Z1CCcyTS

· 6 years ago · Jun 16, 2019, 07:06 AM
1name 192.168.1.103 AD1 description Active directory
2name 192.168.1.104 AD2 description Active directory
3name 192.168.1.108 CoreSwitch description Cisco L3 switch
4name 192.168.1.100 IAS description Serveur LDAP Microsoft
5name 192.168.1.106 Intranet description Sharepoint
6name 192.168.1.131 Monitoring description Monitoring workstation
7name 172.17.1.1 Stonegate description Loadbalancing
8name 172.17.1.10 StonegateBckp
9name 192.168.1.133 Monitoring1 description Monitoring workstation
10name 192.168.1.215 servicedesk description service desk
11name 77.59.239.245 winair description winair
12name 77.59.239.247 winair1 description winair1
13name 77.59.239.244 winair2 description winair2
14name 77.59.239.246 winair3 description winair3
15name 172.30.4.8 mexdata
16name 172.30.4.18 StoreTool
17name 172.30.4.16 Maintenance
18name 172.30.4.17 Maintenance1
19name 192.168.2.116 TESTWEBSENSE description Agent Websense
20name 192.168.1.111 PROXY
21name 192.168.1.109 PROXY1
22name 192.168.1.110 PROXY2
23name 192.168.1.112 PROXY3
24name 192.168.1.113 PROXY4
25name 172.16.1.4 IronPort description SMTP RELAY
26name 172.16.1.2 BlueCoat description Proxy Bluecoat SG400
27name 192.168.1.101 Mail_Server description Serveur de Messagerie
28name 172.16.96.150 ISILSERVER
29name 172.30.4.82 Fabrice
30name 213.42.118.56 dragonoil description dragonoil website
31name 172.17.20.9 PARTAGE_ALGER
32name 192.168.1.119 SOPRADEV description Sopra HRaDev
33name 195.190.16.79 ipc.austroengine.at description Star ipc.austroengine
34!
35interface GigabitEthernet0/0
36 nameif outside
37 security-level 0
38 ip address 172.17.1.254 255.255.255.0
39 ospf cost 10
40!
41interface GigabitEthernet0/1
42 nameif inside
43 security-level 100
44 ip address 192.168.1.250 255.255.255.0
45 ospf cost 10
46!
47interface GigabitEthernet0/2
48 description dmz
49 nameif dmz
50 security-level 50
51 ip address 172.16.1.1 255.255.255.0
52 ospf cost 10
53!
54interface GigabitEthernet0/3
55 shutdown
56 nameif VPNHMD
57 security-level 0
58 ip address 10.1.112.2 255.255.255.252
59 ospf cost 10
60!
61interface Management0/0
62 shutdown
63 no nameif
64 no security-level
65 no ip address
66!
67ftp mode passive
68clock timezone CET 1
69dns server-group DefaultDNS
70 domain-name Romst.COM
71object-group service mail tcp
72 port-object eq www
73 port-object eq pop3
74 port-object eq imap4
75 port-object eq 993
76 port-object eq https
77object-group service proxy tcp
78 port-object eq www
79 port-object eq https
80 port-object eq ftp
81 port-object eq 8080
82 port-object eq 123
83object-group service ironport tcp
84 port-object eq smtp
85 port-object eq www
86 port-object eq https
87object-group network privilege
88 description groupe d'adresse pouvant bypasser le proxy
89 network-object host Mail_Server
90 network-object host 192.168.1.254
91 network-object host Monitoring
92 network-object host 192.168.1.130
93 network-object host AD1
94 network-object host AD2
95 network-object host 192.168.2.123
96 network-object host 172.30.4.80
97 network-object host mexdata
98 network-object host servicedesk
99 network-object host 172.30.4.19
100 network-object host StoreTool
101 network-object host Maintenance
102 network-object host Maintenance1
103 network-object host TESTWEBSENSE
104 network-object host SILSERVER
105 network-object host 192.168.1.175
106 network-object host 172.30.4.64
107 network-object host 172.30.4.67
108 network-object host 172.30.4.76
109 network-object host 192.168.5.174
110 network-object host 192.168.1.107
111 network-object host 192.168.1.121
112 network-object host 192.168.1.122
113 network-object host Fabrice
114 network-object host PARTAGE_AL
115 network-object host SOPRADEV
116object-group protocol DM_INLINE_PROTOCOL_1
117 protocol-object ip
118 protocol-object tcp
119object-group network AD_ALG
120 network-object host 10.0.2.100
121 network-object host 10.0.2.101
122object-group network AD_HMD
123 network-object host AD1
124 network-object host AD2
125object-group protocol TCPUDP
126 protocol-object udp
127 protocol-object tcp
128access-list outside_acl extended permit object-group TCPUDP any any eq 8080
129access-list outside_acl extended permit icmp any any
130access-list outside_acl extended permit tcp any host Mail_Server object-group mail
131access-list outside_acl extended permit tcp any host IronPort eq smtp
132access-list outside_acl extended permit tcp any host Mail_Server eq 22022
133access-list outside_acl extended permit ip host Stonegate host Monitoring
134access-list outside_acl extended permit ip host Stonegate host Monitoring1
135access-list outside_acl extended permit icmp host Stonegate host Monitoring1
136access-list outside_acl extended permit udp host Stonegate host AD1 eq domain
137access-list outside_acl extended permit udp host Stonegate host AD2 eq domain
138access-list outside_acl extended permit tcp any host servicedesk eq smtp
139access-list outside_acl extended permit tcp any host nair eq 8080
140access-list outside_acl extended permit tcp any host inair1
141access-list outside_acl extended permit tcp any host nair2
142access-list outside_acl extended permit tcp any host nair3
143access-list outside_acl extended permit tcp any host Monitoring1 eq 8080
144access-list outside_acl extended permit tcp any host nair1 eq 8080
145access-list outside_acl extended permit tcp any host nair2 eq 8080
146access-list outside_acl extended permit tcp any host nair3 eq 8080
147access-list outside_acl extended permit tcp any any eq 8082
148access-list outside_acl extended permit tcp any host 192.168.2.123 eq 4443
149access-list outside_acl extended permit tcp any any eq 8081
150access-list outside_acl extended permit tcp any host 192.168.1.121 eq 22022 inactive
151access-list outside_acl extended permit tcp any host 192.168.1.122 eq 22022 inactive
152access-list outside_acl extended permit tcp any host 192.168.1.121 object-group mail inactive
153access-list outside_acl extended permit tcp any host 192.168.1.122 object-group mail inactive
154access-list outside_acl extended permit tcp any host Monitoring1 eq 3023
155access-list outside_acl extended permit ip host 196.46.252.107 host Monitoring1
156access-list outside_acl extended permit tcp host Stonegate host AD1 eq ldaps
157access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 192.168.1.0 255.255.255.0
158access-list outside_acl extended permit tcp any host Monitoring1 eq 3021
159access-list outside_acl extended permit tcp any host Monitoring1 eq 8906
160access-list outside_acl extended permit tcp any host Monitoring1 eq cifs
161access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 any
162access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 any
163access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 172.31.1.0 255.255.255.0
164access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 172.18.20.0 255.255.255.0
165access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 172.18.20.0 255.255.255.0
166access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 172.17.20.0 255.255.255.0
167access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 172.17.20.0 255.255.255.0
168access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 10.0.100.0 255.255.255.0
169access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 10.0.100.0 255.255.255.0
170access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 172.30.100.0 255.255.255.0
171access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 172.30.100.0 255.255.255.0
172access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 192.168.0.0 255.255.0.0
173access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 192.168.0.0 255.255.0.0
174access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 10.0.100.0 255.255.255.0
175access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 172.30.100.0 255.255.255.0
176access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 172.30.100.0 255.255.255.0
177access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 192.168.0.0 255.255.0.0
178access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 192.168.0.0 255.255.0.0
179access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 172.30.4.0 255.255.255.0
180access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 172.30.200.0 255.255.255.0
181access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 any
182access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 172.18.20.0 255.255.255.0
183access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 172.17.20.0 255.255.255.0
184access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 10.0.100.0 255.255.255.0
185access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 172.30.100.0 255.255.255.0
186access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 192.168.0.0 255.255.0.0
187access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 172.30.4.0 255.255.255.0
188access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 172.30.200.0 255.255.255.0
189access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 172.31.1.0 255.255.255.0
190access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 172.31.3.0 255.255.255.0
191access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 any
192access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 172.18.20.0 255.255.255.0
193access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 172.17.20.0 255.255.255.0
194access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 10.0.100.0 255.255.255.0
195access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 172.30.100.0 255.255.255.0
196access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 192.168.0.0 255.255.0.0
197access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 172.30.4.0 255.255.255.0
198access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 172.30.200.0 255.255.255.0
199access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 172.31.6.0 255.255.255.0
200access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 172.31.3.0 255.255.255.0
201access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 172.31.1.0 255.255.255.0
202access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 172.31.6.0 255.255.255.0
203access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 172.31.0.0 255.255.0.0
204access-list outside_acl extended permit ip 172.31.0.0 255.255.255.0 172.17.1.0 255.255.255.0
205access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 172.31.3.0 255.255.255.0
206access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 any
207access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 any
208access-list outside_acl extended permit ip 172.31.5.0 255.255.255.0 any
209access-list outside_acl extended permit ip 172.31.0.0 255.255.0.0 any
210access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 172.31.2.0 255.255.255.0
211access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 172.31.4.0 255.255.255.0
212access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 172.31.5.0 255.255.255.0
213access-list outside_acl extended permit ip 172.17.1.0 255.255.255.0 172.31.6.0 255.255.255.0
214access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 172.18.20.0 255.255.255.0
215access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 172.18.20.0 255.255.255.0
216access-list outside_acl extended permit ip 172.31.5.0 255.255.255.0 172.18.20.0 255.255.255.0
217access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 172.17.20.0 255.255.255.0
218access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 172.17.20.0 255.255.255.0
219access-list outside_acl extended permit ip 172.31.5.0 255.255.255.0 172.17.20.0 255.255.255.0
220access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 10.0.100.0 255.255.255.0
221access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 10.0.100.0 255.255.255.0
222access-list outside_acl extended permit ip 172.31.5.0 255.255.255.0 10.0.100.0 255.255.255.0
223access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 172.30.100.0 255.255.255.0
224access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 172.30.100.0 255.255.255.0
225access-list outside_acl extended permit ip 172.31.5.0 255.255.255.0 172.30.100.0 255.255.255.0
226access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 192.168.0.0 255.255.0.0
227access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 192.168.0.0 255.255.0.0
228access-list outside_acl extended permit ip 172.31.5.0 255.255.255.0 192.168.0.0 255.255.0.0
229access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 172.30.4.0 255.255.255.0
230access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 172.30.4.0 255.255.255.0
231access-list outside_acl extended permit ip 172.31.5.0 255.255.255.0 172.30.200.0 255.255.255.0
232access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 172.31.1.0 255.255.255.0
233access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 172.31.1.0 255.255.255.0
234access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 172.31.1.0 255.255.255.0
235access-list outside_acl extended permit ip 172.31.5.0 255.255.255.0 172.31.1.0 255.255.255.0
236access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 172.31.3.0 255.255.255.0
237access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 172.31.3.0 255.255.255.0
238access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 172.31.3.0 255.255.255.0
239access-list outside_acl extended permit ip 172.31.5.0 255.255.255.0 172.31.3.0 255.255.255.0
240access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 172.31.4.0 255.255.255.0
241access-list outside_acl extended permit ip 172.31.1.0 255.255.255.0 172.31.5.0 255.255.255.0
242access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 172.31.4.0 255.255.255.0
243access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 172.31.5.0 255.255.255.0
244access-list outside_acl extended permit ip 172.31.2.0 255.255.255.0 172.31.6.0 255.255.255.0
245access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 172.31.2.0 255.255.255.0
246access-list outside_acl extended permit ip 172.31.3.0 255.255.255.0 172.31.5.0 255.255.255.0
247access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 172.31.2.0 255.255.255.0
248access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 172.31.5.0 255.255.255.0
249access-list outside_acl extended permit ip 172.31.4.0 255.255.255.0 172.31.6.0 255.255.255.0
250access-list outside_acl extended permit ip 172.31.5.0 255.255.255.0 172.31.2.0 255.255.255.0
251access-list outside_acl extended permit ip 172.31.5.0 255.255.255.0 172.31.4.0 255.255.255.0
252access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 172.31.2.0 255.255.255.0
253access-list outside_acl extended permit ip 172.31.6.0 255.255.255.0 172.31.4.0 255.255.255.0
254access-list outside_acl remark Star ipc.austroengine.at
255access-list outside_acl extended permit tcp any host ipc.austroengine.at
256access-list outside_acl remark Star ipc.austroengine.at
257access-list outside_acl extended permit tcp any host ipc.austroengine.at eq www
258access-list outside_acl remark Star ipc.austroengine.at
259access-list outside_acl extended permit tcp any host ipc.austroengine.at eq 8080
260access-list outside_acl remark Star ipc.austroengine.at
261access-list outside_acl extended permit ip any host ipc.austroengine.at
262access-list outside_acl remark Star ipc.austroengine.at
263access-list outside_acl extended permit ip host ipc.austroengine.at any inactive
264access-list outside_acl remark Star ipc.austroengine.at
265access-list outside_acl extended permit tcp host ipc.austroengine.at any inactive
266access-list outside_acl remark Star ipc.austroengine.at
267access-list outside_acl extended permit tcp host ipc.austroengine.at any eq www inactive
268access-list outside_acl remark Star ipc.austroengine.at
269access-list outside_acl extended permit tcp host ipc.austroengine.at any eq 8080 inactive
270access-list inside_acl extended permit icmp any any
271access-list inside_acl extended permit udp any any eq domain
272access-list inside_acl extended permit ip any host 192.168.10.1
273access-list inside_acl extended permit ip host IAS 192.168.10.0 255.255.255.0
274access-list inside_acl extended permit tcp object-group privilege any
275access-list inside_acl extended permit ip object-group privilege any
276access-list inside_acl extended permit ip host Monitoring host Stonegate
277access-list inside_acl extended permit ip host Monitoring1 host Stonegate
278access-list inside_acl extended permit tcp any any eq www
279access-list inside_acl extended permit tcp any any eq https
280access-list inside_acl extended permit icmp any 172.20.21.0 255.255.255.0
281access-list inside_acl extended permit icmp any 172.30.4.0 255.255.255.0
282access-list inside_acl extended permit ip any 10.0.0.0 255.255.255.0
283access-list inside_acl extended permit icmp any 10.0.0.0 255.255.255.0
284access-list inside_acl extended permit icmp any 10.0.100.0 255.255.255.0
285access-list inside_acl extended permit ip any 10.0.100.0 255.255.255.0
286access-list inside_acl extended permit ip any 172.16.1.0 255.255.255.0
287access-list inside_acl extended permit icmp any 172.16.1.0 255.255.255.0
288access-list inside_acl extended permit ip any 172.16.96.0 255.255.255.0
289access-list inside_acl extended permit icmp any 172.16.96.0 255.255.255.0
290access-list inside_acl extended permit ip any 172.17.20.0 255.255.255.0
291access-list inside_acl extended permit icmp any 172.17.20.0 255.255.255.0
292access-list inside_acl extended permit ip any 172.18.20.0 255.255.255.0
293access-list inside_acl extended permit icmp any 172.18.20.0 255.255.255.0
294access-list inside_acl extended permit ip any 172.20.20.0 255.255.255.0
295access-list inside_acl extended permit ip any 172.20.20.0 255.255.255.0
296access-list inside_acl extended permit icmp any 172.20.20.0 255.255.255.0
297access-list inside_acl extended permit ip any 172.30.4.0 255.255.255.0
298access-list inside_acl extended permit ip any 172.31.1.0 255.255.255.0
299access-list inside_acl extended permit ip any 172.16.4.0 255.255.255.0
300access-list inside_acl extended permit icmp any 172.16.4.0 255.255.255.0
301access-list inside_acl extended permit ip any 172.30.100.0 255.255.255.0
302access-list inside_acl extended permit ip any 172.30.200.0 255.255.255.0
303access-list inside_acl extended permit ip any 172.31.3.0 255.255.255.0
304access-list inside_acl extended permit icmp any 172.31.1.0 255.255.255.0
305access-list inside_acl extended permit icmp any 172.31.3.0 255.255.255.0
306access-list inside_acl extended permit ip any 172.31.6.0 255.255.255.0
307access-list inside_acl extended permit ip any 172.31.0.0 255.255.0.0
308access-list inside_acl extended permit ip any 172.17.1.0 255.255.255.0
309access-list inside_acl remark Sat ipc.austronengine.at
310access-list inside_acl extended permit ip host ipc.austroengine.at any inactive
311access-list inside_acl remark Sat ipc.austronengine.at
312access-list inside_acl extended permit tcp host ipc.austroengine.at any eq www inactive
313access-list dmz_acl extended permit icmp any any
314access-list dmz_acl extended permit ip host BlueCoat any
315access-list dmz_acl extended permit tcp host IronPort any object-group ironport
316access-list dmz_acl extended permit tcp host Mail_Server host IronPort eq smtp
317access-list dmz_acl extended permit ip any any
318access-list inside_nat0_outbound extended permit ip any 192.168.10.0 255.255.255.0
319access-list inside_nat0_outbound extended permit ip 192.168.0.0 255.255.0.0 10.0.0.0 255.255.255.0
320access-list inside_nat0_outbound extended permit ip 192.168.0.0 255.255.0.0 10.0.0.0 255.255.0.0
321access-list VPNHMD_1_cryptomap extended permit ip 192.168.0.0 255.255.0.0 10.0.0.0 255.255.0.0
322access-list VPNHMD_access_in extended permit object-group DM_INLINE_PROTOCOL_1 object-group AD_HMD object-group AD_ALG
323pager lines 24
324logging enable
325logging asdm informational
326mtu outside 1500
327mtu inside 1500
328mtu dmz 1500
329mtu VPNHMD 1500
330ip local pool RMVPN 192.168.10.10-192.168.10.200 mask 255.255.255.0
331no failover
332icmp unreachable rate-limit 1 burst-size 1
333asdm image disk0:/asdm-602.bin
334no asdm history enable
335arp timeout 14400
336nat (inside) 0 access-list inside_nat0_outbound
337static (dmz,outside) 172.16.1.0 172.16.1.0 netmask 255.255.255.0
338static (dmz,outside) 172.16.1.40 172.16.1.40 netmask 255.255.255.255
339static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.0
340static (inside,outside) 192.168.1.0 192.168.1.0 netmask 255.255.255.0
341access-group outside_acl in interface outside
342access-group inside_acl in interface inside
343access-group dmz_acl in interface dmz
344access-group VPNHMD_access_in in interface VPNHMD
345route outside 0.0.0.0 0.0.0.0 Stonegate 1
346route inside 10.0.100.0 255.255.255.0 CoreSwitch 1
347route inside 172.16.4.0 255.255.255.0 CoreSwitch 1
348route inside 172.16.96.0 255.255.255.0 CoreSwitch 1
349route inside 172.17.20.0 255.255.255.0 CoreSwitch 1
350route inside 172.18.20.0 255.255.255.0 CoreSwitch 1
351route inside 172.20.20.0 255.255.255.0 CoreSwitch 1
352route inside 172.20.21.0 255.255.255.0 CoreSwitch 1
353route inside 172.30.4.0 255.255.255.0 CoreSwitch 1
354route inside 172.30.100.0 255.255.255.0 CoreSwitch 1
355route inside 172.31.3.0 255.255.255.0 CoreSwitch 1
356route inside 192.168.2.0 255.255.255.0 CoreSwitch 1
357route inside 192.168.3.0 255.255.255.0 CoreSwitch 1
358route inside 192.168.4.0 255.255.255.0 CoreSwitch 1
359route inside 192.168.5.0 255.255.255.0 CoreSwitch 1
360route inside 192.168.6.0 255.255.255.0 CoreSwitch 1
361route inside 192.168.7.0 255.255.255.0 CoreSwitch 1
362route inside 192.168.10.0 255.255.255.0 CoreSwitch 1
363route inside 192.168.100.0 255.255.255.0 CoreSwitch 1
364route inside 192.168.101.0 255.255.255.0 CoreSwitch 1
365route inside 192.168.102.0 255.255.255.0 CoreSwitch 1
366route inside 192.168.190.0 255.255.255.0 CoreSwitch 1
367route inside 192.168.191.0 255.255.255.0 CoreSwitch 1
368route inside 192.168.192.0 255.255.255.0 CoreSwitch 1
369timeout xlate 3:00:00
370timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
371timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
372timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
373timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
374dynamic-access-policy-record DfltAccessPolicy
375aaa-server vpnaaa protocol radius
376aaa-server vpnaaa (inside) host IAS
377 timeout 5
378 
379aaa-server AD protocol ldap
380aaa-server AD (inside) host AD1
381 timeout 3
382 ldap-base-dn dc=romst, dc=local
383 ldap-scope subtree
384 ldap-login-password *
385 ldap-login-dn cn=vpnservice,cn=users,dc=Romst, dc=local
386 server-type microsoft
387aaa-server AD (inside) host AD2
388 timeout 3
389 ldap-base-dn dc=Romst, dc=local
390 ldap-scope subtree
391 ldap-login-password *
392 ldap-login-dn cn=vpnservice,cn=users,dc=romst, dc=local
393 server-type microsoft
394aaa authentication http console LOCAL
395http server enable
396http 192.168.1.0 255.255.255.0 inside
397no snmp-server location
398no snmp-server contact
399snmp-server enable traps snmp authentication linkup linkdown coldstart
400
401telnet timeout 5
402ssh 0.0.0.0 0.0.0.0 outside
403ssh 192.168.0.0 255.255.255.0 inside
404ssh 192.168.1.0 255.255.255.0 inside
405ssh 192.168.2.0 255.255.255.0 inside
406ssh timeout 5
407console timeout 0
408threat-detection basic-threat
409threat-detection statistics access-list
410group-policy RM_VPN internal
411group-policy RM_VPN attributes
412 wins-server value 192.168.1.103
413 dns-server value 192.168.1.103 192.168.1.104
414
415!
416class-map inspection_default
417 match default-inspection-traffic
418!
419!
420policy-map type inspect dns preset_dns_map
421 parameters
422  message-length maximum 512
423policy-map global_policy
424  message-length maximum 512
425policy-map global_policy
426 class inspection_default
427  inspect dns preset_dns_map
428  inspect h323 h225
429  inspect h323 ras
430  inspect netbios
431  inspect rsh
432  inspect rtsp
433  inspect sqlnet
434  inspect sunrpc
435  inspect tftp
436  inspect sip
437  inspect xdmcp
438  inspect ftp
439!
440service-policy global_policy global