  132. tunnel-group L2TP type remote-access
  133. !
  134. class-map inspection_default
  135. match default-inspection-traffic
  136. !
  137. !
  138. policy-map type inspect dns preset_dns_map
  139. parameters
  140. message-length maximum client auto
  141. message-length maximum 512
  142. policy-map global_policy
  143. class inspection_default
  144. inspect dns preset_dns_map
  145. inspect ftp
  146. inspect h323 h225
  147. inspect h323 ras
  148. inspect rsh
  149. inspect rtsp
  150. inspect esmtp
  151. inspect sqlnet
  152. inspect skinny
  153. inspect sunrpc
  154. inspect xdmcp
  155. inspect sip
  156. inspect netbios
  157. inspect tftp
  158. inspect ip-options
  159. !
  160. service-policy global_policy global
  161. prompt hostname context
  162. no call-home reporting anonymous
  163. Cryptochecksum:641b21e227dcf6b93410f461b6f62357
  164. : end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!