ciscoasa# show run : Saved : ASA Version 7.0(4)12 ! hostname ciscoasa domain-name default.domain.invalid enable password xxxxxxxx encrypted names ! interface Ethernet0/0 nameif outside security-level 0 ip address 65.xxx.xxx.20 255.255.252.0 ! interface Ethernet0/1 nameif inside security-level 100 ip address 10.10.1.26 255.255.255.0 ! interface Ethernet0/2 nameif dmz security-level 50 ip address 10.10.2.26 255.255.255.0 ! interface Management0/0 nameif management security-level 100 ip address 192.168.1.1 255.255.255.0 management-only ! passwd xxxxxxxxxxx encrypted ftp mode passive clock timezone AKST -9 clock summer-time AKDT recurring access-list inbound extended permit tcp any interface outside eq smtp access-list inbound extended permit tcp any interface outside eq www access-list inbound extended permit tcp any interface outside eq https access-list inbound extended permit tcp any interface outside eq pop3 access-list inbound extended permit tcp any interface outside eq domain pager lines 24 logging enable logging asdm informational mtu management 1500 mtu inside 1500 mtu dmz 1500 mtu outside 1500 icmp permit 10.10.1.0 255.255.255.0 dmz icmp permit 10.10.1.0 255.255.255.0 outside asdm image disk0:/asdm-504.bin no asdm history enable arp timeout 14400 nat-control global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 static (dmz,outside) tcp interface smtp 10.10.2.21 smtp netmask 255.255.255.255 static (dmz,outside) tcp interface www 10.10.2.21 www netmask 255.255.255.255 static (dmz,outside) tcp interface pop3 10.10.2.21 pop3 netmask 255.255.255.255 static (dmz,outside) tcp interface domain 10.10.2.21 domain netmask 255.255.255.255 static (dmz,outside) udp interface domain 10.10.2.21 domain netmask 255.255.255.255 static (dmz,outside) tcp interface https 10.10.2.21 https netmask 255.255.255.255 static (inside,dmz) 192.168.10.0 192.168.10.0 netmask 255.255.255.0 static (inside,dmz) 10.10.100.0 10.10.100.0 netmask 255.255.255.0 static (inside,dmz) 10.10.1.0 10.10.1.0 netmask 255.255.255.0 static (inside,dmz) 10.10.3.0 10.10.3.0 netmask 255.255.255.0 static (inside,dmz) 10.10.5.0 10.10.5.0 netmask 255.255.255.0 static (inside,dmz) 10.10.9.0 10.10.9.0 netmask 255.255.255.0 static (inside,dmz) 10.10.10.0 10.10.10.0 netmask 255.255.255.0 static (inside,dmz) 10.10.11.0 10.10.11.0 netmask 255.255.255.0 access-group inbound in interface outside route inside 192.168.10.0 255.255.255.0 10.10.1.1 1 route inside 10.10.11.0 255.255.255.0 10.10.1.1 1 route inside 10.10.10.0 255.255.255.0 10.10.1.1 1 route inside 10.10.9.0 255.255.255.0 10.10.1.1 1 route inside 10.10.7.0 255.255.255.0 10.10.1.1 1 route inside 10.10.5.0 255.255.255.0 10.10.1.1 1 route inside 10.10.3.0 255.255.255.0 10.10.1.1 1 route inside 10.10.100.0 255.255.255.0 10.10.1.1 1 route outside 0.0.0.0 0.0.0.0 65.xxx.xxx.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute http server enable http 192.168.1.0 255.255.255.0 management no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart telnet 192.168.1.0 255.255.255.0 management telnet 10.10.0.0 255.255.0.0 inside telnet timeout 30 ssh timeout 5 console timeout 0 dhcpd address 192.168.1.2-192.168.1.254 management dhcpd lease 3600 dhcpd ping_timeout 50 dhcpd enable management ! class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class inspection_default inspect dns maximum-length 512 inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect icmp inspect icmp error ! service-policy global_policy global Cryptochecksum:xxxxxxxxxxxxxxxx : end ciscoasa#