Guest User

ASA 5510 Static config

a guest
Jul 11th, 2022
51
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.41 KB | None | 0 0
  1. ASA Version 9.1(5)19
  2. !
  3. hostname ciscoasa
  4. domain-name
  5. enable password 8Ry2YjIyt7RRXU24 encrypted
  6. names
  7. !
  8. interface Ethernet0/0
  9. nameif outside
  10. security-level 0
  11. ip address 192.168.0.100 255.255.255.0
  12. !
  13. interface Ethernet0/1
  14. nameif Inside
  15. security-level 100
  16. ip address 192.168.3.1 255.255.255.0
  17. !
  18. interface Ethernet0/2
  19. shutdown
  20. no nameif
  21. no security-level
  22. no ip address
  23. !
  24. interface Ethernet0/3
  25. shutdown
  26. no nameif
  27. no security-level
  28. no ip address
  29. !
  30. interface Management0/0
  31. management-only
  32. nameif management
  33. security-level 100
  34. ip address 192.168.1.1 255.255.255.0
  35. !
  36. ftp mode passive
  37. clock timezone EST -5
  38. clock summer-time EDT recurring
  39. dns domain-lookup outside
  40. dns server-group DefaultDNS
  41. name-server 208.67.222.222
  42. name-server 208.67.220.220
  43. name-server 192.168.0.1
  44. same-security-traffic permit inter-interface
  45. same-security-traffic permit intra-interface
  46. object network obj-0.0.0.0
  47. subnet 0.0.0.0 0.0.0.0
  48. access-list inside_access_in extended permit ip 192.168.3.0 255.255.255.0 any
  49. pager lines 24
  50. logging enable
  51. logging asdm informational
  52. mtu management 1500
  53. mtu outside 1500
  54. mtu Inside 1500
  55. no failover
  56. icmp unreachable rate-limit 1 burst-size 1
  57. no asdm history enable
  58. arp timeout 14400
  59. no arp permit-nonconnected
  60. !
  61. object network obj-0.0.0.0
  62. nat (Inside,outside) dynamic interface
  63. route outside 0.0.0.0 0.0.0.0 192.168.0.1 1
  64. timeout xlate 3:00:00
  65. timeout pat-xlate 0:00:30
  66. timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  67. timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  68. timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  69. timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  70. timeout tcp-proxy-reassembly 0:01:00
  71. timeout floating-conn 0:00:00
  72. dynamic-access-policy-record DfltAccessPolicy
  73. user-identity default-domain LOCAL
  74. http server enable
  75. http 192.168.1.0 255.255.255.0 management
  76. no snmp-server location
  77. no snmp-server contact
  78. snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  79. crypto ipsec security-association pmtu-aging infinite
  80. crypto ca trustpool policy
  81. telnet timeout 5
  82. no ssh stricthostkeycheck
  83. ssh timeout 5
  84. ssh key-exchange group dh-group1-sha1
  85. console timeout 0
  86. dhcpd address 192.168.1.2-192.168.1.254 management
  87. dhcpd enable management
  88. !
  89. dhcpd address 192.168.3.2-192.168.3.254 Inside
  90. dhcpd auto_config outside interface Inside
  91. dhcpd enable Inside
  92. !
  93. threat-detection basic-threat
  94. threat-detection statistics access-list
  95. no threat-detection statistics tcp-intercept
  96. ntp authentication-key 1 md5 *****
  97. ntp authenticate
  98. ntp trusted-key 1
  99. ntp server 129.6.15.28 key 1 source outside prefer
  100. webvpn
  101. anyconnect-essentials
  102. username admin password 7KKG/zg/Wo8c.YfN encrypted
  103. !
  104. class-map inspection_default
  105. match default-inspection-traffic
  106. !
  107. !
  108. policy-map type inspect dns preset_dns_map
  109. parameters
  110. message-length maximum client auto
  111. message-length maximum 512
  112. policy-map global_policy
  113. class inspection_default
  114. inspect dns preset_dns_map
  115. inspect ftp
  116. inspect h323 h225
  117. inspect h323 ras
  118. inspect rsh
  119. inspect rtsp
  120. inspect esmtp
  121. inspect sqlnet
  122. inspect skinny
  123. inspect sunrpc
  124. inspect xdmcp
  125. inspect sip
  126. inspect netbios
  127. inspect tftp
  128. inspect ip-options
  129. !
  130. service-policy global_policy global
  131. prompt hostname context
  132. Cryptochecksum:d2878cbdb7915cb0e79cb7939ea29493
  133. : end
  134.  
Add Comment
Please, Sign In to add comment