PhoenixFW# sh run : Saved : ASA Version 8.2(5) ! hostname PhoenixFW enable password .S.n9qHJCBXi5ZNX encrypted passwd /SUACIz.qMfCmTgP encrypted names ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 shutdown ! interface Ethernet0/3 shutdown ! interface Ethernet0/4 shutdown ! interface Ethernet0/5 shutdown ! interface Ethernet0/6 shutdown ! interface Ethernet0/7 shutdown ! interface Vlan1 nameif inside security-level 100 ip address 10.20.15.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address 65.244.227.18 255.255.255.240 ! ftp mode passive access-list nonat extended permit ip 10.20.15.0 255.255.255.0 10.20.1.0 255.255.255.0 access-list nonat extended permit ip 10.20.15.0 255.255.255.0 10.90.10.0 255.255.255.0 access-list nonat extended permit ip 10.20.15.0 255.255.255.0 10.0.0.0 255.255.0.0 access-list nonat extended permit ip 10.20.15.0 255.255.255.0 10.1.0.0 255.255.0.0 access-list UtilX extended permit ip 10.20.15.0 255.255.255.0 10.20.1.0 255.255.255.0 access-list INFX extended permit ip 10.20.15.0 255.255.255.0 10.90.10.0 255.255.255.0 access-list wbhou-colo extended permit ip 10.20.15.0 255.255.255.0 10.0.2.0 255.255.255.0 access-list wbhou-colo extended permit ip 10.20.15.0 255.255.255.0 10.0.3.0 255.255.255.0 access-list wbhou-colo extended permit ip 10.20.15.0 255.255.255.0 10.0.6.0 255.255.255.0 access-list wbhou-colo extended permit ip 10.20.15.0 255.255.255.0 10.0.7.0 255.255.255.0 access-list wbhou-colo extended permit ip 10.20.15.0 255.255.255.0 10.0.8.0 255.255.255.0 access-list wbhou-colo extended permit ip 10.20.15.0 255.255.255.0 10.0.20.0 255.255.255.0 access-list wbhou-colo extended permit ip 10.20.15.0 255.255.255.0 10.0.120.0 255.255.255.0 access-list wbtulsa extended permit ip 10.20.15.0 255.255.255.0 10.1.0.0 255.255.0.0 access-list wbhou-po extended permit ip 10.20.15.0 255.255.255.0 10.0.0.0 255.255.0.0 access-list Phoenix_Denver extended permit ip 10.20.15.0 255.255.255.0 10.20.7.0 255.255.255.0 pager lines 24 logging enable logging buffered informational logging trap notifications logging host inside 10.20.1.14 mtu inside 1500 mtu outside 1500 ip verify reverse-path interface inside ip verify reverse-path interface outside icmp unreachable rate-limit 1 burst-size 1 icmp permit any inside no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list nonat nat (inside) 1 0.0.0.0 0.0.0.0 route outside 0.0.0.0 0.0.0.0 65.244.227.17 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy aaa authentication ssh console LOCAL aaa authentication telnet console LOCAL no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set desmd5 esp-des esp-md5-hmac crypto ipsec transform-set 3desmd5 esp-3des esp-md5-hmac crypto ipsec transform-set ESP-AES256-SHA esp-aes-256 esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map PhoeniX 10 match address INFX crypto map PhoeniX 10 set peer 65.203.235.18 crypto map PhoeniX 10 set transform-set desmd5 crypto map PhoeniX 20 match address UtilX crypto map PhoeniX 20 set peer 63.64.244.138 crypto map PhoeniX 20 set transform-set 3desmd5 crypto map PhoeniX 30 match address wbhou-colo crypto map PhoeniX 30 set peer 38.110.199.202 216.117.49.102 crypto map PhoeniX 30 set transform-set ESP-AES256-SHA crypto map PhoeniX 35 match address wbtulsa crypto map PhoeniX 35 set peer 38.109.136.132 crypto map PhoeniX 35 set transform-set ESP-AES256-SHA crypto map PhoeniX 40 match address wbhou-po crypto map PhoeniX 40 set peer 38.100.155.46 crypto map PhoeniX 40 set transform-set ESP-AES256-SHA crypto map PhoeniX interface outside crypto map Phoenix 50 match address Phoenix_Denver crypto map Phoenix 50 set peer 65.102.216.130 crypto map Phoenix 50 set transform-set 3desmd5 crypto isakmp identity address crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption des hash md5 group 1 lifetime 86400 crypto isakmp policy 20 authentication pre-share encryption 3des hash md5 group 2 lifetime 86400 crypto isakmp policy 25 authentication pre-share encryption aes-256 hash sha group 2 lifetime 86400 no crypto isakmp nat-traversal telnet 10.20.15.0 255.255.255.0 inside telnet timeout 15 ssh 0.0.0.0 0.0.0.0 inside ssh 63.64.244.128 255.255.255.240 outside ssh 38.110.199.204 255.255.255.255 outside ssh 38.100.155.40 255.255.255.248 outside ssh 12.39.113.40 255.255.255.255 outside ssh 38.109.136.134 255.255.255.255 outside ssh timeout 30 console timeout 0 management-access inside threat-detection basic-threat threat-detection statistics host threat-detection statistics access-list threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200 username WutdA password irbvhCRCdHYBYxiB encrypted privilege 15 tunnel-group 63.64.244.138 type ipsec-l2l tunnel-group 63.64.244.138 ipsec-attributes pre-shared-key ***** tunnel-group 65.203.235.18 type ipsec-l2l tunnel-group 65.203.235.18 ipsec-attributes pre-shared-key ***** tunnel-group 38.110.199.202 type ipsec-l2l tunnel-group 38.110.199.202 ipsec-attributes pre-shared-key ***** tunnel-group 38.109.136.132 type ipsec-l2l tunnel-group 38.109.136.132 ipsec-attributes pre-shared-key ***** tunnel-group 38.100.155.46 type ipsec-l2l tunnel-group 38.100.155.46 ipsec-attributes pre-shared-key ***** tunnel-group 216.117.49.102 type ipsec-l2l tunnel-group 216.117.49.102 ipsec-attributes pre-shared-key ***** tunnel-group 65.102.216.130 type ipsec-l2l tunnel-group 65.102.216.130 ipsec-attributes pre-shared-key ***** ! class-map inspection_default ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy ! prompt hostname context no call-home reporting anonymous Cryptochecksum:638403f7cbacf4f5b02faeb1a56199c6 : end