cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1969
Views
0
Helpful
10
Replies

ASA 5520 speed issue

macmillan1
Level 1
Level 1

Hi

We have a Cisco ASA 5520 that we've just connected up to a 100 Meg internet connection. Speedtests can only get to 10 Meg, but if I bypass the ASA I can confirm I get up to 99 Meg up and down.

The service was previously connected to a 15 Meg internet connection. Does anyone know where I can check to get this ASA to allow the 450 Meg throughput that it says in the datasheets?

Thanks

Chris

10 Replies 10

Vibhor Amrodia
Cisco Employee
Cisco Employee

Hi,

Is there a IPS module on the ASA device ?

Please share the ASA device configuration.

Thanks and Regards,

Vibhor Amrodia

Hi Vibhor

No, there is no IPS module on the device. Here's the config:

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.10.02 15:05:40 =~=~=~=~=~=~=~=~=~=~=~=


User Access Verification

Password: 
Type help or '?' for a list of available commands.

macmillan> En
Password: ********

macmillan# sho run
: Saved
:
ASA Version 7.2(3) 
!
hostname macmillan
domain-name mpl.root-domain.org
enable password xxxxx encrypted
names
dns-guard
!
interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address xxx.xx.xx.x 255.255.255.0 
!
interface GigabitEthernet0/1
 nameif inside
 security-level 100
 ip address xxx.xx.x.xx 255.255.252.0 
!
interface GigabitEthernet0/2
 nameif TPGOutside
 security-level 0
 ip address xx.xx.xx.xxx 255.255.255.252 
!
interface GigabitEthernet0/3
 nameif internet
 security-level 5
 ip address xx.xx.xxx.xxx 255.255.255.0 
!
interface Management0/0
 shutdown
 no nameif
 no security-level
 no ip address
!
passwd xxxxxx encrypted
boot system disk0:/asa723-k8.bin
ftp mode passive
clock timezone AEST 10
clock summer-time AEDT date Oct 7 2012 2:00 Apr 7 2013 3:00
dns domain-lookup inside
dns server-group DefaultDNS
 name-server 172.18.0.86
 domain-name mpl.root-domain.org
same-security-traffic permit intra-interface
object-group network og_ip_nat_dmz
 network-object host 172.18.181.22
 network-object host 172.18.181.156
 network-object host 172.18.181.23
 network-object host 172.18.181.25
access-list 10 standard permit 172.20.0.0 255.255.0.0 
access-list 10 standard permit 172.18.0.0 255.255.252.0 
access-list 10 standard permit 172.18.128.0 255.255.252.0 
access-list 10 standard permit 172.18.9.0 255.255.255.0 
access-list 10 standard permit 172.18.160.0 255.255.255.0 
access-list 10 standard permit 172.18.134.0 255.255.255.0 
access-list 10 standard permit 172.18.144.0 255.255.255.0 
access-list 10 standard permit 172.18.148.0 255.255.255.0 
access-list 10 standard permit 172.18.178.0 255.255.255.0 
access-list 10 standard permit 172.18.181.0 255.255.255.0 
access-list 10 standard permit 172.18.177.0 255.255.255.0 
access-list 10 standard permit 172.18.179.0 255.255.255.0 
access-list 10 standard permit 172.18.176.0 255.255.255.0 
access-list 10 standard permit 10.0.0.0 255.0.0.0 
access-list 10 standard permit 172.16.0.0 255.254.0.0 
access-list 10 standard permit 172.19.0.0 255.255.0.0 
access-list 10 standard permit 172.20.0.0 255.252.0.0 
access-list 10 standard permit 172.24.0.0 255.252.0.0 
access-list 10 standard permit 172.28.0.0 255.252.0.0 
access-list 10 standard permit 192.168.0.0 255.255.0.0 
access-list 10 standard permit 172.18.191.0 255.255.255.0 
access-list 10 standard permit 172.16.8.0 255.255.255.0 
access-list 10 standard permit 172.18.180.0 255.255.255.0 
access-list 10 standard permit host 172.16.8.5 
access-list 10 standard permit 172.17.0.0 255.255.0.0 
access-list 101 extended permit ip 193.1.1.0 255.255.255.0 10.10.10.0 255.255.255.0 
access-list 101 extended permit ip 172.20.0.0 255.255.0.0 10.10.10.0 255.255.255.0 
access-list 101 extended permit ip 202.6.93.0 255.255.255.0 172.20.0.0 255.255.0.0 
access-list 101 extended permit ip 172.20.0.0 255.255.0.0 202.6.93.0 255.255.255.0 
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 10.10.10.0 255.255.255.0 
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 10.10.10.0 255.255.255.0 
access-list 101 extended permit ip 172.18.9.0 255.255.255.0 10.10.10.0 255.255.255.0 
access-list 101 extended permit ip 172.18.154.0 255.255.255.0 172.18.9.0 255.255.255.0 
access-list 101 extended permit ip 172.18.154.0 255.255.255.0 10.10.10.0 255.255.255.0 
access-list 101 extended permit ip 172.18.132.0 255.255.255.0 10.10.10.0 255.255.255.0 
access-list 101 extended permit ip 172.18.160.0 255.255.255.0 10.10.10.0 255.255.255.0 
access-list 101 extended permit ip 172.18.161.0 255.255.255.0 10.10.10.0 255.255.255.0 
access-list 101 extended permit ip 10.10.10.0 255.255.255.0 host 172.18.132.10 
access-list 101 extended permit ip 172.20.0.0 255.255.0.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.9.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.154.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.132.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.160.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.161.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.144.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.148.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip host 172.18.148.11 host 59.154.24.162 
access-list 101 extended permit ip host 172.18.148.11 host 59.154.24.163 
access-list 101 extended permit ip host 172.18.148.9 host 59.154.24.162 
access-list 101 extended permit ip host 172.18.148.9 host 59.154.24.163 
access-list 101 extended permit ip host 172.18.148.16 host 59.154.24.162 
access-list 101 extended permit ip host 172.18.148.16 host 59.154.24.163 
access-list 101 extended permit ip 193.1.1.0 255.255.255.0 172.18.178.0 255.255.255.0 
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 172.18.178.0 255.255.255.0 
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 172.18.178.0 255.255.255.0 
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0 
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 172.18.177.0 255.255.255.0 
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 172.18.179.0 255.255.255.0 
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 172.18.179.0 255.255.255.0 
access-list 101 extended permit ip 172.18.181.0 255.255.255.0 172.18.179.0 255.255.255.0 
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0 
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 172.18.176.0 255.255.255.0 
access-list 101 extended permit ip 172.18.176.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.24.0.0 255.252.0.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip host 172.18.0.63 host 172.16.8.235 
access-list 101 extended permit ip host 172.18.0.63 host 172.16.8.5 
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.235 
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.5 
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.235 
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.5 
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.235 
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.5 
access-list 101 extended permit ip 172.18.144.0 255.255.252.0 host 172.16.8.235 
access-list 101 extended permit ip 172.18.144.0 255.255.252.0 host 172.16.8.5 
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 192.168.0.0 255.255.0.0 
access-list 101 extended permit ip 192.168.0.0 255.255.0.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 172.18.191.0 255.255.255.0 
access-list 101 extended permit ip 172.18.191.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.160.0 255.255.252.0 host 172.16.8.235 
access-list 101 extended permit ip 172.18.160.0 255.255.252.0 host 172.16.8.5 
access-list 101 extended permit ip host 172.16.8.5 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip host 172.16.8.235 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 host 172.18.191.5 
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 host 172.18.191.235 
access-list 101 extended permit ip 172.17.0.0 255.255.0.0 172.18.180.0 255.255.255.0 
access-list 101 extended permit ip 172.18.181.0 255.255.255.0 172.18.177.0 255.255.255.0 
access-list 101 extended permit ip 172.24.0.0 255.252.0.0 172.18.176.0 255.255.255.0 
access-list 101 extended permit ip 172.18.9.0 255.255.255.0 172.18.177.0 255.255.255.0 
access-list 101 extended permit udp 172.18.9.0 255.255.255.0 172.18.177.0 255.255.255.0 
access-list 101 extended permit ip 172.18.178.0 255.255.255.0 172.25.32.0 255.255.255.0 
access-list 101 extended permit ip 172.24.0.0 255.252.0.0 172.18.178.0 255.255.255.0 
access-list 101 extended permit ip 172.24.0.0 255.252.0.0 172.18.179.0 255.255.255.0 
access-list 101 extended permit ip 172.24.0.0 255.252.0.0 172.18.177.0 255.255.255.0 
access-list 130 extended permit ip 172.20.0.0 255.255.0.0 202.6.93.0 255.255.255.0 
access-list 140 extended permit ip 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0 
access-list 140 extended permit ip 172.18.128.0 255.255.252.0 172.18.176.0 255.255.255.0 
access-list 150 extended permit ip host 172.18.0.11 172.18.180.0 255.255.255.0 
access-list outside_acl extended permit icmp any any echo-reply 
access-list outside_acl extended permit icmp any any unreachable 
access-list outside_acl extended permit icmp any any time-exceeded 
access-list outside_acl extended permit tcp any host 203.26.59.2 eq www 
access-list outside_acl extended permit udp any host 203.26.59.2 eq domain 
access-list outside_acl extended permit tcp any host 203.26.59.9 eq www 
access-list outside_acl extended permit tcp host 203.41.44.102 host 203.26.59.9 eq lotusnotes 
access-list outside_acl extended permit tcp 203.41.45.0 255.255.255.248 host 203.26.59.9 eq lotusnotes 
access-list outside_acl extended permit tcp any host 203.26.59.2 eq domain 
access-list outside_acl extended permit tcp host 203.41.44.101 host 203.26.59.9 eq pcanywhere-data 
access-list outside_acl extended permit tcp host 203.41.44.101 host 203.26.59.9 eq 65301 
access-list outside_acl extended permit udp host 203.41.44.101 host 203.26.59.9 eq 22 
access-list outside_acl extended permit udp host 203.41.44.101 host 203.26.59.9 eq pcanywhere-status 
access-list outside_acl extended permit tcp host 203.41.44.102 host 203.26.59.9 eq pcanywhere-data 
access-list outside_acl extended permit tcp host 203.41.44.102 host 203.26.59.9 eq 65301 
access-list outside_acl extended permit udp host 203.41.44.102 host 203.26.59.9 eq 22 
access-list outside_acl extended permit udp host 203.41.44.102 host 203.26.59.9 eq pcanywhere-status 
access-list outside_acl extended permit tcp 203.41.45.0 255.255.255.248 host 203.26.59.9 eq pcanywhere-data 
access-list outside_acl extended permit tcp 203.41.45.0 255.255.255.248 host 203.26.59.9 eq 65301 
access-list outside_acl extended permit udp 203.41.45.0 255.255.255.248 host 203.26.59.9 eq 22 
access-list outside_acl extended permit udp 203.41.45.0 255.255.255.248 host 203.26.59.9 eq pcanywhere-status 
access-list outside_acl extended permit tcp any host 203.26.59.7 eq www 
access-list outside_acl extended permit tcp 203.166.119.128 255.255.255.192 host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp 216.82.240.0 255.255.240.0 host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp any host 203.26.59.2 eq ftp 
access-list outside_acl extended permit tcp 203.129.72.240 255.255.255.240 host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp 203.129.74.224 255.255.255.224 host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp 203.129.72.208 255.255.255.240 host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp 193.109.254.0 255.255.254.0 host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp 194.106.220.0 255.255.254.0 host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp 195.245.230.0 255.255.254.0 host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp 203.94.175.236 255.255.255.252 host 203.26.59.9 eq pcanywhere-data 
access-list outside_acl extended permit tcp 203.94.175.236 255.255.255.252 host 203.26.59.9 eq 65301 
access-list outside_acl extended permit udp 203.94.175.236 255.255.255.252 host 203.26.59.9 eq 22 
access-list outside_acl extended permit udp 203.94.175.236 255.255.255.252 host 203.26.59.9 eq pcanywhere-status 
access-list outside_acl extended permit tcp 203.94.175.236 255.255.255.252 host 203.26.59.9 eq lotusnotes 
access-list outside_acl extended permit tcp 203.94.175.128 255.255.255.224 host 203.26.59.9 eq pcanywhere-data 
access-list outside_acl extended permit tcp 203.94.175.128 255.255.255.224 host 203.26.59.9 eq 65301 
access-list outside_acl extended permit udp 203.94.175.128 255.255.255.224 host 203.26.59.9 eq 22 
access-list outside_acl extended permit udp 203.94.175.128 255.255.255.224 host 203.26.59.9 eq pcanywhere-status 
access-list outside_acl extended permit tcp 203.94.175.128 255.255.255.224 host 203.26.59.9 eq lotusnotes 
access-list outside_acl extended permit tcp 85.158.136.0 255.255.248.0 host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp 117.120.16.0 255.255.248.0 host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp 62.231.131.0 255.255.255.0 host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp 134.159.150.64 255.255.255.192 host 203.26.59.2 eq smtp 
access-list outside_acl extended deny tcp any host 203.26.59.2 eq smtp 
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq ssh 
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq ssh 
access-list outside_acl extended permit tcp host 129.78.249.54 host 203.26.59.50 eq ssh 
access-list outside_acl extended permit tcp host 203.108.76.90 host 203.26.59.50 eq ssh 
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.50 eq ssh 
access-list outside_acl extended permit tcp host 61.9.136.235 host 203.26.59.50 eq ssh 
access-list outside_acl extended permit tcp any host 203.26.59.50 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.50 eq 7084 
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq 7088 
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq 7088 
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.50 eq 7088 
access-list outside_acl extended permit tcp any host 203.26.59.50 eq 7207 
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq 7208 
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq 7208 
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.50 eq 7208 
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq 7800 
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq 7800 
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.50 eq 7800 
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq 7802 
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq 7802 
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.50 eq 7802 
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq 7804 
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq 7804 
access-list outside_acl extended permit tcp any host 203.26.59.50 eq 8001 
access-list outside_acl extended permit tcp any host 203.26.59.50 eq 8080 
access-list outside_acl extended permit tcp any host 203.26.59.51 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.51 eq https 
access-list outside_acl extended permit tcp any host 203.26.59.51 eq 8008 
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.51 eq 7089 
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.51 eq 7089 
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.51 eq 7089 
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.51 eq 7090 
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.51 eq 7090 
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.51 eq 7090 
access-list outside_acl extended permit tcp any host 203.26.59.52 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.53 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.56 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.42 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.56 eq 8180 
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.56 eq ssh 
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.56 eq ssh 
access-list outside_acl extended permit tcp host 213.80.128.18 host 203.26.59.56 eq ssh 
access-list outside_acl extended permit tcp host 213.80.128.18 host 203.26.59.56 eq 3306 
access-list outside_acl extended permit tcp 129.78.138.64 255.255.255.192 host 203.26.59.56 eq ssh 
access-list outside_acl extended permit tcp 129.78.138.64 255.255.255.192 host 203.26.59.56 eq 3306 
access-list outside_acl extended permit tcp host 211.30.205.158 host 203.26.59.50 eq ssh 
access-list outside_acl extended permit tcp host 122.108.75.112 host 203.26.59.50 eq ssh 
access-list outside_acl extended permit tcp host 122.108.75.112 host 203.26.59.50 eq 7088 
access-list outside_acl extended permit tcp host 122.108.75.112 host 203.26.59.50 eq 7208 
access-list outside_acl extended permit tcp host 122.108.75.112 host 203.26.59.51 eq 7089 
access-list outside_acl extended permit tcp host 122.108.75.112 host 203.26.59.51 eq 7090 
access-list outside_acl extended permit tcp any host 203.26.59.57 eq 8180 
access-list outside_acl extended permit tcp any host 203.26.59.57 eq www 
access-list outside_acl extended permit ip any host 203.26.59.8 
access-list outside_acl extended permit udp host 203.174.20.80 host 203.26.59.4 
access-list outside_acl extended permit udp host 195.138.194.55 host 203.26.59.4 
access-list outside_acl extended permit udp host 195.138.194.84 host 203.26.59.4 
access-list outside_acl extended permit tcp any host 203.26.59.71 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.71 eq https 
access-list outside_acl extended permit tcp any host 203.26.59.71 eq 8008 
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.71 eq 7089 
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.71 eq 7089 
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.71 eq 7090 
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.71 eq 7090 
access-list outside_acl extended permit tcp any host 203.26.59.72 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.73 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.70 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.70 eq 7207 
access-list outside_acl extended permit tcp any host 203.26.59.70 eq 8001 
access-list outside_acl extended permit tcp any host 203.26.59.70 eq 8080 
access-list outside_acl extended permit tcp host 129.78.138.65 host 203.26.59.70 eq ssh 
access-list outside_acl extended permit tcp host 129.78.138.66 host 203.26.59.70 eq ssh 
access-list outside_acl extended permit tcp host 129.78.138.80 host 203.26.59.70 eq ssh 
access-list outside_acl extended permit tcp any host 203.26.59.11 eq www 
access-list outside_acl extended permit udp host 75.101.164.127 host 203.26.59.9 eq pcanywhere-status 
access-list outside_acl extended permit tcp host 75.101.164.127 host 203.26.59.9 eq lotusnotes 
access-list outside_acl extended permit tcp host 75.101.164.127 host 203.26.59.9 eq pcanywhere-data 
access-list outside_acl extended permit udp host 174.143.147.150 host 203.26.59.9 eq pcanywhere-status 
access-list outside_acl extended permit tcp host 174.143.147.150 host 203.26.59.9 eq lotusnotes 
access-list outside_acl extended permit tcp host 174.143.147.150 host 203.26.59.9 eq pcanywhere-data 
access-list outside_acl extended permit udp host 174.129.219.49 host 203.26.59.9 eq pcanywhere-status 
access-list outside_acl extended permit tcp host 174.129.219.49 host 203.26.59.9 eq lotusnotes 
access-list outside_acl extended permit tcp host 174.129.219.49 host 203.26.59.9 eq pcanywhere-data 
access-list outside_acl extended permit tcp any host 203.26.59.161 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.161 eq https 
access-list outside_acl extended permit tcp host 173.203.193.10 host 203.26.59.9 eq lotusnotes 
access-list outside_acl extended permit tcp host 150.101.116.241 host 203.26.59.9 eq lotusnotes 
access-list outside_acl extended permit tcp host 150.101.116.241 host 203.26.59.9 eq pcanywhere-data 
access-list outside_acl extended permit tcp host 173.203.224.182 host 203.26.59.9 eq lotusnotes 
access-list outside_acl extended permit tcp host 173.203.224.182 host 203.26.59.9 eq pcanywhere-data 
access-list outside_acl extended permit tcp host 150.101.116.241 host 203.26.59.161 eq lotusnotes 
access-list outside_acl extended permit tcp host 150.101.116.241 host 203.26.59.161 eq pcanywhere-data 
access-list outside_acl extended permit tcp host 173.203.193.10 host 203.26.59.161 eq lotusnotes 
access-list outside_acl extended permit tcp host 174.143.147.150 host 203.26.59.161 eq lotusnotes 
access-list outside_acl extended permit tcp host 174.129.219.49 host 203.26.59.161 eq lotusnotes 
access-list outside_acl extended permit tcp host 173.203.224.182 host 203.26.59.161 eq lotusnotes 
access-list outside_acl extended permit tcp host 173.203.224.182 host 203.26.59.161 eq pcanywhere-data 
access-list outside_acl extended permit udp host 150.101.116.241 host 203.26.59.9 eq pcanywhere-status 
access-list outside_acl extended permit udp host 173.203.224.182 host 203.26.59.9 eq pcanywhere-status 
access-list outside_acl extended permit udp host 150.101.116.241 host 203.26.59.161 eq pcanywhere-status 
access-list outside_acl extended permit udp host 173.203.224.182 host 203.26.59.161 eq pcanywhere-status 
access-list outside_acl extended permit tcp any host 203.26.59.17 eq https 
access-list outside_acl extended permit tcp any host 203.26.59.17 eq 4172 
access-list outside_acl extended permit tcp any host 203.26.59.17 eq www 
access-list outside_acl extended permit udp any host 203.26.59.17 eq 4172 
access-list outside_acl extended permit tcp any host 203.26.59.10 eq www 
access-list outside_acl extended permit tcp any host 203.26.59.10 eq 5447 
access-list outside_acl extended permit tcp any host 203.26.59.10 eq 5449 
access-list outside_acl extended permit tcp any host 203.26.59.20 eq ftp 
access-list outside_acl extended permit tcp any host 203.26.59.16 eq https 
access-list outside_acl extended permit tcp any host 203.26.59.16 eq www 
access-list outside_acl extended permit tcp host 150.101.166.6 host 203.26.59.70 eq 6868 
access-list outside_acl extended permit tcp host 122.248.239.86 host 203.26.59.70 eq 6868 
access-list outside_acl extended permit tcp host 150.101.166.6 host 203.26.59.70 eq 1112 
access-list outside_acl extended permit tcp host 122.248.239.86 host 203.26.59.70 eq 1112 
access-list outside_acl extended permit tcp host 124.148.187.227 host 203.26.59.70 eq 6868 
access-list outside_acl extended permit tcp host 124.148.187.227 host 203.26.59.70 eq 1112 
access-list outside_acl extended permit tcp any host 203.26.59.71 eq klogin 
access-list outside_acl extended permit tcp host 150.101.163.25 host 203.26.59.80 eq ssh 
access-list outside_acl extended permit tcp host 54.253.114.243 host 203.26.59.70 eq 6868 
access-list outside_acl extended permit tcp any host 203.26.59.161 eq ssh 
access-list outside_acl extended permit tcp host 124.168.103.119 host 203.26.59.70 eq 6868 
access-list outside_acl extended permit tcp host 220.245.37.174 host 203.26.59.70 eq 6868 
access-list outside_acl extended permit tcp host 54.206.104.19 host 203.26.59.70 eq 6868 
access-list outside_acl extended permit tcp host 54.206.104.19 host 203.26.59.70 eq 6869 
access-list outside_acl extended permit tcp host 54.206.104.19 host 203.26.59.80 eq 6869 
access-list dmz_acl extended permit icmp any object-group og_ip_nat_dmz echo-reply 
access-list dmz_acl extended permit icmp any object-group og_ip_nat_dmz unreachable 
access-list dmz_acl extended permit icmp any object-group og_ip_nat_dmz time-exceeded 
access-list dmz_acl extended permit icmp any object-group og_ip_nat_dmz echo 
access-list dmz_acl extended deny ip any object-group og_ip_nat_dmz 
access-list dmz_acl extended permit ip any any 
access-list inside_acl extended deny tcp any host 207.21.232.104 
access-list inside_acl extended deny tcp any host 216.73.86.13 eq www 
access-list inside_acl extended deny tcp any host 64.127.186.78 
access-list inside_acl extended deny tcp any host 64.177.216.163 
access-list inside_acl extended deny tcp any host 64.191.7.5 
access-list inside_acl extended deny tcp any host 65.89.168.6 
access-list inside_acl extended deny tcp any host 65.89.168.14 
access-list inside_acl extended deny tcp any host 65.240.226.201 
access-list inside_acl extended deny tcp any host 65.240.226.240 
access-list inside_acl extended deny tcp any host 65.240.226.241 
access-list inside_acl extended deny tcp any host 207.6.32.140 
access-list inside_acl extended deny udp any host 207.6.32.140 
access-list inside_acl extended deny tcp any 69.28.210.0 255.255.255.0 eq www 
access-list inside_acl extended permit tcp host 172.18.128.13 any eq smtp 
access-list inside_acl extended permit tcp host 172.18.0.18 any eq smtp 
access-list inside_acl extended permit icmp any any echo 
access-list inside_acl extended permit icmp any any echo-reply 
access-list inside_acl extended permit tcp host 172.18.0.22 any eq smtp 
access-list inside_acl extended permit tcp 172.18.154.0 255.255.255.0 172.18.9.0 255.255.255.0 
access-list inside_acl extended deny tcp 172.18.144.224 255.255.255.240 any 
access-list inside_acl extended permit tcp host 172.18.144.19 any eq smtp 
access-list inside_acl extended deny tcp any any eq smtp 
access-list inside_acl extended deny tcp 172.18.144.128 255.255.255.192 any 
access-list inside_acl extended permit ip any any 
access-list 50 standard permit host 172.18.9.10 
access-list 50 standard permit host 172.18.154.10 
access-list 50 standard permit host 172.18.154.11 
access-list 50 standard permit host 172.18.132.10 
access-list 50 standard permit host 172.18.0.30 
access-list 50 standard permit host 172.18.0.21 
access-list 50 standard permit host 172.18.161.10 
access-list 50 standard permit host 172.18.161.2 
access-list 50 standard permit host 172.18.161.3 
access-list 50 standard permit host 172.18.161.4 
access-list 50 standard permit host 172.18.132.2 
access-list 50 standard permit host 172.18.132.3 
access-list 50 standard permit host 172.18.132.4 
access-list 50 standard permit host 172.18.154.2 
access-list 50 standard permit host 172.18.154.3 
access-list 50 standard permit host 172.18.154.4 
access-list 50 standard permit host 172.18.132.5 
access-list 50 standard permit host 172.18.0.86 
access-list 50 standard permit host 172.18.191.5 
access-list 180 extended permit ip 172.18.0.0 255.255.252.0 172.18.178.0 255.255.255.0 
access-list 180 extended permit ip 172.18.128.0 255.255.252.0 172.18.178.0 255.255.255.0 
access-list 180 extended permit ip 172.18.180.0 255.255.255.0 172.18.178.0 255.255.255.0 
access-list 180 extended permit ip 172.18.181.0 255.255.255.0 172.18.178.0 255.255.255.0 
access-list 180 extended permit ip 172.25.32.0 255.255.255.0 172.18.178.0 255.255.255.0 
access-list 190 extended permit ip 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0 
access-list 190 extended permit ip 172.18.128.0 255.255.252.0 172.18.177.0 255.255.255.0 
access-list 190 extended permit ip 172.18.181.0 255.255.255.0 172.18.177.0 255.255.255.0 
access-list 190 extended permit udp 172.18.9.0 255.255.255.0 172.18.177.0 255.255.255.0 eq 5004 
access-list 190 extended permit ip 172.25.32.0 255.255.255.0 172.18.177.0 255.255.255.0 
access-list 125 extended permit ip host 172.18.0.30 host 203.48.99.12 
access-list 125 extended permit ip host 172.18.0.30 host 203.48.99.10 
access-list 125 extended permit ip host 192.168.160.89 host 203.48.99.10 
access-list 125 extended permit ip host 192.168.160.89 host 203.48.99.12 
access-list Ade_VPN extended permit ip 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0 
access-list Ade_VPN extended permit ip 172.18.177.0 255.255.255.0 172.18.0.0 255.255.252.0 
access-list Ade_VPN extended permit ip 172.18.177.0 255.255.255.0 172.18.181.0 255.255.255.0 
access-list to_bris extended permit ip 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0 
access-list to_bris extended permit ip 172.18.128.0 255.255.252.0 172.18.176.0 255.255.255.0 
access-list to_bris extended permit ip 172.18.180.0 255.255.255.0 172.18.176.0 255.255.255.0 
access-list to_bris extended permit ip 172.24.0.0 255.252.0.0 172.18.176.0 255.255.255.0 
access-list to_bris extended permit ip 172.25.0.0 255.255.0.0 172.18.176.0 255.255.255.0 
access-list 165 extended permit ip 172.18.0.0 255.255.252.0 172.18.179.0 255.255.255.0 
access-list 165 extended permit ip 172.18.128.0 255.255.252.0 172.18.179.0 255.255.255.0 
access-list 165 extended permit ip 172.18.181.0 255.255.255.0 172.18.179.0 255.255.255.0 
access-list 165 extended permit ip 172.25.32.0 255.255.255.0 172.18.179.0 255.255.255.0 
access-list Dematic extended permit ip host 59.154.24.162 host 172.18.148.11 
access-list Dematic extended permit ip host 59.154.24.163 host 172.18.148.11 
access-list Dematic extended permit ip host 59.154.24.162 host 172.18.148.16 
access-list Dematic extended permit ip host 59.154.24.163 host 172.18.148.16 
access-list Dematic extended permit ip host 59.154.24.162 host 172.18.148.9 
access-list Dematic extended permit ip host 59.154.24.163 host 172.18.148.9 
access-list maqdict standard permit host 172.18.0.56 
access-list maqdict standard permit host 172.18.0.21 
access-list maqdict standard permit host 172.18.181.252 
access-list maqdict standard permit host 172.18.181.70 
access-list maqdict standard permit host 172.18.181.71 
access-list maqdict standard permit host 172.18.181.72 
access-list maqdict standard permit host 172.18.181.73 
access-list maqdict standard permit host 172.18.0.23 
access-list maqdict standard permit host 172.18.0.86 
access-list maqdict standard permit host 172.18.181.80 
access-list maqdict standard permit host 172.18.181.81 
access-list maqdict standard permit host 172.18.181.82 
access-list maqdict standard permit host 172.18.181.83 
access-list vdiext extended permit tcp host 172.18.0.37 eq https any 
access-list vdiext extended permit tcp any any 
access-list vdiext extended permit tcp host 172.18.0.21 eq domain any 
access-list vdiext extended permit tcp host 172.18.0.86 eq domain any 
access-list 250 standard permit host 172.18.0.25 
access-list 250 standard permit host 172.18.0.21 
access-list 250 standard permit host 172.18.0.34 
access-list 250 standard permit host 172.18.0.24 
access-list 250 standard permit host 172.18.181.70 
access-list 250 standard permit host 172.18.0.86 
access-list 250 standard permit host 172.18.0.44 
access-list IBS_ACL extended permit ip host 172.18.0.30 host 203.48.99.12 
access-list 260 standard permit host 172.18.0.21 
access-list 260 standard permit host 172.18.0.25 
access-list 260 standard permit host 172.18.160.11 
access-list 260 standard permit host 172.18.160.16 
access-list 260 standard permit host 172.18.0.86 
access-list dmz_NEW_acl extended permit ip any any 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.22 eq smtp 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq 4001 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq 8009 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq www 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq https 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq 3389 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq 4172 
access-list dmz_NEW_acl extended permit udp host 172.18.181.17 host 172.18.181.58 eq 4172 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.252 host 172.18.0.22 eq smtp 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.181.22 eq lotusnotes 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.181.22 eq smtp 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.181.13 eq lotusnotes 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.181.14 eq lotusnotes 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.70 host 172.18.181.156 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.181.15 eq lotusnotes 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.0.79 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.79 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq 4001 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq 8009 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq www 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq https 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq 3389 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq 4172 
access-list dmz_NEW_acl extended permit udp host 172.18.181.17 host 172.18.181.92 eq 4172 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.100 eq 4172 
access-list dmz_NEW_acl extended permit udp host 172.18.181.17 host 172.18.181.100 eq 4172 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.0.92 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.16 host 172.18.181.22 eq lotusnotes 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.16 host 172.18.181.22 eq smtp 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.16 host 172.18.181.13 eq lotusnotes 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.16 host 172.18.181.14 eq lotusnotes 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.16 host 172.18.181.15 eq lotusnotes 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.70 host 172.18.181.23 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.80 host 172.18.181.156 
access-list dmz_NEW_acl extended permit tcp host 172.18.181.80 host 172.18.181.23 
access-list 103 extended permit ip 172.18.181.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 103 extended permit ip 172.18.181.0 255.255.255.0 172.18.178.0 255.255.255.0 
access-list 103 extended permit ip 172.18.181.0 255.255.255.0 172.18.179.0 255.255.255.0 
access-list 103 extended permit ip 172.18.181.0 255.255.255.0 172.18.176.0 255.255.255.0 
access-list 103 extended permit ip 172.18.181.0 255.255.255.0 172.18.177.0 255.255.255.0 
access-list 103 extended permit ip 172.25.32.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 103 extended permit ip 172.25.32.0 255.255.255.0 172.18.178.0 255.255.255.0 
access-list 103 extended permit ip 172.25.32.0 255.255.255.0 172.18.179.0 255.255.255.0 
access-list 103 extended permit ip 172.25.32.0 255.255.255.0 172.18.176.0 255.255.255.0 
access-list 103 extended permit ip 172.25.32.0 255.255.255.0 172.18.177.0 255.255.255.0 
access-list maqdictext standard permit host 172.18.0.21 
access-list maqdictext standard permit host 172.18.181.70 
access-list maqdictext standard permit host 172.18.181.71 
access-list maqdictext standard permit host 172.18.181.72 
access-list maqdictext standard permit host 172.18.181.73 
access-list maqdictext standard permit host 172.18.0.86 
access-list maqdictext standard permit host 172.18.181.80 
access-list maqdictext standard permit host 172.18.181.81 
access-list maqdictext standard permit host 172.18.181.82 
access-list maqdictext standard permit host 172.18.181.83 
access-list AllianceDist extended permit ip host 172.18.0.63 host 172.16.8.235 
access-list AllianceDist extended permit ip host 172.18.0.63 host 172.16.8.5 
access-list AllianceDist extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.235 
access-list AllianceDist extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.5 
access-list AllianceDist extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.235 
access-list AllianceDist extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.5 
access-list AllianceDist extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.235 
access-list AllianceDist extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.5 
access-list AllianceDist extended permit ip 172.18.144.0 255.255.255.0 host 172.16.8.235 
access-list AllianceDist extended permit ip 172.18.144.0 255.255.255.0 host 172.16.8.5 
access-list AllianceDist extended permit ip 172.18.160.0 255.255.255.0 host 172.16.8.235 
access-list AllianceDist extended permit ip 172.18.160.0 255.255.255.0 host 172.16.8.5 
access-list TPG_outside_acl extended permit udp any host 203.87.59.210 eq domain 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.210 eq www 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.210 eq domain 
access-list TPG_outside_acl extended permit tcp any host 203.26.59.7 eq www 
access-list TPG_outside_acl extended permit tcp 203.166.119.128 255.255.255.192 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit tcp 216.82.240.0 255.255.240.0 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.210 eq ftp 
access-list TPG_outside_acl extended permit tcp 203.129.72.240 255.255.255.240 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit tcp 203.129.74.224 255.255.255.224 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit tcp 203.129.72.208 255.255.255.240 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit tcp 193.109.254.0 255.255.254.0 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit tcp 194.106.220.0 255.255.254.0 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit tcp 195.245.230.0 255.255.254.0 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit tcp 85.158.136.0 255.255.248.0 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit tcp 117.120.16.0 255.255.248.0 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit tcp 62.231.131.0 255.255.255.0 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit tcp 134.159.150.64 255.255.255.192 host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended deny tcp any host 203.87.59.210 eq smtp 
access-list TPG_outside_acl extended permit udp host 203.174.20.80 host 203.87.59.212 
access-list TPG_outside_acl extended permit udp host 195.138.194.55 host 203.87.59.212 
access-list TPG_outside_acl extended permit udp host 195.138.194.84 host 203.87.59.212 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.218 eq www 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.218 eq https 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.218 eq 8008 
access-list TPG_outside_acl extended permit tcp host 129.78.249.52 host 203.87.59.218 eq 7089 
access-list TPG_outside_acl extended permit tcp host 124.254.74.140 host 203.87.59.218 eq 7089 
access-list TPG_outside_acl extended permit tcp host 129.78.249.52 host 203.87.59.218 eq 7090 
access-list TPG_outside_acl extended permit tcp host 124.254.74.140 host 203.87.59.218 eq 7090 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.219 eq www 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.220 eq www 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.217 eq www 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.217 eq 7207 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.217 eq 8001 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.217 eq 8080 
access-list TPG_outside_acl extended permit tcp host 129.78.138.65 host 203.87.59.217 eq ssh 
access-list TPG_outside_acl extended permit tcp host 129.78.138.66 host 203.87.59.217 eq ssh 
access-list TPG_outside_acl extended permit tcp host 129.78.138.80 host 203.87.59.217 eq ssh 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.215 eq www 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.216 eq www 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.216 eq https 
access-list TPG_outside_acl extended permit tcp host 150.101.116.241 host 203.87.59.216 eq lotusnotes 
access-list TPG_outside_acl extended permit tcp host 150.101.116.241 host 203.87.59.216 eq pcanywhere-data 
access-list TPG_outside_acl extended permit tcp host 173.203.193.10 host 203.87.59.216 eq lotusnotes 
access-list TPG_outside_acl extended permit tcp host 174.143.147.150 host 203.87.59.216 eq lotusnotes 
access-list TPG_outside_acl extended permit tcp host 174.129.219.49 host 203.87.59.216 eq lotusnotes 
access-list TPG_outside_acl extended permit tcp host 173.203.224.182 host 203.87.59.216 eq lotusnotes 
access-list TPG_outside_acl extended permit tcp host 173.203.224.182 host 203.87.59.216 eq pcanywhere-data 
access-list TPG_outside_acl extended permit udp host 150.101.116.241 host 203.87.59.216 eq pcanywhere-status 
access-list TPG_outside_acl extended permit udp host 173.203.224.182 host 203.87.59.216 eq pcanywhere-status 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.213 eq www 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.213 eq 5447 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.213 eq 5449 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.214 eq ftp 
access-list TPG_outside_acl extended permit tcp host 150.101.166.6 host 203.87.59.217 eq 6868 
access-list TPG_outside_acl extended permit tcp host 122.248.239.86 host 203.87.59.217 eq 6868 
access-list TPG_outside_acl extended permit tcp host 150.101.166.6 host 203.87.59.217 eq 1112 
access-list TPG_outside_acl extended permit tcp host 122.248.239.86 host 203.87.59.217 eq 1112 
access-list TPG_outside_acl extended permit tcp host 124.148.187.227 host 203.87.59.217 eq 6868 
access-list TPG_outside_acl extended permit tcp host 124.148.187.227 host 203.87.59.217 eq 1112 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.218 eq klogin 
access-list TPG_outside_acl extended permit tcp host 150.101.163.25 host 203.26.59.80 eq ssh 
access-list TPG_outside_acl extended permit tcp host 54.253.114.243 host 203.87.59.217 eq 6868 
access-list TPG_outside_acl extended permit tcp any host 203.87.59.216 eq ssh 
access-list TPG_outside_acl extended permit tcp host 124.168.103.119 host 203.87.59.217 eq 6868 
access-list TPG_outside_acl extended permit tcp host 220.245.37.174 host 203.87.59.217 eq 6868 
access-list TPG_outside_acl extended permit tcp host 54.206.104.19 host 203.87.59.217 eq 6868 
access-list TPG_outside_acl extended permit tcp host 54.206.104.19 host 203.87.59.217 eq 6869 
access-list TPG_outside_acl extended permit tcp host 54.206.104.19 host 203.26.59.80 eq 6869 
access-list TPG_outside_acl extended permit icmp any any echo-reply 
access-list TPG_outside_acl extended permit icmp any any unreachable 
access-list TPG_outside_acl extended permit icmp any any time-exceeded 
access-list 98 extended permit ip 172.20.0.0 255.255.0.0 10.10.10.0 255.255.255.0 
access-list 98 extended permit ip 202.6.93.0 255.255.255.0 172.20.0.0 255.255.0.0 
access-list 98 extended permit ip 172.20.0.0 255.255.0.0 202.6.93.0 255.255.255.0 
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 10.10.10.0 255.255.255.0 
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 10.10.10.0 255.255.255.0 
access-list 98 extended permit ip 172.18.9.0 255.255.255.0 10.10.10.0 255.255.255.0 
access-list 98 extended permit ip 172.18.154.0 255.255.255.0 172.18.9.0 255.255.255.0 
access-list 98 extended permit ip 172.18.154.0 255.255.255.0 10.10.10.0 255.255.255.0 
access-list 98 extended permit ip 172.18.132.0 255.255.255.0 10.10.10.0 255.255.255.0 
access-list 98 extended permit ip 172.18.160.0 255.255.255.0 10.10.10.0 255.255.255.0 
access-list 98 extended permit ip 172.18.161.0 255.255.255.0 10.10.10.0 255.255.255.0 
access-list 98 extended permit ip 10.10.10.0 255.255.255.0 host 172.18.132.10 
access-list 98 extended permit ip 172.20.0.0 255.255.0.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.9.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.154.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.132.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.160.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.161.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.144.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.148.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip host 172.18.148.11 host 59.154.24.162 
access-list 98 extended permit ip host 172.18.148.11 host 59.154.24.163 
access-list 98 extended permit ip host 172.18.148.9 host 59.154.24.162 
access-list 98 extended permit ip host 172.18.148.9 host 59.154.24.163 
access-list 98 extended permit ip host 172.18.148.16 host 59.154.24.162 
access-list 98 extended permit ip host 172.18.148.16 host 59.154.24.163 
access-list 98 extended permit ip 193.1.1.0 255.255.255.0 172.18.178.0 255.255.255.0 
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 172.18.178.0 255.255.255.0 
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 172.18.178.0 255.255.255.0 
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0 
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 172.18.177.0 255.255.255.0 
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 172.18.179.0 255.255.255.0 
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 172.18.179.0 255.255.255.0 
access-list 98 extended permit ip 172.18.181.0 255.255.255.0 172.18.179.0 255.255.255.0 
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0 
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 172.18.176.0 255.255.255.0 
access-list 98 extended permit ip 172.18.176.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.24.0.0 255.252.0.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip host 172.18.0.63 host 172.16.8.235 
access-list 98 extended permit ip host 172.18.0.63 host 172.16.8.5 
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.235 
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.5 
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.235 
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.5 
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.235 
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.5 
access-list 98 extended permit ip 172.18.144.0 255.255.252.0 host 172.16.8.235 
access-list 98 extended permit ip 172.18.144.0 255.255.252.0 host 172.16.8.5 
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 192.168.0.0 255.255.0.0 
access-list 98 extended permit ip 192.168.0.0 255.255.0.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 172.18.191.0 255.255.255.0 
access-list 98 extended permit ip 172.18.191.0 255.255.255.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.160.0 255.255.252.0 host 172.16.8.235 
access-list 98 extended permit ip 172.18.160.0 255.255.252.0 host 172.16.8.5 
access-list 98 extended permit ip host 172.16.8.5 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip host 172.16.8.235 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 host 172.18.191.5 
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 host 172.18.191.235 
access-list 98 extended permit ip 172.17.0.0 255.255.0.0 172.18.180.0 255.255.255.0 
access-list 98 extended permit ip 172.18.181.0 255.255.255.0 172.18.177.0 255.255.255.0 
access-list 98 extended permit ip 172.24.0.0 255.252.0.0 172.18.176.0 255.255.255.0 
access-list 98 extended permit ip 172.18.9.0 255.255.255.0 172.18.177.0 255.255.255.0 
access-list 98 extended permit ip 172.18.178.0 255.255.255.0 172.25.32.0 255.255.255.0 
access-list 98 extended permit ip 172.18.179.0 255.255.255.0 172.25.32.0 255.255.255.0 
access-list 98 extended permit ip 172.25.32.0 255.255.255.0 172.18.178.0 255.255.255.0 
access-list 98 extended permit ip 172.25.32.0 255.255.255.0 172.18.179.0 255.255.255.0 
access-list 98 extended permit ip 172.25.32.0 255.255.255.0 172.18.176.0 255.255.255.0 
access-list 98 extended permit ip 172.25.32.0 255.255.255.0 172.18.177.0 255.255.255.0 
access-list 98 extended permit ip any 172.18.180.0 255.255.255.0 
access-list webIPFX webtype permit tcp 193.1.1.14 255.255.255.255
access-list webIPFX webtype permit tcp 172.18.128.14 255.255.255.255
access-list webext webtype permit tcp 172.18.0.21 255.255.255.255
access-list webext webtype permit tcp 172.18.0.21 255.255.255.255 eq domain
access-list webext webtype permit tcp 172.18.0.86 255.255.255.255
access-list webext webtype permit tcp 172.18.0.86 255.255.255.255 eq domain
no pager
logging enable
logging monitor warnings
logging buffered informational
logging trap warnings
logging history informational
logging asdm notifications
logging host inside 172.18.0.27
mtu outside 1500
mtu inside 1500
mtu TPGOutside 1500
mtu internet 1500
ip local pool vpnclientpool 172.18.180.1-172.18.180.254 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-523.bin
no asdm history enable
arp timeout 14400
nat-control
global (outside) 1 203.26.59.4
global (TPGOutside) 1 203.87.59.212
global (internet) 1 172.18.181.253
nat (inside) 0 access-list 98
nat (inside) 1 0.0.0.0 0.0.0.0
nat (internet) 0 access-list 103
static (inside,outside) tcp interface telnet 172.18.0.1 telnet netmask 255.255.255.255 
static (inside,outside) 192.168.160.89  access-list IBS_ACL 
static (inside,internet) 172.18.181.22 172.18.0.22 netmask 255.255.255.255 
static (internet,outside) 203.26.59.17 172.18.181.17 netmask 255.255.255.255 
static (inside,internet) 172.18.181.58 172.18.0.58 netmask 255.255.255.255 
static (internet,outside) 203.26.59.2 172.18.181.252 netmask 255.255.255.255 
static (internet,outside) 203.26.59.161 172.18.181.161 netmask 255.255.255.255 
static (inside,internet) 172.18.181.13 172.18.128.13 netmask 255.255.255.255 
static (internet,outside) 203.26.59.11 172.18.181.11 netmask 255.255.255.255 
static (inside,internet) 172.18.181.14 172.18.160.11 netmask 255.255.255.255 
static (inside,internet) 172.18.181.156 172.18.0.56 netmask 255.255.255.255 
static (inside,outside) 203.26.59.10 172.18.9.10 netmask 255.255.255.255 
static (inside,internet) 172.18.181.15 172.18.144.19 netmask 255.255.255.255 
static (internet,outside) 203.26.59.20 172.18.181.25 netmask 255.255.255.255 
static (inside,internet) 172.18.181.79 172.18.0.79 netmask 255.255.255.255 
static (inside,internet) 172.18.181.92 172.18.0.92 netmask 255.255.255.255 
static (inside,internet) 172.18.181.100 172.18.1.100 netmask 255.255.255.255 
static (inside,outside) 172.16.8.5 172.18.191.5 netmask 255.255.255.255 
static (inside,outside) 172.16.8.235 172.18.191.235 netmask 255.255.255.255 
static (outside,inside) 172.18.191.5 172.16.8.5 netmask 255.255.255.255 
static (outside,inside) 172.18.191.235 172.16.8.235 netmask 255.255.255.255 
static (internet,outside) 203.26.59.16 172.18.181.16 netmask 255.255.255.255 
static (outside,outside) 172.18.191.5 172.16.8.5 netmask 255.255.255.255 
static (outside,outside) 172.16.8.5 172.18.191.5 netmask 255.255.255.255 
static (outside,outside) 172.16.8.235 172.18.191.235 netmask 255.255.255.255 
static (outside,outside) 172.18.191.235 172.16.8.235 netmask 255.255.255.255 
static (inside,internet) 172.18.181.23 172.18.0.23 netmask 255.255.255.255 
static (internet,outside) 203.26.59.70 172.18.181.80 netmask 255.255.255.255 
static (internet,outside) 203.26.59.71 172.18.181.81 netmask 255.255.255.255 
static (internet,outside) 203.26.59.72 172.18.181.82 netmask 255.255.255.255 
static (internet,outside) 203.26.59.73 172.18.181.83 netmask 255.255.255.255 
static (internet,TPGOutside) 203.87.59.215 172.18.181.11 netmask 255.255.255.255 
static (internet,TPGOutside) 203.87.59.210 172.18.181.252 netmask 255.255.255.255 
static (internet,TPGOutside) 203.87.59.216 172.18.181.161 netmask 255.255.255.255 
static (inside,TPGOutside) 203.87.59.213 172.18.9.10 netmask 255.255.255.255 
static (internet,TPGOutside) 203.87.59.214 172.18.181.25 netmask 255.255.255.255 
static (internet,TPGOutside) 203.87.59.217 172.18.181.80 netmask 255.255.255.255 
static (internet,TPGOutside) 203.87.59.218 172.18.181.81 netmask 255.255.255.255 
static (internet,TPGOutside) 203.87.59.219 172.18.181.82 netmask 255.255.255.255 
static (internet,TPGOutside) 203.87.59.220 172.18.181.83 netmask 255.255.255.255 
access-group outside_acl in interface outside
access-group inside_acl in interface inside
access-group TPG_outside_acl in interface TPGOutside
access-group dmz_NEW_acl in interface internet
route outside 0.0.0.0 0.0.0.0 203.26.59.1 1
route outside 10.61.12.235 255.255.255.255 203.26.59.1 1
route inside 172.18.9.0 255.255.255.0 172.18.0.1 1
route inside 172.18.128.0 255.255.252.0 172.18.0.1 1
route inside 172.18.144.0 255.255.255.0 172.18.0.1 1
route inside 172.18.160.0 255.255.255.0 172.18.0.1 1
route inside 172.18.134.0 255.255.255.0 172.18.0.1 1
route inside 172.18.148.0 255.255.255.0 172.18.0.1 1
route inside 172.18.152.0 255.255.255.0 172.18.0.1 1
route inside 172.18.154.0 255.255.255.0 172.18.0.1 1
route inside 172.18.161.0 255.255.255.0 172.18.0.1 1
route inside 172.18.132.0 255.255.255.0 172.18.0.1 1
route inside 10.0.0.0 255.0.0.0 172.18.0.1 1
route inside 172.19.0.0 255.255.0.0 172.18.0.1 1
route inside 172.20.0.0 255.252.0.0 172.18.0.1 1
route inside 172.28.0.0 255.252.0.0 172.18.0.1 1
route inside 192.168.0.0 255.255.0.0 172.18.0.1 1
route inside 172.24.0.0 255.252.0.0 172.18.0.1 1
route inside 172.17.0.0 255.255.0.0 172.18.0.1 1
route TPGOutside 143.252.148.217 255.255.255.255 203.87.59.233 1
route TPGOutside 120.151.152.243 255.255.255.255 203.87.59.233 1
route TPGOutside 101.172.42.140 255.255.255.255 203.87.59.233 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ host 172.18.0.29
 timeout 5
 key pixacs123
aaa-server RADIUS protocol radius
aaa authentication exclude tcp/0 TPGOutside 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0 TACACS+ 
aaa authentication exclude tcp/0 TPGOutside 172.18.0.0 255.255.252.0 172.18.179.0 255.255.255.0 TACACS+ 
aaa authentication exclude tcp/0 TPGOutside 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0 TACACS+ 
aaa authentication exclude tcp/0 TPGOutside 172.18.0.0 255.255.252.0 172.18.178.0 255.255.255.0 TACACS+ 
aaa authentication exclude tcp/0 outside 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0 TACACS+ 
aaa authentication exclude tcp/0 outside 172.18.0.0 255.255.252.0 172.18.179.0 255.255.255.0 TACACS+ 
aaa authentication exclude tcp/0 outside 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0 TACACS+ 
aaa authentication exclude tcp/0 outside 172.18.0.0 255.255.252.0 172.18.178.0 255.255.255.0 TACACS+ 
aaa accounting include tcp/0 outside 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 TACACS+
aaa accounting include tcp/0 TPGOutside 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 TACACS+
http server enable
http 172.18.2.147 255.255.255.255 inside
http 172.18.3.9 255.255.255.255 inside
http 172.18.1.2 255.255.255.255 inside
http 172.18.1.4 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps snmp authentication linkup linkdown coldstart
sysopt connection timewait
crypto ipsec transform-set raset esp-des esp-md5-hmac 
crypto ipsec transform-set mcmtmsset esp-3des esp-md5-hmac 
crypto ipsec transform-set nzset esp-3des esp-md5-hmac 
crypto ipsec transform-set nzmeaset esp-3des esp-md5-hmac 
crypto ipsec transform-set maqset esp-des esp-md5-hmac 
crypto ipsec transform-set adeset esp-des esp-md5-hmac 
crypto ipsec transform-set weak_bris esp-des esp-md5-hmac 
crypto ipsec transform-set perthset esp-3des esp-md5-hmac 
crypto ipsec transform-set dematic esp-3des esp-md5-hmac 
crypto ipsec transform-set AllianceDist esp-3des esp-md5-hmac 
crypto ipsec transform-set ibsaustset esp-3des esp-sha-hmac 
crypto dynamic-map dynmap 10 set transform-set raset nzmeaset
crypto dynamic-map dynmap 30 set pfs 
crypto dynamic-map dynmap 30 set transform-set ibsaustset
crypto map map1 20 set peer 210.8.162.79 
crypto map map1 20 set transform-set mcmtmsset
crypto map map1 30 match address 130
crypto map map1 30 set peer 203.21.25.147 
crypto map map1 30 set transform-set nzset nzmeaset
crypto map map1 50 match address 125
crypto map map1 50 set peer 203.48.99.10 
crypto map map1 50 set transform-set ibsaustset
crypto map map1 60 match address 165
crypto map map1 60 set peer 202.72.174.51 
crypto map map1 60 set transform-set perthset nzmeaset
crypto map map1 70 set peer 203.21.25.147 
crypto map map1 70 set transform-set nzmeaset
crypto map map1 80 match address 180
crypto map map1 80 set peer 129.78.249.51 
crypto map map1 80 set transform-set maqset
crypto map map1 90 set peer 203.171.113.137 
crypto map map1 100 match address to_bris
crypto map map1 100 set peer 149.135.45.231 
crypto map map1 100 set transform-set weak_bris
crypto map map1 110 match address Dematic
crypto map map1 110 set peer 59.154.24.161 
crypto map map1 110 set transform-set dematic
crypto map map1 120 match address 190
crypto map map1 120 set peer 120.150.30.13 
crypto map map1 120 set transform-set adeset
crypto map map1 130 match address 125
crypto map map1 130 set peer 203.48.99.10 
crypto map map1 130 set transform-set ibsaustset
crypto map map1 140 match address AllianceDist
crypto map map1 140 set pfs 
crypto map map1 140 set peer 203.29.67.250 
crypto map map1 140 set transform-set AllianceDist
crypto map map1 140 set reverse-route
crypto map map1 150 match address 190
crypto map map1 150 set peer 120.150.30.13 
crypto map map1 150 set transform-set adeset
crypto map map1 65535 ipsec-isakmp dynamic dynmap
crypto map map1 interface outside
crypto map map2 20 set peer 210.8.162.79 
crypto map map2 20 set transform-set mcmtmsset
crypto map map2 30 match address 130
crypto map map2 30 set peer 203.21.25.147 
crypto map map2 30 set transform-set nzset nzmeaset
crypto map map2 50 match address 125
crypto map map2 50 set peer 203.48.99.10 
crypto map map2 50 set transform-set ibsaustset
crypto map map2 60 match address 165
crypto map map2 60 set peer 202.72.174.51 
crypto map map2 60 set transform-set perthset nzmeaset
crypto map map2 70 set peer 203.21.25.147 
crypto map map2 70 set transform-set nzmeaset
crypto map map2 80 match address 180
crypto map map2 80 set peer 129.78.249.51 
crypto map map2 80 set transform-set maqset
crypto map map2 90 set peer 203.171.113.137 
crypto map map2 100 match address to_bris
crypto map map2 100 set peer 149.135.45.231 
crypto map map2 100 set transform-set weak_bris
crypto map map2 110 match address Dematic
crypto map map2 110 set peer 59.154.24.161 
crypto map map2 110 set transform-set dematic
crypto map map2 120 match address 190
crypto map map2 120 set peer 120.150.30.13 
crypto map map2 120 set transform-set adeset
crypto map map2 130 match address 125
crypto map map2 130 set peer 203.48.99.10 
crypto map map2 130 set transform-set ibsaustset
crypto map map2 140 match address AllianceDist
crypto map map2 140 set pfs 
crypto map map2 140 set peer 203.29.67.250 
crypto map map2 140 set transform-set AllianceDist
crypto map map2 140 set reverse-route
crypto map map2 150 match address 190
crypto map map2 150 set peer 120.150.30.13 
crypto map map2 150 set transform-set adeset
crypto map map2 65535 ipsec-isakmp dynamic dynmap
crypto map map2 interface TPGOutside
crypto isakmp identity address 
crypto isakmp enable outside
crypto isakmp enable TPGOutside
crypto isakmp policy 10
 authentication pre-share
 encryption des
 hash md5
 group 1
 lifetime 86400
crypto isakmp policy 20
 authentication pre-share
 encryption des
 hash md5
 group 2
 lifetime 86400
crypto isakmp policy 30
 authentication pre-share
 encryption 3des
 hash md5
 group 2
 lifetime 86400
crypto isakmp policy 40
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto isakmp policy 65535
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto isakmp nat-traversal  20
telnet 172.20.30.0 255.255.255.0 inside
telnet 172.18.1.0 255.255.255.0 inside
telnet 172.18.2.147 255.255.255.255 inside
telnet timeout 30
ssh 172.20.0.0 255.255.0.0 inside
ssh 172.18.1.0 255.255.255.0 inside
ssh 172.18.0.0 255.255.252.0 inside
ssh timeout 60
console timeout 0
management-access inside
dhcpd dns 208.67.222.222 interface TPGOutside
!
dhcpd dns 208.67.222.222 interface internet
!
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 1500
policy-map global_policy
 class inspection_default
  inspect ftp 
  inspect h323 ras 
  inspect netbios 
  inspect rsh 
  inspect rtsp 
  inspect skinny 
  inspect sqlnet 
  inspect sunrpc 
  inspect tftp 
  inspect xdmcp 
  inspect h323 h225 
  inspect dns preset_dns_map 
policy-map type inspect dns migrated_dns_map_1
 parameters
  message-length maximum 512
!
service-policy global_policy global
ntp authenticate
ntp server 192.231.203.132
ntp server 172.18.0.15 source inside prefer
ntp server 202.158.218.239
ntp server 172.18.0.21 source inside prefer
webvpn
 enable outside
 enable TPGOutside
 port-forward IPFXGrpPorts 5903 172.18.128.14 5900 
group-policy normalgp internal
group-policy normalgp attributes
 dns-server value 172.18.0.86
 vpn-idle-timeout 1800
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value 10
 default-domain value mpl.root-domain.org
group-policy webextgrp internal
group-policy webextgrp attributes
 dns-server value 172.18.0.86
 vpn-idle-timeout 30
 vpn-tunnel-protocol webvpn
 webvpn
  functions port-forward
  filter value webext
  port-forward value ExtGrpPorts
group-policy webIPFXgrp internal
group-policy webIPFXgrp attributes
 dns-server value 172.18.0.86
 vpn-idle-timeout 30
 vpn-tunnel-protocol webvpn
 webvpn
  functions port-forward
  filter value webIPFX
  port-forward value IPFXGrpPorts
group-policy vdigrp internal
group-policy vdigrp attributes
 dns-server value 172.18.0.86
 vpn-idle-timeout 480
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value vdiext
group-policy NZgrp internal
group-policy NZgrp attributes
 dns-server value 172.18.0.86
 vpn-idle-timeout 30
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value 260
group-policy drgrp internal
group-policy drgrp attributes
 dns-server value 172.18.0.86
 vpn-idle-timeout 30
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value 250
group-policy vpn3000-tpg internal
group-policy vpn3000-tpg attributes
 dns-server value 172.18.0.86 172.18.128.16
 vpn-tunnel-protocol IPSec 
 default-domain value mpl.root-domain.org
group-policy sitegrp internal
group-policy sitegrp attributes
 dns-server value 172.18.0.86
 vpn-idle-timeout none
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value 10
 nem enable
group-policy maqgrp internal
group-policy maqgrp attributes
 dns-server value 172.18.0.86
 vpn-idle-timeout 480
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value maqdict
group-policy maqgrpext internal
group-policy maqgrpext attributes
 dns-server value 172.18.0.86
 vpn-idle-timeout 480
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value maqdictext
group-policy extgrp internal
group-policy extgrp attributes
 dns-server value 172.18.0.86
 vpn-idle-timeout 30
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value 50
username test password ho29PScz1XtzgKy4 encrypted
username Adelaide password s40WC.yY1dohiTQO encrypted
username data3 password Y77umtVjgFhz.HOr encrypted privilege 15
username IPFX password velyMKYz4BwFvn2r encrypted
username IPFX attributes
 vpn-group-policy webIPFXgrp
 vpn-idle-timeout 30
 webvpn
  filter value webIPFX
username ibsaustralia password AJA1drxuhDXUk6O5 encrypted
username ibsaustralia attributes
 vpn-group-policy webextgrp
 vpn-idle-timeout 30
 webvpn
  filter value webext
username oswellr password 1ftGjqT964O.SDws encrypted
tunnel-group vpn3000-all type ipsec-ra
tunnel-group vpn3000-all general-attributes
 address-pool vpnclientpool
 authentication-server-group (outside) TACACS+
 authentication-server-group (TPGOutside) TACACS+
 default-group-policy normalgp
tunnel-group vpn3000-all ipsec-attributes
 pre-shared-key *
tunnel-group vpn3000-bris type ipsec-ra
tunnel-group vpn3000-bris general-attributes
 default-group-policy sitegrp
tunnel-group vpn3000-bris ipsec-attributes
 pre-shared-key *
tunnel-group vpn3000-ext type ipsec-ra
tunnel-group vpn3000-ext general-attributes
 address-pool vpnclientpool
 authentication-server-group (outside) TACACS+
 authentication-server-group (TPGOutside) TACACS+
 default-group-policy extgrp
tunnel-group vpn3000-ext ipsec-attributes
 pre-shared-key *
tunnel-group vpn3000-ade type ipsec-ra
tunnel-group vpn3000-ade general-attributes
 default-group-policy sitegrp
tunnel-group vpn3000-ade ipsec-attributes
 pre-shared-key *
tunnel-group 202.27.193.225 type ipsec-l2l
tunnel-group 202.27.193.225 ipsec-attributes
 pre-shared-key *
tunnel-group 203.21.25.147 type ipsec-l2l
tunnel-group 203.21.25.147 ipsec-attributes
 pre-shared-key *
tunnel-group 210.8.162.79 type ipsec-l2l
tunnel-group 210.8.162.79 ipsec-attributes
 pre-shared-key *
tunnel-group 129.78.249.51 type ipsec-l2l
tunnel-group 129.78.249.51 ipsec-attributes
 pre-shared-key *
tunnel-group 203.53.30.194 type ipsec-l2l
tunnel-group 203.53.30.194 ipsec-attributes
 pre-shared-key *
tunnel-group 203.171.113.137 type ipsec-l2l
tunnel-group 150.101.185.208 type ipsec-l2l
tunnel-group 150.101.185.208 ipsec-attributes
 pre-shared-key *
tunnel-group 202.72.174.51 type ipsec-l2l
tunnel-group 202.72.174.51 ipsec-attributes
 pre-shared-key *
tunnel-group 59.154.24.161 type ipsec-l2l
tunnel-group 59.154.24.161 ipsec-attributes
 pre-shared-key *
tunnel-group vpn3000-maq type ipsec-ra
tunnel-group vpn3000-maq general-attributes
 address-pool vpnclientpool
 authentication-server-group (outside) TACACS+
 authentication-server-group (TPGOutside) TACACS+
 default-group-policy maqgrp
tunnel-group vpn3000-maq ipsec-attributes
 pre-shared-key *
tunnel-group vpn3000-vdi type ipsec-ra
tunnel-group vpn3000-vdi general-attributes
 address-pool vpnclientpool
 authentication-server-group (outside) TACACS+
 default-group-policy vdigrp
tunnel-group vpn3000-vdi ipsec-attributes
 pre-shared-key *
tunnel-group 202.7.242.139 type ipsec-l2l
tunnel-group 202.7.242.139 ipsec-attributes
 pre-shared-key *
tunnel-group 203.48.99.10 type ipsec-l2l
tunnel-group 203.48.99.10 ipsec-attributes
 pre-shared-key *
tunnel-group vpn3000-dr type ipsec-ra
tunnel-group vpn3000-dr general-attributes
 address-pool vpnclientpool
 authentication-server-group (outside) TACACS+
 authentication-server-group (TPGOutside) TACACS+
 default-group-policy drgrp
tunnel-group vpn3000-dr ipsec-attributes
 pre-shared-key *
tunnel-group vpn3000-NZ type ipsec-ra
tunnel-group vpn3000-NZ general-attributes
 address-pool vpnclientpool
 authentication-server-group (outside) TACACS+
 authentication-server-group (TPGOutside) TACACS+
 default-group-policy NZgrp
tunnel-group vpn3000-NZ ipsec-attributes
 pre-shared-key *
tunnel-group vpn3000-maqext type ipsec-ra
tunnel-group vpn3000-maqext general-attributes
 address-pool vpnclientpool
 authentication-server-group (outside) TACACS+
 authentication-server-group (TPGOutside) TACACS+
 default-group-policy maqgrpext
tunnel-group vpn3000-maqext ipsec-attributes
 pre-shared-key *
tunnel-group 203.29.67.250 type ipsec-l2l
tunnel-group 203.29.67.250 ipsec-attributes
 pre-shared-key *
tunnel-group 149.135.45.231 type ipsec-l2l
tunnel-group 149.135.45.231 ipsec-attributes
 pre-shared-key *
tunnel-group 120.150.30.13 type ipsec-l2l
tunnel-group 120.150.30.13 ipsec-attributes
 pre-shared-key *
tunnel-group vpn3000-test type ipsec-ra
tunnel-group vpn3000-tpg type ipsec-ra
tunnel-group vpn3000-tpg general-attributes
 address-pool vpnclientpool
 authentication-server-group (TPGOutside) TACACS+
 default-group-policy normalgp
tunnel-group vpn3000-tpg ipsec-attributes
 pre-shared-key *
prompt hostname context 
Cryptochecksum:a941e7020d28eafa84ee4e39503320e1
: end

macmillan# ex

Logoff

Hi,

Going through the configuration , i don't see any issues that might prevent full throughput thru the ASA device.

I would although recommend that you should upgrade the ASA code to the ASA 8.2.5 code as that might help.

Also , are we seeing any performance issues (ex:- High CPU , High Memory , Interface errors etc) on the ASA device ?

Thanks and Regards,

Vibhor Amrodia

Can you set speed 1000 and duplex full on every interface of your ASA ?

Hi Walter

Done, but it still makes no difference - 10 Meg through.

Vibhor - this device runs at around 5% CPU, and 212 Meg memory. We're not seeing any interface errors.

Thanks

Chris

Hi,

I think it would be best now to open a TAC case now for this as I don't think that the ASA device is causing the issue. Were you able o upgrade the IOS to 8.2.5 ?

If possible , share the show tech output from the ASA device and a brief topology ?

Thanks and Regards,

Vibhor Amrodia

Can you set speed 1000 and duplex full on every port of the switch where the ASA is connected ?

Hi Walter

That has been set, but still the same.

Thanks

Chris

internodetech
Level 1
Level 1

What kind of speedtest are you doing? Can you test UDP throughput as well? If there aren't any interface errors or drops it could be a TCP issue (windowing etc)..

I'd set up an iperf service on one of the segments and push both TCP and UDP traffic and see how it handles each one. If only TCP is slow, I'd do some packet captures and look at the TCP details (especially windowing info).

While the datasheets are inflated, you should easily get over 100 Mbps out the 5520. We   had a few in production and easily got over 200 Mbps of Internet throughput.

 

Hi

I'm just using speedtest.net. When I direct connected it to the provider NTU I got the rates up in the high 90s, but through the ASA down at 10 Meg. I'll run up iperf and test.

Thanks

Chris

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: