=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2009.06.17 18:53:05 =~=~=~=~=~=~=~=~=~=~=~= User Access Verification Username: admin Password: ************* Username: e   Username: admin Password: ************ Type help or '?' for a list of available commands. ASA5505> en Password: *********** ASA5505# sh run : Saved : ASA Version 7.2(4) ! hostname ASA5505 domain-name default.domain.invalid enable password Fz5VQER/Yg7iv3LX encrypted passwd 2KFQnbNIdI.2KYOU encrypted names name 67.68.200.70 O-PeerAddress description TEST VPN name 10.254.254.19 R-RemoteAddress description RemoteAddress name 10.101.20.0 I-Sub-Inside description Internal Network name 208.178.159.254 O-NMSLabs description WORK name 172.16.3.0 I-Sub-Inside-EMachine description Segmented Network dns-guard ! interface Vlan1 nameif inside security-level 100 ip address 10.101.20.1 255.255.255.0 ospf cost 10 ! interface Vlan2 nameif outside security-level 0 <--- More ---> ip address dhcp setroute ospf cost 10 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 switchport access vlan 40 ! interface Ethernet0/5 ! interface Ethernet0/6 switchport access vlan 60 ! interface Ethernet0/7 ! ftp mode passive clock timezone EST -5 <--- More ---> clock summer-time EDT recurring dns server-group DefaultDNS domain-name default.domain.invalid object-group service UTorrent tcp port-object eq 42640 port-object eq 6969 port-object eq 58050 object-group service DM_INLINE_TCP_1 tcp port-object eq www port-object eq https access-list outside_access_in extended permit tcp host O-NMSLabs interface outside eq 3389 log alerts access-list outside_access_in extended permit tcp host O-NMSLabs interface outside eq 5900 log alerts access-list outside_access_in remark FTP access-list outside_access_in extended permit tcp any interface outside eq ftp log alerts access-list outside_access_in extended permit icmp any any unreachable access-list outside_access_in extended permit icmp any any time-exceeded access-list outside_access_in extended permit icmp any any echo-reply access-list outside_access_in remark FTP access-list outside_access_in remark FTP access-list outside_access_in remark FTP access-list inside_access_ACLOUT extended permit tcp any any object-group DM_INLINE_TCP_1 log errors access-list inside_access_ACLOUT extended permit tcp any any log alerts access-list inside_access_ACLOUT extended permit udp any any log alerts access-list inside_access_ACLOUT extended permit icmp any any log <--- More ---> access-list inside_access_ACLOUT extended permit tcp I-Sub-Inside 255.255.255.0 any object-group UTorrent access-list inside_access_in extended permit tcp I-Sub-Inside 255.255.255.0 any eq www log errors access-list inside_access_in extended permit tcp I-Sub-Inside 255.255.255.0 any log alerts access-list inside_access_in extended permit udp I-Sub-Inside 255.255.255.0 any log alerts access-list inside_access_in extended permit icmp I-Sub-Inside 255.255.255.0 any log access-list inside_access_in extended permit tcp I-Sub-Inside 255.255.255.0 any object-group UTorrent log access-list DMZ40_access_in extended permit udp any any access-list DMZ40_access_in extended permit ip any host 10.101.20.254 access-list DMZ40_access_in extended permit ip any any access-list DMZ40_access_in extended permit ip I-Sub-Inside-EMachine 255.255.255.0 any pager lines 24 logging enable logging timestamp logging standby logging monitor debugging logging buffered informational logging trap notifications logging asdm informational logging host inside 10.101.20.254 mtu inside 1500 mtu outside 1500 icmp unreachable rate-limit 1 burst-size 1 icmp deny any outside asdm image disk0:/asdm-524.bin <--- More ---> no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 dns static (inside,outside) tcp interface 3389 10.101.20.254 3389 netmask 255.255.255.255 static (inside,outside) tcp interface ftp 10.101.20.254 ftp netmask 255.255.255.255 static (inside,outside) tcp interface 5900 10.101.20.201 5900 netmask 255.255.255.255 access-group inside_access_ACLOUT in interface inside access-group outside_access_in in interface outside route inside 10.2.0.0 255.255.255.0 172.22.1.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute aaa authentication ssh console LOCAL aaa authentication telnet console LOCAL filter java 80 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 filter activex 80 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 http server enable http O-NMSLabs 255.255.255.255 outside http 192.168.1.0 255.255.255.0 inside http I-Sub-Inside 255.255.255.0 inside no snmp-server location <--- More ---> no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart no service password-recovery crypto isakmp policy 10 authentication pre-share encryption 3des hash md5 group 1 lifetime 86400 crypto isakmp ipsec-over-tcp port 10000 telnet I-Sub-Inside 255.255.255.0 inside telnet O-NMSLabs 255.255.255.255 outside telnet timeout 5 ssh 10.101.20.254 255.255.255.255 inside ssh timeout 5 ssh version 2 console timeout 0 dhcpd auto_config outside dhcpd update dns both ! dhcpd address 10.101.20.200-10.101.20.220 inside dhcpd enable inside ! <--- More ---> username admin password 4kqT45sVwr3qI1Mu encrypted ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios <--- More ---> inspect tftp inspect icmp ! service-policy global_policy global prompt hostname context Cryptochecksum:ee64c8b184aa5e820bb0efa6dea42a36 : end ASA5505# exit Logoff