ASA Version 8.0(3)6 ! hostname ITSCR3AS01 domain-name enable password nnX8dWEUyuuVXGiZ encrypted passwd 2KFQnbNIdI.2KYOU encrypted names name xxxx.xxx.23.147 ALTIRIS01 name xxx.xxx.23.137 DNS1 name xxxx.xxx.23.133 DNS2 name xxx.xxx.103.18 FAMIS name xxx.xxx.23.170 VMS5_BANNER name xxx.xxx.23.246 WEB01 name xxx.xxx.23.244 WEB02 name xxx.xxx.23.132 WEBXTENDER name xxx.xxx.21.0 ITS_MGT name xxx.xxx.23.182 BACKUP01 ! interface Vlan2 description ASA outside interface nameif outside security-level 0 ip address xxx.xxx.120.115 255.255.255.128 ! interface Vlan70 description Inside network for Touchnet nameif inside security-level 100 ip address 10.xxx.180.1 255.255.255.128 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 switchport access vlan 70 ! interface Ethernet0/2 switchport access vlan 70 ! interface Ethernet0/3 switchport access vlan 70 ! interface Ethernet0/4 switchport access vlan 70 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 switchport access vlan 70 ! ftp mode passive clock timezone CST -6 clock summer-time CDT recurring dns server-group DefaultDNS domain-name object-group network Allowed_Int network-object 10.xx.180.0 255.255.255.128 object-group network Allowed_Out network-object host FAMIS network-object host xxx.xx.120.103 network-object host WEBXTENDER network-object host DNS2 network-object host DNS1 network-object host ALTIRIS01 network-object host VMS5_BANNER network-object host WEB02 network-object host WEB01 network-object ITS_MGT 255.255.255.128 network-object host BACKUP01 object-group network DM_INLINE_NETWORK_1 network-object xxx.xxx.23.128 255.255.255.128 object-group network Touchnet_Servers network-object host xxx.xxx.211.12 network-object xxx.xxx.196.0 255.255.255.0 access-list inside_access_in_1 extended permit ip object-group Allowed_Int object-group Allowed_Out access-list inside_access_in_1 extended permit ip object-group Allowed_Int object-group Touchnet_Servers access-list inside_access_in_1 extended permit icmp object-group Allowed_Int any access-list inside_access_in_1 extended permit icmp object-group Allowed_Int ITS_MGT 255.255.255.128 access-list outside_access_in extended permit ip object-group Allowed_Out object-group Allowed_Int access-list outside_access_in extended permit icmp ITS_MGT 255.255.255.128 any access-list inside_nat0_outbound extended permit ip 10.xx.180.0 255.255.255.128 10.xx.180.112 255.255.255.252 access-list inside_nat0_outbound extended permit ip any 10.xx.180.112 255.255.255.252 pager lines 24 logging enable logging timestamp logging asdm informational logging host outside xxx.xxx.23.140 logging permit-hostdown mtu outside 1500 mtu inside 1500 ip local pool TCT-Cashier 10.xx.180.113-10.xx.180.114 mask 255.255.255.128 icmp unreachable rate-limit 1 burst-size 1 icmp permit ITS_MGT 255.255.255.128 outside icmp permit 10.xx.180.0 255.255.255.128 inside asdm image disk0:/asdm-603.bin no asdm history enable arp timeout 14400 nat-control global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 10.xx.180.0 255.255.255.128 static (inside,outside) xxx.xx.120.103 10.xx.180.103 netmask 255.255.255.255 tcp 1 0 access-group outside_access_in in interface outside access-group inside_access_in_1 in interface inside ! router eigrp 165 no auto-summary eigrp stub connected ! route outside 0.0.0.0 0.0.0.0 xxx.xxx.120.125 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute dynamic-access-policy-record DfltAccessPolicy http server enable http 10.xx.180.0 255.255.255.0 inside http ITS_MGT 255.255.255.128 outside snmp-server host outside xxx.xxx.23.140 community xxxxx snmp-server location Data Center snmp-server contact snmp-server community xxxxxx snmp-server enable traps snmp authentication coldstart snmp-server enable traps syslog snmp-server enable traps ipsec start telnet ITS_MGT 255.255.255.128 outside telnet xxxx.xxx.23.140 255.255.255.255 outside telnet timeout 5 ssh ITS_MGT 255.255.255.128 outside ssh timeout 5 console timeout 0 dhcpd dns DNS1 DNS1 dhcpd wins DNS2 DNS2 dhcpd ping_timeout 60 dhcpd domain xxxxx dhcpd auto_config outside dhcpd update dns ! dhcpd address 10.xx.180.2-10.xxx.180.100 inside dhcpd dns DNS1 DNS2 interface inside dhcpd wins DNS1 DNS2 interface inside dhcpd ping_timeout 30 interface inside dhcpd domain tarleton.edu interface inside dhcpd enable inside ! threat-detection basic-threat threat-detection statistics port threat-detection statistics protocol threat-detection statistics access-list ntp server 10.xx.1.1 source outside prefer group-policy DefaultRAGroup internal group-policy DefaultRAGroup attributes wins-server value xxx.xxx.23.133 xxx.xxx.23.137 dns-server value xxx.xxx.23.133 xxx.xxx.23.137 vpn-tunnel-protocol l2tp-ipsec default-domain value Tarleton.edu wins-server value xxx.xxx.23.133 xxx.xxx.23.137 dns-server value xxx.xxx.23.133 xxx.xxx.23.137 vpn-tunnel-protocol IPSec default-domain value Ta vpn-group-policy DefaultRAGroup ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect icmp inspect icmp error