Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Portmap translation creation failed

Hello,

We are getting a lot of these messages on our ASA all of the sudden.  I have not made any changes to it in a while, so I don't think that I did anything to cause this.

We are running version 9.1.1 right now and I have not had any trouble with it until now.

Any ideas?

Dan.

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51516|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51516 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51515|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51515 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51514|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51514 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51512|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51512 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51510|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51510 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51511|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51511 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51509|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51509 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|59412|173.194.43.97|443|portmap translation creation failed for tcp src inside:10.10.10.46/59412 dst outside:173.194.43.97/443

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51501|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51501 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51500|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51500 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51497|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51497 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51496|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51496 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51494|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51494 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51491|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51491 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51486|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51486 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51483|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51483 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51481|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51481 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51482|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51482 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51480|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51480 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51479|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51479 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51477|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51477 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51478|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51478 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51476|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51476 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51475|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51475 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51474|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51474 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51471|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51471 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|58026|173.194.43.79|443|portmap translation creation failed for tcp src inside:10.10.10.46/58026 dst outside:173.194.43.79/443

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51469|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51469 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51466|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51466 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51465|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51465 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51540|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51540 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51539|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51539 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51538|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51538 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51537|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51537 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51536|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51536 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51535|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51535 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51534|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51534 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51530|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51530 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:29|305006|10.10.10.46|51529|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51529 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51516|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51516 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51515|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51515 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51514|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51514 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|49238|208.85.144.199|80|portmap translation creation failed for tcp src inside:10.10.10.46/49238 dst outside:208.85.144.199/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51512|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51512 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51511|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51511 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51510|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51510 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51509|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51509 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51501|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51501 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51500|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51500 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51497|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51497 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51496|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51496 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|58747|50.18.125.63|80|portmap translation creation failed for tcp src inside:10.10.10.46/58747 dst outside:50.18.125.63/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51494|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51494 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51491|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51491 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51486|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51486 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51483|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51483 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51482|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51482 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51481|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51481 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51479|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51479 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51480|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51480 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51478|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51478 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51477|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51477 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51476|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51476 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51475|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51475 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|58747|74.119.118.100|80|portmap translation creation failed for tcp src inside:10.10.10.46/58747 dst outside:74.119.118.100/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51474|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51474 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51471|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51471 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|50825|173.194.33.32|443|portmap translation creation failed for tcp src inside:10.10.10.46/50825 dst outside:173.194.33.32/443

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51469|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51469 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51466|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51466 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51465|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51465 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51258|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51258 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51257|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51257 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.7.184.149|50701|192.237.150.44|5222|portmap translation creation failed for tcp src inside:10.7.184.149/50701 dst outside:192.237.150.44/5222

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51255|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51255 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|51476|74.125.142.95|80|portmap translation creation failed for tcp src inside:10.10.10.46/51476 dst outside:74.125.142.95/80

3|Dec 10 2013|11:45:28|305006|10.10.10.46|58531|74.125.129.94|443|portmap translation creation failed for tcp src inside:10.10.10.46/58531 dst outside:74.125.129.94/443

3|Dec 10 2013|11:45:28|305006|10.10.10.46|59510|74.125.129.99|443|portmap translation creation failed for tcp src inside:10.10.10.46/59510 dst outside:74.125.129.99/443

3|Dec 10 2013|11:45:27|305006|10.10.10.46|51200|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51200 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:27|305006|10.10.10.46|51199|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51199 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:27|305006|10.10.10.46|49238|208.85.144.199|80|portmap translation creation failed for tcp src inside:10.10.10.46/49238 dst outside:208.85.144.199/80

3|Dec 10 2013|11:45:27|305006|10.10.10.46|49358|173.194.33.32|443|portmap translation creation failed for tcp src inside:10.10.10.46/49358 dst outside:173.194.33.32/443

3|Dec 10 2013|11:45:27|305006|10.10.10.46|58747|50.18.125.63|80|portmap translation creation failed for tcp src inside:10.10.10.46/58747 dst outside:50.18.125.63/80

3|Dec 10 2013|11:45:27|305006|10.10.10.46|51126|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51126 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:27|305006|10.10.10.46|58525|50.18.125.63|80|portmap translation creation failed for tcp src inside:10.10.10.46/58525 dst outside:50.18.125.63/80

3|Dec 10 2013|11:45:27|305006|10.10.10.46|55600|216.115.104.242|80|portmap translation creation failed for tcp src inside:10.10.10.46/55600 dst outside:216.115.104.242/80

3|Dec 10 2013|11:45:27|305006|10.10.10.46|51475|199.212.24.141|80|portmap translation creation failed for tcp src inside:10.10.10.46/51475 dst outside:199.212.24.141/80

3|Dec 10 2013|11:45:27|305006|10.10.10.46|57848|74.125.226.111|443|portmap translation creation failed for tcp src inside:10.10.10.46/57848 dst outside:74.125.226.111/443

3|Dec 10 2013|11:45:27|305006|10.10.10.46|51522|173.194.33.32|443|portmap translation creation failed for tcp src inside:10.10.10.46/51522 dst outside:173.194.33.32/443

3|Dec 10 2013|11:45:27|305006|10.10.10.46|51508|173.194.33.32|443|portmap translation creation failed for tcp src inside:10.10.10.46/51508 dst outside:173.194.33.32/443

3|Dec 10 2013|11:45:27|305006|10.10.10.46|58026|173.194.43.79|443|portmap translation creation failed for tcp src inside:10.10.10.46/58026 dst outside:173.194.43.79/443

3|Dec 10 2013|11:45:27|305006|10.10.10.46|51258|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51258 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:27|305006|10.10.10.46|51257|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51257 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:27|305006|10.10.10.46|51255|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51255 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:27|305006|10.10.10.46|58531|74.125.129.94|443|portmap translation creation failed for tcp src inside:10.10.10.46/58531 dst outside:74.125.129.94/443

3|Dec 10 2013|11:45:26|305006|10.10.10.46|51200|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51200 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:26|305006|10.10.10.46|51199|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51199 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:26|305006|10.10.10.46|50954|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50954 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:26|305006|10.10.10.46|51126|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51126 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:26|305006|10.10.10.46|58525|50.18.125.63|80|portmap translation creation failed for tcp src inside:10.10.10.46/58525 dst outside:50.18.125.63/80

3|Dec 10 2013|11:45:26|305006|10.10.10.46|58026|173.194.43.79|443|portmap translation creation failed for tcp src inside:10.10.10.46/58026 dst outside:173.194.43.79/443

3|Dec 10 2013|11:45:26|305006|10.10.10.46|50827|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50827 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:26|305006|10.10.10.46|50828|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50828 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:26|305006|10.10.10.46|50826|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50826 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:26|305006|10.10.10.46|50822|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50822 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:26|305006|10.10.10.46|50815|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50815 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50804|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50804 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50803|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50803 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50798|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50798 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50794|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50794 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50776|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50776 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50774|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50774 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50772|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50772 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50769|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50769 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50954|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50954 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.7.184.149|50701|192.237.150.44|5222|portmap translation creation failed for tcp src inside:10.7.184.149/50701 dst outside:192.237.150.44/5222

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50739|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50739 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|55600|216.115.104.242|80|portmap translation creation failed for tcp src inside:10.10.10.46/55600 dst outside:216.115.104.242/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|51475|199.212.24.141|80|portmap translation creation failed for tcp src inside:10.10.10.46/51475 dst outside:199.212.24.141/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|57848|74.125.226.111|443|portmap translation creation failed for tcp src inside:10.10.10.46/57848 dst outside:74.125.226.111/443

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50718|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50718 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50717|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50717 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|51522|173.194.33.32|443|portmap translation creation failed for tcp src inside:10.10.10.46/51522 dst outside:173.194.33.32/443

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50694|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50694 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|51508|173.194.33.32|443|portmap translation creation failed for tcp src inside:10.10.10.46/51508 dst outside:173.194.33.32/443

3|Dec 10 2013|11:45:25|305006|10.10.10.46|57573|23.201.7.88|443|portmap translation creation failed for tcp src inside:10.10.10.46/57573 dst outside:23.201.7.88/443

3|Dec 10 2013|11:45:25|305006|10.10.10.46|57571|23.201.7.88|443|portmap translation creation failed for tcp src inside:10.10.10.46/57571 dst outside:23.201.7.88/443

3|Dec 10 2013|11:45:25|305006|10.10.10.46|57572|23.201.7.88|443|portmap translation creation failed for tcp src inside:10.10.10.46/57572 dst outside:23.201.7.88/443

3|Dec 10 2013|11:45:25|305006|10.10.10.46|57570|23.201.7.88|443|portmap translation creation failed for tcp src inside:10.10.10.46/57570 dst outside:23.201.7.88/443

3|Dec 10 2013|11:45:25|305006|10.10.10.46|57569|23.201.7.88|443|portmap translation creation failed for tcp src inside:10.10.10.46/57569 dst outside:23.201.7.88/443

3|Dec 10 2013|11:45:25|305006|10.10.10.46|57567|23.201.7.88|443|portmap translation creation failed for tcp src inside:10.10.10.46/57567 dst outside:23.201.7.88/443

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50701|157.238.74.232|443|portmap translation creation failed for tcp src inside:10.10.10.46/50701 dst outside:157.238.74.232/443

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50828|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50828 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50827|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50827 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50826|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50826 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50822|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50822 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:25|305006|10.10.10.46|50815|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50815 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50804|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50804 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50803|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50803 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.7.184.149|50701|192.237.150.44|5222|portmap translation creation failed for tcp src inside:10.7.184.149/50701 dst outside:192.237.150.44/5222

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50798|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50798 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50794|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50794 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.7.184.149|50701|192.237.150.44|5222|portmap translation creation failed for tcp src inside:10.7.184.149/50701 dst outside:192.237.150.44/5222

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50776|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50776 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50774|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50774 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50772|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50772 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|57702|208.80.154.234|80|portmap translation creation failed for tcp src inside:10.10.10.46/57702 dst outside:208.80.154.234/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50769|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50769 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50739|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50739 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|55600|216.115.104.242|80|portmap translation creation failed for tcp src inside:10.10.10.46/55600 dst outside:216.115.104.242/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|51475|199.212.24.141|80|portmap translation creation failed for tcp src inside:10.10.10.46/51475 dst outside:199.212.24.141/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|51530|173.194.43.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/51530 dst outside:173.194.43.103/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|57848|74.125.226.111|443|portmap translation creation failed for tcp src inside:10.10.10.46/57848 dst outside:74.125.226.111/443

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50718|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50718 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50717|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50717 dst outside:69.64.36.103/80

3|Dec 10 2013|11:45:24|305006|10.7.184.92|58525|74.125.226.126|443|portmap translation creation failed for tcp src inside:10.7.184.92/58525 dst outside:74.125.226.126/443

3|Dec 10 2013|11:45:24|305006|10.7.184.149|50701|192.237.150.44|5222|portmap translation creation failed for tcp src inside:10.7.184.149/50701 dst outside:192.237.150.44/5222

3|Dec 10 2013|11:45:24|305006|10.10.10.46|51539|204.93.46.163|80|portmap translation creation failed for tcp src inside:10.10.10.46/51539 dst outside:204.93.46.163/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|58747|74.119.118.100|80|portmap translation creation failed for tcp src inside:10.10.10.46/58747 dst outside:74.119.118.100/80

3|Dec 10 2013|11:45:24|305006|10.10.10.46|50416|69.64.36.103|80|portmap translation creation failed for tcp src inside:10.10.10.46/50416 dst outside:69.64.36.103/80

10 REPLIES
Super Bronze

Portmap translation creation failed

Hi,

You could start by testing one of these connection attempts with "packet-tracer"

packet-tracer input inside tcp 10.10.10.46 50416 69.64.36.103 80

I did run into a wierd bug on 8.4 software just a week ago. We used Dynamic NAT Pool + PAT for multiple LAN networks. It suddenly stopped working and generating this message. It almost seemed that the ASA stopped using the PAT IP address and acted as if it only had the NAT Pool which had run out.

- Jouni

New Member

Portmap translation creation failed

Jouni,

I was just testing some things with packet tracer and I think I have found that the source ports in the list above give the error.  If I do a packet tracer test and change to a different source port it works fine.

The last option the packet tracer stops at is IP-OPTIONS and I get the following error message:

(nat-cluster-unassigned-pool) NAT unassigned pool in cluster

But if I change the source port to something that is not in the list it works....so it seems as if certain source ports are having issues?

Dan.

New Member

Portmap translation creation failed

I checked the pat pool as well, and it also looks fine.

TCP PAT pool outside:2-67.70, address 222.222.67.70, range 512-1023, allocated 0

TCP PAT pool outside:2-67.70, address 222.222.67.70, range 1024-65535, allocated 11196

But it seems as if certain source ports are causing the portmat translation error according to the packet tracer.

Any ideas?

Dan.

New Member

Re: Portmap translation creation failed

I've experienced several nat bugs in cisco 9.x firmwares. Is it possible to reboot the device you are working on?

Sent from Cisco Technical Support iPhone App

Please rate as helpful, if that would be the case. Thanx
New Member

Portmap translation creation failed

I could do that, but I guess I would never find out what the problem is.....

I think I might do an upgrade to 9.1.4.

New Member

Re: Portmap translation creation failed

I know what youre saying. Not long ago i researched a problem for two weeks and it turned out to be a bug.

If a reboot resolves the problem It will prob. be a bug. If not, try to change firmware.

Sent from Cisco Technical Support iPhone App

Please rate as helpful, if that would be the case. Thanx
New Member

Portmap translation creation failed

Ok, I will try that.  Are there any major know issues with 9.1.4? 

New Member

Portmap translation creation failed

This is exactly what I am getting:

https://tools.cisco.com/bugsearch/bug/CSCtx61116

Unfortunately clearing the xlates doesn't seem to fix it.

New Member

Portmap translation creation failed

I was mistaken, clearing the xlate does fix the problem....

If I have a "portmap translation creation failed" message show up in the log, and lets says its port 56650.  If I go to do a packet tracer test using that source port it will fail.  If I then clear the xlates and run the same packet tracer test, the test is successful.

So I most defenetely have the bug that I just posted running on 9.1.1.  I have not tried a reboot or upgrade to 9.1.4 yet.

New Member

Portmap translation creation failed

Ok, so I did the upgrade to 9.1.4 last night, reloaded the asa, and the problem still persists.

Would anyone have time to look at my config?

ASA Version 9.1(4)

!

names

dns-guard

ip local pool VPN-L2TP-IPSEC-POOL 10.250.0.4-10.250.0.62 mask 255.255.255.192

!

interface GigabitEthernet0/0

nameif inside

security-level 100

ip address 10.10.10.10 255.255.255.252

!

interface GigabitEthernet0/1

nameif inside2

security-level 100

ip address 10.10.10.30 255.255.255.252

!

interface GigabitEthernet0/2

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/3

nameif outside

security-level 0

ip address 222.222.67.66 255.255.255.192

!

interface Management0/0

shutdown

nameif management

security-level 100

no ip address

!

regex Torrent-Info_Hash "[Ii][Nn][Ff][Oo][_][Hh][Aa][Ss][Hh]="

regex youtube "\.youtube\.com"

regex dropbox "[Dd][Rr][Oo][Pp][Bb][Oo][Xx]"

!

time-range Temp

absolute end 10:57 26 March 2012

!

boot system disk0:/asa914-k8.bin

boot system disk0:/asa911-k8.bin

boot system disk0:/asa844-1-k8.bin

ftp mode passive

clock timezone CST -6

clock summer-time CDT recurring

dns domain-lookup inside

dns server-group DefaultDNS

name-server 172.16.0.102

name-server 172.16.0.101

domain-name gvvs.ca

same-security-traffic permit inter-interface

same-security-traffic permit intra-interface

object network 10.20.10.1

host 10.20.10.1

description Astaro Web Filter  

object network 172.16.0.0

range 172.16.0.0 172.16.254.254

description Data Network  

object network 192.168.0.0

subnet 192.168.0.0 255.255.0.0

object network 10.10.10.1

host 10.10.10.1

description 2921-gw-div-1

object network 10.10.10.9

host 10.10.10.9

description 2921-gw-div-1

object network VPN-Subnet

subnet 10.250.0.0 255.255.255.192

description VPN Subnet for Remote Users - Note OUTSIDE to OUTSIDE Translation

object network 172.16.187.0

subnet 172.16.187.0 255.255.255.0

description GVC Wifi  

object network 10.7.0.0

subnet 10.7.0.0 255.255.0.0

description Guest Network  

object network 10.10.10.46

host 10.10.10.46

description astarogw  

object network Tec_Network

subnet 10.11.0.0 255.255.0.0

description gvvs I.T Network

object network 10.11.200.0

subnet 10.11.200.0 255.255.255.0

description DO I.T Network

object network isp-67.75

host 222.222.67.75

description isp-67.75

object network helpdesk.gvvs.ca

host 10.5.0.125

description Helpdesk Server for HTTP site

object network isp-67.123

host 222.222.67.123

object network 10.5.0.0

subnet 10.5.0.0 255.255.0.0

description gvvs Server Network

object network intermapper.gvvs.ca

host 10.5.0.150

description intermapper.gvvs.ca

object network isp-67.120

host 222.222.67.120

object network isp-67.105

host 222.222.67.105

object network isp-67.106

host 222.222.67.106

object network isp-67.116

host 222.222.67.116

object network isp-67.117

host 222.222.67.117

object network isp-67.118

host 222.222.67.118

object network isp-67.121

host 222.222.67.121

object network isp-67.122

host 222.222.67.122

object network isp-67.95

host 222.222.67.95

object network isp-67.99

host 222.222.67.99

object network isp-67.68

host 222.222.67.68

object network isp-67.69

host 222.222.67.69

object network isp-67.70

host 222.222.67.70

object network isp-67.71

host 222.222.67.71

object network 172.16.187.22

host 172.16.187.22

description GVC Test Host

object network library.gvvs.ca

host 10.5.0.85

description Library Server

object network netstorage.gvvs.ca

host 10.5.0.35

description Netstorage server

object network sme.gvvs.ca

host 10.5.0.86

description Sucess Maker Server

object network vibe.gvvs.ca

host 10.5.0.27

description Vibe Server

object network mobilesync.gvvs.ca

host 10.5.0.32

description Mobilesync Server

object network powerschool.gvvs.ca

host 10.5.0.181

description PowerSchool Application Server

object service powerschool-5071-source

service tcp source eq 5071

object service powerschool-7880-destination

service tcp destination eq 7880

object service powerschool-7980-source

service tcp source eq 7980

object network astaro-mail

host 10.30.10.2

object service http-81-source

service tcp source eq 81

object service http-82-source

service tcp source eq 82

object service http-83-source

service tcp source eq 83

object service http-84-source

service tcp source eq 84

object service http-85-source

service tcp source eq 85

object network isp-67.77

host 222.222.67.77

object network Dans-House

subnet 192.168.75.0 255.255.255.0

object service http-proxy

service tcp source eq 8080

object service http-proxy-2

service tcp destination eq 8080

object service http-8080

service tcp source eq 8080

object service www

service tcp source eq www

object network web03.gvvs.ca

host 10.5.0.13

object service https

service tcp source eq https

object service powerschool-5071-destination

service tcp destination eq 5071

object service powerschool-7880-source

service tcp source eq 7880

object service powerschool-7980-destination

service tcp destination eq 7980

object service smtp-source

service tcp source eq smtp

object service ftp

service tcp source eq ftp

object service ftp-data

service tcp source eq ftp-data

object service domain

service tcp source eq domain

object network web05.gvvs.ca

host 10.5.0.115

object network isp-67.100

host 222.222.67.100

object network web01.gvvs.ca

host 10.5.0.110

object network bvs-printers

subnet 172.16.88.0 255.255.255.224

description bvs-printers

object network do-printers

subnet 172.16.200.0 255.255.255.224

description do-printers

object network ecs-printers

subnet 172.16.56.0 255.255.255.224

description ecs-printers

object network gvc-printers

subnet 172.16.184.0 255.255.255.224

description gvc-printers

object network jrw-printers

subnet 172.16.40.0 255.255.255.224

description jrw-printers

object network pcs-printers

subnet 172.16.104.0 255.255.255.224

description pcs-printers

object network pds-printers

subnet 172.16.80.0 255.255.255.224

description pds-printers

object network pls-printers

subnet 172.16.8.0 255.255.255.224

description pls-printers

object network swd-printers

subnet 172.16.72.0 255.255.255.224

description swd-printers

object network wes-printers

subnet 172.16.24.0 255.255.255.224

description wes-printers

object network Bellamy

host 67.210.214.20

object service printing-9000-9300-bellamy

service tcp destination range 9000 9300

description Printing from Bellamy

object service 9100-Printing-Source

service tcp source eq 9100

object service printing-pls-9008

service tcp source eq 9008

object service printing-wes-9024

service tcp source eq 9024

object service printing-bvs-9088

service tcp source eq 9088

object service printing-do-0-9200

service tcp source eq 9200

object service printing-do-1-9201

service tcp source eq 9201

object service printing-do-2-9202

service tcp source eq 9202

object service printing-do-3-9203

service tcp source eq 9203

object service printing-do-4-9204

service tcp source eq 9204

object service printing-ecs-9056

service tcp source eq 9056

object service printing-gvc-9184

service tcp source eq 9184

object service printing-jrw-9040

service tcp source eq 9040

object service printing-pcs-9104

service tcp source eq 9104

object service printing-pds-9080

service tcp source eq 9080

object service printing-swd-9072

service tcp source eq 9072

object network bvs-ricoh_mp_1515

host 172.16.88.11

object network do-hp_3035

host 172.16.200.13

object network do-hp_3530_operations

host 172.16.200.14

object network do-hp_4050_finance

host 172.16.200.16

object network do-hp_4540_finance

host 172.16.200.15

object network do-xerox_460

host 172.16.200.11

object network ecs-ricoh_1515

host 172.16.56.16

object network gvc-hp_4050

host 172.16.184.16

object network jrw-ricoh_mp_161

host 172.16.40.11

object network pcs-saa-hp401

host 172.16.104.17

object network pds-ricoh_mp_6001

host 172.16.80.11

object network pls-ricoh_mp_161

host 172.16.8.17

object network swd-hp_4200

host 172.16.72.11

object network wes-ricoh_mp_171

host 172.16.24.20

object network gvvs-Alarm-Panels

subnet 10.16.0.0 255.255.0.0

object network Waynes-House

subnet 192.168.76.0 255.255.255.0

object network Richard-Chris-House

subnet 192.168.77.0 255.255.255.0

object network ecs-ddc

host 192.168.56.10

object network gvc-east-ddc

host 192.168.184.15

object network isp-67.119

host 222.222.67.119

object network pds-ddc

host 192.168.80.11

object network swd-ddc

host 192.168.72.10

object service pptp-source

service tcp source eq pptp

object network isp-67.98

host 222.222.67.98

object network groupwise1.gvvs.ca

host 10.5.0.20

object network groupwise2.gvvs.ca

host 10.5.0.21

object network isp-67.104

host 222.222.67.104

object service groupwise-client-destination

service tcp destination eq 1677

object service groupwise-client-source

service tcp source eq 1677

object service imap-source

service tcp source eq imap4

object service groupwise-client-udp-source

service udp source eq 1677

object service groupwise-messenger-source

service tcp source eq 8300

object service groupwise-client-udp-destination

service udp destination eq 1677

object service groupwise-messenger-destination

service tcp destination eq 8300

object network ddc.gvvs.ca

host 10.5.0.84

object service vnc-source

service tcp source eq 5800

object service vnc-destination

service tcp destination eq 5800

object service vnc2-destination

service tcp destination eq 5900

object service vnc2-source

service tcp source eq 5900

object network pds-eeed

host 192.168.80.100

object network gvc-tec-class

subnet 172.20.0.0 255.255.255.0

object network gvc-tech-class-web-server

host 172.20.0.2

object network destiny.gvvs.ca

host 10.5.0.89

object network Destiny-Corp-1

host 12.171.92.2

object network Destiny-Corp-2

host 12.47.12.130

object network Destiny-Corp-3

host 12.107.106.100

object service rdp-destination

service tcp destination eq 3389

object service rdp-source

service tcp source eq 3389

object network dmp.gvvs.ca

host 10.5.0.82

description Alarm MGMT Server

object service alarm-mgmt-2001-destination

service tcp destination eq 2001

object service alarm-mgmt-2001-source

service tcp source eq 2001

object network jrw-alarm-panel

host 10.16.40.10

object network MTS-1

subnet 142.16.0.0 255.255.0.0

object network MTS-2

subnet 206.45.0.0 255.255.0.0

object network MTS-3

subnet 216.55.0.0 255.255.0.0

object network MTS-4

subnet 204.112.0.0 255.255.0.0

object network pds-alarm-panel

host 10.16.80.10

object network gvc-east-alarm-panel

host 10.16.184.11

object network Walters-House

subnet 192.168.78.0 255.255.255.0

object network EDW-Data-Vlan

subnet 172.16.111.0 255.255.255.0

object network ICS

host 205.200.6.128

object network qagraphics

host 67.41.108.251

object network gvvs-MGMT-Network

subnet 10.4.0.0 255.255.0.0

object network Chris

host 10.11.200.238

object network temp-winnipeg-tech

host 198.163.7.11

object network dev.powerschool.gvvs.ca

host 10.5.0.183

description Powerschool development server

object network isp-67.107

host 222.222.67.107

object service ssh-destination

service tcp destination eq ssh

object service ssh-source

service tcp source eq ssh

object network Backup-Server

host 10.244.0.10

object service http-source

service tcp source eq www

object network destiny-follet-shelf-search-server

host 12.171.92.2

object service destiny-follet-shelf-search-destination

service tcp destination eq 7777

object service destiny-follet-shelf-search-source

service tcp source eq 7777

object network Matts-House

subnet 192.168.79.0 255.255.255.0

object network gvc-surveillance-network

subnet 10.184.14.0 255.255.255.0

object network bvs-security-building-network

subnet 10.88.15.0 255.255.255.0

object network do-security-building-network

subnet 10.200.19.0 255.255.255.0

object network ecs-security-building-network

subnet 10.56.19.0 255.255.255.0

object network gvc-security-building-network

subnet 10.184.19.0 255.255.255.0

object network jrw-security-building-network

subnet 10.24.19.0 255.255.255.0

object network pcs-security-building-network

subnet 10.104.15.0 255.255.255.0

object network pds-security-building-network

subnet 10.80.19.0 255.255.255.0

object network pls-security-building-network

subnet 10.16.19.0 255.255.255.0

object network swd-security-building-network

subnet 10.72.19.0 255.255.255.0

object network wes-security-building-network

subnet 10.24.19.0 255.255.255.0

object network Sophos-UTM-Mgmt

host 10.5.5.44

object network sophos-support-1

host 209.139.197.120

object service sophos-utm-mgmt-port-destination

service tcp destination eq 4444

object service sophos-utm-mgmt-port-source

service tcp source eq 4444

object network sophos-support-2

subnet 207.190.231.64 255.255.255.224

object network sophos-support-3

subnet 92.198.130.128 255.255.255.192

object network gvc-gvvs-staff-byod

subnet 10.184.36.0 255.255.255.0

object network sophos-support-4

host 216.47.234.133

object network mdm1.gvvs.ca

host 10.5.0.71

object network isp-67.108

host 222.222.67.108

object network Filter-Router

subnet 10.10.10.24 255.255.255.252

object network Filter-Router-Test-Machine

subnet 10.10.10.28 255.255.255.252

object network Filter-Astaro

host 10.10.10.18

object network DO-Guest

subnet 10.7.200.0 255.255.255.0

object network isp-67.115

host 222.222.67.115

object network do-gvvs-staff-byod

subnet 10.200.36.0 255.255.255.0

object network tec-shop-security-building-network

subnet 10.192.19.0 255.255.255.0

object network streaming.gvvs.ca

host 10.5.0.112

object service streaming-1935-destination

service tcp destination eq 1935

object service streaming-1935-source

service tcp source eq 1935

object network isp-222.222.79.138

host 222.222.79.138

description IP SLA Router

object network isp-67.66

host 222.222.67.66

object network isp-222.222.79.35

host 222.222.79.35

description IP SLA Router

object network filr1.gvvs.ca

host 10.5.0.131

object network filrmysql.gvvs.ca

host 10.5.0.68

object network filrsearch.gvvs.ca

host 10.5.0.69

object network isp-67.114

host 222.222.67.114

object service filr-8443-destination

service tcp destination eq 8443

object service filr-8443-source

service tcp source eq 8443

object service filr-9443-destination

service tcp destination eq 9443

object service filr-9443-source

service tcp source eq 9443

object network Network-10.0.0.0

subnet 10.0.0.0 255.0.0.0

object network Network-172.16.0.0

subnet 172.16.0.0 255.255.0.0

object network Network-192.168.0.0

subnet 192.168.0.0 255.255.0.0

object network gvc-tech-class-mindcraft-server

host 172.20.0.10

object service mindcraft-25565-destination

service tcp destination eq 25565

object service mindcraft-25565-source

service tcp source eq 25565

object network npc-gvvs-it

subnet 10.168.20.0 255.255.255.0

object network npc-student-network

subnet 10.168.24.0 255.255.248.0

object network filr2.gvvs.ca

host 10.5.0.132

object network ECS-TEC-Network

subnet 10.56.20.0 255.255.255.0

object network PDS-TEC-Network

subnet 10.80.20.0 255.255.255.0

object network npc-security-building-network

subnet 10.168.15.0 255.255.255.0

object network npc-security-panel

host 10.168.15.11

object network npc-gvvs-staff-byod

subnet 10.168.36.0 255.255.255.0

object network Enterprise

host 10.11.200.4

object network do-gvvs-staff

subnet 10.200.32.0 255.255.255.0

object network bvs-gvvs-staff

subnet 10.88.32.0 255.255.255.0

object network bvs-gvvs-staff-byod

subnet 10.88.36.0 255.255.255.0

object network ecs-gvvs-staff

subnet 10.56.32.0 255.255.255.0

object network ecs-gvvs-staff-byod

subnet 10.56.36.0 255.255.255.0

object network gvc-gvvs-staff

subnet 10.184.32.0 255.255.255.0

object network jrw-gvvs-staff

subnet 10.40.32.0 255.255.255.0

object network jrw-gvvs-staff-byod

subnet 10.40.36.0 255.255.255.0

object network npc-gvvs-staff

subnet 10.168.32.0 255.255.255.0

object network pcs-gvvs-staff

subnet 10.104.32.0 255.255.255.0

object network pcs-gvvs-staff-byod

subnet 10.104.36.0 255.255.255.0

object network pds-gvvs-staff

subnet 10.80.32.0 255.255.255.0

object network pds-gvvs-staff-byod

subnet 10.80.36.0 255.255.255.0

object network pls-gvvs-staff

subnet 10.16.32.0 255.255.255.0

object network pls-gvvs-staff-byod

subnet 10.16.36.0 255.255.255.0

object network swd-gvvs-staff

subnet 10.72.32.0 255.255.255.0

object network swd-gvvs-staff-byod

subnet 10.72.36.0 255.255.255.0

object network wes-gvvs-staff

subnet 10.24.32.0 255.255.255.0

object network wes-gvvs-staff-byod

subnet 10.24.36.0 255.255.255.0

object network npc-customer

subnet 10.168.21.0 255.255.255.0

object network gvctec-gvvs-staff

subnet 10.192.32.0 255.255.255.0

object network gvctec-gvvs-staff-byod

subnet 10.192.36.0 255.255.255.0

object network bvs-gvvs-it

subnet 10.88.20.0 255.255.255.0

object network ecs-gvvs-it

subnet 10.56.20.0 255.255.255.0

object network gvc-gvvs-it

subnet 10.184.20.0 255.255.255.0

object network jrw-gvvs-it

subnet 10.40.20.0 255.255.255.0

object network pcs-gvvs-it

subnet 10.104.20.0 255.255.255.0

object network pds-gvvs-it

subnet 10.80.20.0 255.255.255.0

object network pls-gvvs-it

subnet 10.16.20.0 255.255.255.0

object network swd-gvvs-it

subnet 10.72.20.0 255.255.255.0

object network tec-gvvs-it

subnet 10.192.20.0 255.255.255.0

object network wes-gvvs-it

subnet 10.24.20.0 255.255.255.0

object network npc-surveillance-network

subnet 10.168.13.0 255.255.255.0

object network Development-Server-Network

subnet 10.5.6.0 255.255.255.0

object network do-gvvs-it

subnet 10.200.20.0 255.255.255.0

object network NETWORK_OBJ_10.250.0.0_26

subnet 10.250.0.0 255.255.255.192

object-group service ff-system udp

description ff system management

port-object eq 1091

object-group service http-81-1 tcp

port-object eq 81

object-group network printers

description All gvvs printers and copiers

network-object object bvs-printers

network-object object do-printers

network-object object ecs-printers

network-object object gvc-printers

network-object object jrw-printers

network-object object pcs-printers

network-object object pds-printers

network-object object pls-printers

network-object object swd-printers

network-object object wes-printers

object-group service DM_INLINE_SERVICE_2

service-object object powerschool-5071-destination

service-object object powerschool-7880-destination

service-object object powerschool-7980-destination

service-object tcp destination eq www

object-group network DM_INLINE_NETWORK_1

network-object object bvs-ricoh_mp_1515

network-object object do-hp_3035

network-object object do-hp_3530_operations

network-object object do-hp_4050_finance

network-object object do-hp_4540_finance

network-object object do-xerox_460

network-object object ecs-ricoh_1515

network-object object gvc-hp_4050

network-object object jrw-ricoh_mp_161

network-object object pds-ricoh_mp_6001

network-object object pls-ricoh_mp_161

network-object object swd-hp_4200

network-object object wes-ricoh_mp_171

network-object object pcs-saa-hp401

object-group network DM_INLINE_NETWORK_2

network-object object ecs-ddc

network-object object gvc-east-ddc

network-object object pds-ddc

network-object object swd-ddc

object-group service DM_INLINE_SERVICE_1

service-object object groupwise-client-destination

service-object tcp destination eq www

service-object tcp destination eq imap4

service-object object groupwise-client-udp-destination

service-object object groupwise-messenger-destination

object-group service DM_INLINE_SERVICE_3

service-object tcp destination eq www

service-object object ssh-destination

service-object tcp destination eq https

object-group network MTS

description Local ip address for mts users.

network-object object MTS-1

network-object object MTS-2

network-object object MTS-3

network-object object MTS-4

object-group network DM_INLINE_NETWORK_4

group-object MTS

network-object object MTS-1

network-object object MTS-2

network-object object MTS-3

network-object object MTS-4

network-object object qagraphics

object-group network DM_INLINE_NETWORK_5

group-object MTS

network-object object MTS-1

network-object object MTS-2

network-object object MTS-3

network-object object MTS-4

network-object object qagraphics

object-group service DM_INLINE_SERVICE_4

service-object object powerschool-5071-destination

service-object object powerschool-7880-destination

service-object object powerschool-7980-destination

service-object tcp destination eq www

object-group network DM_INLINE_NETWORK_3

network-object object Destiny-Corp-1

network-object object Destiny-Corp-2

network-object object Destiny-Corp-3

object-group network Security-Building-Networks

description gvvs Security Panels & Building Automation

network-object object do-security-building-network

network-object object ecs-security-building-network

network-object object gvc-security-building-network

network-object object jrw-security-building-network

network-object object pds-security-building-network

network-object object pls-security-building-network

network-object object swd-security-building-network

network-object object wes-security-building-network

network-object object pcs-security-building-network

network-object object bvs-security-building-network

network-object object npc-security-building-network

object-group network DM_INLINE_NETWORK_6

network-object object sophos-support-1

network-object object MTS-3

network-object object sophos-support-2

network-object object sophos-support-3

network-object object sophos-support-4

object-group service DM_INLINE_SERVICE_5

service-object object sophos-utm-mgmt-port-destination

service-object object ssh-destination

object-group icmp-type DM_INLINE_ICMP_1

icmp-object time-exceeded

icmp-object timestamp-request

icmp-object unreachable

icmp-object echo-reply

object-group network gvvs-I.T.-Networks

network-object object ECS-TEC-Network

network-object object npc-gvvs-it

network-object object PDS-TEC-Network

object-group network All-Internal-Networks

network-object object Network-10.0.0.0

network-object object Network-172.16.0.0

network-object object Network-192.168.0.0

access-list outside_access_in extended deny icmp interface outside any echo-reply inactive

access-list outside_access_in remark Permit ping

access-list outside_access_in extended permit icmp any4 any4 object-group DM_INLINE_ICMP_1

access-list outside_access_in remark Web01 Server

access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_3 any4 object web01.gvvs.ca

access-list outside_access_in remark Web Streaming Server

access-list outside_access_in extended permit object streaming-1935-destination any4 object streaming.gvvs.ca

access-list outside_access_in remark Web access, client access, messenger, and imap

access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any4 object groupwise1.gvvs.ca

access-list outside_access_in remark Email filter

access-list outside_access_in extended permit tcp any4 object astaro-mail eq smtp

access-list outside_access_in remark Secure mobile email access

access-list outside_access_in extended permit tcp any4 object mobilesync.gvvs.ca eq https

access-list outside_access_in extended permit tcp any object filr2.gvvs.ca eq https

access-list outside_access_in extended permit object filr-8443-destination any object filr2.gvvs.ca

access-list outside_access_in extended permit object filr-9443-destination any object filr2.gvvs.ca

access-list outside_access_in remark Secure mobile email access

access-list outside_access_in extended permit tcp any4 object mdm1.gvvs.ca eq https

access-list outside_access_in remark PowerSchool website & Power Teacher

access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_2 any4 object powerschool.gvvs.ca

access-list outside_access_in remark Development PowerSchool website & Power Teacher

access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_4 any4 object dev.powerschool.gvvs.ca

access-list outside_access_in remark Netstorage website

access-list outside_access_in extended permit tcp any4 object netstorage.gvvs.ca eq https

access-list outside_access_in remark Helpdesk website

access-list outside_access_in extended permit tcp any4 object helpdesk.gvvs.ca eq www

access-list outside_access_in remark Library website

access-list outside_access_in extended permit tcp any4 object library.gvvs.ca eq www

access-list outside_access_in extended permit tcp any4 object destiny.gvvs.ca eq www

access-list outside_access_in remark Follet Shelf Search

access-list outside_access_in extended permit object destiny-follet-shelf-search-destination object destiny-follet-shelf-search-server object destiny.gvvs.ca

access-list outside_access_in remark RDP for the Destiny corporation

access-list outside_access_in extended permit object rdp-destination object-group DM_INLINE_NETWORK_3 object destiny.gvvs.ca inactive

access-list outside_access_in extended permit tcp any object sme.gvvs.ca eq www

access-list outside_access_in remark Secure web access to Vibe

access-list outside_access_in extended permit tcp any4 object vibe.gvvs.ca eq https

access-list outside_access_in remark Intermapper web server

access-list outside_access_in extended permit tcp any4 object intermapper.gvvs.ca eq www

access-list outside_access_in remark Printing from Bellamy servers to gvvs printer

access-list outside_access_in extended permit object printing-9000-9300-bellamy object Bellamy object-group DM_INLINE_NETWORK_1

access-list outside_access_in remark Building controls remote access

access-list outside_access_in extended permit tcp any4 object-group DM_INLINE_NETWORK_2 eq www

access-list outside_access_in remark Web and VNC access to ICS server

access-list outside_access_in extended permit tcp any4 object ddc.gvvs.ca eq www

access-list outside_access_in remark RDP Access to DDC Server

access-list outside_access_in extended permit object rdp-destination object ICS object ddc.gvvs.ca

access-list outside_access_in extended permit object rdp-destination object-group MTS object dmp.gvvs.ca

access-list outside_access_in remark Web access to tech class web server

access-list outside_access_in extended permit tcp any4 object gvc-tech-class-web-server eq www

access-list outside_access_in remark Mindcraft server for GVC tech class

access-list outside_access_in extended permit object mindcraft-25565-destination any4 object gvc-tech-class-mindcraft-server

access-list outside_access_in remark Temp

access-list outside_access_in extended permit object vnc-destination object-group DM_INLINE_NETWORK_4 object pds-eeed

access-list outside_access_in remark Temp

access-list outside_access_in extended permit object vnc2-destination object-group DM_INLINE_NETWORK_5 object pds-eeed

access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_5 object-group DM_INLINE_NETWORK_6 object Sophos-UTM-Mgmt

access-list outside_access_in extended permit object alarm-mgmt-2001-destination any4 object npc-security-panel inactive

access-list outside_access_in remark RDP Access to DDC Server

access-list outside_access_in extended permit object rdp-destination any object Enterprise inactive

access-list inside_access_in remark Block Denis Costa - GVC

access-list inside_access_in extended deny ip object 172.16.187.22 any4 inactive

access-list inside_access_in remark blsd - web accesss

access-list inside_access_in extended permit tcp object 10.7.0.0 any4 eq 88 inactive

access-list inside_access_in extended deny udp object 10.7.0.0 range 1 65535 any4 range 1 65535 inactive

access-list inside_access_in extended deny tcp object 10.7.0.0 range 1 65535 any4 range 1 65535 inactive

access-list inside_access_in extended deny ip object EDW-Data-Vlan any4 inactive

access-list inside_access_in extended permit ip any4 any4

access-list inside_access_out extended permit ip any4 any4

access-list outside_access_out extended permit ip any4 any4

access-list guest-network extended permit ip any4 object 10.7.0.0 inactive

access-list guest-network extended permit ip object 10.7.0.0 any4 inactive

access-list netflow-hosts extended permit ip any4 any4

access-list http-s extended permit tcp any4 any4 eq www inactive

access-list ipsec-vpn-routes standard permit 10.250.0.0 255.255.255.192

pager lines 24

logging enable

logging timestamp

logging trap warnings

logging asdm informational

logging facility 19

logging host inside 10.5.0.166

logging permit-hostdown

flow-export destination inside 10.5.0.151 2055

flow-export template timeout-rate 1

flow-export delay flow-create 30

mtu inside 1500

mtu inside2 1500

mtu outside 1500

mtu management 1500

ip verify reverse-path interface outside

no failover

icmp unreachable rate-limit 10 burst-size 5

icmp deny any outside

asdm image disk0:/asdm-715.bin

no asdm history enable

arp timeout 14400

no arp permit-nonconnected

nat (inside,outside) source static web01.gvvs.ca isp-67.100 service www www

nat (inside,outside) source static web01.gvvs.ca isp-67.100 service https https

nat (inside,outside) source static streaming.gvvs.ca isp-67.100 service streaming-1935-source streaming-1935-source

nat (inside,outside) source static web01.gvvs.ca isp-67.100 service ssh-source ssh-source

nat (inside,outside) source static web01.gvvs.ca isp-67.100 service ftp-data ftp-data inactive

nat (inside,outside) source static groupwise1.gvvs.ca isp-67.105 service www www

nat (inside,outside) source static groupwise1.gvvs.ca isp-67.105 service groupwise-client-source groupwise-client-source

nat (inside,outside) source static groupwise1.gvvs.ca isp-67.105 service groupwise-client-udp-source groupwise-client-udp-source

nat (inside,outside) source static groupwise1.gvvs.ca isp-67.105 service imap-source imap-source

nat (inside,outside) source static groupwise1.gvvs.ca isp-67.105 service groupwise-messenger-source groupwise-messenger-source

nat (any,any) source static filr2.gvvs.ca isp-67.114 service https https

nat (inside,outside) source static filr2.gvvs.ca isp-67.114 service filr-8443-source filr-8443-source

nat (inside,outside) source static filr2.gvvs.ca isp-67.114 service filr-9443-source filr-9443-source

nat (inside,outside) source static powerschool.gvvs.ca isp-67.106 service www www

nat (inside,outside) source static powerschool.gvvs.ca isp-67.106 service powerschool-5071-source powerschool-5071-source

nat (inside,outside) source static powerschool.gvvs.ca isp-67.106 service powerschool-7880-source powerschool-7880-source

nat (inside,outside) source static powerschool.gvvs.ca isp-67.106 service powerschool-7980-source powerschool-7980-source

nat (inside,outside) source static dev.powerschool.gvvs.ca isp-67.107 service www www

nat (inside,outside) source static dev.powerschool.gvvs.ca isp-67.107 service powerschool-5071-source powerschool-5071-source

nat (inside,outside) source static dev.powerschool.gvvs.ca isp-67.107 service powerschool-7880-source powerschool-7880-source

nat (inside,outside) source static dev.powerschool.gvvs.ca isp-67.107 service powerschool-7980-source powerschool-7980-source

nat (inside,outside) source static mobilesync.gvvs.ca isp-67.118 service https https

nat (inside,outside) source static mdm1.gvvs.ca isp-67.108 service https https

nat (inside,outside) source static helpdesk.gvvs.ca isp-67.123 service www www

nat (inside,outside) source static vibe.gvvs.ca isp-67.117 service https https

nat (inside,outside) source static library.gvvs.ca isp-67.121 service www www

nat (inside,outside) source static intermapper.gvvs.ca isp-67.120 service www www

nat (inside,outside) source static netstorage.gvvs.ca isp-67.122 service https https

nat (inside,outside) source static netstorage.gvvs.ca isp-67.122 service http-source http-source

nat (inside,outside) source static astaro-mail isp-67.105 service smtp-source smtp-source

nat (inside,outside) source static astaro-mail isp-67.104 service smtp-source smtp-source

nat (inside,outside) source static web05.gvvs.ca isp-67.75 service www www

nat (inside,outside) source static web03.gvvs.ca isp-67.77 service www http-8080

nat (inside,outside) source static pls-ricoh_mp_161 isp-67.95 service 9100-Printing-Source printing-pls-9008

nat (inside,outside) source static wes-ricoh_mp_171 isp-67.95 service 9100-Printing-Source printing-wes-9024

nat (inside,outside) source static jrw-ricoh_mp_161 isp-67.95 service 9100-Printing-Source printing-jrw-9040

nat (inside,outside) source static ecs-ricoh_1515 isp-67.95 service 9100-Printing-Source printing-ecs-9056

nat (inside,outside) source static swd-hp_4200 isp-67.95 service 9100-Printing-Source printing-swd-9072

nat (inside,outside) source static pds-ricoh_mp_6001 isp-67.95 service 9100-Printing-Source printing-pds-9080

nat (inside,outside) source static bvs-ricoh_mp_1515 isp-67.95 service 9100-Printing-Source printing-bvs-9088

nat (inside,outside) source static pcs-saa-hp401 isp-67.95 service 9100-Printing-Source printing-pcs-9104

nat (inside,outside) source static gvc-hp_4050 isp-67.95 service 9100-Printing-Source printing-gvc-9184

nat (inside,outside) source static do-xerox_460 isp-67.95 service 9100-Printing-Source printing-do-0-9200

nat (inside,outside) source static do-hp_3035 isp-67.95 service 9100-Printing-Source printing-do-1-9201

nat (inside,outside) source static do-hp_4540_finance isp-67.95 service 9100-Printing-Source printing-do-2-9202

nat (inside,outside) source static do-hp_4050_finance isp-67.95 service 9100-Printing-Source printing-do-3-9203

nat (inside,outside) source static do-hp_3530_operations isp-67.95 service 9100-Printing-Source printing-do-4-9204

nat (inside,outside) source static ddc.gvvs.ca isp-67.119 service www www

nat (inside,outside) source static ddc.gvvs.ca isp-67.119 service rdp-source rdp-source

nat (inside,outside) source static ecs-ddc isp-67.119 service www http-84-source

nat (inside,outside) source static swd-ddc isp-67.119 service www http-83-source

nat (inside,outside) source static pds-ddc isp-67.119 service www http-85-source

nat (inside,outside) source static pds-eeed isp-67.75 service vnc-source vnc-source

nat (inside,outside) source static pds-eeed isp-67.75 service vnc2-source vnc2-source

nat (inside,outside) source static gvc-east-ddc isp-67.119 service www http-82-source

nat (inside,outside) source static gvc-tech-class-web-server isp-67.71 service www www

nat (inside,outside) source static gvc-tech-class-mindcraft-server isp-67.71 service mindcraft-25565-source mindcraft-25565-source

nat (inside,outside) source static destiny.gvvs.ca isp-67.116 service www www

nat (any,any) source static sme.gvvs.ca isp-67.115 service www www

nat (inside,outside) source static destiny.gvvs.ca isp-67.116 service destiny-follet-shelf-search-source destiny-follet-shelf-search-source

nat (inside,outside) source static destiny.gvvs.ca isp-67.116 service rdp-source rdp-source inactive

nat (inside,outside) source static dmp.gvvs.ca isp-67.119 service rdp-source rdp-source inactive

nat (inside,outside) source static npc-security-panel isp-67.119 service alarm-mgmt-2001-source alarm-mgmt-2001-source

nat (inside,outside) source static Sophos-UTM-Mgmt isp-67.69 service sophos-utm-mgmt-port-source sophos-utm-mgmt-port-source

nat (inside,outside) source static Sophos-UTM-Mgmt isp-67.69 service ssh-source ssh-source

nat (inside,outside) source static Enterprise isp-67.69 service rdp-source rdp-source

nat (any,any) source static VPN-Subnet VPN-Subnet destination static All-Internal-Networks All-Internal-Networks no-proxy-arp description Allow vpn clients to access internal networks

nat (inside,outside) source static any any destination static NETWORK_OBJ_10.250.0.0_26 NETWORK_OBJ_10.250.0.0_26 no-proxy-arp route-lookup

!

object network 172.16.0.0

nat (inside,outside) dynamic isp-67.70

object network 10.10.10.1

nat (inside,outside) dynamic interface

object network 10.10.10.9

nat (any,outside) dynamic interface

object network VPN-Subnet

nat (outside,outside) dynamic isp-67.69

object network 10.7.0.0

nat (inside,outside) dynamic isp-67.70

object network 10.10.10.46

nat (inside,outside) dynamic isp-67.70

object network Tec_Network

nat (any,any) dynamic isp-67.69

object network helpdesk.gvvs.ca

nat (any,any) dynamic isp-67.123

object network 10.5.0.0

nat (any,any) dynamic isp-67.68

object network intermapper.gvvs.ca

nat (any,any) dynamic isp-67.120 dns

object network library.gvvs.ca

nat (any,any) dynamic isp-67.121

object network netstorage.gvvs.ca

nat (any,any) dynamic isp-67.122

object network sme.gvvs.ca

nat (any,any) dynamic isp-67.115

object network vibe.gvvs.ca

nat (any,any) dynamic isp-67.117

object network mobilesync.gvvs.ca

nat (any,any) dynamic isp-67.118

object network powerschool.gvvs.ca

nat (any,any) dynamic isp-67.106

object network astaro-mail

nat (any,any) dynamic isp-67.105

object network Dans-House

nat (any,any) dynamic isp-67.69

object network web03.gvvs.ca

nat (inside,outside) dynamic isp-67.77

object network web01.gvvs.ca

nat (any,any) dynamic isp-67.100 dns

object network bvs-printers

nat (any,any) dynamic isp-67.95

object network do-printers

nat (any,any) dynamic isp-67.95

object network ecs-printers

nat (any,any) dynamic isp-67.95

object network gvc-printers

nat (any,any) dynamic isp-67.95

object network jrw-printers

nat (any,any) dynamic isp-67.95

object network pcs-printers

nat (any,any) dynamic isp-67.95

object network pds-printers

nat (any,any) dynamic isp-67.95

object network pls-printers

nat (any,any) dynamic isp-67.95

object network swd-printers

nat (any,any) dynamic isp-67.95

object network wes-printers

nat (any,any) dynamic isp-67.95

object network gvvs-Alarm-Panels

nat (any,any) dynamic isp-67.119

object network Waynes-House

nat (any,any) dynamic isp-67.69

object network Richard-Chris-House

nat (any,any) dynamic isp-67.69

object network ecs-ddc

nat (any,any) dynamic isp-67.119

object network gvc-east-ddc

nat (any,any) dynamic isp-67.119

object network pds-ddc

nat (any,any) dynamic isp-67.119

object network swd-ddc

nat (any,any) dynamic isp-67.119

object network groupwise1.gvvs.ca

nat (any,any) dynamic isp-67.105

object network groupwise2.gvvs.ca

nat (any,any) dynamic isp-67.105

object network ddc.gvvs.ca

nat (any,any) dynamic isp-67.119

object network pds-eeed

nat (any,any) dynamic isp-67.75

object network gvc-tec-class

nat (any,any) dynamic isp-67.71

object network destiny.gvvs.ca

nat (any,any) dynamic isp-67.116

object network dmp.gvvs.ca

nat (any,any) dynamic isp-67.119

object network jrw-alarm-panel

nat (any,any) dynamic isp-67.119

object network pds-alarm-panel

nat (any,any) dynamic isp-67.119

object network gvc-east-alarm-panel

nat (any,any) dynamic isp-67.119

object network Walters-House

nat (any,any) dynamic isp-67.69

object network gvvs-MGMT-Network

nat (any,any) dynamic isp-67.68

object network Chris

nat (any,any) dynamic isp-67.69

object network dev.powerschool.gvvs.ca

nat (any,any) dynamic isp-67.107

object network Backup-Server

nat (any,any) dynamic isp-67.69

object network Matts-House

nat (any,any) dynamic isp-67.69

object network gvc-surveillance-network

nat (any,any) dynamic isp-67.69

object network bvs-security-building-network

nat (any,any) dynamic isp-67.119

object network do-security-building-network

nat (any,any) dynamic isp-67.119

object network ecs-security-building-network

nat (any,any) dynamic isp-67.119

object network gvc-security-building-network

nat (any,any) dynamic isp-67.119

object network jrw-security-building-network

nat (any,any) dynamic isp-67.119

object network pcs-security-building-network

nat (any,any) dynamic isp-67.119

object network pds-security-building-network

nat (any,any) dynamic isp-67.119

object network pls-security-building-network

nat (any,any) dynamic isp-67.119

object network swd-security-building-network

nat (any,any) dynamic isp-67.119

object network wes-security-building-network

nat (any,any) dynamic isp-67.119

object network Sophos-UTM-Mgmt

nat (any,any) dynamic isp-67.69

object network gvc-gvvs-staff-byod

nat (any,outside) dynamic isp-67.70

object network mdm1.gvvs.ca

nat (any,any) dynamic isp-67.108

object network Filter-Router-Test-Machine

nat (any,any) dynamic isp-67.69

object network Filter-Astaro

nat (any,any) dynamic isp-67.69

object network DO-Guest

nat (any,any) dynamic isp-67.70

object network do-gvvs-staff-byod

nat (any,any) dynamic isp-67.70

object network tec-shop-security-building-network

nat (any,any) dynamic isp-67.119

object network streaming.gvvs.ca

nat (any,any) dynamic isp-67.100

object network filr1.gvvs.ca

nat (any,any) dynamic isp-67.114

object network filrmysql.gvvs.ca

nat (any,any) dynamic isp-67.114

object network filrsearch.gvvs.ca

nat (any,any) dynamic isp-67.114

object network npc-gvvs-it

nat (any,any) dynamic isp-67.69

object network npc-student-network

nat (any,any) dynamic isp-67.70

object network filr2.gvvs.ca

nat (any,any) dynamic isp-67.114

object network ECS-TEC-Network

nat (any,any) dynamic isp-67.69

object network PDS-TEC-Network

nat (any,any) dynamic isp-67.69

object network npc-security-building-network

nat (any,any) dynamic isp-67.119

object network npc-security-panel

nat (any,any) dynamic isp-67.119

object network npc-gvvs-staff-byod

nat (any,any) dynamic isp-67.70

object network Enterprise

nat (any,any) dynamic isp-67.69

object network do-gvvs-staff

nat (any,any) dynamic isp-67.70

object network bvs-gvvs-staff

nat (any,any) dynamic isp-67.70

object network bvs-gvvs-staff-byod

nat (any,any) dynamic isp-67.70

object network ecs-gvvs-staff

nat (any,any) dynamic isp-67.70

object network ecs-gvvs-staff-byod

nat (any,any) dynamic isp-67.70

object network gvc-gvvs-staff

nat (any,any) dynamic isp-67.70

object network jrw-gvvs-staff

nat (any,any) dynamic isp-67.70

object network jrw-gvvs-staff-byod

nat (any,any) dynamic isp-67.70

object network npc-gvvs-staff

nat (any,any) dynamic isp-67.70

object network pcs-gvvs-staff

nat (any,any) dynamic isp-67.70

object network pcs-gvvs-staff-byod

nat (any,any) dynamic isp-67.70

object network pds-gvvs-staff

nat (any,any) dynamic isp-67.70

object network pds-gvvs-staff-byod

nat (any,any) dynamic isp-67.70

object network pls-gvvs-staff

nat (any,any) dynamic isp-67.70

object network pls-gvvs-staff-byod

nat (any,any) dynamic isp-67.70

object network swd-gvvs-staff

nat (any,any) dynamic isp-67.70

object network swd-gvvs-staff-byod

nat (any,any) dynamic isp-67.70

object network wes-gvvs-staff

nat (any,any) dynamic isp-67.70

object network wes-gvvs-staff-byod

nat (any,any) dynamic isp-67.70

object network npc-customer

nat (any,any) dynamic isp-67.70

object network gvctec-gvvs-staff

nat (any,any) dynamic isp-67.70

object network gvctec-gvvs-staff-byod

nat (any,any) dynamic isp-67.70

object network bvs-gvvs-it

nat (any,any) dynamic isp-67.69

object network ecs-gvvs-it

nat (any,any) dynamic isp-67.69

object network gvc-gvvs-it

nat (any,any) dynamic isp-67.69

object network jrw-gvvs-it

nat (any,any) dynamic isp-67.69

object network pcs-gvvs-it

nat (any,any) dynamic isp-67.69

object network pds-gvvs-it

nat (any,any) dynamic isp-67.69

object network pls-gvvs-it

nat (any,any) dynamic isp-67.69

object network swd-gvvs-it

nat (any,any) dynamic isp-67.69

object network tec-gvvs-it

nat (any,any) dynamic isp-67.69

object network wes-gvvs-it

nat (any,any) dynamic isp-67.69

object network npc-surveillance-network

nat (any,any) dynamic isp-67.69

object network Development-Server-Network

nat (any,any) dynamic isp-67.69

object network do-gvvs-it

nat (any,any) dynamic isp-67.69

access-group inside_access_in in interface inside

access-group inside_access_out out interface inside

access-group outside_access_in in interface outside

access-group outside_access_out out interface outside

!

route-map ipsec-vpn-routes permit 10

match ip address ipsec-vpn-routes

!

!

router eigrp 100

no auto-summary

network 10.10.10.8 255.255.255.252

passive-interface outside

redistribute static route-map ipsec-vpn-routes

!

route outside 0.0.0.0 0.0.0.0 222.222.67.65 1

route inside2 10.10.10.24 255.255.255.252 10.10.10.18 5

route inside2 10.10.10.28 255.255.255.252 10.10.10.18 5

route outside 10.250.0.0 255.255.255.192 222.222.67.65 1

timeout xlate 3:00:00

timeout pat-xlate 0:00:30

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

dynamic-access-policy-record DfltAccessPolicy

aaa-server LDAP protocol ldap

aaa-server LDAP (inside) host 10.5.0.25

ldap-base-dn O=gvvs

ldap-scope subtree

ldap-naming-attribute cn

ldap-login-dn ldapproxy

server-type novell

user-identity default-domain LOCAL

http server enable

http 0.0.0.0 0.0.0.0 inside

snmp-server host outside 222.222.79.2 poll community BMfM11 version 2c

snmp-server host inside 10.5.0.150 community public version 2c udp-port 161

snmp-server host inside 10.5.0.151 community public version 2c udp-port 161

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac

crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac

crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac

crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac

crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac

crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac

crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac

crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac

crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac

crypto ipsec ikev1 transform-set TRANS_ESP_3DES_SHA esp-3des esp-md5-hmac

crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac

crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport

crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac

crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport

crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac

crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport

crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac

crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport

crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac

crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transport

crypto ipsec ikev2 ipsec-proposal AES256

protocol esp encryption aes-256

protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal AES192

protocol esp encryption aes-192

protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal AES

protocol esp encryption aes

protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal 3DES

protocol esp encryption 3des

protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal DES

protocol esp encryption des

protocol esp integrity sha-1 md5

crypto ipsec security-association pmtu-aging infinite

crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1

crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-192-SHA ESP-AES-256-SHA ESP-3DES-SHA ESP-DES-SHA ESP-AES-128-SHA-TRANS ESP-AES-192-SHA-TRANS ESP-AES-256-SHA-TRANS ESP-3DES-SHA-TRANS ESP-DES-SHA-TRANS

crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES

crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP

crypto map outside_map interface outside

crypto map inside2_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP

crypto map inside2_map interface inside2

crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP

crypto map inside_map interface inside

crypto ca trustpoint DigicertCA

enrollment terminal

crl configure

crypto ca trustpoint Digicert_gvvsdotCA

keypair Digicert_gvvsdotCA

crl configure

crypto ca trustpoint DigiCert_Intermediate

enrollment terminal

no validation-usage

crl configure

crypto ca trustpool policy

crypto ca certificate chain DigicertCA

certificate ca 428740a5

    30820442 308203ab a0030201 02020442 8740a530 0d06092a 864886f7 0d010105

    05003081 c3310b30 09060355 04061302 55533114 30120603 55040a13 0b456e74

    72757374 2e6e6574 313b3039 06035504 0b133277 77772e65 6e747275 73742e6e

    65742f43 50532069 6e636f72 702e2062 79207265 662e2028 6c696d69 7473206c

    6961622e 29312530 23060355 040b131c 28632920 31393939 20456e74 72757374

    2e6e6574 204c696d 69746564 313a3038 06035504 03133145 6e747275 73742e6e

    65742053 65637572 65205365 72766572 20436572 74696669 63617469 6f6e2041

    7574686f 72697479 301e170d 30363130 30313035 30303030 5a170d31 34303732

    36313831 3531355a 306c310b 30090603 55040613 02555331 15301306 0355040a

    130c4469 67694365 72742049 6e633119 30170603 55040b13 10777777 2e646967

    69636572 742e636f 6d312b30 29060355 04031322 44696769 43657274 20486967

    68204173 73757261 6e636520 45562052 6f6f7420 43413082 0122300d 06092a86

    4886f70d 01010105 00038201 0f003082 010a0282 010100c6 cce573e6 fbd4bbe5

    2d2d32a6 dfe5813f c9cd2549 b6712ac3 d5943467 a20a1cb0 5f69a640 b1c4b7b2

    8fd098a4 a941593a d3dc94d6 3cdb7438 a44acc4d 2582f74a a5531238 eef3496d

    71917e63 b6aba65f c3a484f8 4f6251be f8c5ecdb 3892e306 e508910c c4284155

    fbcb5a89 157e71e8 35bf4d72 093dbe3a 38505b77 311b8db3 c724459a a7ac6d00

    145a04b7 ba13eb51 0a984141 224e6561 87814150 a6795c89 de194a57 d52ee65d

    1c532c7e 98cd1a06 16a46873 d0340413 5ca171d3 5a7c55db 5e64e137 87305604

    e511b429 8012f179 3988a202 117c2766 b788b778 f2ca0aa8 38ab0a64 c2bf665d

    9584c1a1 251e875d 1a500b20 12cc41bb 6e0b5138 b84bcb02 03010001 a3820113

    3082010f 30120603 551d1301 01ff0408 30060101 ff020101 30270603 551d2504

    20301e06 082b0601 05050703 0106082b 06010505 07030206 082b0601 05050703

    04303306 082b0601 05050701 01042730 25302306 082b0601 05050730 01861768

    7474703a 2f2f6f63 73702e65 6e747275 73742e6e 65743033 0603551d 1f042c30

    2a3028a0 26a02486 22687474 703a2f2f 63726c2e 656e7472 7573742e 6e65742f

    73657276 6572312e 63726c30 1d060355 1d0e0416 0414b13e c36903f8 bf4701d4

    98261a08 02ef6364 2bc3300b 0603551d 0f040403 02010630 1f060355 1d230418

    30168014 f0176213 553db3ff 0a006bfb 508497f3 ed62d01a 30190609 2a864886

    f67d0741 00040c30 0a1b0456 372e3103 02008130 0d06092a 864886f7 0d010105

    05000381 8100480e 2b6f2062 4c2893a3 243d58ab 21cf80f8 9a97906a 22ed5a7c

    473699e7 798475ab 248f920a d56104ae c36a5cb2 ccd9e444 876fdb8f 3862f744

    369dbabc 6e07c4d4 8de81fd1 0b60a3b5 9cce63be ed67dcf8 bade6ec9 25cb5bb5

    9d76700b df4272f8 4f411164 a5d2eafc d5af11f4 1538679c 20a84b77 5a913242

    32e785b3 df36

  quit

crypto ca certificate chain Digicert_gvvsdotCA

certificate 0fc5b3b942635482852e9b2d5c033a41

    308206a8 30820590 a0030201 0202100f c5b3b942 63548285 2e9b2d5c 033a4130

    0d06092a 864886f7 0d010105 05003066 310b3009 06035504 06130255 53311530

    13060355 040a130c 44696769 43657274 20496e63 31193017 06035504 0b131077

    77772e64 69676963 6572742e 636f6d31 25302306 03550403 131c4469 67694365

    72742048 69676820 41737375 72616e63 65204341 2d33301e 170d3131 30373134

    30303030 30305a17 0d313431 31313431 32303030 305a306e 310b3009 06035504

    06130243 41311130 0f060355 04081308 4d616e69 746f6261 3110300e 06035504

    07130757 696e6b6c 65723126 30240603 55040a13 1d476172 64656e20 56616c6c

    65792053 63686f6f 6c204469 76697369 6f6e3112 30100603 5504030c 092a2e67

    7673642e 63613082 0122300d 06092a86 4886f70d 01010105 00038201 0f003082

    010a0282 010100c8 18d72391 f04fe2d4 53ca57e7 ec40a7a3 086cc3ed 76634f68

    3dc921f7 40e79108 ffc95c56 37284911 a3cc9b14 c0337923 1a1b9ac4 c04db7c2

    fef5facf 0b72c51b 7d9178d9 770ffbce f21ee6e2 756414e3 b436f34c 610a291c

    690c9540 f25fce2d 6f80430a 2627d850 7e94fad7 9ea17400 fc30f607 d466da02

    0a776b0e c19805ea f7f99e61 20d5940c 8a40e476 dadc0d4d 6b4508b8 741eef1a

    829f6f5c dd49376d 93c9968a 5bb9f7b6 f9d6a147 126c51ec c2ade665 4ebcdd99

    faa3ca37 322846e1 9a86f838 ca64ba7c 284a7bba 09e40830 27267907 82b4b438

    860235c7 d8651ba0 8fbfecd9 d20a68a8 b5ec0570 7f4fcbc5 25603b42 c7fddbe6

    49db1882 a765ef02 03010001 a3820348 30820344 301f0603 551d2304 18301680

    1450ea73 89db29fb 108f9ee5 0120d4de 79994883 f7301d06 03551d0e 04160414

    487f400e 1529fd02 1e996627 abcc99e8 fe76039a 301d0603 551d1104 16301482

    092a2e67 7673642e 63618207 67767364 2e636130 0e060355 1d0f0101 ff040403

    0205a030 1d060355 1d250416 30140608 2b060105 05070301 06082b06 01050507

    03023061 0603551d 1f045a30 58302aa0 28a02686 24687474 703a2f2f 63726c33

    2e646967 69636572 742e636f 6d2f6361 332d6732 362e6372 6c302aa0 28a02686

    24687474 703a2f2f 63726c34 2e646967 69636572 742e636f 6d2f6361 332d6732

    362e6372 6c308201 c4060355 1d200482 01bb3082 01b73082 01b30609 60864801

    86fd6c01 01308201 a4303a06 082b0601 05050702 01162e68 7474703a 2f2f7777

    772e6469 67696365 72742e63 6f6d2f73 736c2d63 70732d72 65706f73 69746f72

    792e6874 6d308201 6406082b 06010505 07020230 8201561e 82015200 41006e00

    79002000 75007300 65002000 6f006600 20007400 68006900 73002000 43006500

    72007400 69006600 69006300 61007400 65002000 63006f00 6e007300 74006900

    74007500 74006500 73002000 61006300 63006500 70007400 61006e00 63006500

    20006f00 66002000 74006800 65002000 44006900 67006900 43006500 72007400

    20004300 50002f00 43005000 53002000 61006e00 64002000 74006800 65002000

    52006500 6c007900 69006e00 67002000 50006100 72007400 79002000 41006700

    72006500 65006d00 65006e00 74002000 77006800 69006300 68002000 6c006900

    6d006900 74002000 6c006900 61006200 69006c00 69007400 79002000 61006e00

    64002000 61007200 65002000 69006e00 63006f00 72007000 6f007200 61007400

    65006400 20006800 65007200 65006900 6e002000 62007900 20007200 65006600

    65007200 65006e00 63006500 2e307b06 082b0601 05050701 01046f30 6d302406

    082b0601 05050730 01861868 7474703a 2f2f6f63 73702e64 69676963 6572742e

    636f6d30 4506082b 06010505 07300286 39687474 703a2f2f 63616365 7274732e

    64696769 63657274 2e636f6d 2f446967 69436572 74486967 68417373 7572616e

    63654341 2d332e63 7274300c 0603551d 130101ff 04023000 300d0609 2a864886

    f70d0101 05050003 82010100 b8c52ea3 db49e92d b6224a7f c4ad561a 9f1e1a5b

    c089b09b aa4880c7 a0e4a6e4 e1be3ee0 69cf17c2 8c2e6a11 22e1744d 49c5b5fe

    b6695a39 e22e4599 8a51df00 12093f30 4512a2cf b1df1037 bb33ead4 dd38b3b2

    63d76888 22a1771e c4eef63b fce2fcd7 1f4f969c a98b77f7 7e942f67 950c23ee

    a3993d29 37dc8e96 cfcd696e c68f621e f2129600 399d3c6f 2b6110cf 0dea0fbb

    a0feb7d4 738d53b9 7047fe23 b971b67b e26dbaf2 ba03bc5d 587f6f96 98fbdddd

    61d0f1c2 5b1ed00a ad9a4c61 b98883b4 41e6657d 177c7d86 ed8ad0cd 7302cf75

    fab04cd7 a3fee798 2eac21ce 40cac011 39124f3a b42fcd58 dd76f930 242d140e

    387280c2 d8e54c66 cc4ebceb

  quit

certificate ca 0a5f114d035b179117d2efd4038c3f3b

    30820658 30820540 a0030201 0202100a 5f114d03 5b179117 d2efd403 8c3f3b30

    0d06092a 864886f7 0d010105 0500306c 310b3009 06035504 06130255 53311530

    13060355 040a130c 44696769 43657274 20496e63 31193017 06035504 0b131077

    77772e64 69676963 6572742e 636f6d31 2b302906 03550403 13224469 67694365

    72742048 69676820 41737375 72616e63 65204556 20526f6f 74204341 301e170d

    30383034 30323132 30303030 5a170d32 32303430 33303030 3030305a 3066310b

    30090603 55040613 02555331 15301306 0355040a 130c4469 67694365 72742049

    6e633119 30170603 55040b13 10777777 2e646967 69636572 742e636f 6d312530

    23060355 0403131c 44696769 43657274 20486967 68204173 73757261 6e636520

    43412d33 30820122 300d0609 2a864886 f70d0101 01050003 82010f00 3082010a

    02820101 00bf610a 29101f5e fe343751 08f81efb 22ed61be 0b0d704c 50632675

    15b94188 97b6f0a0 15bb0860 e042e805 29108736 8a2865a8 ef310774 6d36972f

    28466604 c72a7926 7a99d58e c36d4fa0 5eadbc3d 91c2597b 5e366cc0 53cf0008

    323e1064 58101369 c70cee9c 425100f9 0544ee24 ce7a1fed 8c11bd12 a8f315f4

    1c7a3169 011ba7e6 5dc09a6c 7e099ee7 52444a10 3a23e49b b603afa8 9cb45b9f

    d44bad92 8cceb511 2aaa3718 8db4c2b8 d85c068c f8ff23bd 355ed47c 3e7e830e

    91960598 c3b21fe3 c865eba9 7b5da02c ccfc3cd9 6dedccfa 4b438cc9 d4b8a561

    1cb240b6 2812dfb9 f85ffed3 b2c9ef3d b41e4b7c 1c4c9936 9e3debec a7685e1d

    df676e5e fb020301 0001a382 02fa3082 02f6300e 0603551d 0f0101ff 04040302

    01863082 01c60603 551d2004 8201bd30 8201b930 8201b506 0b608648 0186fd6c

    01030002 308201a4 303a0608 2b060105 05070201 162e6874 74703a2f 2f777777

    2e646967 69636572 742e636f 6d2f7373 6c2d6370 732d7265 706f7369 746f7279

    2e68746d 30820164 06082b06 01050507 02023082 01561e82 01520041 006e0079

    00200075 00730065 0020006f 00660020 00740068 00690073 00200043 00650072

    00740069 00660069 00630061 00740065 00200063 006f006e 00730074 00690074

    00750074 00650073 00200061 00630063 00650070 00740061 006e0063 00650020

    006f0066 00200074 00680065 00200044 00690067 00690043 00650072 00740020

    00430050 002f0043 00500053 00200061 006e0064 00200074 00680065 00200052

    0065006c 00790069 006e0067 00200050 00610072 00740079 00200041 00670072

    00650065 006d0065 006e0074 00200077 00680069 00630068 0020006c 0069006d

    00690074 0020006c 00690061 00620069 006c0069 00740079 00200061 006e0064

    00200061 00720065 00200069 006e0063 006f0072 0070006f 00720061 00740065

    00640020 00680065 00720065 0069006e 00200062 00790020 00720065 00660065

    00720065 006e0063 0065002e 30120603 551d1301 01ff0408 30060101 ff020100

    30340608 2b060105 05070101 04283026 30240608 2b060105 05073001 86186874

    74703a2f 2f6f6373 702e6469 67696365 72742e63 6f6d3081 8f060355 1d1f0481

    87308184 3040a03e a03c863a 68747470 3a2f2f63 726c332e 64696769 63657274

    2e636f6d 2f446967 69436572 74486967 68417373 7572616e 63654556 526f6f74

    43412e63 726c3040 a03ea03c 863a6874 74703a2f 2f63726c 342e6469 67696365

    72742e63 6f6d2f44 69676943 65727448 69676841 73737572 616e6365 4556526f

    6f744341 2e63726c 301f0603 551d2304 18301680 14b13ec3 6903f8bf 4701d498

    261a0802 ef63642b c3301d06 03551d0e 04160414 50ea7389 db29fb10 8f9ee501

    20d4de79 994883f7 300d0609 2a864886 f70d0101 05050003 82010100 1ee2a548

    9e6cdb53 380fefa6 1a2aace2 0343ed9a bc3e8e75 1bf0fd2e 2259ac13 c061e2e7

    fae999cd 87097554 28bf4660 dcbe512c 92f31b91 7c310870 e237b9c1 5ba8bda3

    0b00fb1a 15fd03ad 586ac5c7 24994847 46311e92 efb45f4e 34c790bf 31c1f8b1

    8486d09c 01aadf8a 5606ce3a e90eae97 745dd771 9a42745f de8d437c dee955ed

    6900cb05 e07a6161 33d1194d f908eea0 39c52535 b72bc40f b2ddf1a5 b70e24c4

    26288d79 77f52ff0 57ba7c07 d4e1fccd 5a30577e 861047dd 311fd7fc a2c2bf30

    7c5d24aa e8f9ae5f 6a74c2ce 6bb346d8 21be29d4 8e5e15d6 424ae732 6fa4b16b

    518358be 3f6dc7fb da0321cb 6a16194e 0af0ad84 ca5d94b3 5a76f761

  quit

crypto ca certificate chain DigiCert_Intermediate

certificate ca 0a5f114d035b179117d2efd4038c3f3b

    30820658 30820540 a0030201 0202100a 5f114d03 5b179117 d2efd403 8c3f3b30

    0d06092a 864886f7 0d010105 0500306c 310b3009 06035504 06130255 53311530

    13060355 040a130c 44696769 43657274 20496e63 31193017 06035504 0b131077

    77772e64 69676963 6572742e 636f6d31 2b302906 03550403 13224469 67694365

    72742048 69676820 41737375 72616e63 65204556 20526f6f 74204341 301e170d

    30383034 30323132 30303030 5a170d32 32303430 33303030 3030305a 3066310b

    30090603 55040613 02555331 15301306 0355040a 130c4469 67694365 72742049

    6e633119 30170603 55040b13 10777777 2e646967 69636572 742e636f 6d312530

    23060355 0403131c 44696769 43657274 20486967 68204173 73757261 6e636520

    43412d33 30820122 300d0609 2a864886 f70d0101 01050003 82010f00 3082010a

    02820101 00bf610a 29101f5e fe343751 08f81efb 22ed61be 0b0d704c 50632675

    15b94188 97b6f0a0 15bb0860 e042e805 29108736 8a2865a8 ef310774 6d36972f

    28466604 c72a7926 7a99d58e c36d4fa0 5eadbc3d 91c2597b 5e366cc0 53cf0008

    323e1064 58101369 c70cee9c 425100f9 0544ee24 ce7a1fed 8c11bd12 a8f315f4

    1c7a3169 011ba7e6 5dc09a6c 7e099ee7 52444a10 3a23e49b b603afa8 9cb45b9f

    d44bad92 8cceb511 2aaa3718 8db4c2b8 d85c068c f8ff23bd 355ed47c 3e7e830e

    91960598 c3b21fe3 c865eba9 7b5da02c ccfc3cd9 6dedccfa 4b438cc9 d4b8a561

    1cb240b6 2812dfb9 f85ffed3 b2c9ef3d b41e4b7c 1c4c9936 9e3debec a7685e1d

    df676e5e fb020301 0001a382 02fa3082 02f6300e 0603551d 0f0101ff 04040302

    01863082 01c60603 551d2004 8201bd30 8201b930 8201b506 0b608648 0186fd6c

    01030002 308201a4 303a0608 2b060105 05070201 162e6874 74703a2f 2f777777

    2e646967 69636572 742e636f 6d2f7373 6c2d6370 732d7265 706f7369 746f7279

    2e68746d 30820164 06082b06 01050507 02023082 01561e82 01520041 006e0079

    00200075 00730065 0020006f 00660020 00740068 00690073 00200043 00650072

    00740069 00660069 00630061 00740065 00200063 006f006e 00730074 00690074

    00750074 00650073 00200061 00630063 00650070 00740061 006e0063 00650020

    006f0066 00200074 00680065 00200044 00690067 00690043 00650072 00740020

    00430050 002f0043 00500053 00200061 006e0064 00200074 00680065 00200052

    0065006c 00790069 006e0067 00200050 00610072 00740079 00200041 00670072

    00650065 006d0065 006e0074 00200077 00680069 00630068 0020006c 0069006d

    00690074 0020006c 00690061 00620069 006c0069 00740079 00200061 006e0064

    00200061 00720065 00200069 006e0063 006f0072 0070006f 00720061 00740065

    00640020 00680065 00720065 0069006e 00200062 00790020 00720065 00660065

    00720065 006e0063 0065002e 30120603 551d1301 01ff0408 30060101 ff020100

    30340608 2b060105 05070101 04283026 30240608 2b060105 05073001 86186874

    74703a2f 2f6f6373 702e6469 67696365 72742e63 6f6d3081 8f060355 1d1f0481

    87308184 3040a03e a03c863a 68747470 3a2f2f63 726c332e 64696769 63657274

    2e636f6d 2f446967 69436572 74486967 68417373 7572616e 63654556 526f6f74

    43412e63 726c3040 a03ea03c 863a6874 74703a2f 2f63726c 342e6469 67696365

    72742e63 6f6d2f44 69676943 65727448 69676841 73737572 616e6365 4556526f

    6f744341 2e63726c 301f0603 551d2304 18301680 14b13ec3 6903f8bf 4701d498

    261a0802 ef63642b c3301d06 03551d0e 04160414 50ea7389 db29fb10 8f9ee501

    20d4de79 994883f7 300d0609 2a864886 f70d0101 05050003 82010100 1ee2a548

    9e6cdb53 380fefa6 1a2aace2 0343ed9a bc3e8e75 1bf0fd2e 2259ac13 c061e2e7

    fae999cd 87097554 28bf4660 dcbe512c 92f31b91 7c310870 e237b9c1 5ba8bda3

    0b00fb1a 15fd03ad 586ac5c7 24994847 46311e92 efb45f4e 34c790bf 31c1f8b1

    8486d09c 01aadf8a 5606ce3a e90eae97 745dd771 9a42745f de8d437c dee955ed

    6900cb05 e07a6161 33d1194d f908eea0 39c52535 b72bc40f b2ddf1a5 b70e24c4

    26288d79 77f52ff0 57ba7c07 d4e1fccd 5a30577e 861047dd 311fd7fc a2c2bf30

    7c5d24aa e8f9ae5f 6a74c2ce 6bb346d8 21be29d4 8e5e15d6 424ae732 6fa4b16b

    518358be 3f6dc7fb da0321cb 6a16194e 0af0ad84 ca5d94b3 5a76f761

  quit

crypto ikev2 policy 1

encryption aes-256

integrity sha

group 5 2

prf sha

lifetime seconds 86400

crypto ikev2 policy 10

encryption aes-192

integrity sha

group 5 2

prf sha

lifetime seconds 86400

crypto ikev2 policy 20

encryption aes

integrity sha

group 5 2

prf sha

lifetime seconds 86400

crypto ikev2 policy 30

encryption 3des

integrity sha

group 5 2

prf sha

lifetime seconds 86400

crypto ikev2 policy 40

encryption des

integrity sha

group 5 2

prf sha

lifetime seconds 86400

crypto ikev2 enable outside client-services port 443

crypto ikev2 remote-access trustpoint Digicert_gvvsdotCA

crypto ikev1 enable outside

crypto ikev1 policy 10

authentication pre-share

encryption 3des

hash md5

group 2

lifetime 86400

telnet 192.168.75.0 255.255.255.0 inside

telnet 10.10.10.9 255.255.255.255 inside

telnet 10.11.0.0 255.255.0.0 inside

telnet 10.5.0.145 255.255.255.255 inside

telnet 10.200.20.0 255.255.255.0 inside

telnet timeout 1440

ssh 192.168.75.0 255.255.255.0 inside

ssh 10.11.0.0 255.255.0.0 inside

ssh 10.5.0.145 255.255.255.255 inside

ssh 10.200.20.0 255.255.255.0 inside

ssh timeout 60

ssh key-exchange group dh-group1-sha1

console timeout 0

management-access inside

no vpn-addr-assign dhcp

threat-detection basic-threat

threat-detection statistics

threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200

ntp server 10.10.10.1 source inside prefer

ssl trust-point Digicert_gvvsdotCA outside

webvpn

enable outside

anyconnect image disk0:/anyconnect-win-3.1.04072-k9.pkg 1

anyconnect profiles AnyConnectVPN_client_profile disk0:/AnyConnectVPN_client_profile.xml

anyconnect enable

tunnel-group-list enable

group-policy DefaultRAGroup internal

group-policy DefaultRAGroup attributes

dns-server value 172.16.0.101 172.16.0.102

vpn-tunnel-protocol ikev1 l2tp-ipsec

group-policy GroupPolicy_AnyConnectVPN internal

group-policy GroupPolicy_AnyConnectVPN attributes

wins-server none

dns-server value 172.16.0.102 172.16.0.101

vpn-tunnel-protocol ikev2 ssl-client

default-domain value gvvs.ca

webvpn

  anyconnect profiles value AnyConnectVPN_client_profile type user

group-policy CiscoClientVPN internal

group-policy CiscoClientVPN attributes

dns-server value 172.16.0.102 172.16.0.101

vpn-tunnel-protocol ikev1

default-domain value gvvs.ca

username danletkeman password rg3ZFNQBZr1YBbPJADPTpQ== nt-encrypted

username admin password /jbDqpMgkq4ycbrB encrypted privilege 15

tunnel-group DefaultRAGroup general-attributes

address-pool VPN-L2TP-IPSEC-POOL

authorization-server-group LOCAL

default-group-policy DefaultRAGroup

strip-realm

strip-group

tunnel-group DefaultRAGroup ipsec-attributes

ikev1 pre-shared-key gvvsvpn1*

peer-id-validate nocheck

tunnel-group DefaultRAGroup ppp-attributes

no authentication chap

no authentication ms-chap-v1

authentication ms-chap-v2

tunnel-group CiscoClientVPN type remote-access

tunnel-group CiscoClientVPN general-attributes

address-pool VPN-L2TP-IPSEC-POOL

authentication-server-group LDAP LOCAL

default-group-policy CiscoClientVPN

tunnel-group CiscoClientVPN ipsec-attributes

ikev1 pre-shared-key gvvsvpn1*

tunnel-group AnyConnectVPN type remote-access

tunnel-group AnyConnectVPN general-attributes

address-pool VPN-L2TP-IPSEC-POOL

authentication-server-group LDAP

default-group-policy GroupPolicy_AnyConnectVPN

tunnel-group AnyConnectVPN webvpn-attributes

group-alias AnyConnectVPN enable

!

class-map type regex match-any http

match regex youtube

class-map type inspect http match-any http_inspect_regex

match request uri regex class http

class-map http-s

match access-list http-s

class-map type regex match-any URLBlockList

description Match Traffic for Inspection

match regex Torrent-Info_Hash

class-map type inspect http match-all asdm_medium_security_methods

match not request method head

match not request method post

match not request method get

class-map guest-network

match access-list guest-network

class-map inspection_default

match default-inspection-traffic

class-map netflow-traffic

match access-list netflow-hosts

class-map type regex match-any class-limit

match regex dropbox

class-map type inspect http match-all BlockURLsClass

match request uri regex class URLBlockList

!

!

policy-map type inspect http URL

parameters

match request uri regex dropbox

  reset

policy-map global_policy

class http-s

  inspect http URL

class inspection_default

  inspect esmtp

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect ip-options

  inspect netbios

  inspect rsh

  inspect rtsp

  inspect sip 

  inspect skinny 

  inspect sqlnet

  inspect sunrpc

  inspect tftp

  inspect xdmcp

  inspect dns

  inspect pptp

  inspect icmp

  inspect icmp error

class netflow-traffic

  flow-export event-type all destination 10.5.0.151

class guest-network

  police input 1500000 62500

class class-default

  set connection decrement-ttl

policy-map shape-download

class guest-network

  police output 5000000

policy-map shape-out

class class-default

policy-map type inspect dns migrated_dns_map_1

parameters

  message-length maximum client auto

  message-length maximum 512

policy-map test_pol

!

service-policy global_policy global

smtp-server 10.5.0.20

prompt hostname context

no call-home reporting anonymous

call-home

profile CiscoTAC-1

  no active

  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService

  destination address email callhome@cisco.com

  destination transport-method http

  subscribe-to-alert-group diagnostic

  subscribe-to-alert-group environment

  subscribe-to-alert-group inventory periodic monthly

  subscribe-to-alert-group configuration periodic monthly

  subscribe-to-alert-group telemetry periodic daily

hpm topN enable

Cryptochecksum:75e75fac17a7c4906f7055f525daa6ae

: end

1119
Views
0
Helpful
10
Replies
CreatePlease login to create content