=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2009.04.17 16:23:34 =~=~=~=~=~=~=~=~=~=~=~= term pager 0 VNS-ASA# sho run : Saved : ASA Version 7.0(4) ! hostname VNS-ASA domain-name vnsct.com enable password OyZrvBtbTtTrxim4 encrypted names ! interface Ethernet0/0 nameif outside security-level 0 ip address 209.87.76.3 255.255.255.192 ! interface Ethernet0/1 nameif inside security-level 100 ip address 10.94.8.10 255.255.255.0 ! interface Ethernet0/2 speed 100 duplex full shutdown no nameif no security-level no ip address ! interface Management0/0 nameif management security-level 100 ip address 192.168.1.1 255.255.255.0 management-only ! passwd OyZrvBtbTtTrxim4 encrypted ftp mode passive clock timezone EST -5 clock summer-time EDT recurring same-security-traffic permit intra-interface object-group network ATTGigs network-object host 32.101.80.1 network-object host 32.101.152.1 network-object host 32.101.158.1 network-object host 32.101.250.1 network-object host 32.101.252.1 network-object host 32.102.191.1 network-object host 32.103.125.1 network-object host 129.37.252.1 network-object host 12.64.41.2 network-object host 12.64.47.2 network-object host 12.64.169.2 network-object host 12.64.175.2 network-object host 12.65.89.2 network-object host 12.65.95.2 network-object host 12.65.185.2 network-object host 12.65.191.2 network-object host 12.65.233.2 network-object host 12.65.239.2 network-object host 12.65.240.2 object-group network ATTInternalUsers network-object host 209.87.76.60 network-object host 209.87.76.61 network-object host 209.87.76.62 object-group service ATTGigServices udp port-object eq isakmp port-object eq 4500 object-group network ATTInternalUsers_real network-object 10.64.4.176 255.255.255.255 network-object 10.64.4.66 255.255.255.255 network-object 10.94.8.74 255.255.255.255 access-list acl_out extended permit icmp any any access-list acl_out extended permit tcp any host 209.87.76.2 eq smtp access-list acl_out extended permit tcp any host 209.87.76.4 eq www access-list acl_out extended permit tcp any host 209.87.76.6 eq www access-list acl_out extended permit tcp any host 209.87.76.6 eq https access-list acl_out extended permit tcp any host 209.87.76.7 eq 4000 access-list acl_out extended permit udp any host 209.87.76.7 eq 4000 access-list acl_out extended permit tcp any host 209.87.76.8 eq www access-list acl_out extended permit tcp any host 209.87.76.8 eq 8080 access-list acl_out extended permit tcp any host 209.87.76.8 eq https access-list acl_out extended permit tcp 206.9.34.0 255.255.255.0 host 209.87.76.9 eq ssh access-list acl_out extended permit tcp 206.9.34.0 255.255.255.0 host 209.87.76.9 eq https access-list acl_out extended permit esp object-group ATTGigs object-group ATTInternalUsers access-list acl_out extended permit udp object-group ATTGigs object-group ATTInternalUsers object-group ATTGigServices access-list acl_out extended permit tcp host 32.97.115.146 object-group ATTInternalUsers eq 709 access-list 80 extended permit ip 10.94.8.0 255.255.255.0 172.16.1.0 255.255.255.0 access-list 80 extended permit ip 10.94.8.0 255.255.255.0 10.94.60.0 255.255.255.0 access-list 80 extended permit ip 10.200.0.0 255.255.0.0 10.94.60.0 255.255.255.0 access-list 80 extended permit ip 10.94.20.0 255.255.255.0 10.94.60.0 255.255.255.0 access-list 80 extended permit ip 10.94.30.0 255.255.255.0 10.94.60.0 255.255.255.0 access-list 80 extended permit ip 10.64.0.0 255.255.0.0 172.16.1.0 255.255.255.0 access-list 80 extended permit ip 10.94.20.0 255.255.255.0 172.16.1.0 255.255.255.0 access-list 80 extended permit ip 10.94.30.0 255.255.255.0 172.16.1.0 255.255.255.0 access-list 80 extended permit ip 10.94.50.0 255.255.255.0 172.16.1.0 255.255.255.0 access-list 100 extended permit ip 10.94.8.0 255.255.255.0 10.94.60.0 255.255.255.0 access-list 100 extended permit ip 10.200.0.0 255.255.0.0 10.94.60.0 255.255.255.0 access-list 100 extended permit ip 10.94.20.0 255.255.255.0 10.94.60.0 255.255.255.0 access-list 100 extended permit ip 10.94.30.0 255.255.255.0 10.94.60.0 255.255.255.0 pager lines 24 logging enable logging buffered errors logging trap debugging logging history errors logging asdm informational logging host inside 10.94.8.55 mtu outside 1500 mtu inside 1500 mtu management 1500 ip local pool dealer 172.16.1.1-172.16.1.254 ERROR: Command requires failover license ERROR: Command requires failover license asdm image disk0:/asdm504.bin no asdm history enable arp timeout 14400 global (outside) 1 209.87.76.20-209.87.76.59 netmask 255.255.255.192 global (outside) 1 209.87.76.5 netmask 255.255.255.192 nat (inside) 0 access-list 80 nat (inside) 1 0.0.0.0 0.0.0.0 static (inside,outside) 209.87.76.2 10.94.8.23 netmask 255.255.255.255 static (inside,outside) 209.87.76.6 10.94.8.26 netmask 255.255.255.255 static (inside,outside) 209.87.76.7 10.94.8.16 netmask 255.255.255.255 static (inside,outside) 209.87.76.4 10.94.8.21 netmask 255.255.255.255 dns static (inside,outside) 209.87.76.8 10.64.4.18 netmask 255.255.255.255 static (inside,outside) 209.87.76.9 10.94.8.6 netmask 255.255.255.255 static (inside,outside) 209.87.76.60 10.64.4.176 netmask 255.255.255.255 static (inside,outside) 209.87.76.61 10.64.4.66 netmask 255.255.255.255 static (inside,outside) 209.87.76.62 10.94.8.74 netmask 255.255.255.255 access-group acl_out in interface outside route outside 0.0.0.0 0.0.0.0 209.87.76.1 1 route inside 10.200.0.0 255.255.0.0 10.94.8.2 1 route inside 10.94.50.0 255.255.255.0 10.94.8.2 1 route inside 10.94.40.0 255.255.255.0 10.94.8.2 1 route inside 10.94.30.0 255.255.255.0 10.94.8.2 1 route inside 10.94.20.0 255.255.255.0 10.94.8.2 1 route inside 10.64.0.0 255.255.0.0 10.94.8.2 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute group-policy password internal group-policy password attributes vpn-idle-timeout 60 webvpn group-policy default-domain internal group-policy default-domain attributes vpn-idle-timeout 60 webvpn group-policy remote internal group-policy remote attributes wins-server value 10.94.8.3 dns-server value 216.175.203.50 216.175.203.59 vpn-idle-timeout 60 split-tunnel-policy tunnelspecified split-tunnel-network-list value 80 webvpn group-policy woods internal group-policy woods attributes vpn-idle-timeout 60 split-tunnel-policy tunnelspecified split-tunnel-network-list value 80 webvpn group-policy contractor internal group-policy contractor attributes vpn-idle-timeout 60 split-tunnel-policy tunnelspecified split-tunnel-network-list value 80 webvpn username rrosario password i46YIsnDdY3lSvkR encrypted username csapia password E4hvWdRdg.S9sM.I encrypted username cchmiel password 3PQyrzr0Hwv2tMIY encrypted username tdeangelis password cwOxCYCuBghlJoTj encrypted username jjarecki password 0Cw7tPz3jHReTpzT encrypted username schevalier password A9jWIMdds0uYfXMi encrypted username wwolfe password 0w0cbv9.5iVK5//G encrypted username mmclaughlin password OMjWaFYKWeM6cf4o encrypted username dtotura password QIqlg/Q1VVKfPX5E encrypted username srosen password JMgHj0SpnccTfaT5 encrypted username sburrows password pQtw17WtW4LXVJix encrypted username kjensen password BvZwdxFPG62tP7aW encrypted username wfsullivan password .yPIa.dsmOJ0w0sD encrypted username norcom password XdYPkLqcvTuyCE2t encrypted username pbrown password MlauJjdsIzol9NHN encrypted username ascinto password KRfgdJYEA7cPP7Ec encrypted username bpola password Nx1fDG.c3uk39aYf encrypted username pslavin password XkmQG9qHZqVV7w3V encrypted username babbott password ieuGK.6UG/3TTSMY encrypted username twojonoski password 09ymbhElAbL3Mx3G encrypted username nmerbaum password QRcoFzz3RJiEgjPd encrypted username cglinsky password lah.lWmkP8PcUfKq encrypted username lhoadley password GLC9i5S6vTwn5WCF encrypted username dprete password lDLFKghMoerDQRt9 encrypted username sgundavaram password oqcr/ezQjokuQgyf encrypted username swilliams password pHg.DTE87TSmxfh5 encrypted username cgrandell password V7bH6JDzoepwnxx0 encrypted username admin password r6Ma/otjMi7mpnRi encrypted username rwhitten password Z.moo4W9L/sEvKOw encrypted username svastano password xeSxVFNZmt4yNku9 encrypted username eperez password Z8ALdgh0qlIZ27yE encrypted username kmastanova password rdhBSj7NMu0ZXdkh encrypted username mkanner password BBr5JXtotzc77weF encrypted username druggiero password q/EqhGSb6aDvnPOO encrypted username drice password trDHFo6OWa1bAlnU encrypted username ebietsch password mBD28PZvpMPXqyHz encrypted username sdaigle password O/VT43w2nEr1diAQ encrypted username sdiamico password WQ75biA3V0K2b5vh encrypted username ctheodos password HhnsiLp6W2RLt/w3 encrypted username horizon password 33VwH45es86sWqOM encrypted username jbodyk password m.spB4.PNYW7QGvX encrypted username kchristian password FuyEZ6B2jaX5ykQk encrypted username cklubek password wllF.LLDETaEbf7G encrypted username jburn password tnJ8dXzvid8Eev6k encrypted username tlieser password x6X9fSdBQZAUcaXc encrypted username woods password 5VIfmI98U2wGUGVH encrypted privilege 15 username tliskov password 4oMoLbHyntehVRmy encrypted username mtirado password IfKuD2qqcIxDiHIw encrypted username dmiller password J8jTedSKG5Rjg./P encrypted username jcsmith password kfPrsNGL4MVeIXZp encrypted username kbonitatebus password t0HJ9E0dFNaL5.YM encrypted username kbarthel password xMBFrSa0LxPevMmc encrypted username dmartin password VPNsA2uANVwTNscJ encrypted username mwood password 4hN2dM6igeK1zhsZ encrypted username mvarjas password /zsVm5SRrGweRK9/ encrypted username lgay password zpiO3Wa1iFSdRNzp encrypted username enicolas password 4B0wFFf3FggrJPmY encrypted username shenry password FfYSBQd1ZbxW7U/1 encrypted username fmilette password ZMhWiqAa4sQo12mx encrypted username ibmuser password G.wo274mJMwX.IcG encrypted username oshikhman password JaTEHITUyTEBpMS/ encrypted username jvelky password l9itpXaKIFsZouVe encrypted username vjarmoszko password ZMDYrfpgcDYjNBRJ encrypted username nschaffer password HkEVdvt4sUquJsUl encrypted username disconnect password aJbCNyfE1EkDud4m encrypted privilege 15 username pmarkel password thZS2SlJL1WyIQnl encrypted username jdoran password PxE.RN7HfkeIxyg3 encrypted username cmcallister password a9bF/aKzB8bJ50o7 encrypted username jdavis password .iRdSmUS9OmNoCiB encrypted username msartor password ve17CERGSnKzOVqc encrypted username mchudwick password zr3i1ABejVl2MJxW encrypted username smasciangioli password dSqsrh57ubgwqBUD encrypted username smott password dUVysIwIdmWgI.Q5 encrypted username ktabak password RVaglm3fR8GmiJhh encrypted username rmoscater password tCdZ5rlh6VsXlpoG encrypted http server enable http 65.115.10.0 255.255.255.0 outside http 10.94.8.0 255.255.255.0 inside http 172.16.1.0 255.255.255.0 inside http 192.168.1.0 255.255.255.0 management no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart sysopt noproxyarp inside crypto ipsec transform-set 3des esp-3des esp-md5-hmac crypto dynamic-map cisco 4 set transform-set 3des crypto map tunnel 10 match address 100 crypto map tunnel 10 set peer 24.151.5.59 crypto map tunnel 10 set transform-set 3des crypto map tunnel 65000 ipsec-isakmp dynamic cisco crypto map tunnel interface outside isakmp identity address isakmp enable outside isakmp policy 10 authentication pre-share isakmp policy 10 encryption 3des isakmp policy 10 hash md5 isakmp policy 10 group 2 isakmp policy 10 lifetime 86400 tunnel-group 24.151.5.59 type ipsec-l2l tunnel-group 24.151.5.59 ipsec-attributes pre-shared-key * tunnel-group default-domain type ipsec-ra tunnel-group default-domain general-attributes default-group-policy default-domain tunnel-group password type ipsec-ra tunnel-group password general-attributes default-group-policy password tunnel-group remote type ipsec-ra tunnel-group remote general-attributes address-pool dealer default-group-policy remote tunnel-group remote ipsec-attributes pre-shared-key * tunnel-group woods type ipsec-ra tunnel-group woods general-attributes address-pool dealer default-group-policy woods tunnel-group woods ipsec-attributes pre-shared-key * tunnel-group contractor type ipsec-ra tunnel-group contractor general-attributes address-pool dealer default-group-policy contractor tunnel-group contractor ipsec-attributes pre-shared-key * telnet 10.94.0.0 255.255.0.0 inside telnet 172.16.1.0 255.255.255.0 inside telnet timeout 5 ssh 0.0.0.0 0.0.0.0 outside ssh timeout 5 console timeout 0 dhcpd address 192.168.1.2-192.168.1.254 management dhcpd lease 3600 dhcpd ping_timeout 50 dhcpd enable management ! class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class inspection_default inspect ftp inspect http inspect h323 h225 inspect h323 ras inspect ils inspect rsh inspect sqlnet inspect skinny inspect sip ! service-policy global_policy global Cryptochecksum:a200721aa57dec72af34c29096945af7 : end VNS-ASA# VNS-ASA# VNS-ASA# VNS-ASA# VNS-ASA# VNS-ASA# VNS-ASA# VNS-ASA# VNS-ASA# VNS-ASA# VNS-ASA# sho route S 0.0.0.0 0.0.0.0 [1/0] via 209.87.76.1, outside S 10.64.0.0 255.255.0.0 [1/0] via 10.94.8.2, inside C 10.94.8.0 255.255.255.0 is directly connected, inside S 10.94.20.0 255.255.255.0 [1/0] via 10.94.8.2, inside S 10.94.30.0 255.255.255.0 [1/0] via 10.94.8.2, inside S 10.94.40.0 255.255.255.0 [1/0] via 10.94.8.2, inside S 10.94.50.0 255.255.255.0 [1/0] via 10.94.8.2, inside S 10.200.0.0 255.255.0.0 [1/0] via 10.94.8.2, inside S 172.16.1.117 255.255.255.255 [1/0] via 209.87.76.1, outside S 172.16.1.118 255.255.255.255 [1/0] via 209.87.76.1, outside C 209.87.76.0 255.255.255.192 is directly connected, outside VNS-ASA# VNS-ASA# VNS-ASA#