Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- fw1# show run
- : Saved
- :
- : Serial Number: JMX1040K0TF
- : Hardware: ASA5550, 4096 MB RAM, CPU Pentium 4 3000 MHz
- :
- ASA Version 9.1(7)
- !
- hostname fw1
- enable password 8Ry2YjIyt7RRXU24 encrypted
- names
- !
- interface GigabitEthernet0/0
- nameif Outside
- security-level 0
- ip address 207.253.203.2 255.255.255.240
- !
- interface GigabitEthernet0/1
- shutdown
- no nameif
- no security-level
- no ip address
- !
- interface GigabitEthernet0/2
- shutdown
- no nameif
- no security-level
- no ip address
- !
- interface GigabitEthernet0/3
- shutdown
- no nameif
- no security-level
- no ip address
- !
- interface Management0/0
- management-only
- no nameif
- security-level 100
- no ip address
- !
- interface GigabitEthernet1/0
- nameif inside
- security-level 100
- ip address 192.168.10.1 255.255.255.0
- !
- interface GigabitEthernet1/1
- no nameif
- no security-level
- no ip address
- !
- interface GigabitEthernet1/1.5
- vlan 5
- nameif inside5
- security-level 100
- ip address 10.0.5.1 255.255.255.0
- !
- interface GigabitEthernet1/1.11
- vlan 11
- nameif inside11
- security-level 10
- ip address 192.168.11.1 255.255.255.0
- !
- interface GigabitEthernet1/1.12
- vlan 12
- nameif inside12
- security-level 100
- ip address 10.0.12.1 255.255.255.0
- !
- interface GigabitEthernet1/1.30
- vlan 30
- nameif insideDOCKER
- security-level 100
- ip address 172.17.0.1 255.255.0.0
- !
- interface GigabitEthernet1/1.101
- vlan 101
- nameif insidePOD1
- security-level 100
- ip address 10.101.0.1 255.255.255.0
- !
- interface GigabitEthernet1/2
- shutdown
- no nameif
- no security-level
- no ip address
- !
- interface GigabitEthernet1/3
- shutdown
- no nameif
- no security-level
- no ip address
- !
- ftp mode passive
- same-security-traffic permit inter-interface
- object network obj_any
- subnet 0.0.0.0 0.0.0.0
- object network wifiguest
- subnet 0.0.0.0 0.0.0.0
- object network POD1
- subnet 0.0.0.0 0.0.0.0
- object network DOCKER
- subnet 0.0.0.0 0.0.0.0
- object network inside
- subnet 0.0.0.0 0.0.0.0
- object network PAT-SSH
- host 192.168.10.2
- access-list outside-inbound extended permit tcp any object PAT-SSH eq ssh
- pager lines 24
- mtu Outside 1500
- mtu inside 1500
- mtu inside12 1500
- mtu inside11 1500
- mtu inside5 1500
- mtu insidePOD1 1500
- mtu insideDOCKER 1500
- no failover
- icmp unreachable rate-limit 1 burst-size 1
- icmp permit 192.168.10.0 255.255.255.0 Outside
- icmp permit 192.168.10.0 255.255.255.0 inside
- no asdm history enable
- arp timeout 14400
- no arp permit-nonconnected
- !
- object network obj_any
- nat (inside5,Outside) dynamic interface
- object network wifiguest
- nat (inside11,Outside) dynamic interface
- object network POD1
- nat (insidePOD1,Outside) dynamic interface
- object network DOCKER
- nat (insideDOCKER,Outside) dynamic interface
- object network inside
- nat (inside,Outside) dynamic interface
- object network PAT-SSH
- nat (inside,Outside) static interface service tcp ssh ssh
- access-group outside-inbound in interface Outside
- route Outside 0.0.0.0 0.0.0.0 207.253.203.1 1
- timeout xlate 3:00:00
- timeout pat-xlate 0:00:30
- timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
- timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
- timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
- timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
- timeout tcp-proxy-reassembly 0:01:00
- timeout floating-conn 0:00:00
- dynamic-access-policy-record DfltAccessPolicy
- user-identity default-domain LOCAL
- http server enable
- http 192.168.10.0 255.255.255.0 inside
- http 10.0.5.0 255.255.255.0 inside
- no snmp-server location
- no snmp-server contact
- crypto ipsec security-association pmtu-aging infinite
- crypto ca trustpool policy
- telnet timeout 5
- ssh stricthostkeycheck
- ssh timeout 5
- ssh key-exchange group dh-group1-sha1
- console timeout 0
- !
- tls-proxy maximum-session 1000
- !
- threat-detection basic-threat
- threat-detection statistics access-list
- no threat-detection statistics tcp-intercept
- username admin password f3UhLvUj1QsXsuK7 encrypted privilege 15
- !
- class-map inspection_default
- match default-inspection-traffic
- !
- !
- policy-map global_policy
- class inspection_default
- inspect icmp
- class class-default
- inspect icmp
- policy-map global_polic
- !
- service-policy global_policy global
- prompt hostname context
- no call-home reporting anonymous
- Cryptochecksum:fe3ca545111491fb7661cca0d576b5e6
- : end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement