ASA Version 7.2(2) ! hostname chi-asa enable password names name 65.X.X.X McCord name 200.x.x.x BuenosAires name 172.16.45.71 nants-gw1 name 172.16.45.74 nants-gw2 name 172.16.45.77 nants-gw3 name 172.16.4.134 nycnts1 name 172.16.4.136 nycnts2 name 172.16.24.126 chints1 name 172.16.24.127 chints2 name 172.16.52.15 sfrnts1 name 172.16.104.145 eants-gw1 name 172.21.30.245 eants-gw2 name 172.16.4.118 nycnts-hub1 name 172.16.4.119 nycnts-hub2 name 172.16.4.192 nycapp1 name 64.x.x.x extns2-pub name 64.x.x.x nantsgw4-pub name 64.x.x.x chimail-pub name 64.x.x.x chints2-pub name 64.x.x.x sfrnts1-pub name 64.x.x.x chints1-pub name 204.x.x.x sabre-network name 64.x.x.x chibry1-pub name 64.x.x.x chibry2-pub name 172.17.9.50 extns2 name 172.17.9.12 nantsgw4 name 172.17.9.207 chibry1 name 172.17.9.208 chibry2 name 172.16.24.134 chiapp1 ! interface GigabitEthernet0/0 nameif outside security-level 0 ip address 64.x.x.x 255.255.255.192 standby 64.x.x.x ! interface GigabitEthernet0/1 nameif inside security-level 100 ip address 172.17.24.11 255.255.252.0 standby 172.17.24.12 ospf message-digest-key 88 md5 ! interface GigabitEthernet0/2 nameif dmz security-level 0 no ip address ! interface GigabitEthernet0/2.1 description DMZ1 VLAN 104 EXTERNAL SERVICES vlan 104 nameif dmz1 security-level 50 ip address 172.17.9.1 255.255.255.0 standby 172.17.9.2 ospf message-digest-key 88 md5 ! interface GigabitEthernet0/2.2 vlan 111 nameif dmz2 security-level 55 no ip address ! interface GigabitEthernet0/2.3 vlan 130 nameif dmz3 security-level 60 no ip address ! interface GigabitEthernet0/2.4 description DMZ4 VLAN 110 WAN ACCESS vlan 110 nameif dmz4 security-level 65 ip address 172.17.11.1 255.255.255.0 standby 172.17.11.2 ospf message-digest-key 88 md5 ! interface GigabitEthernet0/2.5 description DMZ5 VLAN 125 Video Conferencing vlan 125 nameif dmz5 security-level 85 ip address 172.17.32.1 255.255.255.0 standby 172.17.32.2 ! interface GigabitEthernet0/2.6 description DMZ6 VLAN 126 E911 vlan 126 nameif dmz6 security-level 50 ip address 172.17.8.1 255.255.255.0 standby 172.17.8.2 ! interface GigabitEthernet0/2.41 description DMZ4.1 VLAN 112 MOBILE VPN vlan 112 nameif dmz4.1 security-level 71 ip address 172.17.28.1 255.255.252.0 standby 172.17.28.2 ! interface GigabitEthernet0/2.42 vlan 113 nameif dmz4.2 security-level 72 no ip address ! interface GigabitEthernet0/2.43 vlan 120 nameif dmz4.3 security-level 73 no ip address ! interface GigabitEthernet0/3 description LAN/STATE Failover Interface ! interface Management0/0 nameif management security-level 100 ip address 192.168.1.1 255.255.255.0 management-only ! passwd boot system disk0:/asa722-k8.bin ftp mode passive object-group service Permit-Inside-to-Outside-TCP tcp port-object eq ftp port-object eq www port-object eq https port-object eq domain port-object eq lotusnotes port-object eq 8194 port-object eq 161 port-object eq 162 port-object eq 407 port-object eq 1433 port-object eq 445 port-object eq 1604 port-object eq 2725 port-object eq sqlnet port-object eq 3101 port-object range 1417 1420 object-group service Permit-Inside-to-Outside-UDP udp port-object eq domain port-object eq ntp port-object eq snmp port-object eq snmptrap port-object eq 407 port-object eq 1434 port-object eq 445 port-object eq 2725 port-object range 1417 1420 object-group service Deny-Inside-to-Outside-TCP tcp port-object eq netbios-ssn port-object eq 137 port-object eq 138 port-object eq 445 port-object eq 1214 port-object eq 6346 port-object eq 8998 port-object eq 1639 port-object eq 6667 port-object eq 135 object-group service Deny-Inside-to-Outside-UDP udp port-object eq netbios-dgm port-object eq netbios-ns port-object eq 135 port-object eq 139 port-object eq 445 port-object eq 1214 port-object eq 6346 port-object eq 8998 port-object eq 1639 port-object eq 6667 object-group service Permit-Inbound-Remote-Internal-UDP udp port-object eq domain port-object eq 1604 port-object eq netbios-ns port-object eq ntp port-object eq 389 port-object eq netbios-dgm port-object eq 139 port-object eq 88 port-object eq 548 port-object eq 407 port-object eq syslog port-object eq sunrpc port-object eq 445 port-object eq snmp port-object eq snmptrap port-object eq 1434 port-object eq 2725 object-group network REMOTE-MSDC-SVRS network-object host 172.16.129.250 network-object host 172.16.144.250 network-object host 172.16.136.250 network-object host 172.16.134.250 network-object host 172.16.132.250 network-object host 172.16.140.250 network-object host 172.16.137.250 network-object host 172.16.128.250 network-object host 172.16.124.250 network-object host 172.16.123.6 network-object host 172.16.126.250 network-object host 172.16.127.250 network-object host 172.16.122.250 network-object host 172.16.121.250 network-object host 172.16.120.6 network-object host 172.16.125.250 network-object host 172.16.100.249 network-object host 172.16.106.250 network-object host 172.16.93.4 network-object host 172.16.119.250 network-object host 172.16.5.150 network-object host 172.16.5.151 network-object host 172.16.5.152 network-object host 172.18.20.10 network-object host 172.18.20.11 object-group network CHI-MSDC-SVRS network-object host 172.16.24.192 network-object host 172.16.24.193 network-object host 172.16.24.194 object-group network MSDC-SVRS network-object host 172.16.129.250 network-object host 172.16.144.250 network-object host 172.16.136.250 network-object host 172.16.134.250 network-object host 172.16.132.250 network-object host 172.16.140.250 network-object host 172.16.137.250 network-object host 172.16.128.250 network-object host 172.16.124.250 network-object host 172.16.123.6 network-object host 172.16.126.250 network-object host 172.16.127.250 network-object host 172.16.122.250 network-object host 172.16.121.250 network-object host 172.16.120.6 network-object host 172.16.125.250 network-object host 172.16.24.192 network-object host 172.16.24.193 network-object host 172.16.24.194 network-object host 172.16.100.249 network-object host 172.16.106.250 network-object host 172.16.93.4 network-object host 172.16.119.250 network-object host 172.16.118.250 network-object host 172.16.5.150 network-object host 172.16.5.151 network-object host 172.16.5.152 object-group service MSDC-SVRS-TCP tcp port-object eq 3268 port-object eq ldap port-object eq domain port-object eq 88 port-object eq 82 port-object eq 5003 port-object eq netbios-ssn port-object eq 135 object-group service MSDC-SVRS-UDP udp port-object eq ntp port-object eq 389 port-object eq domain port-object eq 88 object-group network chints-pxy network-object host 172.17.9.210 network-object host 172.17.9.211 network-object host 172.17.9.212 network-object host 172.17.9.213 network-object host extns2 network-object host 172.17.9.205 object-group network MessageLabs network-object 140.x.x.x 255.255.255.240 network-object 38.x.x.x 255.255.255.240 network-object 216.x.x.x 255.255.240.0 network-object 195.x.x.x 255.255.255.255 network-object 195.x.x.x 255.255.255.0 network-object 195.x.x.x 255.255.255.255 object-group network Notes_SVR network-object host nants-gw1 network-object host nants-gw2 network-object host nants-gw3 network-object host nycnts1 network-object host nycnts2 network-object host chints1 network-object host chints2 network-object host sfrnts1 network-object host eants-gw2 network-object host nycnts-hub1 network-object host nycnts-hub2 network-object host nycapp1 network-object host eants-gw1 network-object host 172.16.46.86 network-object host 172.16.46.87 network-object host chiapp1 object-group network Chi_BRY_Svr network-object host chibry1 network-object host chibry2 object-group service Permit-Inbound-Remote-Internal-TCP tcp port-object range www 88 port-object eq lotusnotes port-object eq citrix-ica port-object eq ssh port-object eq telnet port-object eq sqlnet port-object eq https port-object range 1024 10000 object-group network RemoteOffice-Internal-Network network-object 172.16.0.0 255.240.0.0 object-group network NewYork-Internal-Network network-object 172.16.0.0 255.255.192.0 network-object 172.18.8.0 255.255.252.0 network-object 172.19.0.0 255.255.0.0 network-object 172.18.0.0 255.255.0.0 network-object 172.16.54.0 255.255.255.192 object-group network Chicago-Internal-Network network-object 172.16.24.0 255.255.252.0 network-object 172.17.9.0 255.255.255.0 network-object 172.17.10.0 255.255.255.0 network-object 172.17.11.0 255.255.255.0 network-object 172.17.16.0 255.255.255.0 network-object 172.17.17.0 255.255.255.0 network-object 172.17.18.0 255.255.254.0 network-object 172.17.20.0 255.255.254.0 network-object 172.17.22.0 255.255.254.0 network-object 172.17.24.0 255.255.252.0 network-object 172.17.28.0 255.255.252.0 network-object 172.17.12.0 255.255.252.0 network-object 172.17.4.0 255.255.252.0 network-object 172.17.8.0 255.255.255.0 access-list acl-inside extended permit icmp any any access-list acl-inside extended permit ip any any access-list acl-outside extended permit icmp any any echo-reply access-list acl-outside extended permit udp any host extns2-pub eq domain access-list acl-outside extended permit tcp any host chimail-pub eq www access-list acl-outside extended permit tcp any host chints1-pub eq www access-list acl-outside extended permit tcp any host chints2-pub eq www access-list acl-outside extended permit tcp any host sfrnts1-pub eq www access-list acl-outside extended permit tcp object-group MessageLabs host nantsgw4-pub eq smtp access-list acl-outside extended permit tcp any host 64.195.243.224 eq h323 access-list acl-outside extended permit tcp any host 64.195.243.224 range 5555 5565 access-list acl-outside extended permit udp any host 64.195.243.224 range 2326 2373 access-list acl-outside extended permit udp any any eq ntp access-list acl-outside extended permit udp any any eq dnsix access-list acl-outside extended permit tcp any any eq domain access-list acl-outside extended permit icmp any any access-list acl-outside extended permit tcp any host chibry2-pub eq 3101 access-list acl-outside extended permit tcp any host chibry1-pub eq 3101 access-list nonat extended permit ip 172.16.0.0 255.240.0.0 172.16.0.0 255.240.0.0 access-list nonat extended permit ip 172.16.0.0 255.240.0.0 10.0.0.0 255.0.0.0 access-list nonat extended permit ip 172.16.0.0 255.240.0.0 192.x.0.0 255.255.0.0 access-list nonat extended permit ip 172.16.0.0 255.240.0.0 199.x.x.0 255.255.254.0 access-list nonat extended permit ip 172.16.0.0 255.240.0.0 199.x.x.0 255.255.248.0 access-list nonat extended permit ip 172.16.0.0 255.240.0.0 205.x.x.0 255.255.255.0 access-list nonat extended permit ip 172.16.0.0 255.240.0.0 208.x.x.0 255.255.255.0 access-list acl-dmz1 extended permit icmp any any echo access-list acl-dmz1 extended permit icmp any any echo-reply access-list acl-dmz1 extended permit icmp any any access-list acl-dmz1 extended permit udp any any eq domain access-list acl-dmz1 extended permit udp any any eq ntp access-list acl-dmz1 extended permit tcp any any eq domain access-list acl-dmz1 extended permit udp any any eq dnsix access-list acl-dmz1 extended permit tcp host nantsgw4 172.16.0.0 255.240.0.0 eq lotusnotes access-list acl-dmz1 extended deny tcp host nantsgw4 172.16.0.0 255.240.0.0 eq www access-list acl-dmz1 extended permit tcp host nantsgw4 any eq www access-list acl-dmz1 extended permit tcp host nantsgw4 any eq https access-list acl-dmz1 extended permit tcp host nantsgw4 any eq smtp access-list acl-dmz1 extended deny tcp host chibry1 10.0.0.0 255.0.0.0 eq 3101 access-list acl-dmz1 extended deny tcp host chibry1 192.168.0.0 255.255.0.0 eq 3101 access-list acl-dmz1 extended deny tcp host chibry1 172.16.0.0 255.240.0.0 eq 3101 access-list acl-dmz1 extended deny tcp host chibry2 10.0.0.0 255.0.0.0 eq 3101 access-list acl-dmz1 extended deny tcp host chibry2 192.168.0.0 255.255.0.0 eq 3101 access-list acl-dmz1 extended deny tcp host chibry2 172.16.0.0 255.240.0.0 eq 3101 access-list acl-dmz1 extended permit tcp object-group Chi_BRY_Svr object-group Notes_SVR eq lotusnotes access-list acl-dmz1 extended permit tcp host chibry1 any eq 3101 access-list acl-dmz1 extended permit tcp host chibry2 any eq 3101 access-list acl-dmz1 extended permit tcp host chibry1 any eq www access-list acl-dmz1 extended permit tcp host chibry2 any eq www access-list acl-dmz1 extended permit tcp host chibry1 any eq https access-list acl-dmz1 extended permit tcp host chibry2 any eq https access-list acl-dmz1 extended permit tcp any host 172.16.24.110 range 7937 9936 access-list acl-dmz1 extended permit tcp any host 172.16.24.110 range 10001 30000 access-list acl-dmz1 extended permit tcp object-group chints-pxy host chints1 eq www access-list acl-dmz1 extended permit tcp object-group chints-pxy host sfrnts1 eq www access-list acl-dmz1 extended permit tcp object-group chints-pxy host 172.16.24.106 eq www access-list acl-dmz1 extended permit tcp object-group chints-pxy host 172.16.24.107 eq www access-list acl-dmz1 extended permit tcp object-group chints-pxy host chints2 eq www access-list acl-dmz1 extended permit tcp any host 172.16.5.157 eq ftp access-list acl-dmz1 extended permit tcp any host 172.16.5.157 eq 82 access-list acl-dmz1 extended permit tcp any any eq 123 access-list acl-dmz4 extended permit icmp any any echo access-list acl-dmz4 extended permit icmp any any access-list acl-dmz4 extended permit tcp 172.16.0.0 255.240.0.0 172.16.0.0 255.240.0.0 object-group Permit-Inbound-Remote-Internal-T CP access-list acl-dmz4 extended permit udp 172.16.0.0 255.240.0.0 172.16.0.0 255.240.0.0 object-group Permit-Inbound-Remote-Internal-U DP access-list acl-dmz4 extended permit tcp 172.16.0.0 255.240.0.0 172.16.0.0 255.240.0.0 object-group Permit-Inside-to-Outside-TCP access-list acl-dmz4 extended permit udp 172.16.0.0 255.240.0.0 172.16.0.0 255.240.0.0 object-group Permit-Inside-to-Outside-UDP access-list acl-dmz4 extended permit udp any any eq domain access-list acl-dmz4 extended permit ip 172.16.0.0 255.255.0.0 host 172.16.24.172 access-list acl-dmz4 extended permit tcp object-group REMOTE-MSDC-SVRS object-group CHI-MSDC-SVRS gt 1023 access-list acl-dmz4 extended permit udp any host 172.16.24.193 eq bootps access-list acl-dmz4 extended permit tcp 172.16.0.0 255.240.0.0 host 172.16.24.120 eq 445 access-list acl-dmz4 extended permit tcp 172.16.0.0 255.240.0.0 host 172.16.24.120 eq netbios-ssn access-list acl-dmz4 extended permit udp any any eq 407 access-list acl-dmz4 extended permit tcp any any eq 407 access-list acl-dmz4 extended permit tcp any any range 1417 1420 access-list acl-dmz4 extended permit udp any any range 1417 1420 access-list acl-dmz4 extended permit ip 172.16.0.0 255.240.0.0 host 172.16.24.135 access-list acl-dmz4 extended permit ip 172.16.0.0 255.240.0.0 host 172.17.32.4 access-list acl-dmz4 extended permit udp any object-group MSDC-SVRS object-group MSDC-SVRS-UDP access-list acl-dmz4 extended permit tcp any object-group MSDC-SVRS object-group MSDC-SVRS-TCP access-list acl-dmz4 extended permit ip host 172.16.4.26 172.16.0.0 255.240.0.0 access-list acl-dmz4 extended permit tcp any any eq lotusnotes access-list acl-dmz4 extended deny ip any 172.16.0.0 255.240.0.0 access-list acl-dmz4 extended deny ip any 192.168.0.0 255.255.0.0 access-list acl-dmz4 extended deny ip 172.17.12.0 255.255.252.0 host 172.16.6.122 access-list acl-dmz4 extended permit ip any any access-list acl-dmz4.1 extended permit icmp any any access-list acl-dmz4.1 extended permit tcp any object-group MSDC-SVRS object-group MSDC-SVRS-TCP access-list acl-dmz4.1 extended permit udp any object-group MSDC-SVRS object-group MSDC-SVRS-UDP access-list acl-dmz4.1 extended permit tcp 172.16.0.0 255.240.0.0 172.16.0.0 255.240.0.0 object-group Permit-Inside-to-Outside-TCP access-list acl-dmz4.1 extended permit udp 172.16.0.0 255.240.0.0 172.16.0.0 255.240.0.0 object-group Permit-Inside-to-Outside-UDP access-list acl-dmz4.1 extended permit tcp 172.16.0.0 255.240.0.0 172.16.0.0 255.240.0.0 object-group Permit-Inbound-Remote-Internal -TCP access-list acl-dmz4.1 extended permit udp 172.16.0.0 255.240.0.0 172.16.0.0 255.240.0.0 object-group Permit-Inbound-Remote-Internal -UDP access-list acl-dmz4.1 extended permit ip any any access-list acl-dmz6 extended permit icmp any any echo access-list acl-dmz6 extended permit icmp any any access-list acl-dmz6 extended permit tcp any host 172.17.16.10 eq 5023 access-list acl-dmz6 extended permit tcp host 172.17.8.21 any eq www access-list acl-dmz6 extended permit udp host 172.17.8.21 any eq domain access-list acl-dmz6 extended permit udp host 172.17.8.21 any eq ntp access-list acl-dmz6 extended deny ip any any access-list acl-dmz6 extended permit tcp host 172.17.8.21 host 172.17.16.21 eq 5023 access-list acl-dmz5 extended permit icmp any any echo access-list acl-dmz5 extended permit icmp any any echo-reply access-list acl-dmz5 extended permit icmp any any access-list acl-dmz5 extended permit tcp any any eq h323 access-list acl-dmz5 extended permit tcp any any range 5555 5565 access-list acl-dmz5 extended permit udp any any range 2326 2373 access-list 10 standard permit 172.17.9.0 255.255.255.0 access-list 10 standard permit 172.17.10.0 255.255.255.0 access-list 10 standard permit 172.17.11.0 255.255.255.0 access-list 10 standard permit 172.17.16.0 255.255.255.0 access-list 10 standard permit 172.17.17.0 255.255.255.0 access-list 10 standard permit 172.17.18.0 255.255.254.0 access-list 10 standard permit 172.17.20.0 255.255.254.0 access-list 10 standard permit 172.17.24.0 255.255.252.0 access-list 10 standard permit 172.17.28.0 255.255.252.0 pager lines 24 logging enable logging standby logging buffered notifications logging trap informational logging history warnings logging asdm informational logging host inside 172.16.27.235 logging host dmz4 172.16.4.171 mtu outside 1500 mtu inside 1500 mtu dmz 1500 mtu dmz1 1500 mtu dmz2 1500 mtu dmz3 1500 mtu dmz4 1500 mtu dmz5 1500 mtu dmz6 1500 mtu dmz4.1 1500 mtu dmz4.2 1500 mtu dmz4.3 1500 mtu management 1500 failover failover lan unit primary failover lan interface heartbeat GigabitEthernet0/3 failover polltime unit 3 holdtime 9 failover polltime interface 3 holdtime 15 failover key ***** failover replication http failover link heartbeat GigabitEthernet0/3 failover interface ip heartbeat 192.168.254.1 255.255.255.0 standby 192.168.254.2 no monitor-interface dmz monitor-interface dmz1 monitor-interface dmz4 monitor-interface dmz5 monitor-interface dmz6 monitor-interface dmz4.1 no monitor-interface management icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm521.bin no asdm history enable arp timeout 14400 global (outside) 1 64.x.x.x nat (inside) 0 access-list nonat nat (inside) 1 0.0.0.0 0.0.0.0 nat (dmz1) 0 access-list nonat nat (dmz4) 0 access-list nonat nat (dmz4) 1 172.16.0.0 255.240.0.0 nat (dmz6) 0 access-list nonat nat (dmz6) 1 172.16.0.0 255.240.0.0 nat (dmz4.1) 0 access-list nonat nat (dmz4.1) 1 172.16.0.0 255.240.0.0 static (dmz1,outside) chimail-pub 172.17.9.210 netmask 255.255.255.255 static (dmz1,outside) chints1-pub 172.17.9.211 netmask 255.255.255.255 static (dmz1,outside) chints2-pub 172.17.9.212 netmask 255.255.255.255 static (dmz1,outside) sfrnts1-pub 172.17.9.213 netmask 255.255.255.255 static (dmz5,outside) 64.x.x.x 172.17.32.4 netmask 255.255.255.255 static (dmz5,outside) 64.x.x.x 172.17.32.5 netmask 255.255.255.255 static (dmz1,outside) extns2-pub extns2 netmask 255.255.255.255 static (dmz1,outside) nantsgw4-pub nantsgw4 netmask 255.255.255.255 static (dmz1,outside) chibry1-pub chibry1 netmask 255.255.255.255 static (dmz1,outside) chibry2-pub chibry2 netmask 255.255.255.255 access-group acl-outside in interface outside access-group acl-inside in interface inside access-group acl-dmz1 in interface dmz1 access-group acl-dmz4 in interface dmz4 access-group acl-dmz5 in interface dmz5 access-group acl-dmz6 in interface dmz6 access-group acl-dmz4.1 in interface dmz4.1 route outside 0.0.0.0 0.0.0.0 64.x.x.x 1 route outside 151.x.x.0 255.255.255.0 64.x.x.x 1 ! router ospf 1080 network 172.17.8.0 255.255.255.0 area 0 network 172.17.9.0 255.255.255.0 area 0 network 172.17.11.0 255.255.255.0 area 0 network 172.17.24.0 255.255.252.0 area 0 network 172.17.28.0 255.255.252.0 area 0 network 172.17.32.0 255.255.255.0 area 0 area 0 authentication message-digest log-adj-changes detail redistribute static ! timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout uauth 0:05:00 absolute username chinoc password privilege 15 username xnoc password privilege 7 url-server (inside) vendor websense host 172.17.24.184 timeout 10 protocol TCP version 1 connections 5 url-cache dst 128 aaa authentication ssh console LOCAL filter url except 172.16.0.0 255.240.0.0 216.x.x.x 255.255.255.255 filter url except 172.16.0.0 255.240.0.0 10.0.0.0 255.0.0.0 filter url except 10.0.0.0 255.0.0.0 10.0.0.0 255.0.0.0 filter url except 10.0.0.0 255.0.0.0 172.16.0.0 255.240.0.0 filter url except 172.16.0.0 255.240.0.0 172.16.0.0 255.240.0.0 filter url except 172.16.0.0 255.240.0.0 216.x.x.x 255.255.255.255 filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow longurl-truncate http 192.168.1.0 255.255.255.0 management snmp-server host dmz4 172.16.7.115 community XReadOnly! no snmp-server location no snmp-server contact snmp-server community XReadOnly! snmp-server enable traps snmp authentication linkup linkdown coldstart service resetinbound telnet timeout 5 ssh 172.17.34.0 255.255.255.0 inside ssh 172.16.8.61 255.255.255.255 dmz4 ssh 172.16.8.80 255.255.255.255 dmz4 ssh 172.16.8.90 255.255.255.255 dmz4 ssh 172.16.7.115 255.255.255.255 dmz4 ssh 172.17.11.11 255.255.255.255 dmz4 ssh 172.17.11.12 255.255.255.255 dmz4 ssh 172.16.8.75 255.255.255.255 dmz4 ssh 172.16.8.50 255.255.255.255 dmz4 ssh timeout 30 console timeout 0 dhcpd dns 172.16.24.193 172.16.24.194 dhcpd ping_timeout 750 dhcpd domain x.corp ! dhcpd address 172.17.28.10-172.17.29.9 dmz4.1 dhcpd enable dmz4.1 ! ! class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class inspection_default inspect ftp inspect h323 h225 inspect h323 ras inspect rtsp inspect skinny inspect xdmcp inspect netbios inspect tftp policy-map type inspect dns migrated_dns_map_2 parameters message-length maximum 512 ! service-policy global_policy global ntp server 172.16.4.22 prompt hostname context Cryptochecksum:84dcc4a91c9d4373bd72476d8ecb1611 : end