ASA Version 7.0(8) ! hostname ASA5510 enable password encrypted passwd encrypted names dns-guard ! interface Ethernet0/0 nameif OUTSIDE security-level 0 ip address 69.94.x.x 255.255.255.252 ! interface Ethernet0/1 nameif INSIDE security-level 100 ip address 10.1.29.2 255.255.255.0 ! interface Ethernet0/2 shutdown no nameif no security-level no ip address ! interface Management0/0 nameif management security-level 100 ip address 192.168.1.1 255.255.255.0 management-only ! ftp mode passive access-list INBOUNDACL extended permit icmp any any echo access-list INBOUNDACL extended permit icmp any any echo-reply access-list INBOUNDACL extended permit tcp any interface OUTSIDE eq 3389 access-list nonat extended permit ip 10.1.29.0 255.255.255.0 10.2.29.0 255.255.255.0 access-list 102 extended permit ip 10.1.29.0 255.255.255.0 10.2.29.0 255.255.255.0 pager lines 24 logging asdm informational mtu OUTSIDE 1500 mtu INSIDE 1500 mtu management 1500 asdm image disk0:/asdm-508.bin no asdm history enable arp timeout 14400 global (OUTSIDE) 1 interface nat (INSIDE) 0 access-list nonat nat (INSIDE) 1 0.0.0.0 0.0.0.0 static (INSIDE,OUTSIDE) tcp interface 3389 10.1.29.100 3389 netmask 255.255.255.255 access-group INBOUNDACL in interface OUTSIDE route OUTSIDE 0.0.0.0 0.0.0.0 69.94.x.x 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute http server enable no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set asatopix esp-des esp-md5-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map vpnmap 1 set security-association lifetime seconds 28800 crypto map vpnmap 1 set security-association lifetime kilobytes 4608000 crypto map vpnmap 2 match address 102 crypto map vpnmap 2 set peer 65.x.x.78 crypto map vpnmap 2 set transform-set asatopix crypto map vpnmap 2 set security-association lifetime seconds 28800 crypto map vpnmap 2 set security-association lifetime kilobytes 4608000 isakmp identity address isakmp enable OUTSIDE isakmp policy 1 authentication pre-share isakmp policy 1 encryption des isakmp policy 1 hash md5 isakmp policy 1 group 2 isakmp policy 1 lifetime 86400 isakmp nat-traversal 20 tunnel-group 65.x.x.78 type ipsec-l2l tunnel-group 65.x.x.78 ipsec-attributes pre-shared-key * telnet 172.16.1.0 255.255.255.0 INSIDE telnet timeout 20 ssh timeout 5 console timeout 0 ! class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class inspection_default inspect dns maximum-length 512 inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect icmp inspect ipsec-pass-thru inspect pptp ! service-policy global_policy global Cryptochecksum:5f6b316a1786cdf50204bc7337a47e11 : end