View difference between Paste ID: <a href="/D8kpibsJ">D8kpibsJ</a> and <a href="/r2Dcx54k">r2Dcx54k</a>

show run
1		show run
2		: Saved
3		:
4		: Serial Number: JMX1619Z136
5		: Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz
6		:
7		ASA Version 9.1(7)16
8		!
9	-	hostname TSGM-OHRA-13397-ASA1
9	+	hostname ciscoasa1
10	-	domain-name ad.tristansgray.com
10	+	domain-name ##########
11	-	enable password bIjiuIvLH1VMiilI encrypted
11	+	enable password ############## encrypted
12		names
13		!
14		interface Ethernet0/0
15		switchport access vlan 2
16		!
17		interface Ethernet0/1
18		!
19		interface Ethernet0/2
20		!
21		interface Ethernet0/3
22		!
23		interface Ethernet0/4
24		!
25		interface Ethernet0/5
26		!
27		interface Ethernet0/6
28		!
29		interface Ethernet0/7
30		!
31		interface Vlan1
32		nameif inside
33		security-level 100
34		ip address 10.0.0.1 255.255.255.0
35		!
36		interface Vlan2
37		nameif outside
38		security-level 0
39		ip address dhcp setroute
40		!
41		ftp mode passive
42		dns domain-lookup inside
43		dns server-group DefaultDNS
44		name-server 8.8.8.8
45		name-server 192.168.1.5
46		name-server 192.168.1.6
47	-	domain-name ad.tristansgray.com
47	+	domain-name ############
48		object network obj_any
49		subnet 0.0.0.0 0.0.0.0
50		object network 3759
51		subnet 192.168.1.0 255.255.255.0
52		object network NETWORK_OBJ_10.0.0.0_24
53		subnet 10.0.0.0 255.255.255.0
54		object network Local
55		subnet 10.0.0.0 255.255.255.0
56		object-group service DM_INLINE_SERVICE_1
57		service-object icmp
58		service-object icmp echo
59		service-object icmp echo-reply
60		service-object icmp traceroute
61		service-object tcp-udp destination eq www
62		access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 a ny interface outside
63		access-list outside_access_in extended permit tcp any interface outside eq https
64		access-list outside_access_in extended permit ip 10.0.0.0 255.255.255.0 object 3 759
65		access-list outside_cryptomap extended permit ip 10.0.0.0 255.255.255.0 object 3 759
66		access-list outside_cryptomap_1 extended permit ip 10.0.0.0 255.255.255.0 object 3759
67		pager lines 24
68		logging asdm informational
69		mtu inside 1500
70		mtu outside 1500
71		no failover
72		icmp unreachable rate-limit 1 burst-size 1
73		no asdm history enable
74		arp timeout 14400
75		no arp permit-nonconnected
76		nat (inside,outside) source static NETWORK_OBJ_10.0.0.0_24 NETWORK_OBJ_10.0.0.0_ 24 destination static 3759 3759 no-proxy-arp route-lookup
77		!
78		object network obj_any
79		nat (inside,outside) dynamic interface
80		!
81		nat (inside,outside) after-auto source dynamic any interface
82		access-group outside_access_in in interface outside
83		timeout xlate 3:00:00
84		timeout pat-xlate 0:00:30
85		timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
86		timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
87		timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
88		timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
89		timeout tcp-proxy-reassembly 0:01:00
90		timeout floating-conn 0:00:00
91		dynamic-access-policy-record DfltAccessPolicy
92		user-identity default-domain LOCAL
93		http server enable
94		http 10.0.0.0 255.255.255.0 inside
95		http 192.168.1.0 255.255.255.0 inside
96		no snmp-server location
97		no snmp-server contact
98		crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS esp-aes esp-md5-hmac
99		crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transport
100		crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
101		crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport
102		crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac
103		crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transport
104		crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
105		crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport
106		crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac
107		crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transport
108		crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
109		crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
110		crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
111		crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transport
112		crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac
113		crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transport
114		crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
115		crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
116		crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac
117		crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport
118		crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS esp-des esp-md5-hmac
119		crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transport
120		crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
121		crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
122		crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
123		crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
124		crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
125		crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
126		crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac
127		crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport
128		crypto ipsec ikev2 ipsec-proposal AES256
129		protocol esp encryption aes-256
130		protocol esp integrity sha-1 md5
131		crypto ipsec ikev2 ipsec-proposal AES192
132		protocol esp encryption aes-192
133		protocol esp integrity sha-1 md5
134		crypto ipsec ikev2 ipsec-proposal AES
135		protocol esp encryption aes
136		protocol esp integrity sha-1 md5
137		crypto ipsec ikev2 ipsec-proposal 3DES
138		protocol esp encryption 3des
139		protocol esp integrity sha-1 md5
140		crypto ipsec ikev2 ipsec-proposal DES
141		protocol esp encryption des
142		protocol esp integrity sha-1 md5
143		crypto ipsec security-association pmtu-aging infinite
144		crypto map outside_map 2 match address outside_cryptomap_1
145		crypto map outside_map 2 set peer 192.168.0.221
146		crypto map outside_map 2 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ES P-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
147		crypto map outside_map interface outside
148		crypto ca trustpoint _SmartCallHome_ServerCA
149		no validation-usage
150		crl configure
151		crypto ca trustpool policy
152		crypto ca certificate chain _SmartCallHome_ServerCA
153		certificate ca 18dad19e267de8bb4a2158cdcc6b3b4a
154		308204d3 308203bb a0030201 02021018 dad19e26 7de8bb4a 2158cdcc 6b3b4a30
155		0d06092a 864886f7 0d010105 05003081 ca310b30 09060355 04061302 55533117
156		30150603 55040a13 0e566572 69536967 6e2c2049 6e632e31 1f301d06 0355040b
157		13165665 72695369 676e2054 72757374 204e6574 776f726b 313a3038 06035504
158		0b133128 63292032 30303620 56657269 5369676e 2c20496e 632e202d 20466f72
159		20617574 686f7269 7a656420 75736520 6f6e6c79 31453043 06035504 03133c56
160		65726953 69676e20 436c6173 73203320 5075626c 69632050 72696d61 72792043
161		65727469 66696361 74696f6e 20417574 686f7269 7479202d 20473530 1e170d30
162		36313130 38303030 3030305a 170d3336 30373136 32333539 35395a30 81ca310b
163		30090603 55040613 02555331 17301506 0355040a 130e5665 72695369 676e2c20
164		496e632e 311f301d 06035504 0b131656 65726953 69676e20 54727573 74204e65
165		74776f72 6b313a30 38060355 040b1331 28632920 32303036 20566572 69536967
166		6e2c2049 6e632e20 2d20466f 72206175 74686f72 697a6564 20757365 206f6e6c
167		79314530 43060355 0403133c 56657269 5369676e 20436c61 73732033 20507562
168		6c696320 5072696d 61727920 43657274 69666963 6174696f 6e204175 74686f72
169		69747920 2d204735 30820122 300d0609 2a864886 f70d0101 01050003 82010f00
170		3082010a 02820101 00af2408 08297a35 9e600caa e74b3b4e dc7cbc3c 451cbb2b
171		e0fe2902 f95708a3 64851527 f5f1adc8 31895d22 e82aaaa6 42b38ff8 b955b7b1
172		b74bb3fe 8f7e0757 ecef43db 66621561 cf600da4 d8def8e0 c362083d 5413eb49
173		ca595485 26e52b8f 1b9febf5 a191c233 49d84363 6a524bd2 8fe87051 4dd18969
174		7bc770f6 b3dc1274 db7b5d4b 56d396bf 1577a1b0 f4a225f2 af1c9267 18e5f406
175		04ef90b9 e400e4dd 3ab519ff 02baf43c eee08beb 378becf4 d7acf2f6 f03dafdd
176		75913319 1d1c40cb 74241921 93d914fe ac2a52c7 8fd50449 e48d6347 883c6983
177		cbfe47bd 2b7e4fc5 95ae0e9d d4d143c0 6773e314 087ee53f 9f73b833 0acf5d3f
178		3487968a ee53e825 15020301 0001a381 b23081af 300f0603 551d1301 01ff0405
179		30030101 ff300e06 03551d0f 0101ff04 04030201 06306d06 082b0601 05050701
180		0c046130 5fa15da0 5b305930 57305516 09696d61 67652f67 69663021 301f3007
181		06052b0e 03021a04 148fe5d3 1a86ac8d 8e6bc3cf 806ad448 182c7b19 2e302516
182		23687474 703a2f2f 6c6f676f 2e766572 69736967 6e2e636f 6d2f7673 6c6f676f
183		2e676966 301d0603 551d0e04 1604147f d365a7c2 ddecbbf0 3009f343 39fa02af
184		33313330 0d06092a 864886f7 0d010105 05000382 01010093 244a305f 62cfd81a
185		982f3dea dc992dbd 77f6a579 2238ecc4 a7a07812 ad620e45 7064c5e7 97662d98
186		097e5faf d6cc2865 f201aa08 1a47def9 f97c925a 0869200d d93e6d6e 3c0d6ed8
187		e6069140 18b9f8c1 eddfdb41 aae09620 c9cd6415 3881c994 eea28429 0b136f8e
188		db0cdd25 02dba48b 1944d241 7a05694a 584f60ca 7e826a0b 02aa2517 39b5db7f
189		e784652a 958abd86 de5e8116 832d10cc defda882 2a6d281f 0d0bc4e5 e71a2619
190		e1f4116f 10b595fc e7420532 dbce9d51 5e28b69e 85d35bef a57d4540 728eb70e
191		6b0e06fb 33354871 b89d278b c4655f0d 86769c44 7af6955c f65d3208 33a454b6
192		183f685c f2424a85 3854835f d1e82cf2 ac11d6a8 ed636a
193		quit
194		crypto ikev2 policy 1
195		encryption aes-256
196		integrity sha
197		group 5 2
198		prf sha
199		lifetime seconds 86400
200		crypto ikev2 policy 10
201		encryption aes-192
202		integrity sha
203		group 5 2
204		prf sha
205		lifetime seconds 86400
206		crypto ikev2 policy 20
207		encryption aes
208		integrity sha
209		group 5 2
210		prf sha
211		lifetime seconds 86400
212		crypto ikev2 policy 30
213		encryption 3des
214		integrity sha
215		group 5 2
216		prf sha
217		lifetime seconds 86400
218		crypto ikev2 policy 40
219		encryption des
220		integrity sha
221		group 5 2
222		prf sha
223		lifetime seconds 86400
224		crypto ikev2 enable outside
225		crypto ikev1 enable outside
226		crypto ikev1 policy 10
227		authentication pre-share
228		encryption aes-256
229		hash sha
230		group 2
231		lifetime 86400
232		crypto ikev1 policy 20
233		authentication rsa-sig
234		encryption aes-256
235		hash sha
236		group 2
237		lifetime 86400
238		crypto ikev1 policy 40
239		authentication pre-share
240		encryption aes-192
241		hash sha
242		group 2
243		lifetime 86400
244		crypto ikev1 policy 50
245		authentication rsa-sig
246		encryption aes-192
247		hash sha
248		group 2
249		lifetime 86400
250		crypto ikev1 policy 70
251		authentication pre-share
252		encryption aes
253		hash sha
254		group 2
255		lifetime 86400
256		crypto ikev1 policy 80
257		authentication rsa-sig
258		encryption aes
259		hash sha
260		group 2
261		lifetime 86400
262		crypto ikev1 policy 100
263		authentication pre-share
264		encryption 3des
265		hash sha
266		group 2
267		lifetime 86400
268		crypto ikev1 policy 110
269		authentication rsa-sig
270		encryption 3des
271		hash sha
272		group 2
273		lifetime 86400
274		crypto ikev1 policy 130
275		authentication pre-share
276		encryption des
277		hash sha
278		group 2
279		lifetime 86400
280		crypto ikev1 policy 140
281		authentication rsa-sig
282		encryption des
283		hash sha
284		group 2
285		lifetime 86400
286		telnet 10.0.0.0 255.255.255.0 inside
287		telnet 192.168.1.0 255.255.255.0 inside
288		telnet timeout 5
289		ssh stricthostkeycheck
290		ssh 192.168.1.0 255.255.255.0 inside
291		ssh 10.0.0.0 255.255.255.0 inside
292		ssh timeout 5
293		ssh key-exchange group dh-group1-sha1
294		console timeout 0
295		management-access inside
296
297		dhcpd dns 8.8.8.8 192.168.1.5
298		dhcpd auto_config outside
299		!
300		dhcpd address 10.0.0.5-10.0.0.254 inside
301		dhcpd enable inside
302		!
303		threat-detection basic-threat
304		threat-detection statistics access-list
305		no threat-detection statistics tcp-intercept
306		webvpn
307		anyconnect-essentials
308		cache
309		disable
310		group-policy DfltGrpPolicy attributes
311		vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless
312	-	group-policy GroupPolicy_192.168.0.221 internal
312	+	group-policy GroupPolicy_######## internal
313	-	tunnel-group 192.168.0.221 type ipsec-l2l
313	+	tunnel-group ###### type ipsec-l2l
314	-	tunnel-group 192.168.0.221 ipsec-attributes
314	+	tunnel-group ###### ipsec-attributes
315		ikev1 pre-shared-key *****
316		ikev2 local-authentication pre-shared-key *****
317		!
318		class-map inspection_default
319		match default-inspection-traffic
320		!
321		!
322		policy-map type inspect dns preset_dns_map
323		parameters
324		message-length maximum client auto
325		message-length maximum 512
326		policy-map global_policy
327		class inspection_default
328		inspect dns preset_dns_map
329		inspect ftp
330		inspect h323 h225
331		inspect h323 ras
332		inspect rsh
333		inspect rtsp
334		inspect esmtp
335		inspect sqlnet
336		inspect skinny
337		inspect sunrpc
338		inspect xdmcp
339		inspect sip
340		inspect netbios
341		inspect tftp
342		inspect ip-options
343		inspect icmp
344		!
345		service-policy global_policy global
346		prompt hostname context
347		call-home reporting anonymous
348		Cryptochecksum:543e3d54ba597263366dd1e29f2c7fcb
349		: end