: Serial Number: JAD21290937 : Hardware: ASA5506, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cor es) : ASA Version 9.9(2) ! hostname ciscoasa enable password $sha512$5000$bkFMunGBgqNnVxkQtKMBFw==$F5t2zlgbA8NMWnsc1QRQxA== p bkdf2 passwd RWb38nGQJEedhEPh encrypted names ! interface GigabitEthernet1/1 nameif outside security-level 0 ip address 213.27.39.14 255.255.255.192 ! interface GigabitEthernet1/2 bridge-group 1 nameif inside_1 security-level 100 ! interface GigabitEthernet1/3 bridge-group 1 nameif inside_2 security-level 100 ! interface GigabitEthernet1/4 bridge-group 1 nameif inside_3 security-level 100 ! interface GigabitEthernet1/5 bridge-group 1 nameif inside_4 security-level 100 ! interface GigabitEthernet1/6 bridge-group 1 nameif inside_5 security-level 100 ! interface GigabitEthernet1/7 bridge-group 1 nameif inside_6 security-level 100 ! interface GigabitEthernet1/8 bridge-group 1 nameif inside_7 security-level 100 ! interface Management1/1 management-only nameif manage security-level 100 ip address 192.168.233.242 255.255.255.0 ! interface BVI1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 ! ftp mode passive same-security-traffic permit inter-interface object network obj_any1 subnet 0.0.0.0 0.0.0.0 object network obj_any2 subnet 0.0.0.0 0.0.0.0 object network obj_any3 subnet 0.0.0.0 0.0.0.0 object network obj_any4 subnet 0.0.0.0 0.0.0.0 object network obj_any5 subnet 0.0.0.0 0.0.0.0 object network obj_any6 subnet 0.0.0.0 0.0.0.0 object network obj_any7 subnet 0.0.0.0 0.0.0.0 object network OBJ_NAT_LAN subnet 192.168.1.0 255.255.255.0 object network NETWORK_OBJ_192.168.0.0_24 subnet 192.168.88.0 255.255.255.0 object network NETWORK_OBJ_192.168.1.0_24 subnet 192.168.1.0 255.255.255.0 object-group service DM_INLINE_SERVICE_1 service-object ip service-object icmp service-object tcp-udp destination eq www service-object tcp destination eq https access-list global_access extended permit object-group DM_INLINE_SERVICE_1 any any access-list outside_cryptomap extended permit ip 192.168.1.0 255.255.255.0 192.168.88.0 255.255.255.0 pager lines 24 logging asdm informational mtu outside 1500 mtu inside_1 1500 mtu inside_2 1500 mtu inside_3 1500 mtu inside_4 1500 mtu inside_5 1500 mtu inside_6 1500 mtu inside_7 1500 mtu manage 1500 icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 no arp permit-nonconnected arp rate-limit 16384 nat (outside,outside) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static NETWORK_OBJ_192.168.0.0_24 NETWORK_OBJ_192.168.0.0_24 no-proxy-arp route-lookup ! object network obj_any1 nat (inside_1,outside) dynamic interface object network obj_any2 nat (inside_2,outside) dynamic interface object network obj_any3 nat (inside_3,outside) dynamic interface object network obj_any4 nat (inside_4,outside) dynamic interface object network obj_any5 nat (inside_5,outside) dynamic interface object network obj_any6 nat (inside_6,outside) dynamic interface object network obj_any7 nat (inside_7,outside) dynamic interface access-group global_access global route outside 0.0.0.0 0.0.0.0 213.27.39.1 1 timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 timeout conn-holddown 0:00:15 timeout igp stale-route 0:01:10 user-identity default-domain LOCAL aaa authentication ssh console LOCAL aaa authentication login-history http server enable http 192.168.1.0 255.255.255.0 inside_1 http 192.168.1.0 255.255.255.0 inside_2 http 192.168.1.0 255.255.255.0 inside_3 http 192.168.1.0 255.255.255.0 inside_4 http 192.168.1.0 255.255.255.0 inside_5 http 192.168.1.0 255.255.255.0 inside_6 http 192.168.1.0 255.255.255.0 inside_7 http 192.168.233.0 255.255.255.0 manage no snmp-server location no snmp-server contact service sw-reset-button crypto ipsec ikev2 ipsec-proposal sha256 protocol esp encryption aes-256 protocol esp integrity sha-256 crypto ipsec security-association pmtu-aging infinite crypto map outside_map0 1 set peer 85.115.239.250 crypto map outside_map0 1 set ikev2 ipsec-proposal sha256 crypto map outside_map0 interface outside crypto ca trustpool policy crypto ikev2 policy 1 encryption aes-256 integrity sha256 group 2 prf sha256 lifetime seconds 86400 telnet timeout 5 ssh stricthostkeycheck ssh 192.168.233.0 255.255.255.0 manage ssh timeout 5 ssh version 2 ssh key-exchange group dh-group1-sha1 console timeout 0 dhcpd auto_config outside ! dhcpd address 192.168.1.5-192.168.1.254 inside dhcpd enable inside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept group-policy DfltGrpPolicy attributes vpn-tunnel-protocol ikev2 l2tp-ipsec ssl-clientless dynamic-access-policy-record DfltAccessPolicy username admin password $sha512$5000$QbN/t99zzPMYaQoiUx9opQ==$BUO99vu1obqYdmiZqgMu9A== pbkdf2 tunnel-group 85.115.239.250 type ipsec-l2l tunnel-group 85.115.239.250 ipsec-attributes ikev2 remote-authentication pre-shared-key ***** ikev2 local-authentication pre-shared-key ***** ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 no tcp-inspection policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options inspect icmp ! service-policy global_policy global prompt hostname context Cryptochecksum:105ce4f5e350e677d555358679bcb2de : end