API tools faq
paste
Advertisement
JohnJSmith

Untitled

JohnJSmith
Dec 11th, 2017
572
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.98 KB | None | 0 0
raw download clone embed print report diff
  1. show run
  2. : Saved
  3. :
  4. : Serial Number: JMX1619Z136
  5. : Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz
  6. :
  7. ASA Version 9.1(7)16
  8. !
  9. hostname ciscoasa1
  10. domain-name ##########
  11. enable password ############## encrypted
  12. names
  13. !
  14. interface Ethernet0/0
  15. switchport access vlan 2
  16. !
  17. interface Ethernet0/1
  18. !
  19. interface Ethernet0/2
  20. !
  21. interface Ethernet0/3
  22. !
  23. interface Ethernet0/4
  24. !
  25. interface Ethernet0/5
  26. !
  27. interface Ethernet0/6
  28. !
  29. interface Ethernet0/7
  30. !
  31. interface Vlan1
  32. nameif inside
  33. security-level 100
  34. ip address 10.0.0.1 255.255.255.0
  35. !
  36. interface Vlan2
  37. nameif outside
  38. security-level 0
  39. ip address dhcp setroute
  40. !
  41. ftp mode passive
  42. dns domain-lookup inside
  43. dns server-group DefaultDNS
  44. name-server 8.8.8.8
  45. name-server 192.168.1.5
  46. name-server 192.168.1.6
  47. domain-name ############
  48. object network obj_any
  49. subnet 0.0.0.0 0.0.0.0
  50. object network 3759
  51. subnet 192.168.1.0 255.255.255.0
  52. object network NETWORK_OBJ_10.0.0.0_24
  53. subnet 10.0.0.0 255.255.255.0
  54. object network Local
  55. subnet 10.0.0.0 255.255.255.0
  56. object-group service DM_INLINE_SERVICE_1
  57. service-object icmp
  58. service-object icmp echo
  59. service-object icmp echo-reply
  60. service-object icmp traceroute
  61. service-object tcp-udp destination eq www
  62. access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 a ny interface outside
  63. access-list outside_access_in extended permit tcp any interface outside eq https
  64. access-list outside_access_in extended permit ip 10.0.0.0 255.255.255.0 object 3 759
  65. access-list outside_cryptomap extended permit ip 10.0.0.0 255.255.255.0 object 3 759
  66. access-list outside_cryptomap_1 extended permit ip 10.0.0.0 255.255.255.0 object 3759
  67. pager lines 24
  68. logging asdm informational
  69. mtu inside 1500
  70. mtu outside 1500
  71. no failover
  72. icmp unreachable rate-limit 1 burst-size 1
  73. no asdm history enable
  74. arp timeout 14400
  75. no arp permit-nonconnected
  76. nat (inside,outside) source static NETWORK_OBJ_10.0.0.0_24 NETWORK_OBJ_10.0.0.0_ 24 destination static 3759 3759 no-proxy-arp route-lookup
  77. !
  78. object network obj_any
  79. nat (inside,outside) dynamic interface
  80. !
  81. nat (inside,outside) after-auto source dynamic any interface
  82. access-group outside_access_in in interface outside
  83. timeout xlate 3:00:00
  84. timeout pat-xlate 0:00:30
  85. timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  86. timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  87. timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  88. timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  89. timeout tcp-proxy-reassembly 0:01:00
  90. timeout floating-conn 0:00:00
  91. dynamic-access-policy-record DfltAccessPolicy
  92. user-identity default-domain LOCAL
  93. http server enable
  94. http 10.0.0.0 255.255.255.0 inside
  95. http 192.168.1.0 255.255.255.0 inside
  96. no snmp-server location
  97. no snmp-server contact
  98. crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS esp-aes esp-md5-hmac
  99. crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transport
  100. crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
  101. crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport
  102. crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac
  103. crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transport
  104. crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
  105. crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport
  106. crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac
  107. crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transport
  108. crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  109. crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  110. crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
  111. crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transport
  112. crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac
  113. crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transport
  114. crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
  115. crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  116. crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac
  117. crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport
  118. crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS esp-des esp-md5-hmac
  119. crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transport
  120. crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  121. crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  122. crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  123. crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  124. crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  125. crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  126. crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac
  127. crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport
  128. crypto ipsec ikev2 ipsec-proposal AES256
  129. protocol esp encryption aes-256
  130. protocol esp integrity sha-1 md5
  131. crypto ipsec ikev2 ipsec-proposal AES192
  132. protocol esp encryption aes-192
  133. protocol esp integrity sha-1 md5
  134. crypto ipsec ikev2 ipsec-proposal AES
  135. protocol esp encryption aes
  136. protocol esp integrity sha-1 md5
  137. crypto ipsec ikev2 ipsec-proposal 3DES
  138. protocol esp encryption 3des
  139. protocol esp integrity sha-1 md5
  140. crypto ipsec ikev2 ipsec-proposal DES
  141. protocol esp encryption des
  142. protocol esp integrity sha-1 md5
  143. crypto ipsec security-association pmtu-aging infinite
  144. crypto map outside_map 2 match address outside_cryptomap_1
  145. crypto map outside_map 2 set peer 192.168.0.221
  146. crypto map outside_map 2 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ES P-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  147. crypto map outside_map interface outside
  148. crypto ca trustpoint _SmartCallHome_ServerCA
  149. no validation-usage
  150. crl configure
  151. crypto ca trustpool policy
  152. crypto ca certificate chain _SmartCallHome_ServerCA
  153. certificate ca 18dad19e267de8bb4a2158cdcc6b3b4a
  154. 308204d3 308203bb a0030201 02021018 dad19e26 7de8bb4a 2158cdcc 6b3b4a30
  155. 0d06092a 864886f7 0d010105 05003081 ca310b30 09060355 04061302 55533117
  156. 30150603 55040a13 0e566572 69536967 6e2c2049 6e632e31 1f301d06 0355040b
  157. 13165665 72695369 676e2054 72757374 204e6574 776f726b 313a3038 06035504
  158. 0b133128 63292032 30303620 56657269 5369676e 2c20496e 632e202d 20466f72
  159. 20617574 686f7269 7a656420 75736520 6f6e6c79 31453043 06035504 03133c56
  160. 65726953 69676e20 436c6173 73203320 5075626c 69632050 72696d61 72792043
  161. 65727469 66696361 74696f6e 20417574 686f7269 7479202d 20473530 1e170d30
  162. 36313130 38303030 3030305a 170d3336 30373136 32333539 35395a30 81ca310b
  163. 30090603 55040613 02555331 17301506 0355040a 130e5665 72695369 676e2c20
  164. 496e632e 311f301d 06035504 0b131656 65726953 69676e20 54727573 74204e65
  165. 74776f72 6b313a30 38060355 040b1331 28632920 32303036 20566572 69536967
  166. 6e2c2049 6e632e20 2d20466f 72206175 74686f72 697a6564 20757365 206f6e6c
  167. 79314530 43060355 0403133c 56657269 5369676e 20436c61 73732033 20507562
  168. 6c696320 5072696d 61727920 43657274 69666963 6174696f 6e204175 74686f72
  169. 69747920 2d204735 30820122 300d0609 2a864886 f70d0101 01050003 82010f00
  170. 3082010a 02820101 00af2408 08297a35 9e600caa e74b3b4e dc7cbc3c 451cbb2b
  171. e0fe2902 f95708a3 64851527 f5f1adc8 31895d22 e82aaaa6 42b38ff8 b955b7b1
  172. b74bb3fe 8f7e0757 ecef43db 66621561 cf600da4 d8def8e0 c362083d 5413eb49
  173. ca595485 26e52b8f 1b9febf5 a191c233 49d84363 6a524bd2 8fe87051 4dd18969
  174. 7bc770f6 b3dc1274 db7b5d4b 56d396bf 1577a1b0 f4a225f2 af1c9267 18e5f406
  175. 04ef90b9 e400e4dd 3ab519ff 02baf43c eee08beb 378becf4 d7acf2f6 f03dafdd
  176. 75913319 1d1c40cb 74241921 93d914fe ac2a52c7 8fd50449 e48d6347 883c6983
  177. cbfe47bd 2b7e4fc5 95ae0e9d d4d143c0 6773e314 087ee53f 9f73b833 0acf5d3f
  178. 3487968a ee53e825 15020301 0001a381 b23081af 300f0603 551d1301 01ff0405
  179. 30030101 ff300e06 03551d0f 0101ff04 04030201 06306d06 082b0601 05050701
  180. 0c046130 5fa15da0 5b305930 57305516 09696d61 67652f67 69663021 301f3007
  181. 06052b0e 03021a04 148fe5d3 1a86ac8d 8e6bc3cf 806ad448 182c7b19 2e302516
  182. 23687474 703a2f2f 6c6f676f 2e766572 69736967 6e2e636f 6d2f7673 6c6f676f
  183. 2e676966 301d0603 551d0e04 1604147f d365a7c2 ddecbbf0 3009f343 39fa02af
  184. 33313330 0d06092a 864886f7 0d010105 05000382 01010093 244a305f 62cfd81a
  185. 982f3dea dc992dbd 77f6a579 2238ecc4 a7a07812 ad620e45 7064c5e7 97662d98
  186. 097e5faf d6cc2865 f201aa08 1a47def9 f97c925a 0869200d d93e6d6e 3c0d6ed8
  187. e6069140 18b9f8c1 eddfdb41 aae09620 c9cd6415 3881c994 eea28429 0b136f8e
  188. db0cdd25 02dba48b 1944d241 7a05694a 584f60ca 7e826a0b 02aa2517 39b5db7f
  189. e784652a 958abd86 de5e8116 832d10cc defda882 2a6d281f 0d0bc4e5 e71a2619
  190. e1f4116f 10b595fc e7420532 dbce9d51 5e28b69e 85d35bef a57d4540 728eb70e
  191. 6b0e06fb 33354871 b89d278b c4655f0d 86769c44 7af6955c f65d3208 33a454b6
  192. 183f685c f2424a85 3854835f d1e82cf2 ac11d6a8 ed636a
  193. quit
  194. crypto ikev2 policy 1
  195. encryption aes-256
  196. integrity sha
  197. group 5 2
  198. prf sha
  199. lifetime seconds 86400
  200. crypto ikev2 policy 10
  201. encryption aes-192
  202. integrity sha
  203. group 5 2
  204. prf sha
  205. lifetime seconds 86400
  206. crypto ikev2 policy 20
  207. encryption aes
  208. integrity sha
  209. group 5 2
  210. prf sha
  211. lifetime seconds 86400
  212. crypto ikev2 policy 30
  213. encryption 3des
  214. integrity sha
  215. group 5 2
  216. prf sha
  217. lifetime seconds 86400
  218. crypto ikev2 policy 40
  219. encryption des
  220. integrity sha
  221. group 5 2
  222. prf sha
  223. lifetime seconds 86400
  224. crypto ikev2 enable outside
  225. crypto ikev1 enable outside
  226. crypto ikev1 policy 10
  227. authentication pre-share
  228. encryption aes-256
  229. hash sha
  230. group 2
  231. lifetime 86400
  232. crypto ikev1 policy 20
  233. authentication rsa-sig
  234. encryption aes-256
  235. hash sha
  236. group 2
  237. lifetime 86400
  238. crypto ikev1 policy 40
  239. authentication pre-share
  240. encryption aes-192
  241. hash sha
  242. group 2
  243. lifetime 86400
  244. crypto ikev1 policy 50
  245. authentication rsa-sig
  246. encryption aes-192
  247. hash sha
  248. group 2
  249. lifetime 86400
  250. crypto ikev1 policy 70
  251. authentication pre-share
  252. encryption aes
  253. hash sha
  254. group 2
  255. lifetime 86400
  256. crypto ikev1 policy 80
  257. authentication rsa-sig
  258. encryption aes
  259. hash sha
  260. group 2
  261. lifetime 86400
  262. crypto ikev1 policy 100
  263. authentication pre-share
  264. encryption 3des
  265. hash sha
  266. group 2
  267. lifetime 86400
  268. crypto ikev1 policy 110
  269. authentication rsa-sig
  270. encryption 3des
  271. hash sha
  272. group 2
  273. lifetime 86400
  274. crypto ikev1 policy 130
  275. authentication pre-share
  276. encryption des
  277. hash sha
  278. group 2
  279. lifetime 86400
  280. crypto ikev1 policy 140
  281. authentication rsa-sig
  282. encryption des
  283. hash sha
  284. group 2
  285. lifetime 86400
  286. telnet 10.0.0.0 255.255.255.0 inside
  287. telnet 192.168.1.0 255.255.255.0 inside
  288. telnet timeout 5
  289. ssh stricthostkeycheck
  290. ssh 192.168.1.0 255.255.255.0 inside
  291. ssh 10.0.0.0 255.255.255.0 inside
  292. ssh timeout 5
  293. ssh key-exchange group dh-group1-sha1
  294. console timeout 0
  295. management-access inside
  296.  
  297. dhcpd dns 8.8.8.8 192.168.1.5
  298. dhcpd auto_config outside
  299. !
  300. dhcpd address 10.0.0.5-10.0.0.254 inside
  301. dhcpd enable inside
  302. !
  303. threat-detection basic-threat
  304. threat-detection statistics access-list
  305. no threat-detection statistics tcp-intercept
  306. webvpn
  307. anyconnect-essentials
  308. cache
  309. disable
  310. group-policy DfltGrpPolicy attributes
  311. vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless
  312. group-policy GroupPolicy_######## internal
  313. tunnel-group ###### type ipsec-l2l
  314. tunnel-group ###### ipsec-attributes
  315. ikev1 pre-shared-key *****
  316. ikev2 local-authentication pre-shared-key *****
  317. !
  318. class-map inspection_default
  319. match default-inspection-traffic
  320. !
  321. !
  322. policy-map type inspect dns preset_dns_map
  323. parameters
  324. message-length maximum client auto
  325. message-length maximum 512
  326. policy-map global_policy
  327. class inspection_default
  328. inspect dns preset_dns_map
  329. inspect ftp
  330. inspect h323 h225
  331. inspect h323 ras
  332. inspect rsh
  333. inspect rtsp
  334. inspect esmtp
  335. inspect sqlnet
  336. inspect skinny
  337. inspect sunrpc
  338. inspect xdmcp
  339. inspect sip
  340. inspect netbios
  341. inspect tftp
  342. inspect ip-options
  343. inspect icmp
  344. !
  345. service-policy global_policy global
  346. prompt hostname context
  347. call-home reporting anonymous
  348. Cryptochecksum:543e3d54ba597263366dd1e29f2c7fcb
  349. : end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!