iputuhariyadi

cisco-asa

Aug 22nd, 2021
34
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. : Saved
  2. : Written by enable_15 at 00:00:00 UTC Mar 1 1993
  3. : Call-home enabled from prompt by enable_15 at 00:00:00 UTC Mar 1 1993
  4. : Written by enable_15 at 00:01:49 UTC Mar 1 1993
  5. : Call-home enabled from prompt by enable_15 at 00:01:49 UTC Mar 1 1993
  6. :
  7. ASA Version 8.4(2)
  8. !
  9. hostname ASA-SMKBISA
  10. enable password dH9C0gZD3G0dUFZU encrypted
  11. names
  12. !
  13. interface Ethernet0/0
  14. switchport access vlan 2
  15. !
  16. interface Ethernet0/1
  17. switchport access vlan 1
  18. !
  19. interface Ethernet0/2
  20. switchport access vlan 3
  21. !
  22. interface Ethernet0/3
  23. switchport access vlan 1
  24. !
  25. interface Ethernet0/4
  26. switchport access vlan 1
  27. !
  28. interface Ethernet0/5
  29. switchport access vlan 1
  30. !
  31. interface Ethernet0/6
  32. switchport access vlan 1
  33. !
  34. interface Ethernet0/7
  35. switchport access vlan 1
  36. !
  37. interface Vlan1
  38. nameif inside
  39. security-level 100
  40. ip address 192.168.3.129 255.255.255.128
  41. !
  42. interface Vlan2
  43. nameif outside
  44. security-level 0
  45. ip address 203.0.113.33 255.255.255.248
  46. !
  47. interface Vlan3
  48. no forward interface Vlan1
  49. nameif dmz
  50. security-level 50
  51. ip address 192.168.3.2 255.255.255.252
  52. !
  53. object network dmz-server
  54. host 192.168.3.1
  55. object network inside-net
  56. subnet 192.168.3.0 255.255.255.128
  57. !
  58. route outside 0.0.0.0 0.0.0.0 203.0.113.38 1
  59. !
  60. access-list OUTSIDE-DMZ extended permit icmp any host 192.168.3.1
  61. access-list OUTSIDE-DMZ extended permit tcp any host 192.168.3.1 eq www
  62. !
  63. !
  64. access-group OUTSIDE-DMZ in interface outside
  65. object network dmz-server
  66. nat (dmz,outside) static 203.0.113.34
  67. object network inside-net
  68. nat (inside,outside) dynamic interface
  69. !
  70. !
  71. !
  72. !
  73. class-map inspection_default
  74. match default-inspection-traffic
  75. !
  76. policy-map global_policy
  77. class inspection_default
  78. inspect dns
  79. inspect http
  80. inspect icmp
  81. !
  82. service-policy global_policy global
  83. !
  84. telnet timeout 5
  85. ssh timeout 5
  86. !
  87. dhcpd auto_config outside
  88. !
  89. dhcpd address 192.168.3.130-192.168.3.161 inside
  90. dhcpd dns 203.0.113.1 interface inside
  91. dhcpd enable inside
  92. !
  93. !
  94. !
  95. !
  96. !
  97. !
  98.  
  99.  
RAW Paste Data