no ip domain lookup ip domain name barnettcox.com ip inspect name SDM_LOW cuseeme ip inspect name SDM_LOW h323 ip inspect name SDM_LOW netshow ip inspect name SDM_LOW rcmd ip inspect name SDM_LOW realaudio ip inspect name SDM_LOW rtsp ip inspect name SDM_LOW esmtp ip inspect name SDM_LOW sqlnet ip inspect name SDM_LOW streamworks ip inspect name SDM_LOW tftp ip inspect name SDM_LOW udp ip inspect name SDM_LOW vdolive ip inspect name SDM_LOW icmp ip inspect name SDM_LOW tcp ip ips notify SDEE ip ips po max-events 100 no ftp-server write-enable ! ! ! ! ! ! ! interface FastEthernet0 no ip address no cdp enable ! interface FastEthernet1 switchport access vlan 2 no ip address no cdp enable ! interface FastEthernet2 switchport access vlan 3 no ip address no cdp enable ! interface FastEthernet3 no ip address no cdp enable ! interface FastEthernet4 description $ETH-WAN$$FW_OUTSIDE$ ip address ***.***.***.194 255.255.255.248 ip access-group 101 in ip verify unicast reverse-path no ip redirects no ip unreachables no ip proxy-arp ip nat outside ip inspect SDM_LOW out ip virtual-reassembly duplex auto speed auto no cdp enable ! interface Vlan1 description Main Network$FW_INSIDE$$ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$ ip address 10.10.1.254 255.255.255.0 ip access-group 102 in no ip redirects no ip unreachables ip nat inside ip virtual-reassembly ip route-cache flow ip tcp adjust-mss 1452 ! interface Vlan2 description ip address 10.10.2.254 255.255.255.0 ip access-group 102 in ip nat inside ip virtual-reassembly ! interface Vlan3 description ip address 10.10.3.254 255.255.255.0 ip nat inside ip virtual-reassembly ! ip classless ip route 0.0.0.0 0.0.0.0 ***.***.***.193 ! ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 5 life 86400 requests 10000 ip nat inside source list 1 interface FastEthernet4 overload ip nat inside source list 2 interface FastEthernet4 overload ip nat inside source list 3 interface FastEthernet4 overload ip nat inside source static 10.10.1.1 ***.***.***.195 ip nat inside source static 10.10.1.3 ***.***.***.196 ip nat inside source static 10.10.3.1 208.65.223.198 ! access-list 1 remark SDM_ACL Category=2 access-list 1 permit 10.10.1.0 0.0.0.255 access-list 2 remark BCA Unsecure NAT Access access-list 2 permit 10.10.2.0 0.0.0.255 access-list 3 remark SLO Passport NAT Access access-list 3 permit 10.10.3.0 0.0.0.255 access-list 101 permit tcp any host ***.***.***.194 eq 1723 access-list 101 permit gre any host ***.***.***.194 access-list 101 permit udp any host ***.***.***.194 eq isakmp access-list 101 permit esp any host ***.***.***.194 access-list 101 permit tcp any host ***.***.***.194 eq ftp access-list 101 permit tcp any host ***.***.***.194 eq ftp-data access-list 101 remark auto generated by SDM firewall configuration access-list 101 remark SDM_ACL Category=1 access-list 101 permit tcp any host ***.***.***.195 eq 443 access-list 101 permit tcp any host ***.***.***.195 eq smtp access-list 101 permit tcp any host ***.***.***.195 eq pop3 access-list 101 permit tcp any host ***.***.***.195 eq 4125 access-list 101 permit tcp any host ***.***.***.195 eq www access-list 101 permit tcp any host ***.***.***.195 eq 3389 access-list 101 permit tcp any host ***.***.***.195 eq ftp access-list 101 permit tcp any host ***.***.***.195 eq ftp-data access-list 101 permit tcp any host ***.***.***.196 eq 3389 access-list 101 permit ip any host 208.65.223.198 access-list 101 remark Auto generated by SDM for NTP (123) 208.73.11.21 access-list 101 permit udp host 208.73.11.21 eq ntp host ***.***.***.194 eq ntp access-list 101 permit ip 10.10.1.0 0.0.0.255 any access-list 101 permit tcp host 208.73.11.18 host ***.***.***.194 eq 443 access-list 101 permit tcp host 208.73.11.18 host ***.***.***.194 eq 22 access-list 101 permit tcp host 208.73.11.18 host ***.***.***.194 eq cmd access-list 101 permit icmp any any echo access-list 101 permit icmp any any echo-reply access-list 101 permit icmp any any time-exceeded access-list 101 permit icmp any any unreachable access-list 101 deny ip 172.16.0.0 0.15.255.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip host 255.255.255.255 any access-list 101 deny ip host 0.0.0.0 any access-list 101 deny ip any any log access-list 102 remark auto generated by SDM firewall configuration access-list 102 remark SDM_ACL Category=1 access-list 102 remark Auto generated by SDM for NTP (123) 66.17.50.157 access-list 102 permit udp host 208.73.11.21 eq ntp host 10.10.3.254 eq ntp access-list 102 deny ip 127.0.0.0 0.255.255.255 any access-list 102 permit ip any any