: PIX Version 7.2(2) ! hostname xxxx domain-name default.domain.invalid enable password sL6GDY6lmoYowyPs encrypted names dns-guard ! interface Ethernet0 nameif outside security-level 0 ip address x.x.x.x 255.255.255.248 ! interface Ethernet1 nameif inside security-level 100 ip address 172.16.20.2 255.255.255.0 ! interface Ethernet2 shutdown nameif intf2 security-level 4 no ip address ! passwd sL6GDY6lmoYowyPs encrypted boot system flash:/asa722-k8.bin ftp mode passive dns server-group DefaultDNS domain-name default.domain.invalid access-list outside extended permit tcp any host 212.77.215.84 eq www access-list nonat extended permit ip 172.16.0.0 255.255.0.0 20.20.20.0 255.255.255.0 access-list nonat extended permit ip host 172.16.20.218 10.10.10.0 255.255.255.0 access-list RAVPN standard permit 172.16.0.0 255.255.0.0 access-list 101 extended permit tcp host 172.16.20.218 10.10.10.0 255.255.255.0 eq sqlnet access-list 101 extended permit ip host 172.16.20.218 10.10.10.0 255.255.255.0 no pager logging asdm informational mtu outside 1500 mtu inside 1500 mtu intf2 1500 ip local pool vpnpool 20.20.20.1-20.20.20.254 mask 255.255.255.0 ip local pool clientpool 10.10.10.1-10.10.10.200 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 asdm image flash:/asdm-522.bin no asdm history enable arp timeout 14400 nat-control global (outside) 1 interface nat (inside) 0 access-list nonat nat (inside) 1 172.16.20.0 255.255.255.0 static (inside,outside) 212.77.215.84 172.16.20.188 netmask 255.255.255.255 access-group outside in interface outside route outside 0.0.0.0 0.0.0.0 212.77.215.81 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius group-policy remotevpn internal group-policy remotevpn attributes dns-server value 212.77.192.60 vpn-simultaneous-logins 10 vpn-idle-timeout 30 vpn-tunnel-protocol IPSec split-tunnel-policy tunnelspecified split-tunnel-network-list value RAVPN default-domain value gig.com.qa group-policy remotevpn2 internal group-policy remotevpn2 attributes vpn-idle-timeout 30 vpn-tunnel-protocol IPSec split-tunnel-policy tunnelspecified split-tunnel-network-list value 101 username xxxxx password XgmYRfhin0oZXUzW encrypted privilege 15 username xxxxx password RVa.WNKfjMtx2K9y encrypted http server enable http 172.16.20.213 255.255.255.255 inside no snmp-server location no snmp-server contact snmp-server community public snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set xxSet esp-des esp-md5-hmac crypto dynamic-map dyn1 1 set transform-set xxSet crypto dynamic-map dyn1 1 set reverse-route crypto map mymap 1 ipsec-isakmp dynamic dyn1 crypto map mymap interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption 3des hash sha group 2 lifetime 43200 crypto isakmp nat-traversal 20 tunnel-group xxADMIN type ipsec-ra tunnel-group xxADMIN general-attributes address-pool vpnpool default-group-policy remotevpn tunnel-group xxADMIN ipsec-attributes pre-shared-key * tunnel-group xxCLIENT type ipsec-ra tunnel-group xxCLIENT general-attributes address-pool clientpool default-group-policy remotevpn2 tunnel-group xxxCLIENT ipsec-attributes pre-shared-key * telnet 172.16.20.213 255.255.255.255 inside telnet timeout 5 ssh timeout 5 ssh version 1 console timeout 0 ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns migrated_dns_map_1 parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns migrated_dns_map_1 inspect ftp inspect h323 h225 inspect h323 ras inspect http inspect netbios inspect rsh inspect rtsp inspect skinny inspect esmtp inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp ! service-policy global_policy global prompt hostname context Cryptochecksum:e7dfb12772beba7c05d0e908217b4959 : end