running config

hostname ciscoasa

enable password encrypted

passwd encrypted

names

name 10.x.x.x VPN

name 10.8.x.x file

name 10.8.x.x mail

name 50.x.x.x file_Inet description Unanet External Access

name 50.x.x.x Mail_INet

name 10.8.x.x InterTel_HQ

name 10.8.x.x Intertel_CASL

name 50.x.x.x Intertel_CASL_INet

name 50.x.x.x Intertel_HQ_INet

name 10.8.x.x SPAM

name 50.x.x.x SPAM_Inet

name 10.1.1.0 _Subnet

name 10.8.x.x Tyco_CASL

name 50.x.x.x Tyco_CASL_INet

name 50.x.x.x VPN_Inet

!

interface Ethernet0/0

 switchport access vlan 2

!

interface Ethernet0/1

!

interface Ethernet0/2

!

interface Ethernet0/3

!

interface Ethernet0/4

!

interface Ethernet0/5

!

interface Ethernet0/6

!

interface Ethernet0/7

!

interface Vlan1

 nameif inside

 security-level 100

 ip address 10.8.x.x 255.255.254.0

!

interface Vlan2

 nameif outside

 security-level 0

 ip address 50.x.x.x 255.255.255.252

!

ftp mode passive

clock timezone EST -5

clock summer-time EDT recurring

same-security-traffic permit intra-interface

object-group service DM_INLINE_TCP_1 tcp

 port-object eq www

 port-object eq https

object-group service DM_INLINE_TCP_2 tcp

 port-object eq 44000

 port-object eq www

 port-object eq https

 port-object eq ssh

object-group service DM_INLINE_TCP_3 tcp

 port-object eq 44000

 port-object eq www

 port-object eq https

 port-object eq ssh

object-group service DM_INLINE_TCP_4 tcp

 port-object eq 47237

 port-object eq 51365

object-group service DM_INLINE_SERVICE_1

 service-object tcp eq https

 service-object udp eq 4500

 service-object udp eq isakmp

object-group service ArmyProject udp

 description CASL

 port-object eq 4500

 port-object eq isakmp

object-group network DM_INLINE_NETWORK_1

 network-object host 192.x.x.x

 network-object host 50.x.x.x

object-group network DM_INLINE_NETWORK_2

 network-object host 192.x.x.x

 network-object host 50.x.x.x

object-group network DM_INLINE_NETWORK_3

 network-object host 125.23.5.22

 network-object host 194.154.148.69

 network-object host 198.50.238.45

object-group protocol DM_INLINE_PROTOCOL_1

 protocol-object ip

 protocol-object tcp

access-list inside_access_in extended permit ip any any

access-list NONAT extended permit ip any _Subnet 255.255.255.0

access-list NONAT extended permit ip _Subnet 255.255.255.0 any

access-list outside_access_in remark

access-list outside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 any host 159.x.x.x inactive

access-list outside_access_in remark Known Chinese attacking server.

access-list outside_access_in extended deny ip host 120.43.20.108 any

access-list outside_access_in remark Suspicous IP reported by AlienVault

access-list outside_access_in extended deny ip host 69.172.216.55 any

access-list outside_access_in remark Symantect detected SID: 28123] Web Attack: WordPress Symposium Plugin Shell Upload attack blocked.

access-list outside_access_in extended deny ip host 178.137.83.166 any

access-list outside_access_in remark Symantec detected attack.

access-list outside_access_in extended deny ip host 195.154.194.116 any

access-list outside_access_in remark Symantect detected attack.

access-list outside_access_in extended deny ip host 62.210.152.90 any

access-list outside_access_in remark Symantec detected attack.

access-list outside_access_in extended deny ip host 5.254.97.74 any

access-list outside_access_in remark Symantec detected attack on.

access-list outside_access_in extended deny ip host 195.154.230.31 any

access-list outside_access_in remark Symantec detected attack on.

access-list outside_access_in extended deny ip host 104.200.154.26 any

access-list outside_access_in remark Symantec detected attack on.

access-list outside_access_in extended deny ip host 163.172.108.226 any

access-list outside_access_in remark Symantec detected attack on.

access-list outside_access_in extended deny ip host 204.187.100.83 any

access-list outside_access_in remark Symantec detected threat on 09/19/2017.

access-list outside_access_in extended deny ip host 103.37.124.156 any

access-list outside_access_in remark Symantec detected attack.

access-list outside_access_in extended deny ip host 177.154.145.99 any

access-list outside_access_in remark Symantec detected attack on 09/19/2017.

access-list outside_access_in extended deny ip host 213.96.155.165 any

access-list outside_access_in remark Symantec detected attack on 09/17/2017.

access-list outside_access_in extended deny ip host 51.255.68.116 any

access-list outside_access_in remark Symantec detected attack on 09/17/2017.

access-list outside_access_in extended deny ip host 212.16.74.248 any

access-list outside_access_in remark Symantec detected attack on 09/12/2017.

access-list outside_access_in extended deny ip host 123.57.148.247 any

access-list outside_access_in remark Symantec detected attack on 09/30/2017.

access-list outside_access_in extended deny ip host 117.78.15.5 any

access-list outside_access_in remark Symantec detected attack on 10/03/2017.

access-list outside_access_in extended deny ip host 103.37.124.137 any

access-list outside_access_in remark Symantec detected attack on 09/30/2017.

access-list outside_access_in extended deny ip host 52.169.91.215 any

access-list outside_access_in remark Symantec detected inbound attack on 10/13/2017.

access-list outside_access_in extended deny ip host 104.16.110.119 any

access-list outside_access_in remark Symantec detected attack on 10/18/2017.

access-list outside_access_in extended deny ip host 218.214.112.229 any

access-list outside_access_in remark Symantec detected attack on

access-list outside_access_in extended deny ip object-group DM_INLINE_NETWORK_3 any

access-list outside_access_in remark Barracuda ESG (IP: 50.x.x.x)

access-list outside_access_in extended permit tcp any host SPAM_Inet eq smtp

access-list outside_access_in remark Exchange OWA & Website (IP: 50.x.x.x)

access-list outside_access_in extended permit tcp any host Mail_INet object-group DM_INLINE_TCP_1

access-list outside_access_in remark Barracuda SSLVPN (IP: 50.x.x.x)

access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any host VPN_Inet

access-list outside_access_in remark Unanet External Access (IP: 50.x.x.x)

access-list outside_access_in extended permit tcp any host WEB_Inet eq 8443

access-list outside_access_in remark Intertel PBX Remote Access - HQ (IP: 50.x.x.x)

access-list outside_access_in extended permit tcp object-group DM_INLINE_NETWORK_1 host Intertel_HQ_INet object-group DM_INLINE_TCP_2

access-list outside_access_in remark Intertel PBX Remote Access - CASL (IP: 50.x.x.x)

access-list outside_access_in extended permit tcp object-group DM_INLINE_NETWORK_2 host Intertel_CASL_INet object-group DM_INLINE_TCP_3

access-list outside_access_in remark Tyco System Monitoring - CASL (IP: 50.x.x.x)

access-list outside_access_in extended permit tcp any host Tyco_CASL_INet object-group DM_INLINE_TCP_4

access-list STATEBYPASS extended permit ip any _Subnet 255.255.255.0

access-list STATEBYPASS extended permit ip _Subnet 255.255.255.0 any

no pager

logging enable

logging list LicenseExceeded message 450001

logging trap notifications

logging asdm debugging

logging mail LicenseExceeded

logging from-address notifier@.com

logging recipient-address @.com level errors

logging recipient-address @.com level errors

logging host inside 10.8.x.x

mtu inside 1500

mtu outside 1500

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

global (outside) 1 50.x.x.x netmask 255.0.0.0

nat (inside) 0 access-list NONAT

nat (inside) 1 0.0.0.0 0.0.0.0

static (inside,outside) Mail_INet Mail netmask 255.255.255.255

static (inside,outside) Columbia_Inet Columbia netmask 255.255.255.255

static (inside,outside) SPAM_Inet SPAM netmask 255.255.255.255

static (inside,outside) VPN_Inet VPN netmask 255.255.255.255

static (inside,outside) Intertel_HQ_INet InterTel_HQ netmask 255.255.255.255

static (inside,outside) Intertel_CASL_INet Intertel_CASL netmask 255.255.255.255

static (inside,outside) Tyco_CASL_INet Tyco_CASL netmask 255.255.255.255

access-group inside_access_in in interface inside control-plane

access-group outside_access_in in interface outside

route outside 0.0.0.0 0.0.0.0 50.x.x.x 1

route inside _Subnet 255.255.255.0 10.8.x.xx.x 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

dynamic-access-policy-record DfltAccessPolicy

http server enable

http 192.168.1.0 255.255.255.0 inside

http 10.8.x.x 255.255.254.0 inside

http _Subnet 255.255.255.0 inside

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

sysopt noproxyarp inside

crypto ipsec security-association lifetime seconds 28800

crypto ipsec security-association lifetime kilobytes 4608000

telnet _Subnet 255.255.255.0 inside

telnet 10.8.x.x 255.255.254.0 inside

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd auto_config outside

!

threat-detection basic-threat

threat-detection statistics access-list

threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200

ntp server 129.6.15.30 source outside prefer

ntp server 64.236.96.53

webvpn

!

class-map STATEBYPASS

 match access-list STATEBYPASS

class-map inspection_default

!

!

policy-map type inspect dns preset_dns_map

 parameters

  message-length maximum client auto

  message-length maximum 512

policy-map global_policy

 class inspection_default

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect icmp

  inspect ip-options

  inspect ipsec-pass-thru

  inspect netbios

  inspect rsh

  inspect rtsp

  inspect sip 

  inspect skinny 

  inspect sqlnet

  inspect sunrpc

  inspect tftp

  inspect xdmcp

  inspect dns preset_dns_map

policy-map STATEBYPASS

 class STATEBYPASS

  set connection advanced-options tcp-state-bypass

!

service-policy global_policy global

service-policy STATEBYPASS interface inside

smtp-server 10.8.x.x

prompt hostname context

no call-home reporting anonymous

Cryptochecksum:

: end

packet tracer

Phase: 1
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 outside

Phase: 2
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:

Phase: 3
Type: NAT
Subtype:
Result: DROP
Config:
nat (inside) 1 0.0.0.0 0.0.0.0
match ip inside any outside any
dynamic translation to pool 1 (50.x.x.x)
translate_hits = 3479191, untranslate_hits = 326104
Additional Information:

Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule

The command that fails is:

packet-tracer input in rawip 10.8.0.60 22 159.142.255.82

If I run the following command it passes with the added output:

packet-tracer input in tcp 10.8.0.60 22 159.142.255.82 22 

Phase: 1
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 outside

Phase: 2
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:

Phase: 3
Type: NAT
Subtype:
Result: ALLOW
Config:
nat (inside) 1 0.0.0.0 0.0.0.0
match ip inside any outside any
dynamic translation to pool 1 (50.x.x.x)
translate_hits = 4459857, untranslate_hits = 442317
Additional Information:
Dynamic translate 10.8.0.60/22 to 50.x.x.x/21 using netmask 255.255.255.255

Phase: 4
Type: NAT
Subtype: host-limits
Result: ALLOW
Config:
nat (inside) 1 0.0.0.0 0.0.0.0
match ip inside any inside any
dynamic translation to pool 1 (No matching global)
translate_hits = 2, untranslate_hits = 0
Additional Information:

Phase: 5
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:

Phase: 6
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 77555137, packet dispatched to next module

Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: allow

This alos fails:

Result of the command: "packet-tracer input out tcp 10.8.0.60 22 159.142.255.82 22"

Phase: 1
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
MAC Access list

Phase: 2
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 outside

Phase: 3
Type: ACCESS-LIST
Subtype:
Result: DROP
Config:
Implicit Rule
Additional Information:

Result:
input-interface: outside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule

I added this to the config as I thought it may have been the issue but it didn't help.

class-map inspection_default
match default-inspection-traffic