Untitled diff

Created Diff never expires
14 removals
149 lines
14 additions
149 lines
hostname KAMLOOPS
hostname SALMONARM
enable password NuLKvvWGg.x9HEKO encrypted
enable password NuLKvvWGg.x9HEKO encrypted
passwd NuLKvvWGg.x9HEKO encrypted
passwd NuLKvvWGg.x9HEKO encrypted
names
names
!
!
interface Ethernet0/0
interface Ethernet0/0
switchport access vlan 2
switchport access vlan 2
!
!
interface Ethernet0/1
interface Ethernet0/1
!
!
interface Ethernet0/2
interface Ethernet0/2
!
!
interface Ethernet0/3
interface Ethernet0/3
!
!
interface Ethernet0/4
interface Ethernet0/4
!
!
interface Ethernet0/5
interface Ethernet0/5
!
!
interface Ethernet0/6
interface Ethernet0/6
!
!
interface Ethernet0/7
interface Ethernet0/7
!
!
interface Vlan1
interface Vlan1
nameif inside
nameif inside
security-level 100
security-level 100
ip address 10.30.1.1 255.255.0.0
ip address 10.45.1.1 255.255.0.0
!
!
interface Vlan2
interface Vlan2
nameif outside
nameif outside
security-level 0
security-level 0
ip address 192.168.0.215 255.255.255.0
ip address 192.168.0.216 255.255.255.0
!
!
banner motd WARNING: Authorized access only!
banner motd WARNING: Authorized access only!
ftp mode passive
ftp mode passive
access-list inside_access_in extended permit icmp 10.30.0.0 255.255.0.0 any
access-list inside_access_in extended permit icmp 10.45.0.0 255.255.0.0 any
access-list inside_access_in extended permit ip 10.30.0.0 255.255.0.0 any
access-list inside_access_in extended permit ip 10.45.0.0 255.255.0.0 any
access-list outside_access_in extended permit icmp any any
access-list outside_access_in extended permit icmp any any
access-list outside_access_in extended permit tcp any interface outside eq www
access-list outside_access_in extended permit tcp any interface outside eq www
access-list 100 extended permit ip 10.30.0.0 255.255.0.0 10.45.0.0 255.255.0.0
access-list 100 extended permit ip 10.45.0.0 255.255.0.0 10.30.0.0 255.255.0.0
pager lines 24
pager lines 24
logging enable
logging enable
logging asdm informational
logging asdm informational
mtu inside 1500
mtu inside 1500
mtu outside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
no asdm history enable
arp timeout 14400
arp timeout 14400
global (outside) 1 interface
global (outside) 1 interface
nat (inside) 1 10.30.0.0 255.255.0.0
nat (inside) 1 10.45.0.0 255.255.0.0
access-group inside_access_in in interface inside
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 192.168.0.100 1
route outside 0.0.0.0 0.0.0.0 192.168.0.100 1
timeout xlate 3:00:00
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
dynamic-access-policy-record DfltAccessPolicy
http server enable
http server enable
http 0.0.0.0 0.0.0.0 inside
http 0.0.0.0 0.0.0.0 inside
http 0.0.0.0 0.0.0.0 outside
http 0.0.0.0 0.0.0.0 outside
no snmp-server location
no snmp-server location
no snmp-server contact
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set JONCOM_SET esp-des esp-sha-hmac
crypto ipsec transform-set JONCOM_SET esp-des esp-sha-hmac
crypto ipsec security-association lifetime seconds 3600
crypto ipsec security-association lifetime seconds 3600
crypto ipsec security-association lifetime kilobytes 4608000
crypto ipsec security-association lifetime kilobytes 4608000
crypto map JONCOM_MAP 10 match address 100
crypto map JONCOM_MAP 10 match address 100
crypto map JONCOM_MAP 10 set peer 192.168.0.216
crypto map JONCOM_MAP 10 set peer 192.168.0.215
crypto map JONCOM_MAP 10 set transform-set JONCOM_SET
crypto map JONCOM_MAP 10 set transform-set JONCOM_SET
crypto map JONCOM_MAP interface outside
crypto map JONCOM_MAP interface outside
crypto isakmp enable outside
crypto isakmp enable outside
crypto isakmp policy 10
crypto isakmp policy 10
authentication pre-share
authentication pre-share
encryption des
encryption des
hash sha
hash sha
group 2
group 2
lifetime 86400
lifetime 86400
crypto isakmp policy 65535
crypto isakmp policy 65535
authentication pre-share
authentication pre-share
encryption 3des
encryption 3des
hash sha
hash sha
group 2
group 2
lifetime 86400
lifetime 86400
telnet timeout 5
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh 0.0.0.0 0.0.0.0 inside
ssh 0.0.0.0 0.0.0.0 outside
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 60
ssh timeout 60
console timeout 0
console timeout 0
dhcpd auto_config outside
dhcpd auto_config outside
!
!
dhcpd address 10.30.7.1-10.30.7.32 inside
dhcpd address 10.45.7.1-10.45.7.32 inside
dhcpd dns 8.8.8.8 8.8.4.4 interface inside
dhcpd dns 8.8.8.8 8.8.4.4 interface inside
dhcpd option 3 ip 10.30.1.1 interface inside
dhcpd option 3 ip 10.45.1.1 interface inside
dhcpd enable inside
dhcpd enable inside
!
!
threat-detection basic-threat
threat-detection basic-threat
threat-detection statistics access-list
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
no threat-detection statistics tcp-intercept
webvpn
webvpn
tunnel-group 192.168.0.216 type ipsec-l2l
tunnel-group 192.168.0.215 type ipsec-l2l
tunnel-group 192.168.0.216 ipsec-attributes
tunnel-group 192.168.0.215 ipsec-attributes
pre-shared-key *****
pre-shared-key *****
!
!
class-map inspection_default
class-map inspection_default
match default-inspection-traffic
match default-inspection-traffic
!
!
!
!
policy-map type inspect dns preset_dns_map
policy-map type inspect dns preset_dns_map
parameters
parameters
message-length maximum client auto
message-length maximum client auto
message-length maximum 512
message-length maximum 512
policy-map global_policy
policy-map global_policy
class inspection_default
class inspection_default
inspect dns preset_dns_map
inspect dns preset_dns_map
inspect ftp
inspect ftp
inspect h323 h225
inspect h323 h225
inspect h323 ras
inspect h323 ras
inspect ip-options
inspect ip-options
inspect netbios
inspect netbios
inspect rsh
inspect rsh
inspect rtsp
inspect rtsp
inspect skinny
inspect skinny
inspect esmtp
inspect esmtp
inspect sqlnet
inspect sqlnet
inspect sunrpc
inspect sunrpc
inspect tftp
inspect tftp
inspect sip
inspect sip
inspect xdmcp
inspect xdmcp
!
!
service-policy global_policy global
service-policy global_policy global
prompt hostname context
prompt hostname context
no call-home reporting anonymous
no call-home reporting anonymous
call-home
call-home
profile CiscoTAC-1
profile CiscoTAC-1
no active
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email callhome@cisco.com
destination address email callhome@cisco.com
destination transport-method http
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:2069e2f4f984e71e0aa57f77ec86d125
Cryptochecksum:0687b7f8310b66c021da2369d79410cd
: end
: end