Result of the command: "show running-config" : Saved : ASA Version 7.2(5) ! hostname locfw01 domain-name locayta.local enable password bmGyRPX5ViDHVviL encrypted passwd un3dfuZG8DFC4WnI encrypted names name 10.71.130.19 NectarTTPro description Nectar Test Track Pro name 172.16.50.0 VPN name 10.192.0.0 VMNetwork name 10.193.0.0 Management name 172.16.101.250 NectarNAT name 172.16.102.14 mgmt02 name 83.104.147.186 nparkremoreserver description Nigel Park Commence Remote name 10.71.130.63 NectarTTProNew name 192.168.12.0 Umbee description Umbee Network name 10.196.0.0 btvlan description bt vlan dns-guard ! interface Ethernet0/0 description Uplink to Optimity Internet nameif External security-level 0 ip address 37.157.32.98 255.255.255.248 standby 37.157.32.99 ospf cost 10 ! interface Ethernet0/1 description VoIP link to switches nameif Port1Physical security-level 80 no ip address ospf cost 10 ! interface Ethernet0/1.168 description VoIP VLAN vlan 168 nameif VoIPVlan168 security-level 80 ip address 192.168.0.1 255.255.255.0 standby 192.168.0.2 ! interface Ethernet0/2 description LAN/STATE Failover Interface ! interface Ethernet0/3 description Link to switches nameif Port3Physical security-level 80 no ip address ospf cost 10 ! interface Ethernet0/3.101 description Workstation VLAN vlan 101 nameif InternalWorkstationsVlan101 security-level 80 ip address 172.16.101.1 255.255.255.0 standby 172.16.101.2 ospf cost 10 ! interface Ethernet0/3.102 description Server VLAN vlan 102 nameif InternalServersVlan102 security-level 80 ip address 172.16.102.1 255.255.255.0 standby 172.16.102.2 ospf cost 10 ! interface Management0/0 nameif Management security-level 100 ip address 172.16.105.1 255.255.255.0 standby 172.16.105.2 ospf cost 10 management-only ! boot system disk0:/asa725-k8.bin ftp mode passive clock timezone GMT/BST 0 clock summer-time GMT/BDT recurring last Sun Mar 1:00 last Sun Oct 2:00 dns domain-lookup External dns server-group DefaultDNS name-server 172.16.102.10 name-server 172.16.102.11 domain-name locayta.local same-security-traffic permit inter-interface same-security-traffic permit intra-interface object-group network LocaytaOfficeNetworks description All networks considered inside the Locayta Office network-object 172.16.101.0 255.255.255.0 network-object 172.16.102.0 255.255.255.0 network-object VPN 255.255.255.0 network-object 192.168.0.0 255.255.255.0 object-group network SavvisNetworks description All networks at Savvis Winnersh network-object 10.191.0.0 255.255.252.0 network-object 10.83.62.0 255.255.255.240 network-object 10.83.62.16 255.255.255.240 network-object 10.83.62.32 255.255.255.224 network-object 10.83.111.144 255.255.255.240 network-object host 10.83.62.39 object-group icmp-type Good_ICMP description Stuff we like to use icmp-object echo icmp-object echo-reply icmp-object source-quench icmp-object time-exceeded icmp-object unreachable object-group network SMLOfficeNetworks network-object 172.16.101.0 255.255.255.0 network-object 172.16.102.0 255.255.255.0 network-object VPN 255.255.255.0 object-group network SavvisSloughPrivateNetworks description Private networks at SAVVIS Slough network-object VMNetwork 255.255.0.0 object-group network SavvisNet description Slough Savvis Networks network-object VMNetwork 255.255.0.0 network-object Management 255.255.254.0 network-object btvlan 255.255.254.0 object-group service RDP tcp port-object eq 3389 object-group network NectarTicketing description Nectar Ticketing Systems network-object host NectarTTPro network-object host NectarTTProNew network-object host 109.150.91.141 object-group network Umbee network-object Umbee 255.255.255.0 object-group network UmbeeNY network-object 192.168.13.0 255.255.255.0 object-group network Hosts-To-Block network-object host 212.250.216.123 network-object host 212.250.216.34 access-list InternalWorkstationsVlan101_nat0_outbound remark Required for remote VPN access access-list InternalWorkstationsVlan101_nat0_outbound extended permit ip any VPN 255.255.255.0 access-list InternalWorkstationsVlan101_nat0_outbound remark Lets traffic go from workstation to server without NAT access-list InternalWorkstationsVlan101_nat0_outbound extended permit ip 172.16.101.0 255.255.255.0 172.16.102.0 255.255.255.0 access-list InternalWorkstationsVlan101_nat0_outbound extended permit ip 172.16.101.0 255.255.255.0 object-group SavvisNetworks access-list InternalWorkstationsVlan101_nat0_outbound extended permit ip 172.16.101.0 255.255.255.0 object-group SavvisSloughPrivateNetworks access-list InternalWorkstationsVlan101_nat0_outbound remark Required for remote VPN access access-list InternalWorkstationsVlan101_nat0_outbound remark Lets traffic go from workstation to server without NAT access-list InternalWorkstationsVlan101_nat0_outbound extended permit ip 172.16.101.0 255.255.255.0 object-group SavvisNet access-list InternalWorkstationsVlan101_nat0_outbound remark Required for remote VPN access access-list InternalWorkstationsVlan101_nat0_outbound remark Lets traffic go from workstation to server without NAT access-list InternalWorkstationsVlan101_nat0_outbound extended permit ip 172.16.101.0 255.255.255.0 object-group NectarTicketing access-list InternalWorkstationsVlan101_nat0_outbound remark Required for remote VPN access access-list InternalWorkstationsVlan101_nat0_outbound remark Lets traffic go from workstation to server without NAT access-list InternalWorkstationsVlan101_nat0_outbound extended permit ip 172.16.101.0 255.255.255.0 Umbee 255.255.255.0 access-list InternalWorkstationsVlan101_nat0_outbound remark Required for remote VPN access access-list InternalWorkstationsVlan101_nat0_outbound remark Lets traffic go from workstation to server without NAT access-list InternalWorkstationsVlan101_nat0_outbound extended permit ip 172.16.101.0 255.255.255.0 object-group UmbeeNY access-list InternalWorkstationsVlan101_nat0_outbound remark Required for remote VPN access access-list InternalWorkstationsVlan101_nat0_outbound remark Lets traffic go from workstation to server without NAT access-list InternalServersVlan102_nat0_outbound remark Required for remote VPN access access-list InternalServersVlan102_nat0_outbound extended permit ip any VPN 255.255.255.0 access-list InternalServersVlan102_nat0_outbound remark Traffic from Server to Workstation Without NAT access-list InternalServersVlan102_nat0_outbound extended permit ip 172.16.102.0 255.255.255.0 172.16.101.0 255.255.255.0 access-list InternalServersVlan102_nat0_outbound extended permit ip 172.16.102.0 255.255.255.0 object-group SavvisNetworks access-list InternalServersVlan102_nat0_outbound extended permit ip 172.16.102.0 255.255.255.0 object-group SavvisSloughPrivateNetworks access-list InternalServersVlan102_nat0_outbound remark Required for remote VPN access access-list InternalServersVlan102_nat0_outbound remark Traffic from Server to Workstation Without NAT access-list InternalServersVlan102_nat0_outbound extended permit ip 172.16.102.0 255.255.255.0 object-group SavvisNet access-list InternalServersVlan102_nat0_outbound remark Required for remote VPN access access-list InternalServersVlan102_nat0_outbound remark Traffic from Server to Workstation Without NAT access-list InternalServersVlan102_nat0_outbound extended permit ip 172.16.102.0 255.255.255.0 Umbee 255.255.255.0 access-list InternalServersVlan102_nat0_outbound remark Required for remote VPN access access-list InternalServersVlan102_nat0_outbound remark Traffic from Server to Workstation Without NAT access-list InternalServersVlan102_nat0_outbound extended permit ip 172.16.102.0 255.255.255.0 object-group UmbeeNY access-list InternalServersVlan102_nat0_outbound remark Required for remote VPN access access-list InternalServersVlan102_nat0_outbound remark Traffic from Server to Workstation Without NAT access-list Tunnel_Networks standard permit 172.16.102.0 255.255.255.0 access-list Tunnel_Networks standard permit 172.16.101.0 255.255.255.0 access-list Tunnel_Networks standard permit 10.191.0.0 255.255.252.0 access-list Tunnel_Networks standard permit 10.83.62.0 255.255.255.240 access-list Tunnel_Networks standard permit 10.83.62.16 255.255.255.240 access-list Tunnel_Networks standard permit 10.83.62.32 255.255.255.224 access-list Tunnel_Networks standard permit 10.83.111.144 255.255.255.240 access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks standard permit VMNetwork 255.255.0.0 access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list Tunnel_Networks remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl standard permit 172.16.102.0 255.255.255.0 access-list RemoteUsers_splitTunnelAcl standard permit 172.16.101.0 255.255.255.0 access-list RemoteUsers_splitTunnelAcl standard permit 10.191.0.0 255.255.252.0 access-list RemoteUsers_splitTunnelAcl standard permit 10.83.62.0 255.255.255.240 access-list RemoteUsers_splitTunnelAcl standard permit 10.83.62.16 255.255.255.240 access-list RemoteUsers_splitTunnelAcl standard permit 10.83.62.32 255.255.255.224 access-list RemoteUsers_splitTunnelAcl standard permit 10.83.111.144 255.255.255.240 access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl standard permit VMNetwork 255.255.0.0 access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVV private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list RemoteUsers_splitTunnelAcl remark SAVVIS Slough private access-list External_access_in extended permit icmp any any object-group Good_ICMP access-list External_access_in remark helpdesk.locayta.com access-list External_access_in extended permit tcp any host 37.157.32.100 eq smtp access-list External_access_in remark helpdesk.locayta.com access-list External_access_in extended permit tcp any host 37.157.32.100 eq https access-list External_access_in remark locadfp01 access-list External_access_in extended permit tcp any host 37.157.32.101 eq https access-list External_access_in extended deny ip object-group Hosts-To-Block any access-list External_1_cryptomap extended permit ip object-group SMLOfficeNetworks object-group SavvisNetworks access-list External_nat0_outbound extended permit ip VPN 255.255.255.0 object-group SavvisNetworks access-list External_nat0_outbound extended permit ip VPN 255.255.255.0 object-group SavvisSloughPrivateNetworks access-list External_nat0_outbound extended permit ip VPN 255.255.255.0 VPN 255.255.255.0 access-list External_nat0_outbound remark Locayta VPN clients to Nectar access-list External_nat0_outbound extended permit ip VPN 255.255.255.0 object-group SavvisNet access-list External_nat0_outbound remark Locayta VPN clients to Nectar access-list External_nat0_outbound extended permit ip VPN 255.255.255.0 Umbee 255.255.255.0 access-list External_nat0_outbound remark Locayta VPN clients to Nectar access-list External_nat0_outbound extended permit ip VPN 255.255.255.0 object-group UmbeeNY access-list External_nat0_outbound remark Locayta VPN clients to Nectar access-list NECTARVPN extended permit ip 172.16.101.0 255.255.255.0 host NectarTTPro access-list External_2_cryptomap extended permit ip object-group SMLOfficeNetworks object-group SavvisNet access-list TestVLAN_nat0_outbound extended permit ip any object-group SavvisSloughPrivateNetworks access-list TestVLAN_nat0_outbound extended permit ip any object-group SavvisNetworks access-list TestVLAN_nat0_outbound extended permit ip any 172.16.102.0 255.255.255.0 access-list External_5_cryptomap extended permit ip object-group SMLOfficeNetworks object-group UmbeeNY access-list External_3_cryptomap extended permit ip object-group SMLOfficeNetworks object-group NectarTicketing access-list External_4_cryptomap extended permit ip object-group SMLOfficeNetworks object-group Umbee pager lines 24 logging enable logging standby logging list AllErrors level errors logging trap critical logging asdm warnings logging mail errors logging from-address PercyStreet@locayta.com logging recipient-address jhenderson@locayta.com level critical logging facility 22 logging host InternalServersVlan102 172.16.102.103 mtu External 1500 mtu Port1Physical 1500 mtu VoIPVlan168 1500 mtu Port3Physical 1500 mtu InternalWorkstationsVlan101 1500 mtu InternalServersVlan102 1500 mtu Management 1500 ip local pool AdminIPPool 172.16.50.100-172.16.50.110 mask 255.255.255.0 ip local pool GenIPPool 172.16.50.111-172.16.50.150 mask 255.255.255.0 ip verify reverse-path interface External failover failover lan unit secondary failover lan interface locfw01 Ethernet0/2 failover interface-policy 2 failover key ***** failover link locfw01 Ethernet0/2 failover interface ip locfw01 172.16.103.1 255.255.255.0 standby 172.16.103.2 no monitor-interface Port1Physical monitor-interface VoIPVlan168 no monitor-interface Port3Physical monitor-interface InternalWorkstationsVlan101 monitor-interface InternalServersVlan102 no monitor-interface Management icmp unreachable rate-limit 1 burst-size 1 icmp permit any InternalWorkstationsVlan101 icmp permit any InternalServersVlan102 asdm image disk0:/asdm-525.bin no asdm history enable arp timeout 14400 global (External) 10 interface global (InternalWorkstationsVlan101) 1 interface nat (External) 0 access-list External_nat0_outbound nat (External) 10 VPN 255.255.255.0 nat (VoIPVlan168) 10 0.0.0.0 0.0.0.0 nat (InternalWorkstationsVlan101) 0 access-list InternalWorkstationsVlan101_nat0_outbound nat (InternalWorkstationsVlan101) 10 0.0.0.0 0.0.0.0 nat (InternalServersVlan102) 0 access-list InternalServersVlan102_nat0_outbound nat (InternalServersVlan102) 10 0.0.0.0 0.0.0.0 dns static (InternalServersVlan102,External) tcp interface 3389 mgmt02 3389 netmask 255.255.255.255 static (InternalServersVlan102,External) 37.157.32.100 172.16.102.15 netmask 255.255.255.255 dns static (InternalServersVlan102,External) 37.157.32.101 172.16.102.20 netmask 255.255.255.255 dns no threat-detection statistics tcp-intercept access-group External_access_in in interface External route External 0.0.0.0 0.0.0.0 37.157.32.97 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 aaa-server WindowsIAS protocol radius aaa-server WindowsIAS (InternalServersVlan102) host 172.16.102.10 key l0c@yt@ aaa-server WindowsIAS (InternalServersVlan102) host 172.16.102.11 key l0c@yt@ radius-common-pw l0c@yt@ aaa authentication ssh console LOCAL aaa authorization command LOCAL http server enable http 172.16.105.0 255.255.255.0 Management http VPN 255.255.255.0 External http 93.96.76.158 255.255.255.255 External http 79.173.188.58 255.255.255.255 External http 172.16.0.0 255.255.0.0 InternalServersVlan102 http 86.11.77.37 255.255.255.255 External http 82.16.152.93 255.255.255.255 External http 172.16.101.0 255.255.255.0 InternalWorkstationsVlan101 http 37.157.32.98 255.255.255.255 External http 172.16.102.0 255.255.255.0 External snmp-server host InternalServersVlan102 172.16.102.103 poll community ***** version 2c snmp-server location SML Office no snmp-server contact snmp-server community ***** snmp-server enable traps snmp authentication linkup linkdown coldstart service resetoutside crypto ipsec transform-set TRANS_ESP_SHA esp-3des esp-sha-hmac crypto ipsec transform-set TRANS_ESP_SHA mode transport crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map External_dyn_map 1 set transform-set TRANS_ESP_SHA ESP-3DES-SHA crypto dynamic-map External_dyn_map 20 set transform-set ESP-3DES-SHA crypto dynamic-map External_dyn_map 40 set transform-set ESP-3DES-SHA crypto dynamic-map External_dyn_map 60 set transform-set ESP-3DES-SHA crypto map External_map 1 match address External_1_cryptomap crypto map External_map 1 set pfs crypto map External_map 1 set peer 82.118.75.253 crypto map External_map 1 set transform-set ESP-3DES-SHA crypto map External_map 2 match address External_2_cryptomap crypto map External_map 2 set pfs crypto map External_map 2 set peer 205.217.13.4 crypto map External_map 2 set transform-set ESP-3DES-SHA crypto map External_map 3 match address External_3_cryptomap crypto map External_map 3 set pfs crypto map External_map 3 set peer 82.118.72.132 crypto map External_map 3 set transform-set ESP-3DES-SHA crypto map External_map 4 match address External_4_cryptomap crypto map External_map 4 set peer 185.42.64.2 crypto map External_map 4 set transform-set ESP-3DES-SHA crypto map External_map 5 match address External_5_cryptomap crypto map External_map 5 set peer 64.90.181.146 crypto map External_map 5 set transform-set ESP-3DES-SHA crypto map External_map 65535 ipsec-isakmp dynamic External_dyn_map crypto map External_map interface External crypto isakmp identity hostname crypto isakmp enable External crypto isakmp enable Port1Physical crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 crypto isakmp nat-traversal 20 vpn-sessiondb max-webvpn-session-limit 2 telnet 172.16.50.150 255.255.255.255 External telnet 0.0.0.0 0.0.0.0 InternalWorkstationsVlan101 telnet timeout 5 ssh VPN 255.255.255.0 External ssh 172.16.101.0 255.255.255.0 InternalWorkstationsVlan101 ssh 172.16.102.0 255.255.255.0 InternalServersVlan102 ssh 172.16.105.0 255.255.255.0 Management ssh timeout 5 console timeout 0 dhcpd dns 62.244.176.176 62.244.177.177 interface Port1Physical ! dhcpd address 172.16.105.10-172.16.105.100 Management ! dhcprelay server 172.16.102.10 InternalServersVlan102 dhcprelay enable VoIPVlan168 dhcprelay enable InternalWorkstationsVlan101 dhcprelay setroute VoIPVlan168 dhcprelay setroute InternalWorkstationsVlan101 dhcprelay timeout 60 ntp server 172.16.102.10 source InternalServersVlan102 prefer tftp-server InternalServersVlan102 172.16.102.103 /PercyStreet-config webvpn url-list Services "Outlook Web Access" http://172.16.102.103/exchange 1 group-policy DfltGrpPolicy attributes banner none wins-server none dns-server none dhcp-network-scope none vpn-access-hours none vpn-simultaneous-logins 3 vpn-idle-timeout none vpn-session-timeout none vpn-filter none vpn-tunnel-protocol IPSec l2tp-ipsec webvpn password-storage disable ip-comp disable re-xauth disable group-lock none pfs disable ipsec-udp disable ipsec-udp-port 10000 split-tunnel-policy tunnelall split-tunnel-network-list none default-domain none split-dns none intercept-dhcp 255.255.255.255 disable secure-unit-authentication disable user-authentication disable user-authentication-idle-timeout 30 ip-phone-bypass disable leap-bypass disable nem disable backup-servers keep-client-config msie-proxy server none msie-proxy method no-modify msie-proxy except-list none msie-proxy local-bypass disable nac disable nac-sq-period 300 nac-reval-period 36000 nac-default-acl none address-pools none smartcard-removal-disconnect enable client-firewall none client-access-rule none webvpn functions url-entry mapi html-content-filter none homepage none keep-alive-ignore 4 http-comp gzip filter none url-list none customization value DfltCustomization port-forward none port-forward-name value Application Access sso-server none deny-message value Login was successful, but because certain criteria have not been met or due to some specific group policy, you do not have permission to use any of the VPN features. Contact your IT administrator for more information svc none svc keep-installer installed svc keepalive none svc rekey time none svc rekey method none svc dpd-interval client none svc dpd-interval gateway none svc compression deflate group-policy WebVPNGroupPolicy internal group-policy WebVPNGroupPolicy attributes vpn-tunnel-protocol webvpn webvpn functions url-entry mapi url-list value Services group-policy LocaytaSavvisPolicy internal group-policy LocaytaSavvisPolicy attributes vpn-idle-timeout none group-policy Administrators internal group-policy Administrators attributes dns-server value 172.16.102.101 172.16.102.102 split-tunnel-policy tunnelall split-tunnel-network-list value Tunnel_Networks default-domain value locayta.local group-policy L2TPClientPolicy internal group-policy L2TPClientPolicy attributes dns-server value 172.16.102.10 vpn-idle-timeout 60 vpn-tunnel-protocol IPSec l2tp-ipsec re-xauth enable pfs disable split-tunnel-policy tunnelspecified split-tunnel-network-list value Tunnel_Networks default-domain value locayta.local intercept-dhcp 255.255.255.255 enable username locaytacisco password ve.DcaYH94yxG40R encrypted privilege 15 username vpnadmin password VdH4.675WC/i4.uN encrypted username vpnadmin attributes vpn-group-policy Administrators group-lock value Administrators username root password xaV7liESILFpGhkZ encrypted privilege 15 tunnel-group DefaultRAGroup general-attributes address-pool GenIPPool authentication-server-group WindowsIAS default-group-policy L2TPClientPolicy tunnel-group DefaultRAGroup ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group DefaultRAGroup ppp-attributes no authentication chap authentication ms-chap-v2 tunnel-group DefaultWEBVPNGroup general-attributes authentication-server-group WindowsIAS authorization-server-group WindowsIAS default-group-policy WebVPNGroupPolicy tunnel-group DefaultWEBVPNGroup webvpn-attributes nbns-server 172.16.102.101 master timeout 2 retry 2 tunnel-group Administrators type ipsec-ra tunnel-group Administrators general-attributes address-pool AdminIPPool authentication-server-group WindowsIAS LOCAL default-group-policy Administrators tunnel-group Administrators ipsec-attributes pre-shared-key * tunnel-group 82.118.75.253 type ipsec-l2l tunnel-group 82.118.75.253 general-attributes default-group-policy LocaytaSavvisPolicy tunnel-group 82.118.75.253 ipsec-attributes pre-shared-key * tunnel-group 82.118.72.132 type ipsec-l2l tunnel-group 82.118.72.132 ipsec-attributes pre-shared-key * tunnel-group 185.42.64.2 type ipsec-l2l tunnel-group 185.42.64.2 ipsec-attributes pre-shared-key * tunnel-group 64.90.181.146 type ipsec-l2l tunnel-group 64.90.181.146 ipsec-attributes pre-shared-key * tunnel-group 205.217.13.4 type ipsec-l2l tunnel-group 205.217.13.4 general-attributes default-group-policy LocaytaSavvisPolicy tunnel-group 205.217.13.4 ipsec-attributes pre-shared-key * ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect netbios inspect rsh inspect rtsp inspect skinny inspect esmtp inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp policy-map type inspect dns migrated_dns_map_1 parameters message-length maximum 512 ! service-policy global_policy global imap4s enable External port 143 server owa.mailseat.com authentication-server-group WindowsIAS authorization-server-group WindowsIAS default-group-policy DfltGrpPolicy authentication aaa pop3s authentication-server-group WindowsIAS authorization-server-group WindowsIAS default-group-policy DfltGrpPolicy authorization-required smtps enable External port 25 server 212.124.239.209 authentication-server-group WindowsIAS authorization-server-group WindowsIAS default-group-policy DfltGrpPolicy authorization-required smtp-server 205.217.13.38 prompt hostname context Cryptochecksum:9d732380b2e02e3665b7af8cc678cee2 : end