PIX Version 7.2(3) ! terminal width 511 hostname r-fw-internet domain-name sw.org names dns-guard ! interface GigabitEthernet0 description DMZ nameif dmz security-level 50 ip address 205.203.54.10 255.255.255.0 standby 205.203.54.252 ! interface GigabitEthernet1 description LAN/STATE Failover Interface ! interface Ethernet0 speed 100 duplex full nameif inside security-level 100 ip address 205.203.57.10 255.255.255.0 standby 205.203.57.100 ! interface Ethernet1 speed 100 duplex full nameif outside security-level 0 ip address 205.203.58.120 255.255.255.0 standby 205.203.58.121 ! boot system flash:/pix723.bin ftp mode passive clock timezone CST -6 clock summer-time CDT recurring dns server-group DefaultDNS domain-name sw.org same-security-traffic permit intra-interface object-group network Alaris-IV-Pumps-Internal network-object host 10.130.58.202 network-object host 10.130.58.201 object-group network Cisco-VPN-Internal network-object host 10.11.199.80 network-object host 10.11.199.85 network-object host 10.11.199.86 network-object host 10.11.199.87 network-object 10.22.168.0 255.255.248.0 network-object host 10.22.92.13 network-object host 10.52.199.129 network-object host 10.53.199.36 network-object host 10.53.199.93 network-object host 10.53.199.150 network-object host 10.70.199.122 network-object host 10.71.199.79 network-object host 10.75.199.21 network-object host 10.75.199.133 network-object host 10.75.199.134 network-object host 10.75.199.135 network-object host 10.75.199.136 network-object host 10.75.199.137 network-object host 10.75.199.221 network-object 10.80.0.0 255.255.0.0 network-object host 10.83.199.66 network-object host 10.85.199.54 network-object host 10.85.199.55 network-object host 10.85.199.56 network-object host 10.85.199.57 network-object host 10.85.199.58 network-object host 10.85.199.59 network-object host 10.90.19.21 network-object host 10.90.200.9 network-object host 10.90.203.23 network-object host 10.90.4.24 network-object host 10.90.4.81 network-object host 10.90.8.37 network-object host 10.90.8.38 network-object host 10.91.199.107 network-object host 10.91.199.15 network-object host 10.91.200.19 network-object host 10.92.199.100 network-object host 10.92.199.129 network-object host 10.92.199.163 network-object host 10.92.199.164 network-object host 10.92.199.173 network-object host 10.92.199.95 network-object host 10.92.199.96 network-object host 10.92.199.98 network-object host 10.92.199.99 network-object host 10.93.199.100 network-object host 10.93.199.101 network-object host 10.93.199.115 network-object host 10.93.199.116 network-object host 10.93.199.117 network-object host 10.93.199.118 network-object host 10.93.199.119 network-object host 10.93.199.120 network-object host 10.93.199.121 network-object host 10.93.199.122 network-object host 10.93.199.123 network-object host 10.93.199.124 network-object host 10.93.199.125 network-object host 10.93.199.126 network-object host 10.93.199.127 network-object host 10.93.199.128 network-object host 10.93.199.129 network-object host 10.93.199.130 network-object host 10.93.199.51 network-object host 10.93.199.96 network-object host 10.94.199.105 network-object host 10.94.199.106 network-object host 10.94.199.107 network-object host 10.94.199.108 network-object host 10.94.199.109 network-object host 10.94.199.110 network-object host 10.94.199.111 network-object host 10.94.199.112 network-object host 10.94.199.113 network-object host 10.94.199.114 network-object host 10.94.199.115 network-object host 10.94.199.116 network-object host 10.94.199.117 network-object host 10.94.199.118 network-object host 10.94.199.119 network-object host 10.94.199.120 network-object host 10.94.199.121 network-object host 10.94.199.122 network-object host 10.94.199.132 network-object host 10.94.199.134 network-object host 10.94.199.30 network-object host 10.94.199.31 network-object host 10.95.198.111 network-object host 10.95.198.112 network-object host 10.95.198.121 network-object host 10.95.198.123 network-object host 10.95.198.125 network-object host 10.95.198.128 network-object host 10.95.198.130 network-object host 10.95.198.134 network-object host 10.95.198.137 network-object host 10.95.198.173 network-object host 10.95.198.176 network-object host 10.95.198.186 network-object host 10.95.198.189 network-object host 10.95.198.213 network-object host 10.95.199.139 network-object host 10.95.199.140 network-object host 10.96.199.37 network-object host 10.98.199.109 network-object host 10.98.199.111 network-object 10.100.13.0 255.255.255.0 network-object host 10.100.15.48 network-object 10.100.32.0 255.255.248.0 network-object host 10.100.38.216 network-object 10.100.40.0 255.255.248.0 network-object 10.100.48.0 255.255.248.0 network-object host 10.100.110.62 network-object host 10.107.199.103 network-object host 10.151.100.20 network-object host 10.151.100.21 network-object host 10.151.100.22 network-object host 10.151.100.23 network-object host 10.151.100.42 network-object host 10.92.199.97 network-object 10.100.112.0 255.255.248.0 network-object host 10.75.199.142 network-object host 10.93.199.151 network-object host 10.92.199.196 network-object host 10.92.199.197 network-object host 10.92.199.198 network-object host 10.92.199.199 network-object host 10.92.199.200 network-object host 10.92.199.201 network-object host 10.92.199.202 network-object host 10.92.199.203 network-object host 10.92.199.204 network-object host 10.92.199.205 network-object host 10.33.199.100 network-object host 10.33.199.96 network-object host 10.33.199.97 network-object host 10.33.199.98 network-object host 10.33.199.99 network-object host 10.92.199.222 object-group network CMS-SFTP-Internal network-object host 10.11.199.80 network-object host 10.11.199.81 network-object host 10.11.199.82 network-object host 10.130.25.63 object-group network CT-State-Uni network-object host 10.11.199.95 network-object host 10.93.199.50 object-group network DSHS-FTP-Internal network-object host 10.93.199.40 network-object host 10.93.199.80 network-object host 10.130.25.67 network-object host 10.130.25.166 network-object host 10.130.30.21 object-group network Lacerte-Internal network-object host 10.33.199.51 network-object host 10.33.199.56 object-group network LotusNotes-Internal network-object host 10.11.199.133 network-object 10.95.0.0 255.255.0.0 object-group network Mailscanner-Mgmt-Internal network-object host 10.92.199.160 network-object host 10.92.199.161 network-object host 10.92.199.165 network-object host 10.199.197.20 network-object host 10.92.199.207 object-group network MDHawkeye-SFTP-Internal network-object host 10.95.198.100 network-object host 10.95.198.218 network-object host 10.95.195.220 object-group network Podfiness-Internal network-object host 10.48.199.131 network-object host 10.48.199.132 object-group network PWCooper-VPN-Internal network-object host 10.31.199.54 network-object host 10.31.199.55 network-object host 10.31.199.56 network-object host 10.31.199.57 network-object host 10.31.199.58 network-object host 10.31.199.59 network-object host 10.85.199.54 network-object host 10.85.199.55 network-object host 10.85.199.56 network-object host 10.85.199.57 network-object host 10.85.199.58 network-object host 10.85.199.59 object-group network Quadax-Internal network-object host 10.51.199.121 network-object host 10.130.30.140 network-object host 10.130.30.141 network-object host 10.130.45.20 network-object host 10.130.45.21 network-object host 10.130.47.44 object-group network RX-Morris-Dixon-Internal network-object host 10.70.130.50 network-object host 10.70.199.74 network-object host 10.70.199.143 network-object host 10.80.199.71 network-object host 10.80.199.130 object-group network SecureLogix-Internal network-object host 10.70.199.122 network-object host 10.70.199.123 network-object host 10.70.199.150 network-object host 10.70.199.151 network-object host 10.70.199.152 network-object host 10.70.199.153 network-object host 10.70.199.154 network-object host 10.70.199.155 network-object host 10.70.199.167 network-object host 10.70.199.164 network-object host 10.80.199.173 object-group network SFTP-Availity-Internal network-object host 10.11.199.81 network-object host 10.11.199.82 object-group network SFTP-TAMU-Internal network-object host 10.11.199.81 network-object host 10.11.199.82 object-group network SNMP-Internal network-object host 10.2.202.22 network-object host 10.2.202.23 network-object host 10.2.240.23 object-group network VendorFMG-VPN-Internal network-object host 10.90.4.48 network-object host 10.92.199.163 object-group network SSN-Servers-DMZ network-object host 205.203.54.20 network-object host 205.203.54.30 object-group network Mirage-DMZ network-object host 205.203.54.30 network-object host 206.203.54.31 network-object host 207.203.54.32 network-object host 208.203.54.33 object-group network Alaris-IV-Pumps-External network-object host 204.193.55.14 network-object host 12.46.196.244 object-group network Blackberry-SRP-External network-object 193.109.81.0 255.255.255.0 network-object 204.187.87.0 255.255.255.0 network-object 206.51.26.0 255.255.255.0 network-object 206.53.144.0 255.255.255.0 network-object 216.9.240.0 255.255.255.0 object-group network Cardinal-Health-External network-object host 12.20.127.132 network-object host 12.20.127.133 network-object host 12.20.127.144 network-object host 12.20.127.145 network-object host 12.20.127.176 network-object host 12.20.127.177 network-object host 12.20.127.194 network-object host 12.20.127.195 object-group network Cisco-VPN-External network-object host 12.146.131.51 network-object host 12.146.131.52 network-object host 12.147.96.14 network-object host 12.147.96.15 network-object host 12.195.71.20 network-object host 12.23.243.242 network-object host 12.23.243.243 network-object host 24.243.186.241 network-object host 38.115.189.4 network-object host 63.108.38.222 network-object host 63.148.20.12 network-object host 63.148.20.30 network-object host 64.46.248.69 network-object host 64.46.248.70 network-object host 64.46.248.71 network-object host 65.196.141.162 network-object host 65.197.28.133 network-object host 65.202.88.4 network-object host 67.67.201.246 network-object host 67.132.145.10 network-object host 69.2.246.242 network-object host 129.187.254.28 network-object host 152.130.32.50 network-object host 152.131.32.50 network-object host 152.132.32.50 network-object host 152.132.32.53 network-object host 152.132.32.54 network-object host 152.133.32.50 network-object host 157.226.120.13 network-object host 161.195.66.3 network-object host 192.154.91.10 network-object host 192.154.91.9 network-object host 192.58.204.20 network-object host 198.169.188.167 network-object host 198.169.188.168 network-object host 198.169.188.169 network-object host 198.169.188.173 network-object host 198.169.188.174 network-object host 198.169.188.175 network-object host 198.169.189.167 network-object host 198.169.189.173 network-object host 198.169.189.174 network-object host 198.169.189.175 network-object host 199.0.53.21 network-object host 205.205.16.194 network-object host 206.41.49.5 network-object host 207.200.28.196 network-object host 209.142.166.50 network-object host 213.206.148.170 network-object host 216.110.87.98 network-object host 152.132.31.58 network-object host 152.131.32.54 network-object host 64.46.248.75 network-object host 64.46.248.73 network-object host 12.156.189.20 network-object host 208.255.161.20 object-group network CMS-SFTP-External network-object host 12.34.26.31 network-object host 63.77.3.4 network-object host 63.77.3.64 object-group network DNS-Made-Easy-External network-object host 63.219.151.3 network-object host 205.234.154.1 network-object host 66.117.40.198 network-object host 216.129.109.1 network-object host 205.234.170.165 object-group network Ernst-and-Young-External network-object 63.209.254.0 255.255.255.0 network-object 194.196.95.0 255.255.255.0 network-object 198.182.235.0 255.255.255.0 network-object 199.49.39.0 255.255.255.0 network-object 202.95.80.0 255.255.255.0 network-object 207.244.116.0 255.255.255.0 network-object 207.244.117.0 255.255.255.0 object-group network Five9-External network-object host 72.5.65.53 network-object host 72.5.65.58 object-group network GoldenHour-External network-object 12.147.3.32 255.255.255.240 network-object 66.185.162.112 255.255.255.240 object-group network IBM-Update-Internal network-object host 10.91.199.56 network-object host 10.91.199.57 network-object host 10.91.199.60 network-object host 10.91.199.61 network-object host 10.91.199.63 network-object host 10.91.199.64 network-object host 10.91.199.67 network-object host 10.91.199.91 object-group network Lacerte-External network-object host 198.31.208.130 network-object host 198.31.208.131 network-object host 198.31.208.132 network-object host 198.31.208.133 network-object host 198.31.208.134 network-object host 198.31.208.135 network-object host 198.31.208.136 network-object host 198.31.208.137 network-object host 198.31.208.138 network-object host 198.31.208.139 network-object host 198.31.208.140 network-object host 198.31.208.141 network-object host 198.31.208.142 network-object host 198.31.208.143 network-object host 198.31.208.144 network-object host 198.31.208.145 object-group network LotusNotes-External network-object host 64.46.194.73 network-object host 66.210.240.218 object-group network Mailscanner-External network-object host 205.203.58.12 network-object host 205.203.58.15 object-group network Mailscanner-Relay-External network-object 205.203.34.0 255.255.255.0 network-object host 205.203.58.12 network-object host 205.203.58.15 object-group network Network-Services-Team-Internal network-object host 10.24.0.1 network-object host 10.24.0.2 network-object host 10.24.0.3 network-object host 10.24.0.4 network-object host 10.24.0.5 network-object host 10.24.0.6 network-object host 10.24.0.7 network-object host 10.24.0.8 network-object host 10.24.0.9 network-object host 10.24.0.10 network-object host 10.24.0.11 network-object host 10.24.0.12 network-object host 10.92.199.176 object-group network NextTech-External network-object host 64.47.84.106 network-object host 64.48.85.98 network-object host 64.47.102.98 network-object host 64.47.102.100 object-group network Optek-Online-External network-object host 24.73.201.154 network-object host 69.7.189.200 object-group network ParaStar-External network-object host 166.159.224.145 network-object host 166.159.224.146 network-object host 166.159.224.147 network-object host 166.159.224.148 network-object host 166.159.224.149 network-object host 166.159.224.150 network-object host 166.159.224.151 network-object host 166.159.224.152 network-object host 166.159.224.153 network-object host 166.159.224.154 network-object host 166.159.224.155 network-object host 166.159.224.156 network-object host 166.159.224.157 network-object host 166.159.224.158 object-group network Port-81-External network-object host 65.66.251.139 network-object host 66.139.208.42 network-object host 70.241.46.50 network-object host 149.152.10.182 network-object host 206.188.5.60 object-group network PsoftWeb-7500-External network-object host 216.35.113.22 network-object host 216.35.113.49 object-group network Radius-External network-object host 205.203.58.253 object-group network ReWeb-External network-object 216.235.200.0 255.255.255.0 network-object 216.235.201.0 255.255.255.0 network-object host 205.203.58.254 object-group network SFTP-Availity-External network-object host 66.45.30.103 network-object host 205.216.7.16 object-group network SFTP-TAMU-External network-object host 128.194.82.38 network-object host 128.194.92.20 object-group network Siemens-EIM network-object host 64.46.193.104 network-object host 64.46.193.105 object-group network Siemens-Medical-Academy-External network-object host 64.46.192.15 network-object host 64.46.192.30 object-group network SNMP-External network-object host 205.203.58.249 network-object host 205.203.58.251 network-object host 205.203.58.252 network-object host 205.203.58.253 network-object host 208.189.126.253 object-group network SW-Networks-Internal network-object 10.0.0.0 255.0.0.0 network-object 205.203.32.0 255.255.224.0 network-object 172.16.0.0 255.240.0.0 network-object 192.168.0.0 255.255.0.0 object-group network TAMHSC-LDAP-External network-object host 209.21.116.11 network-object host 209.21.116.12 object-group network TAMU-Library-External network-object host 128.194.103.98 network-object host 128.194.103.99 network-object host 128.194.103.100 network-object host 128.194.103.206 network-object host 165.91.22.100 network-object host 165.91.22.101 network-object host 165.91.22.102 network-object host 165.91.22.117 network-object host 165.91.22.118 network-object host 165.91.22.119 network-object host 165.91.22.228 network-object host 165.91.220.164 object-group network TAMU-Library-EZProxy-External network-object host 165.91.22.118 network-object host 165.91.253.39 object-group network VendorFMG-VPN-External network-object host 12.47.96.14 network-object host 207.200.28.196 network-object host 68.88.222.51 object-group service Cisco-VPN-TCP-Ports tcp port-object range 50 51 port-object eq 57 port-object eq 500 port-object eq 5051 port-object eq 9500 port-object eq 10000 object-group service Cisco-VPN-UDP-Ports udp port-object eq isakmp port-object eq 4500 port-object range 10000 10001 object-group service CMS-SFTP-Ports tcp port-object eq 10022 port-object eq 3443 object-group service DSHS-FTP-Ports tcp port-object eq 1423 port-object range 5000 5010 object-group service Five9-Ports tcp port-object range 1098 1099 port-object eq 8880 object-group service GoldenHour-Ports tcp port-object eq 56382 object-group service HCC-Ports tcp port-object eq www port-object eq 7001 port-object eq 12054 port-object range 10001 10003 port-object eq 5721 object-group service Lacerte-Ports tcp port-object eq 10010 port-object eq 10020 port-object eq 10030 port-object eq 10040 port-object eq 10050 port-object eq 10051 port-object eq 10052 port-object eq 10060 port-object eq 10070 port-object eq 10099 object-group service Mailscanner-Ports tcp port-object eq 3389 port-object eq 8447 object-group service MDHawkeye-SFTP-Ports tcp port-object eq 990 port-object range 1025 1075 object-group service NextTech-Ports tcp port-object eq 5500 port-object eq 11988 object-group service ParaStar-TCP-Ports tcp port-object eq www port-object eq 8080 port-object eq 8151 port-object eq 8159 port-object eq 8160 port-object eq 8161 object-group service ParaStar-UDP-Ports udp port-object eq 8162 port-object range 8163 8191 object-group service Quadax-Ports tcp port-object eq 990 port-object range 5000 5025 object-group service RealAudio-TCP-Ports tcp port-object eq 7070 port-object eq 8081 object-group service RX-Morris-Dixon-Ports tcp port-object eq 4000 port-object eq 4150 object-group service SecureLogix-Ports tcp port-object range 32213 32218 port-object eq 32299 port-object eq 32298 object-group service SFTP-TAMU-Ports tcp port-object eq 990 port-object range 50000 50100 object-group service Siemens-EIM-Ports tcp port-object eq 5101 port-object eq 9030 object-group service TAMU-Library-Ports tcp port-object eq 7610 port-object eq 7620 port-object eq 7630 port-object eq 7640 port-object eq 7650 port-object eq 7685 port-object eq 8020 port-object eq 8331 object-group service TAMU-Library-EZProxy-Ports tcp port-object eq 2048 port-object eq 9443 object-group service TSM-Ports tcp port-object range 1500 1502 port-object eq 1581 port-object eq 1801 object-group service VendorFMG-VPN-Ports tcp port-object eq pptp port-object eq 47 object-group service Veritas-Backup-Ports tcp port-object eq 13724 port-object eq 13782 object-group service VYEW-WebPrint-Ports tcp port-object eq 9100 port-object eq 9102 object-group service WebMD-Ports tcp port-object eq 6881 port-object eq 9050 object-group service www-ports tcp port-object eq www port-object eq https port-object eq 8000 port-object eq 8001 port-object eq 8080 port-object eq 8081 object-group network CPA-Star-Internal network-object host 10.48.199.114 network-object host 10.48.199.128 object-group network Avaya-Hosts-Internal network-object host 10.70.199.164 network-object host 10.70.199.165 network-object host 10.70.199.166 network-object host 10.70.199.168 network-object host 10.80.199.173 object-group network Avaya-Hosts-External network-object host 198.152.220.251 network-object host 198.152.222.251 object-group network Optek-Online-Internal network-object 10.49.0.0 255.255.0.0 network-object 10.52.0.0 255.255.0.0 object-group network VYEW-WebPrint-External network-object host 209.21.91.131 network-object host 209.21.91.132 network-object host 209.21.91.135 object-group network Blackbaud-RDP-Internal network-object host 10.130.25.62 network-object host 10.199.197.20 object-group network HCC-Pharmacy-External network-object 208.237.158.0 255.255.255.0 object-group service TeleCheck tcp port-object range 999 999 object-group network TeleCheck-External network-object 208.80.28.0 255.255.255.224 network-object 208.80.29.32 255.255.255.240 network-object 64.179.43.64 255.255.255.224 object-group network TeleCheck-HMO-Internal network-object host 10.100.22.52 network-object host 10.12.199.161 network-object host 10.12.199.162 network-object host 10.100.118.153 network-object host 10.100.26.54 object-group network GoToMeeting-Internal description To allow GoToMeeting Citrix Application network-object host 10.49.199.141 object-group service Go-to-Meeting tcp port-object eq 8200 object-group service SFTP-Healthplan tcp description TCP port group for the SFTP HealthPlan server port-object eq https port-object eq netbios-ssn object-group service SFTP-healthPlan-UDP udp description UDP ports for SFTP-healthPlan port-object range netbios-ns netbios-dgm port-object eq 445 object-group network ePo-server description Macfee ePo server at Scott & White network-object host 10.130.25.145 object-group network myavert-avertlabs-com description Avert labs for ePO Server network-object host 205.227.136.116 network-object host 67.97.80.84 object-group network SW-DNS-Servers description Scott & White DNS Servers network-object host 10.2.202.21 access-list inside_access_in remark Temp demo - MKramer Delete 7/11/8 after 4:00 PM access-list inside_access_in extended permit tcp host 10.49.203.163 host 71.41.74.188 eq 3389 access-list inside_access_in remark DMZ Blackbaud RDP access-list inside_access_in extended permit tcp object-group Blackbaud-RDP-Internal host 205.203.54.50 eq 3389 access-list inside_access_in remark DMZ Blackbaud SNMP access-list inside_access_in extended permit udp host 10.130.25.62 host 205.203.54.50 eq snmp access-list inside_access_in remark DMZ FTP access-list inside_access_in extended permit tcp any 205.203.54.0 255.255.255.0 eq ftp access-list inside_access_in remark DMZ MatCat RDP access-list inside_access_in extended permit tcp host 10.199.197.20 host 205.203.54.40 eq 3389 access-list inside_access_in remark DMZ Health Plan SFTP RDP access-list inside_access_in extended permit tcp host 10.199.197.20 host 205.203.54.22 eq 3389 access-list inside_access_in remark DMZ Health Plan SFTP RDP access-list inside_access_in extended permit tcp host 10.10.14.157 host 205.203.54.22 eq 3389 access-list inside_access_in remark DMZ Health Plan SFTP Ports 139, 445 access-list inside_access_in extended permit tcp host 10.10.14.157 host 205.203.54.22 object-group SFTP-Healthplan access-list inside_access_in remark DMZ Health Plan SFTP UDP ports 137, 138 & 445 access-list inside_access_in extended permit udp host 10.10.14.157 host 205.203.54.22 object-group SFTP-healthPlan-UDP access-list inside_access_in remark DMZ Ping access-list inside_access_in extended permit icmp any 205.203.54.0 255.255.255.0 echo access-list inside_access_in remark DMZ Ping access-list inside_access_in extended permit icmp any 205.203.54.0 255.255.255.0 echo-reply access-list inside_access_in remark DMZ Telnet access-list inside_access_in extended permit tcp any 205.203.54.0 255.255.255.0 eq telnet access-list inside_access_in remark DMZ Veritas Backup access-list inside_access_in extended permit tcp host 10.130.34.20 host 205.203.54.20 object-group Veritas-Backup-Ports access-list inside_access_in remark DMZ WWW access-list inside_access_in extended permit tcp any 205.203.54.0 255.255.255.0 eq www access-list inside_access_in remark DMZ WWW Admin access-list inside_access_in extended permit tcp any object-group SSN-Servers-DMZ eq 8081 access-list inside_access_in remark Alaris IV Pumps access-list inside_access_in extended permit tcp object-group Alaris-IV-Pumps-Internal object-group Alaris-IV-Pumps-External eq 5600 access-list inside_access_in remark Aramark VPN access-list inside_access_in extended permit tcp host 10.94.199.134 host 161.195.66.3 eq 264 access-list inside_access_in extended permit tcp any any eq ftp log interval 10 access-list inside_access_in extended permit udp host 10.94.199.134 host 161.195.66.3 eq 2746 access-list inside_access_in remark AVAYA access-list inside_access_in extended permit tcp object-group Avaya-Hosts-Internal object-group Avaya-Hosts-External eq 11000 access-list inside_access_in remark Blackberry-SRP access-list inside_access_in extended permit tcp host 10.130.24.50 object-group Blackberry-SRP-External eq 3101 access-list inside_access_in remark Cardinal Health access-list inside_access_in extended permit tcp any object-group Cardinal-Health-External eq 4080 access-list inside_access_in remark Pharmedium access-list inside_access_in extended permit tcp any host 12.32.80.84 eq 4080 access-list inside_access_in remark Cisco VPN access-list inside_access_in extended permit tcp object-group Cisco-VPN-Internal object-group Cisco-VPN-External object-group Cisco-VPN-TCP-Ports access-list inside_access_in extended permit udp object-group Cisco-VPN-Internal object-group Cisco-VPN-External object-group Cisco-VPN-UDP-Ports access-list inside_access_in remark CMS FTP access-list inside_access_in extended permit tcp host 10.95.198.226 host 64.14.243.108 eq 21234 access-list inside_access_in remark CMS SFTP access-list inside_access_in extended permit tcp object-group CMS-SFTP-Internal object-group CMS-SFTP-External object-group CMS-SFTP-Ports access-list inside_access_in remark CPA Star access-list inside_access_in extended permit tcp object-group CPA-Star-Internal host 204.64.105.67 eq 8765 access-list inside_access_in remark Port 81 access-list inside_access_in extended permit tcp any object-group Port-81-External eq 81 access-list inside_access_in remark CT State University Subscription access-list inside_access_in extended permit tcp object-group CT-State-Uni host 149.152.10.178 eq 10444 access-list inside_access_in remark DNS Made Easy access-list inside_access_in extended permit tcp object-group Network-Services-Team-Internal object-group DNS-Made-Easy-External eq domain access-list inside_access_in extended permit udp object-group Network-Services-Team-Internal object-group DNS-Made-Easy-External eq domain access-list inside_access_in remark Death Certificates access-list inside_access_in extended permit tcp any host 160.42.180.9 eq 8443 access-list inside_access_in remark IBM-Update access-list inside_access_in extended permit tcp object-group IBM-Update-Internal host 207.25.253.19 eq 7168 inactive access-list inside_access_in remark Kaptest access-list inside_access_in extended permit tcp host 10.80.199.83 host 206.17.132.30 eq 7755 access-list inside_access_in remark Lacerte access-list inside_access_in extended permit tcp object-group Lacerte-Internal object-group Lacerte-External object-group Lacerte-Ports access-list inside_access_in remark LifeWatch access-list inside_access_in extended permit tcp host 10.100.54.160 host 12.159.228.50 range 20023 20024 access-list inside_access_in remark LotusNotes access-list inside_access_in extended permit tcp object-group LotusNotes-Internal object-group LotusNotes-External eq lotusnotes inactive access-list inside_access_in remark Mailscanner access-list inside_access_in extended permit tcp object-group Mailscanner-Mgmt-Internal object-group Mailscanner-External object-group Mailscanner-Ports access-list inside_access_in remark Mayo.edu Website access-list inside_access_in extended permit tcp any host 129.176.209.102 eq 3800 access-list inside_access_in remark McKesson access-list inside_access_in extended permit tcp host 10.70.199.149 host 143.112.128.164 eq 8010 access-list inside_access_in remark MDHawkeye SFTP access-list inside_access_in extended permit tcp object-group MDHawkeye-SFTP-Internal host 206.229.192.12 object-group MDHawkeye-SFTP-Ports access-list inside_access_in remark Misc Port 9000 access-list inside_access_in extended permit tcp any any eq 9000 access-list inside_access_in remark NetworkGeneral SEA access-list inside_access_in extended permit tcp host 10.2.201.50 host 63.194.187.185 eq 8443 access-list inside_access_in remark NextTech access-list inside_access_in extended permit tcp host 10.130.58.44 object-group NextTech-External object-group NextTech-Ports inactive access-list inside_access_in remark nist.time.gov access-list inside_access_in extended permit tcp any host 132.163.4.213 eq 8013 access-list inside_access_in remark NNTP access-list inside_access_in extended permit tcp any any eq nntp access-list inside_access_in remark Optek Online access-list inside_access_in extended permit tcp object-group Optek-Online-Internal object-group Optek-Online-External eq 85 access-list inside_access_in extended permit icmp any any echo access-list inside_access_in extended permit tcp any any eq pop3 access-list inside_access_in remark POP Mail access-list inside_access_in remark Momentum Software PPTP VPN access-list inside_access_in extended permit tcp any host 207.200.28.196 eq 1273 access-list inside_access_in remark PWCooper VPN access-list inside_access_in extended permit tcp object-group PWCooper-VPN-Internal host 155.201.18.20 eq 11160 access-list inside_access_in remark Quadax access-list inside_access_in extended permit tcp object-group Quadax-Internal host 68.250.213.160 object-group Quadax-Ports access-list inside_access_in remark RealAudio access-list inside_access_in extended permit udp any any eq 554 access-list inside_access_in extended permit tcp any any object-group RealAudio-TCP-Ports access-list inside_access_in remark ECSS access-list inside_access_in extended permit tcp host 10.33.199.57 host 206.227.220.30 eq 18004 access-list inside_access_in remark RX Morris Dixon access-list inside_access_in extended permit tcp object-group RX-Morris-Dixon-Internal host 216.45.216.89 object-group RX-Morris-Dixon-Ports access-list inside_access_in remark SecureLogix access-list inside_access_in extended permit tcp object-group SecureLogix-Internal host 66.162.215.85 object-group SecureLogix-Ports access-list inside_access_in remark SFTP Availity access-list inside_access_in extended permit tcp object-group SFTP-Availity-Internal object-group SFTP-Availity-External eq 9922 access-list inside_access_in remark SFTP TAMU access-list inside_access_in extended permit tcp object-group SFTP-TAMU-Internal object-group SFTP-TAMU-External object-group SFTP-TAMU-Ports access-list inside_access_in remark Siemens EIM access-list inside_access_in extended permit tcp any object-group Siemens-EIM object-group Siemens-EIM-Ports access-list inside_access_in remark Siemens Medical Academy access-list inside_access_in extended permit tcp any object-group Siemens-Medical-Academy-External eq 10001 access-list inside_access_in remark SMTP access-list inside_access_in extended permit tcp host 10.130.24.41 any eq smtp access-list inside_access_in remark SNMP access-list inside_access_in extended permit udp object-group SNMP-Internal object-group SNMP-External eq snmp access-list inside_access_in remark SNPP access-list inside_access_in extended permit tcp any any eq 444 access-list inside_access_in remark Allowing SW ePO server to contact Avertlabs server on port 8801 access-list inside_access_in extended permit tcp object-group ePo-server object-group myavert-avertlabs-com eq 8801 access-list inside_access_in remark SSH access-list inside_access_in extended permit tcp any any eq ssh access-list inside_access_in remark TAMHSC LDAP access-list inside_access_in extended permit tcp any object-group TAMHSC-LDAP-External eq ldap access-list inside_access_in remark TAMU Library access-list inside_access_in extended permit tcp any object-group TAMU-Library-External object-group TAMU-Library-Ports access-list inside_access_in remark TAMU Library EZProxy access-list inside_access_in extended permit tcp any object-group TAMU-Library-EZProxy-External object-group TAMU-Library-EZProxy-Ports access-list inside_access_in remark Telnet access-list inside_access_in extended permit tcp any any eq telnet access-list inside_access_in remark testbed.podfiness.com access-list inside_access_in extended permit tcp object-group Podfiness-Internal host 69.46.20.65 eq 8099 access-list inside_access_in remark TTU HSC access-list inside_access_in extended permit tcp any host 66.230.0.151 eq 8900 access-list inside_access_in remark UT Library EZProxy access-list inside_access_in extended permit tcp any host 128.83.63.96 eq 9003 access-list inside_access_in remark Vendor FMG VPN access-list inside_access_in extended permit tcp object-group VendorFMG-VPN-Internal object-group VendorFMG-VPN-External object-group VendorFMG-VPN-Ports access-list inside_access_in remark VYEW Web Print access-list inside_access_in extended permit tcp any object-group VYEW-WebPrint-External object-group VYEW-WebPrint-Ports access-list inside_access_in remark WebMD access-list inside_access_in extended permit tcp host 10.130.30.50 host 198.31.9.13 object-group WebMD-Ports access-list inside_access_in remark DSHS FTP IMMTRAC access-list inside_access_in extended permit tcp object-group DSHS-FTP-Internal host 160.42.203.7 object-group DSHS-FTP-Ports access-list inside_access_in remark TeleCheck access-list inside_access_in extended permit tcp object-group TeleCheck-HMO-Internal object-group TeleCheck-External object-group TeleCheck access-list inside_access_in remark Whois access-list inside_access_in extended permit tcp any any eq whois access-list inside_access_in extended permit tcp any any eq finger access-list inside_access_in extended permit udp any any eq 43 inactive access-list inside_access_in remark WinFrame Pharmacy access-list inside_access_in extended permit tcp any any eq citrix-ica access-list inside_access_in extended permit udp any any eq 1604 access-list inside_access_in remark Citrix Go to Meeting access-list inside_access_in extended permit tcp object-group GoToMeeting-Internal any object-group Go-to-Meeting access-list inside_access_in remark WWW access-list inside_access_in extended permit tcp any any object-group www-ports access-list inside_access_in remark HCC access-list inside_access_in extended permit tcp any object-group HCC-Pharmacy-External object-group HCC-Ports access-list inside_access_in remark Access to disted.marywood.edu for Food and Nutrition EMF 4378823 access-list inside_access_in extended permit tcp any host 192.159.104.9 eq 8900 access-list inside_access_in extended permit tcp host 10.91.203.9 host 205.203.54.5 eq 10042 access-list inside_access_in remark Deny All and log access-list inside_access_in extended deny ip any any access-list dmz_access_in extended permit icmp 205.203.54.0 255.255.255.0 object-group SW-Networks-Internal echo access-list dmz_access_in extended permit icmp 205.203.54.0 255.255.255.0 object-group SW-Networks-Internal echo-reply access-list dmz_access_in extended permit udp 205.203.54.0 255.255.255.0 host 10.2.202.21 eq domain access-list dmz_access_in extended permit tcp 205.203.54.0 255.255.255.0 host 10.130.24.41 eq smtp access-list dmz_access_in remark Blackbaud SQL access-list dmz_access_in extended permit tcp host 205.203.54.50 host 10.130.25.74 eq 1433 access-list dmz_access_in extended permit tcp host 205.203.54.50 any object-group www-ports access-list dmz_access_in remark Mirage access-list dmz_access_in extended permit tcp object-group Mirage-DMZ host 10.130.49.22 eq 51000 access-list dmz_access_in remark NTP access-list dmz_access_in extended permit udp 205.203.54.0 255.255.255.0 host 10.2.201.12 eq ntp access-list dmz_access_in remark TSM Backup access-list dmz_access_in extended permit tcp host 205.203.54.20 host 10.130.34.23 object-group TSM-Ports access-list dmz_access_in remark Veritas Backup access-list dmz_access_in extended permit tcp host 205.203.54.20 host 10.130.34.20 object-group Veritas-Backup-Ports inactive access-list dmz_access_in remark DMZ SFTP-Healthplan Transactions Push to ftp.availity.com (8.15.231.163) access-list dmz_access_in extended permit tcp host 205.203.54.22 host 8.15.231.163 eq 9922 access-list dmz_access_in remark DMZ Health Plan SFTP TCP ports 139, 445 access-list dmz_access_in extended permit tcp host 205.203.54.22 host 10.10.14.157 object-group SFTP-Healthplan access-list dmz_access_in extended permit tcp host 205.203.54.22 any eq www access-list dmz_access_in remark DMZ Health Plan SFTP UDP Ports 137, 138, 445 access-list dmz_access_in extended permit udp host 205.203.54.22 host 10.10.14.157 object-group SFTP-healthPlan-UDP access-list dmz_access_in remark DMZ Health Plan SFTP TCP Port 1433 ( SQL) access-list dmz_access_in extended permit tcp host 205.203.54.22 host 10.10.14.157 eq 1433 access-list dmz_access_in remark FTP access-list dmz_access_in extended permit tcp 205.203.54.0 255.255.255.0 any eq ftp access-list dmz_access_in remark Permit WWW to Internet access-list dmz_access_in extended permit tcp 205.203.54.0 255.255.255.0 any eq www access-list dmz_access_in extended permit tcp 205.203.54.0 255.255.255.0 any eq https access-list dmz_access_in extended permit tcp host 205.203.54.5 eq 10042 host 10.91.203.9 eq 10042 access-list dmz_access_in extended permit tcp host 205.203.54.5 eq 10045 host 10.91.203.9 eq 10045 access-list dmz_access_in extended permit udp host 205.203.54.5 eq 10045 host 10.91.203.9 eq 10045 access-list dmz_access_in remark Block FTP to SW Networks access-list dmz_access_in extended deny tcp 205.203.54.0 255.255.255.0 object-group SW-Networks-Internal eq ftp access-list dmz_access_in remark Block WWW to SW Networks access-list dmz_access_in extended deny tcp 205.203.54.0 255.255.255.0 object-group SW-Networks-Internal eq www access-list dmz_access_in extended deny tcp 205.203.54.0 255.255.255.0 object-group SW-Networks-Internal eq https access-list dmz_access_in remark Deny All and log access-list dmz_access_in extended deny ip any any log warnings access-list outside_access_in remark Allow Echo Replies access-list outside_access_in extended permit icmp any host 205.203.58.1 echo-reply access-list outside_access_in remark WWW access-list outside_access_in extended permit tcp any host 205.203.58.1 eq www access-list outside_access_in extended permit tcp any host 205.203.58.1 eq https access-list outside_access_in remark FTP access-list outside_access_in extended permit tcp any host 205.203.58.4 eq ftp access-list outside_access_in remark FTP access-list outside_access_in extended permit tcp any host 205.203.58.4 eq ftp-data inactive access-list outside_access_in remark Transaction from FTP.Avality.com to SFTP-healthplan access-list outside_access_in extended permit tcp host 8.15.231.163 host 205.203.54.22 eq 9922 access-list outside_access_in remark ReWeb access-list outside_access_in extended permit tcp object-group ReWeb-External host 205.203.58.9 eq www access-list outside_access_in extended permit tcp object-group ReWeb-External host 205.203.58.9 eq https access-list outside_access_in remark Metaframe access-list outside_access_in extended permit tcp any host 205.203.58.1 eq 1495 access-list outside_access_in remark Netmotion 1 access-list outside_access_in extended permit udp any host 205.203.58.1 eq 5008 access-list outside_access_in remark PsoftWeb access-list outside_access_in extended permit tcp object-group PsoftWeb-7500-External host 205.203.58.1 eq 7500 access-list outside_access_in remark Radius access-list outside_access_in extended permit udp object-group Radius-External host 205.203.58.1 range radius radius-acct access-list outside_access_in remark GWIA access-list outside_access_in extended permit tcp object-group Mailscanner-Relay-External host 205.203.58.2 eq smtp access-list outside_access_in remark Netmotion 2 access-list outside_access_in extended permit udp any host 205.203.58.2 eq 5008 access-list outside_access_in remark Radius ACS access-list outside_access_in extended permit udp host 208.189.126.253 host 205.203.58.2 range radius radius-acct inactive access-list outside_access_in remark LDAPs access-list outside_access_in extended permit tcp host 66.220.42.154 host 205.203.58.3 eq 63620 access-list outside_access_in remark WebMD access-list outside_access_in extended permit tcp host 198.31.9.13 host 205.203.58.3 eq 9050 access-list outside_access_in remark ParaStar access-list outside_access_in extended permit tcp object-group ParaStar-External host 205.203.58.10 object-group ParaStar-TCP-Ports access-list outside_access_in extended permit udp object-group ParaStar-External host 205.203.58.10 object-group ParaStar-UDP-Ports access-list outside_access_in remark PinPoint access-list outside_access_in extended permit tcp host 216.183.121.72 host 205.203.58.8 eq 63300 access-list outside_access_in remark Deny All and log access-list outside_access_in extended deny ip any any access-list policy-nat-inside-58-1 extended permit tcp host 10.130.49.22 any eq 1495 access-list policy-nat-inside-58-1 extended permit udp host 10.24.254.250 any eq 5008 access-list policy-nat-inside-58-1 extended permit tcp host 10.130.25.91 object-group PsoftWeb-7500-External eq 7500 access-list policy-nat-inside-58-1 extended permit udp host 10.2.201.22 object-group Radius-External range radius radius-acct access-list policy-nat-dmz-58-1 extended permit tcp host 205.203.54.20 any eq www access-list policy-nat-dmz-58-1 extended permit tcp host 205.203.54.20 any eq https access-list policy-nat-dmz-58-9 extended permit tcp host 205.203.54.50 object-group ReWeb-External eq www access-list policy-nat-dmz-58-9 extended permit tcp host 205.203.54.50 object-group ReWeb-External eq https access-list pnat-inside-58-10 extended permit ip host 10.130.25.102 object-group ParaStar-External access-list pnat-inside-58-8 extended permit ip host 10.130.25.102 host 216.183.121.72 access-list cap extended permit ip host 70.122.83.240 host 205.203.58.4 access-list cap extended permit ip host 205.203.58.4 host 70.122.83.240 access-list inside_nat0_outbound extended permit ip any 205.203.54.0 255.255.255.0 access-list dmz_nat0_outbound extended permit ip 205.203.54.0 255.255.255.0 205.203.54.0 255.255.255.0 access-list dmz_nat0_outbound extended permit ip any object-group SW-Networks-Internal no pager logging enable logging timestamp logging buffered warnings logging trap notifications logging asdm notifications logging device-id hostname logging host inside 205.203.57.1 logging host inside 10.2.201.225 logging permit-hostdown mtu dmz 1500 mtu inside 1500 mtu outside 1500 failover failover lan unit primary failover lan interface failover_link GigabitEthernet1 failover lan enable failover polltime unit 10 holdtime 30 failover replication http failover mac address Ethernet0 0090.2794.4a15 0090.2794.4a16 failover mac address Ethernet1 0090.2794.8421 0090.2794.8422 failover mac address GigabitEthernet0 0090.2794.4a18 0090.2794.4a19 failover link failover_link GigabitEthernet1 failover interface ip failover_link 1.1.1.1 255.255.255.252 standby 1.1.1.2 icmp unreachable rate-limit 1 burst-size 1 icmp permit any echo dmz icmp permit any time-exceeded dmz icmp permit any echo inside icmp permit any time-exceeded inside icmp permit any time-exceeded outside icmp permit any echo-reply outside asdm image flash:/asdm-523.bin no asdm history enable arp timeout 14400 nat-control global (outside) 1 205.203.58.1 netmask 255.255.255.0 nat (dmz) 0 access-list dmz_nat0_outbound nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 static (inside,outside) tcp 205.203.58.1 1495 10.130.49.22 1495 netmask 255.255.255.255 static (inside,outside) udp 205.203.58.1 5008 10.24.254.250 5008 netmask 255.255.255.255 static (inside,outside) tcp 205.203.58.1 7500 10.130.25.91 7500 netmask 255.255.255.255 static (inside,outside) udp 205.203.58.1 radius 10.2.201.22 radius netmask 255.255.255.255 static (inside,outside) udp 205.203.58.1 radius-acct 10.2.201.22 radius-acct netmask 255.255.255.255 static (inside,outside) udp 205.203.58.2 5008 10.24.254.251 5008 netmask 255.255.255.255 static (inside,outside) tcp 205.203.58.3 9050 10.130.30.50 9050 netmask 255.255.255.255 static (dmz,outside) tcp 205.203.58.1 www 205.203.54.20 www netmask 255.255.255.255 static (inside,outside) tcp 205.203.58.2 smtp 10.130.14.38 smtp netmask 255.255.255.255 static (inside,dmz) udp 205.203.54.10 domain 10.130.25.130 domain netmask 255.255.255.255 static (dmz,outside) tcp 205.203.58.1 https 205.203.54.20 https netmask 255.255.255.255 static (dmz,outside) tcp 205.203.58.4 ftp 205.203.54.20 ftp netmask 255.255.255.255 static (dmz,outside) tcp 205.203.58.4 ftp-data 205.203.54.20 ftp-data netmask 255.255.255.255 static (inside,outside) 205.203.58.10 access-list pnat-inside-58-10 static (inside,outside) 205.203.58.8 access-list pnat-inside-58-8 static (dmz,outside) 205.203.58.9 205.203.54.50 netmask 255.255.255.255 static (dmz,outside) 205.203.54.22 205.203.54.22 netmask 255.255.255.255 access-group dmz_access_in in interface dmz access-group inside_access_in in interface inside access-group outside_access_in in interface outside route inside 10.0.0.0 255.0.0.0 205.203.57.254 1 route inside 172.16.0.0 255.240.0.0 205.203.57.254 1 route inside 192.168.0.0 255.255.0.0 205.203.57.254 1 route inside 10.22.168.0 255.255.248.0 205.203.57.250 1 route inside 205.203.35.0 255.255.255.0 205.203.57.254 1 route inside 205.203.39.0 255.255.255.0 205.203.57.254 1 route inside 205.203.42.0 255.255.255.0 205.203.57.254 1 route inside 205.203.45.0 255.255.255.0 205.203.57.254 1 route inside 205.203.48.0 255.255.255.0 205.203.57.254 1 route inside 205.203.51.0 255.255.255.0 205.203.57.254 1 route inside 205.203.55.0 255.255.255.0 205.203.57.254 1 route inside 205.203.56.0 255.255.255.0 205.203.57.254 1 route inside 205.203.59.0 255.255.255.0 205.203.57.254 1 route inside 205.203.99.0 255.255.255.0 205.203.57.254 1 route inside 205.203.105.0 255.255.255.0 205.203.57.254 1 route inside 205.203.107.0 255.255.255.0 205.203.57.254 1 route inside 205.203.109.0 255.255.255.0 205.203.57.254 1 route inside 205.203.114.0 255.255.255.0 205.203.57.254 1 route inside 205.203.115.0 255.255.255.0 205.203.57.254 1 route inside 205.203.120.0 255.255.255.0 205.203.57.254 1 route inside 205.203.122.0 255.255.255.0 205.203.57.254 1 route inside 205.203.123.0 255.255.255.0 205.203.57.254 1 route outside 205.203.44.0 255.255.255.0 205.203.58.253 1 route outside 0.0.0.0 0.0.0.0 205.203.58.254 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout uauth 0:05:00 absolute http server enable http 10.0.0.0 255.0.0.0 inside http 205.203.57.0 255.255.255.0 inside ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect netbios inspect rsh inspect rtsp inspect skinny inspect esmtp inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp ! service-policy global_policy global ntp server 205.203.57.254 source inside prefer smtp-server 10.130.24.41 prompt hostname context Cryptochecksum:d8eee9c9fa160bbc7f28d5f671e1dbc3