ciscoasa# ciscoasa# sh run : Saved : ASA Version 7.2(2) ! hostname ciscoasa domain-name default.domain.invalid enable password xxx encrypted names ! interface Vlan1 nameif inside security-level 100 ip address 192.168.100.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address xx.xxx.xxx.xxx 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! passwd xxx encrypted ftp mode passive clock timezone EST -5 clock summer-time EDT recurring dns server-group DefaultDNS domain-name default.domain.invalid same-security-traffic permit inter-interface access-list outside_access_in extended permit tcp any host xx.xxx.xxx.xxx eq smtp access-list outside_access_in extended permit tcp any host xx.xxx.xxx.xxx eq 7777 access-list outside_access_in extended permit tcp any host xx.xxx.xxx.xxx eq https access-list nonat extended permit ip 192.168.100.0 255.255.255.0 192.168.125.0 255.255.255.0 pager lines 24 logging asdm informational mtu inside 1500 mtu outside 1500 ip local pool remote 192.168.125.25-192.168.125.50 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-522.bin no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list nonat nat (inside) 1 192.168.100.0 255.255.255.0 static (inside,outside) tcp interface smtp 192.168.100.10 smtp netmask 255.255.255.255 static (inside,outside) tcp interface 7777 192.168.100.10 7777 netmask 255.255.255.255 static (inside,outside) tcp interface https 192.168.100.10 https netmask 255.255.255.255 access-group outside_access_in in interface outside route outside 0.0.0.0 0.0.0.0 xx.xxx.xxx.xxx 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout uauth 0:05:00 absolute group-policy FusionVPN internal username vpnuser1 password xxx encrypted privilege 0 username vpnuser1 attributes vpn-group-policy FusionVPN http server enable http 192.168.100.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set fusionset esp-des esp-md5-hmac crypto dynamic-map dynmap 10 set transform-set fusionset crypto map FusionMap 65535 ipsec-isakmp dynamic dynmap crypto map FusionMap interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption des hash md5 group 7 lifetime 86400 crypto isakmp nat-traversal 20 tunnel-group FusionVPN type ipsec-ra tunnel-group FusionVPN general-attributes address-pool remote tunnel-group FusionVPN ipsec-attributes pre-shared-key * telnet 192.168.100.0 255.255.255.0 inside telnet timeout 20 ssh timeout 5 console timeout 0 dhcpd auto_config outside ! ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp ! service-policy global_policy global prompt hostname context Cryptochecksum:1122141efc5fbdd3cf41883b57ff8b7f : end ciscoasa#