MccgCiscoasa# sh run : Saved : ASA Version 7.0(8) ! hostname MccgCiscoasa domain-name xxx.org enable password xxxxxd encrypted passwd xxxxxdI.2KYOU encrypted names dns-guard ! interface Ethernet0/0 description public interface to internet nameif public security-level 1 ip address xxx.xxx.186.10 255.255.255.0 ! interface Ethernet0/1 description private interface to locan lan nameif private security-level 100 ip address 172.20.72.5 255.255.255.0 ! interface Ethernet0/2 shutdown no nameif no security-level no ip address ! interface Management0/0 nameif management security-level 100 ip address 192.168.1.1 255.255.255.0 management-only ! ftp mode passive access-list private_nat0_outbound extended permit ip 172.20.72.0 255.255.255.0 1 0.12.27.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip 172.20.72.0 255.255.255.0 10 .12.27.0 255.255.255.0 pager lines 24 logging asdm informational mtu management 1500 mtu private 1500 mtu public 1500 ip local pool asapool 10.12.27.2-10.12.27.254 mask 255.255.255.0 asdm image disk0:/asdm-508.bin no asdm history enable arp timeout 14400 nat (private) 0 access-list inside_nat0_outbound route private 172.17.0.0 255.255.0.0 172.20.72.5 1 route public 0.0.0.0 0.0.0.0 xxx.xxx.186.65 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute group-policy vpnusers internal group-policy vpnusers attributes wins-server value xxx.xxx.150.16 dns-server value xxx.xxx.1.135 default-domain value xxxx.org webvpn username broow password xxxxxx7BfK encrypted privilege 0 username broow attributes vpn-group-policy vpnusers webvpn http server enable http 192.168.1.0 255.255.255.0 management no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map public_dyn_map 20 set transform-set ESP-3DES-SHA crypto dynamic-map public_dyn_map 20 set security-association lifetime seconds 2 8800 crypto dynamic-map public_dyn_map 20 set security-association lifetime kilobytes 4608000 crypto map public_map 65535 ipsec-isakmp dynamic public_dyn_map crypto map public_map interface public isakmp enable public isakmp policy 10 authentication pre-share isakmp policy 10 encryption 3des isakmp policy 10 hash sha isakmp policy 10 group 2 isakmp policy 10 lifetime 86400 isakmp nat-traversal 20 tunnel-group vpnusers type ipsec-ra tunnel-group vpnusers general-attributes address-pool asapool default-group-policy vpnusers tunnel-group vpnusers ipsec-attributes pre-shared-key * telnet timeout 5 ssh timeout 5 console timeout 0 dhcpd address 192.168.1.2-192.168.1.254 management dhcpd lease 3600 dhcpd ping_timeout 50 dhcpd enable management ! class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class inspection_default inspect dns maximum-length 512 inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp ! service-policy global_policy global Cryptochecksum:d1317e1512f534d21551e97b4aa15316 : end MccgCiscoasa#