网通和电信地址分段均从网上搜集到的,
另配置了 IPSEC LAN 2 LAN
: Saved
:
ASA Version 8.0(3)
!
hostname ciscoasa
domain-name domainname.com
enable password NMxA5vHVCmm encrypted
names
dns-guard
!
interface GigabitEthernet0/0
nameif outside
security-level 0
ip address X.X.X.7 255.255.255.224
!
interface GigabitEthernet0/1
nameif outside1
security-level 0
ip address X.X.X.2 255.255.255.240
!
interface GigabitEthernet0/2
nameif inside
security-level 100
ip address 10.10.10.8 255.255.255.0
!
interface GigabitEthernet0/3
shutdown
nameif dmz
security-level 80
ip address 100.100.100.1 255.255.255.0
!
interface Management0/0
nameif guanli
security-level 100
ip address 192.168.100.230 255.255.255.0
!
passwd 173MxbCczggFOk1n encrypted
boot system disk0:/asa803.bin
ftp mode passive
clock timezone HKST 8
dns server-group DefaultDNS
domain-name domainname.com
access-list acl_out extended permit tcp any host X.X.X.5 eq smtp
access-list acl_out extended permit tcp any host X.X.X.5 eq pop3
access-list acl_out extended permit tcp any host X.X.X.5 eq www
access-list acl_out extended permit tcp any host X.X.X.5 eq 2008
access-list acl_out extended permit icmp any any
access-list acl_out extended permit gre any any
access-list acl_out extended permit tcp any host X.X.X.3 eq ftp
access-list acl_out extended permit tcp any host X.X.X.4 eq www
access-list acl_out extended permit tcp any host X.X.X.6 eq www
access-list acl_out extended permit tcp any host X.X.X.4 eq 8888
access-list acl_out extended permit tcp any host X.X.X.5 eq pptp
access-list acl_out extended permit tcp any host X.X.X.3 eq 47
access-list acl_out extended permit tcp any host X.X.X.2 eq 81
access-list acl_out extended permit tcp any host X.X.X.2 eq 82
access-list acl_out extended permit tcp any host X.X.X.2 eq 83
access-list acl_out extended permit tcp any host X.X.X.2 eq 84
access-list acl_out extended permit tcp any host X.X.X.8 eq www
access-list acl_out extended permit tcp any host X.X.X.1 eq 8080
access-list acl_out extended permit tcp any host X.X.X.8 eq www
access-list acl_out extended permit tcp any host X.X.X.3 eq 8001
access-list acl_out extended permit tcp any host X.X.X.0 eq ftp
access-list acl_out extended permit tcp any host X.X.X.1 eq www
access-list acl_out extended permit tcp any host X.X.X.0 eq 8080
access-list acl_out extended permit tcp any host X.X.X.8 eq 8080
access-list acl_out extended permit tcp any host X.X.X.4 eq www
access-list acl_out extended permit tcp any host X.X.X.0 eq www
access-list acl_out extended permit tcp any host X.X.X.4 eq 3389
access-list acl_out extended permit tcp any host X.X.X.9 eq www
access-list acl_out extended permit tcp any host X.X.X.9 eq ftp-data
access-list acl_out extended permit tcp any host X.X.X.9 eq ftp
access-list acl_out extended permit tcp any host X.X.X.9 eq smtp
access-list acl_out extended permit tcp any host X.X.X.9 eq 90
access-list acl_out extended permit tcp any host X.X.X.9 eq pop3
access-list acl_out extended permit tcp any host X.X.X.9 eq 1000
access-list acl_out extended permit tcp any host X.X.X.9 eq 1433
access-list acl_out extended permit tcp any host X.X.X.9 eq 2401
access-list acl_out extended permit tcp any host X.X.X.9 eq 3000
access-list acl_out extended permit tcp any host X.X.X.9 eq 3306
access-list acl_out extended permit tcp any host X.X.X.9 eq 3389
access-list acl_out extended permit tcp any host X.X.X.5 eq ftp
access-list acl-out extended permit icmp any any
access-list *** extended permit ip 10.10.10.0 255.255.255.0 192.168.233.0 255.255.255.0
access-list nonat extended permit ip 10.10.10.0 255.255.255.0 192.168.233.0 255.255.255.0
access-list nonat extended permit ip 10.10.10.0 255.255.255.0 192.168.220.0 255.255.255.0
access-list ***1 extended permit ip 10.10.10.0 255.255.255.0 192.168.220.0 255.255.255.0
access-list 201 extended deny tcp any any eq 593
access-list 201 extended deny tcp any any eq 1434
access-list 201 extended deny tcp any any eq 2500
access-list 201 extended deny tcp any any eq 4444
access-list 201 extended deny tcp any any eq 5900
access-list 201 extended deny tcp any any eq 6346
access-list 201 extended deny tcp any any eq 6667
access-list 201 extended deny tcp any any eq 9393
access-list 201 extended deny udp any any eq 135
access-list 201 extended deny udp any any eq netbios-ns
access-list 201 extended deny udp any any eq 445
access-list 201 extended deny udp any any eq 593
access-list 201 extended deny udp any any eq 1434
access-list 201 extended deny tcp any any eq 9995
access-list 201 extended deny tcp any any eq 5554
access-list 201 extended deny tcp any any eq 9996
access-list 201 extended deny udp any any eq 6346
access-list 201 extended deny udp any any eq 6881
access-list 201 extended deny udp any any eq 6882
access-list 201 extended deny udp any any eq 6883
access-list 201 extended deny udp any any eq 6885
access-list 201 extended deny udp any any eq 6886
access-list 201 extended deny udp any any eq 6887
access-list 201 extended deny udp any any eq 6888
access-list 201 extended deny udp any any eq 6889
access-list 201 extended deny tcp any any eq 6881
access-list 201 extended deny tcp any any eq 6882
access-list 201 extended deny tcp any any eq 6883
access-list 201 extended deny tcp any any eq 6884
access-list 201 extended deny tcp any any eq 6885
access-list 201 extended deny tcp any any eq 6886
access-list 201 extended deny tcp any any eq 6887
access-list 201 extended deny tcp any any eq 6888
access-list 201 extended deny tcp any any eq 6889
access-list 201 extended deny tcp any any eq 135
access-list 201 extended deny tcp any any eq 445
access-list 201 extended deny tcp any any eq 137
access-list 201 extended deny tcp any any eq netbios-ssn
access-list 201 extended permit ip any any
access-list 201 extended deny udp any any eq 139
access-list acl_out1 extended permit gre any any
access-list acl_out1 extended permit icmp any any
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu outside1 1500
mtu inside 1500
mtu guanli 1500
mtu dmz 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm p_w_picpath disk0:/asdm-603.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
global (outside1) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 10.10.10.0 255.255.255.0
nat (inside) 1 192.168.201.0 255.255.255.0
nat (inside) 1 192.168.202.0 255.255.255.0
nat (inside) 1 10.10.10.0 255.255.255.0
nat (inside) 1 192.168.204.0 255.255.255.0
nat (inside) 1 192.168.205.0 255.255.255.0
nat (inside) 1 192.168.206.0 255.255.255.0
nat (inside) 1 192.168.207.0 255.255.255.0
nat (inside) 1 192.168.208.0 255.255.255.0
alias (inside) 10.10.10.14 X.X.X.6 255.255.255.255
alias (inside) 10.10.10.10 X.X.X.5 255.255.255.255
alias (inside) 10.10.10.40 X.X.X.8 255.255.255.255
alias (inside) 10.10.10.35 X.X.X.2 255.255.255.255
alias (inside) 10.10.10.5 X.X.X.0 255.255.255.255
alias (inside) 10.10.10.120 X.X.X.1 255.255.255.255
alias (inside) 10.10.10.123 X.X.X.4 255.255.255.255
static (inside,outside) X.X.X.3 10.10.10.130 netmask 255.255.255.255
static (inside,outside) X.X.X.6 10.10.10.14 netmask 255.255.255.255
static (inside,outside) X.X.X.2 10.10.10.35 netmask 255.255.255.255
static (inside,outside) X.X.X.8 10.10.10.40 netmask 255.255.255.255
static (inside,outside) X.X.X.7 10.10.10.12 netmask 255.255.255.255
static (inside,outside) X.X.X.8 10.10.10.113 netmask 255.255.255.255
static (inside,outside) X.X.X.3 10.10.10.119 netmask 255.255.255.255
static (inside,outside) X.X.X.1 10.10.10.110 netmask 255.255.255.255
static (inside,outside) X.X.X.2 10.10.10.111 netmask 255.255.255.255
static (inside,outside) X.X.X.3 10.10.10.112 netmask 255.255.255.255
static (inside,outside) X.X.X.4 10.10.10.113 netmask 255.255.255.255
static (inside,outside) X.X.X.5 10.10.10.22 netmask 255.255.255.255
static (inside,outside) X.X.X.0 10.10.10.5 netmask 255.255.255.255
static (inside,outside) X.X.X.1 10.10.10.120 netmask 255.255.255.255
static (inside,outside) X.X.X.5 10.10.10.10 netmask 255.255.255.255
static (inside,outside) X.X.X.4 10.10.10.123 netmask 255.255.255.255
static (inside,outside) X.X.X.9 10.10.10.126 netmask 255.255.255.255
static (inside,outside1) X.X.X.4 192.168.207.20 netmask 255.255.255.255
access-group acl_out in interface outside
access-group acl_out1 in interface outside1
access-group 201 in interface inside
route outside 0.0.0.0 0.0.0.0 X.X.X.6 1
route outside1 0.0.0.0 0.0.0.0 X.X.X.1 10
route outside 58.16.0.0 255.255.0.0 X.X.X.6 1
route outside 58.17.0.0 255.255.128.0 X.X.X.6 1
route outside 58.18.0.0 255.255.0.0 X.X.X.6 1
route outside 58.19.0.0 255.255.0.0 X.X.X.6 1
route outside 58.20.0.0 255.255.0.0 X.X.X.6 1
route outside 58.22.0.0 255.254.0.0 X.X.X.6 1
route outside1 58.32.0.0 255.248.0.0 X.X.X.1 1
route outside1 58.40.0.0 255.254.0.0 X.X.X.1 1
route outside1 58.42.0.0 255.255.0.0 X.X.X.1 1
route outside1 58.44.0.0 255.252.0.0 X.X.X.1 1
route outside1 58.48.0.0 255.248.0.0 X.X.X.1 1
route outside1 58.56.0.0 255.254.0.0 X.X.X.1 1
route outside1 58.58.0.0 255.255.0.0 X.X.X.1 1
route outside1 58.59.0.0 255.255.128.0 X.X.X.1 1
route outside1 58.59.128.0 255.255.128.0 X.X.X.1 1
route outside1 58.60.0.0 255.252.0.0 X.X.X.1 1
route outside 58.100.0.0 255.254.0.0 X.X.X.6 1
route outside1 58.208.0.0 255.240.0.0 X.X.X.1 1
route outside 58.240.0.0 255.240.0.0 X.X.X.6 1
route outside1 59.40.0.0 255.254.0.0 X.X.X.1 1
route outside1 59.42.0.0 255.255.0.0 X.X.X.1 1
route outside1 59.44.0.0 255.252.0.0 X.X.X.1 1
route outside1 59.48.0.0 255.255.0.0 X.X.X.1 1
route outside1 59.49.0.0 255.255.128.0 X.X.X.1 1
route outside1 59.49.128.0 255.255.128.0 X.X.X.1 1
route outside1 59.50.0.0 255.255.0.0 X.X.X.1 1
route outside1 59.51.0.0 255.255.128.0 X.X.X.1 1
route outside1 59.51.128.0 255.255.128.0 X.X.X.1 1
route outside1 59.52.0.0 255.252.0.0 X.X.X.1 1
route outside1 59.56.0.0 255.252.0.0 X.X.X.1 1
route outside1 59.60.0.0 255.254.0.0 X.X.X.1 1
route outside1 59.62.0.0 255.254.0.0 X.X.X.1 1
route outside 59.80.0.0 255.252.0.0 X.X.X.6 1
route outside 60.0.0.0 255.248.0.0 X.X.X.6 1
route outside 60.8.0.0 255.252.0.0 X.X.X.6 1
route outside 60.12.0.0 255.255.0.0 X.X.X.6 1
route outside 60.13.0.0 255.255.192.0 X.X.X.6 1
route outside 60.13.128.0 255.255.128.0 X.X.X.6 1
route outside 60.14.0.0 255.254.0.0 X.X.X.6 1
route outside 60.16.0.0 255.240.0.0 X.X.X.6 1
route outside 60.55.0.0 255.255.0.0 X.X.X.6 1
route outside1 60.160.0.0 255.254.0.0 X.X.X.1 1
route outside1 60.162.0.0 255.254.0.0 X.X.X.1 1
route outside1 60.164.0.0 255.254.0.0 X.X.X.1 1
route outside1 60.166.0.0 255.254.0.0 X.X.X.1 1
route outside1 60.168.0.0 255.248.0.0 X.X.X.1 1
route outside1 60.176.0.0 255.240.0.0 X.X.X.1 1
route outside 60.208.0.0 255.240.0.0 X.X.X.6 1
route outside 60.216.0.0 255.254.0.0 X.X.X.6 1
route outside 60.220.0.0 255.252.0.0 X.X.X.6 1
route outside 61.4.64.0 255.255.240.0 X.X.X.6 1
route outside 61.47.128.0 255.255.192.0 X.X.X.6 1
route outside 61.48.0.0 255.248.0.0 X.X.X.6 1
route outside 61.128.210.0 255.255.255.0 X.X.X.6 1
route outside 61.133.0.0 255.255.128.0 X.X.X.6 1
route outside1 61.133.128.0 255.255.128.0 X.X.X.1 1
route outside1 61.134.64.0 255.255.224.0 X.X.X.1 1
route outside 61.134.96.0 255.255.224.0 X.X.X.6 1
route outside 61.134.128.0 255.255.128.0 X.X.X.6 1
route outside 61.135.0.0 255.255.0.0 X.X.X.6 1
route outside 61.136.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.136.128.0 255.255.128.0 X.X.X.1 1
route outside1 61.137.0.0 255.255.128.0 X.X.X.1 1
route outside 61.137.128.0 255.255.128.0 X.X.X.6 1
route outside 61.138.0.0 255.255.128.0 X.X.X.6 1
route outside1 61.138.192.0 255.255.192.0 X.X.X.1 1
route outside1 61.139.0.0 255.255.128.0 X.X.X.1 1
route outside 61.139.128.0 255.255.192.0 X.X.X.6 1
route outside1 61.139.192.0 255.255.192.0 X.X.X.1 1
route outside1 61.140.0.0 255.252.0.0 X.X.X.1 1
route outside 61.144.0.0 255.248.0.0 X.X.X.6 1
route outside1 61.144.0.0 255.252.0.0 X.X.X.1 1
route outside 61.148.0.0 255.254.0.0 X.X.X.6 1
route outside1 61.152.0.0 255.252.0.0 X.X.X.1 1
route outside 61.156.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.157.0.0 255.255.0.0 X.X.X.1 1
route outside 61.158.0.0 255.255.0.0 X.X.X.6 1
route outside 61.159.0.0 255.255.192.0 X.X.X.6 1
route outside1 61.159.64.0 255.255.192.0 X.X.X.1 1
route outside1 61.159.128.0 255.255.128.0 X.X.X.1 1
route outside1 61.160.0.0 255.255.0.0 X.X.X.1 1
route outside 61.161.0.0 255.255.192.0 X.X.X.6 1
route outside1 61.161.64.0 255.255.192.0 X.X.X.1 1
route outside 61.161.128.0 255.255.128.0 X.X.X.6 1
route outside 61.162.0.0 255.254.0.0 X.X.X.6 1
route outside1 61.164.0.0 255.254.0.0 X.X.X.1 1
route outside1 61.166.0.0 255.255.0.0 X.X.X.1 1
route outside 61.167.0.0 255.255.0.0 X.X.X.6 1
route outside 61.168.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.169.0.0 255.255.0.0 X.X.X.1 1
route outside1 61.170.0.0 255.254.0.0 X.X.X.1 1
route outside1 61.172.0.0 255.252.0.0 X.X.X.1 1
route outside 61.176.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.177.0.0 255.255.0.0 X.X.X.1 1
route outside1 61.178.0.0 255.255.0.0 X.X.X.1 1
route outside 61.179.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.180.0.0 255.255.128.0 X.X.X.1 1
route outside 61.180.13.0 255.255.255.0 X.X.X.6 1
route outside 61.180.128.0 255.255.128.0 X.X.X.6 1
route outside 61.181.0.0 255.255.0.0 X.X.X.6 1
route outside 61.182.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.183.0.0 255.255.0.0 X.X.X.1 1
route outside1 61.184.0.0 255.252.0.0 X.X.X.1 1
route outside1 61.188.0.0 255.255.0.0 X.X.X.1 1
route outside 61.189.0.0 255.255.128.0 X.X.X.6 1
route outside1 61.189.128.0 255.255.128.0 X.X.X.1 1
route outside1 61.190.0.0 255.254.0.0 X.X.X.1 1
route outside 61.236.0.0 255.254.0.0 X.X.X.6 1
route outside 61.237.148.0 255.255.255.0 X.X.X.6 1
route outside 125.32.0.0 255.255.0.0 X.X.X.6 1
route outside 125.58.128.0 255.255.128.0 X.X.X.6 1
route outside1 125.64.0.0 255.248.0.0 X.X.X.1 1
route outside1 125.72.0.0 255.255.0.0 X.X.X.1 1
route outside1 125.73.0.0 255.255.0.0 X.X.X.1 1
route outside1 125.80.0.0 255.248.0.0 X.X.X.1 1
route outside1 125.88.0.0 255.248.0.0 X.X.X.1 1
route outside1 125.104.0.0 255.248.0.0 X.X.X.1 1
route outside1 125.112.0.0 255.240.0.0 X.X.X.1 1
route inside 192.168.201.0 255.255.255.0 10.10.10.254 1
route inside 192.168.202.0 255.255.255.0 10.10.10.254 1
route inside 10.10.10.0 255.255.255.0 10.10.10.254 1
route inside 192.168.204.0 255.255.255.0 10.10.10.254 1
route inside 192.168.205.0 255.255.255.0 10.10.10.254 1
route inside 192.168.206.0 255.255.255.0 10.10.10.254 1
route inside 192.168.207.0 255.255.255.0 10.10.10.254 1
route outside 202.4.252.0 255.255.252.0 X.X.X.6 1
route outside 202.8.128.0 255.255.224.0 X.X.X.6 1
route outside 202.10.64.0 255.255.240.0 X.X.X.6 1
route outside 202.14.235.0 255.255.255.0 X.X.X.6 1
route outside 202.14.236.0 255.255.254.0 X.X.X.6 1
route outside 202.14.238.0 255.255.255.0 X.X.X.6 1
route outside 202.38.164.0 255.255.252.0 X.X.X.6 1
route outside 202.63.248.0 255.255.252.0 X.X.X.6 1
route outside 202.69.4.0 255.255.252.0 X.X.X.6 1
route outside 202.85.208.0 255.255.240.0 X.X.X.6 1
route outside 202.90.224.0 255.255.240.0 X.X.X.6 1
route outside 202.91.0.0 255.255.252.0 X.X.X.6 1
route outside 202.91.128.0 255.255.252.0 X.X.X.6 1
route outside 202.91.176.0 255.255.240.0 X.X.X.6 1
route outside 202.94.0.0 255.255.224.0 X.X.X.6 1
route outside 202.95.0.0 255.255.224.0 X.X.X.6 1
route outside 202.96.0.0 255.240.0.0 X.X.X.6 1
route outside1 202.96.96.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.104.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.112.0 255.255.240.0 X.X.X.1 1
route outside1 202.96.128.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.136.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.144.0 255.255.240.0 X.X.X.1 1
route outside1 202.96.160.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.168.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.176.0 255.255.240.0 X.X.X.1 1
route outside1 202.96.200.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.208.0 255.255.240.0 X.X.X.1 1
route outside1 202.96.224.0 255.255.248.0 X.X.X.1 1
route outside1 202.97.0.0 255.255.248.0 X.X.X.1 1
route outside1 202.97.8.0 255.255.248.0 X.X.X.1 1
route outside1 202.97.16.0 255.255.240.0 X.X.X.1 1
route outside1 202.97.32.0 255.255.224.0 X.X.X.1 1
route outside1 202.97.64.0 255.255.224.0 X.X.X.1 1
route outside1 202.97.96.0 255.255.240.0 X.X.X.1 1
route outside1 202.97.112.0 255.255.240.0 X.X.X.1 1
route outside1 202.98.32.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.48.0 255.255.240.0 X.X.X.1 1
route outside1 202.98.64.0 255.255.224.0 X.X.X.1 1
route outside1 202.98.96.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.128.0 255.255.224.0 X.X.X.1 1
route outside1 202.98.160.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.168.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.192.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.200.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.208.0 255.255.240.0 X.X.X.1 1
route outside1 202.98.224.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.232.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.240.0 255.255.240.0 X.X.X.1 1
route outside1 202.99.192.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.96.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.104.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.112.0 255.255.240.0 X.X.X.1 1
route outside1 202.100.136.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.160.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.168.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.176.0 255.255.240.0 X.X.X.1 1
route outside1 202.100.192.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.208.0 255.255.240.0 X.X.X.1 1
route outside1 202.100.224.0 255.255.224.0 X.X.X.1 1
route outside1 202.101.0.0 255.255.192.0 X.X.X.1 1
route outside1 202.101.64.0 255.255.224.0 X.X.X.1 1
route outside1 202.101.96.0 255.255.224.0 X.X.X.1 1
route outside1 202.101.128.0 255.255.192.0 X.X.X.1 1
route outside1 202.101.224.0 255.255.248.0 X.X.X.1 1
route outside1 202.102.0.0 255.255.224.0 X.X.X.1 1
route outside1 202.102.32.0 255.255.224.0 X.X.X.1 1
route outside1 202.102.64.0 255.255.192.0 X.X.X.1 1
route outside1 202.103.0.0 255.255.248.0 X.X.X.1 1
route outside1 202.103.8.0 255.255.248.0 X.X.X.1 1
route outside1 202.103.16.0 255.255.240.0 X.X.X.1 1
route outside1 202.103.32.0 255.255.224.0 X.X.X.1 1
route outside1 202.103.192.0 255.255.224.0 X.X.X.1 1
route outside1 202.103.224.0 255.255.248.0 X.X.X.1 1
route outside1 202.104.0.0 255.254.0.0 X.X.X.1 1
route outside1 202.107.128.0 255.255.128.0 X.X.X.1 1
route outside1 202.109.0.0 255.255.0.0 X.X.X.1 1
route outside1 202.110.128.0 255.255.192.0 X.X.X.1 1
route outside1 202.111.0.0 255.255.128.0 X.X.X.1 1
route outside 202.122.32.0 255.255.248.0 X.X.X.6 1
route outside 202.122.64.0 255.255.224.0 X.X.X.6 1
route outside 202.123.96.0 255.255.240.0 X.X.X.6 1
route outside 202.127.0.0 255.255.248.0 X.X.X.6 1
route outside 202.127.212.0 255.255.252.0 X.X.X.6 1
route outside 202.136.252.0 255.255.252.0 X.X.X.6 1
route outside 202.180.128.0 255.255.224.0 X.X.X.6 1
route outside 203.79.0.0 255.255.240.0 X.X.X.6 1
route outside 203.90.0.0 255.255.252.0 X.X.X.6 1
route outside 203.90.192.0 255.255.224.0 X.X.X.6 1
route outside 203.93.0.0 255.255.0.0 X.X.X.6 1
route outside 203.128.128.0 255.255.224.0 X.X.X.6 1
route outside 203.134.240.0 255.255.248.0 X.X.X.6 1
route outside 203.175.128.0 255.255.224.0 X.X.X.6 1
route outside 203.175.192.0 255.255.192.0 X.X.X.6 1
route outside 203.196.0.0 255.255.248.0 X.X.X.6 1
route outside 203.207.64.0 255.255.192.0 X.X.X.6 1
route outside 203.207.128.0 255.255.128.0 X.X.X.6 1
route outside 210.12.0.0 255.254.0.0 X.X.X.6 1
route outside 210.14.160.0 255.255.224.0 X.X.X.6 1
route outside 210.14.192.0 255.255.192.0 X.X.X.6 1
route outside 210.15.0.0 255.255.128.0 X.X.X.6 1
route outside 210.15.128.0 255.255.192.0 X.X.X.6 1
route outside 210.21.0.0 255.255.0.0 X.X.X.6 1
route outside 210.22.0.0 255.255.0.0 X.X.X.6 1
route outside 210.45.128.0 255.255.240.0 X.X.X.6 1
route outside 210.51.0.0 255.255.0.0 X.X.X.6 1
route outside 210.52.0.0 255.254.0.0 X.X.X.6 1
route outside 210.72.96.0 255.255.240.0 X.X.X.6 1
route outside 210.73.32.0 255.255.224.0 X.X.X.6 1
route outside 210.74.96.0 255.255.224.0 X.X.X.6 1
route outside 210.74.128.0 255.255.224.0 X.X.X.6 1
route outside 210.78.0.0 255.255.224.0 X.X.X.6 1
route outside 210.82.0.0 255.254.0.0 X.X.X.6 1
route outside 211.64.0.0 255.248.0.0 X.X.X.6 1
route outside 211.95.192.0 255.255.192.0 X.X.X.6 1
route outside 211.97.245.0 255.255.255.0 X.X.X.6 1
route outside 211.144.0.0 255.240.0.0 X.X.X.6 1
route outside 211.163.0.0 255.255.0.0 X.X.X.6 1
route outside 218.4.0.0 255.252.0.0 X.X.X.6 1
route outside1 218.4.0.0 255.254.0.0 X.X.X.1 1
route outside1 218.6.0.0 255.255.0.0 X.X.X.1 1
route outside 218.8.0.0 255.252.0.0 X.X.X.6 1
route outside 218.12.0.0 255.255.0.0 X.X.X.6 1
route outside1 218.13.0.0 255.255.0.0 X.X.X.1 1
route outside1 218.14.0.0 255.254.0.0 X.X.X.1 1
route outside1 218.16.0.0 255.252.0.0 X.X.X.1 1
route outside1 218.20.0.0 255.255.0.0 X.X.X.1 1
route outside1 218.21.0.0 255.255.128.0 X.X.X.1 1
route outside 218.21.128.0 255.255.128.0 X.X.X.6 1
route outside1 218.22.0.0 255.254.0.0 X.X.X.1 1
route outside 218.24.0.0 255.252.0.0 X.X.X.6 1
route outside 218.28.0.0 255.254.0.0 X.X.X.6 1
route outside1 218.30.0.0 255.254.0.0 X.X.X.1 1
route outside 218.56.0.0 255.252.0.0 X.X.X.6 1
route outside 218.60.0.0 255.254.0.0 X.X.X.6 1
route outside 218.62.0.0 255.255.128.0 X.X.X.6 1
route outside1 218.62.128.0 255.255.128.0 X.X.X.1 1
route outside1 218.63.0.0 255.255.0.0 X.X.X.1 1
route outside1 218.64.0.0 255.254.0.0 X.X.X.1 1
route outside1 218.66.0.0 255.255.0.0 X.X.X.1 1
route outside1 218.67.0.0 255.255.128.0 X.X.X.1 1
route outside 218.67.128.0 255.255.128.0 X.X.X.6 1
route outside 218.68.0.0 255.254.0.0 X.X.X.6 1
route outside1 218.70.0.0 255.254.0.0 X.X.X.1 1
route outside1 218.72.0.0 255.248.0.0 X.X.X.1 1
route outside1 218.80.0.0 255.240.0.0 X.X.X.1 1
route outside 218.96.0.0 255.252.0.0 X.X.X.6 1
route outside 218.104.0.0 255.255.0.0 X.X.X.6 1
route outside 218.106.0.0 255.254.0.0 X.X.X.6 1
route outside 218.108.0.0 255.254.0.0 X.X.X.6 1
route outside 219.82.0.0 255.255.0.0 X.X.X.6 1
route outside1 219.128.0.0 255.240.0.0 X.X.X.1 1
route outside 219.141.128.0 255.255.128.0 X.X.X.6 1
route outside 219.142.0.0 255.254.0.0 X.X.X.6 1
route outside1 219.144.0.0 255.248.0.0 X.X.X.1 1
route outside1 219.152.0.0 255.254.0.0 X.X.X.1 1
route outside 219.154.0.0 255.254.0.0 X.X.X.6 1
route outside 219.156.0.0 255.254.0.0 X.X.X.6 1
route outside 219.158.0.0 255.255.0.0 X.X.X.6 1
route outside 219.159.0.0 255.255.192.0 X.X.X.6 1
route outside1 219.159.64.0 255.255.192.0 X.X.X.1 1
route outside1 219.159.128.0 255.255.128.0 X.X.X.1 1
route outside 219.216.0.0 255.248.0.0 X.X.X.6 1
route outside1 220.160.0.0 255.224.0.0 X.X.X.1 1
route outside 220.192.0.0 255.240.0.0 X.X.X.6 1
route outside 220.248.0.0 255.252.0.0 X.X.X.6 1
route outside 220.250.0.0 255.255.0.0 X.X.X.6 1
route outside 220.252.0.0 255.255.0.0 X.X.X.6 1
route outside 221.0.0.0 255.248.0.0 X.X.X.6 1
route outside 221.6.0.0 255.255.0.0 X.X.X.6 1
route outside 221.7.0.0 255.255.192.0 X.X.X.6 1
route outside 221.7.64.0 255.255.224.0 X.X.X.6 1
route outside 221.7.128.0 255.255.128.0 X.X.X.6 1
route outside 221.8.0.0 255.254.0.0 X.X.X.6 1
route outside 221.10.0.0 255.255.0.0 X.X.X.6 1
route outside 221.11.0.0 255.255.128.0 X.X.X.6 1
route outside 221.11.128.0 255.255.192.0 X.X.X.6 1
route outside 221.11.192.0 255.255.224.0 X.X.X.6 1
route outside 221.12.0.0 255.255.128.0 X.X.X.6 1
route outside 221.13.0.0 255.255.0.0 X.X.X.6 1
route outside 221.14.0.0 255.254.0.0 X.X.X.6 1
route outside 221.122.0.0 255.254.0.0 X.X.X.6 1
route outside 221.136.0.0 255.254.0.0 X.X.X.6 1
route outside 221.172.0.0 255.252.0.0 X.X.X.6 1
route outside 221.192.0.0 255.252.0.0 X.X.X.6 1
route outside 221.196.0.0 255.254.0.0 X.X.X.6 1
route outside 221.198.0.0 255.255.0.0 X.X.X.6 1
route outside 221.199.0.0 255.255.224.0 X.X.X.6 1
route outside 221.199.32.0 255.255.240.0 X.X.X.6 1
route outside 221.199.128.0 255.255.192.0 X.X.X.6 1
route outside 221.199.192.0 255.255.240.0 X.X.X.6 1
route outside 221.200.0.0 255.248.0.0 X.X.X.6 1
route outside 221.207.0.0 255.255.192.0 X.X.X.6 1
route outside 221.208.0.0 255.240.0.0 X.X.X.6 1
route outside 221.208.0.0 255.252.0.0 X.X.X.6 1
route outside1 221.224.0.0 255.248.0.0 X.X.X.1 1
route outside1 221.232.0.0 255.252.0.0 X.X.X.1 1
route outside1 221.236.0.0 255.254.0.0 X.X.X.1 1
route outside1 221.238.0.0 255.255.0.0 X.X.X.1 1
route outside1 221.239.0.0 255.255.128.0 X.X.X.1 1
route outside1 221.239.128.0 255.255.128.0 X.X.X.1 1
route outside 222.32.0.0 255.224.0.0 X.X.X.6 1
route outside1 222.72.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.74.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.75.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.76.0.0 255.252.0.0 X.X.X.1 1
route outside1 222.80.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.82.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.83.0.0 255.255.128.0 X.X.X.1 1
route outside1 222.83.128.0 255.255.128.0 X.X.X.1 1
route outside1 222.84.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.85.0.0 255.255.128.0 X.X.X.1 1
route outside1 222.85.128.0 255.255.128.0 X.X.X.1 1
route outside1 222.86.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.88.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.90.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.92.0.0 255.252.0.0 X.X.X.1 1
route outside 222.128.0.0 255.240.0.0 X.X.X.6 1
route outside 222.160.0.0 255.252.0.0 X.X.X.6 1
route outside1 222.168.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.172.0.0 255.255.128.0 X.X.X.1 1
route outside1 222.172.128.0 255.255.128.0 X.X.X.1 1
route outside1 222.173.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.174.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.176.0.0 255.248.0.0 X.X.X.1 1
route outside1 222.184.0.0 255.248.0.0 X.X.X.1 1
route outside1 222.208.0.0 255.248.0.0 X.X.X.1 1
route outside1 222.216.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.218.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.219.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.220.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.222.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.240.0.0 255.248.0.0 X.X.X.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
http server enable
http 0.0.0.0 0.0.0.0 inside
http 0.0.0.0 0.0.0.0 guanli
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps snmp authentication linkup linkdown coldstart
sysopt noproxyarp inside
crypto ipsec transform-set *** esp-des esp-md5-hmac
crypto map *** 10 match address ***
crypto map *** 10 set pfs group1
crypto map *** 10 set peer X.X.X.X
crypto map *** 10 set transform-set ***
crypto map *** 20 match address ***1
crypto map *** 20 set pfs group1
crypto map *** 20 set peer X.X.X.X
crypto map *** 20 set transform-set ***
crypto map *** interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption des
hash md5
group 1
lifetime 86400
crypto isakmp ipsec-over-tcp port 10000
telnet 10.10.10.0 255.255.255.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 10
console timeout 0
threat-detection basic-threat
threat-detection statistics port
threat-detection statistics protocol
threat-detection statistics access-list
group-policy DfltGrpPolicy attributes
***-tunnel-protocol IPSec -ipsec
group-policy ipsec internal
username cisco password 9bDthaBXlMp encrypted
tunnel-group DefaultRAGroup general-attributes
default-group-policy ipsec
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key *
tunnel-group DefaultRAGroup ppp-attributes
authentication ms-chap-v2
tunnel-group X.X.X.X type ipsec-l2l
tunnel-group X.X.X.X ipsec-attributes
pre-shared-key *
tunnel-group X.X.X.X type ipsec-l2l
tunnel-group X.X.X.X ipsec-attributes
pre-shared-key *
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect pptp
inspect icmp
inspect ipsec-pass-thru
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:d89690e3e03538a3a0dcf52bc94320c8
: end
另配置了 IPSEC LAN 2 LAN
: Saved
:
ASA Version 8.0(3)
!
hostname ciscoasa
domain-name domainname.com
enable password NMxA5vHVCmm encrypted
names
dns-guard
!
interface GigabitEthernet0/0
nameif outside
security-level 0
ip address X.X.X.7 255.255.255.224
!
interface GigabitEthernet0/1
nameif outside1
security-level 0
ip address X.X.X.2 255.255.255.240
!
interface GigabitEthernet0/2
nameif inside
security-level 100
ip address 10.10.10.8 255.255.255.0
!
interface GigabitEthernet0/3
shutdown
nameif dmz
security-level 80
ip address 100.100.100.1 255.255.255.0
!
interface Management0/0
nameif guanli
security-level 100
ip address 192.168.100.230 255.255.255.0
!
passwd 173MxbCczggFOk1n encrypted
boot system disk0:/asa803.bin
ftp mode passive
clock timezone HKST 8
dns server-group DefaultDNS
domain-name domainname.com
access-list acl_out extended permit tcp any host X.X.X.5 eq smtp
access-list acl_out extended permit tcp any host X.X.X.5 eq pop3
access-list acl_out extended permit tcp any host X.X.X.5 eq www
access-list acl_out extended permit tcp any host X.X.X.5 eq 2008
access-list acl_out extended permit icmp any any
access-list acl_out extended permit gre any any
access-list acl_out extended permit tcp any host X.X.X.3 eq ftp
access-list acl_out extended permit tcp any host X.X.X.4 eq www
access-list acl_out extended permit tcp any host X.X.X.6 eq www
access-list acl_out extended permit tcp any host X.X.X.4 eq 8888
access-list acl_out extended permit tcp any host X.X.X.5 eq pptp
access-list acl_out extended permit tcp any host X.X.X.3 eq 47
access-list acl_out extended permit tcp any host X.X.X.2 eq 81
access-list acl_out extended permit tcp any host X.X.X.2 eq 82
access-list acl_out extended permit tcp any host X.X.X.2 eq 83
access-list acl_out extended permit tcp any host X.X.X.2 eq 84
access-list acl_out extended permit tcp any host X.X.X.8 eq www
access-list acl_out extended permit tcp any host X.X.X.1 eq 8080
access-list acl_out extended permit tcp any host X.X.X.8 eq www
access-list acl_out extended permit tcp any host X.X.X.3 eq 8001
access-list acl_out extended permit tcp any host X.X.X.0 eq ftp
access-list acl_out extended permit tcp any host X.X.X.1 eq www
access-list acl_out extended permit tcp any host X.X.X.0 eq 8080
access-list acl_out extended permit tcp any host X.X.X.8 eq 8080
access-list acl_out extended permit tcp any host X.X.X.4 eq www
access-list acl_out extended permit tcp any host X.X.X.0 eq www
access-list acl_out extended permit tcp any host X.X.X.4 eq 3389
access-list acl_out extended permit tcp any host X.X.X.9 eq www
access-list acl_out extended permit tcp any host X.X.X.9 eq ftp-data
access-list acl_out extended permit tcp any host X.X.X.9 eq ftp
access-list acl_out extended permit tcp any host X.X.X.9 eq smtp
access-list acl_out extended permit tcp any host X.X.X.9 eq 90
access-list acl_out extended permit tcp any host X.X.X.9 eq pop3
access-list acl_out extended permit tcp any host X.X.X.9 eq 1000
access-list acl_out extended permit tcp any host X.X.X.9 eq 1433
access-list acl_out extended permit tcp any host X.X.X.9 eq 2401
access-list acl_out extended permit tcp any host X.X.X.9 eq 3000
access-list acl_out extended permit tcp any host X.X.X.9 eq 3306
access-list acl_out extended permit tcp any host X.X.X.9 eq 3389
access-list acl_out extended permit tcp any host X.X.X.5 eq ftp
access-list acl-out extended permit icmp any any
access-list *** extended permit ip 10.10.10.0 255.255.255.0 192.168.233.0 255.255.255.0
access-list nonat extended permit ip 10.10.10.0 255.255.255.0 192.168.233.0 255.255.255.0
access-list nonat extended permit ip 10.10.10.0 255.255.255.0 192.168.220.0 255.255.255.0
access-list ***1 extended permit ip 10.10.10.0 255.255.255.0 192.168.220.0 255.255.255.0
access-list 201 extended deny tcp any any eq 593
access-list 201 extended deny tcp any any eq 1434
access-list 201 extended deny tcp any any eq 2500
access-list 201 extended deny tcp any any eq 4444
access-list 201 extended deny tcp any any eq 5900
access-list 201 extended deny tcp any any eq 6346
access-list 201 extended deny tcp any any eq 6667
access-list 201 extended deny tcp any any eq 9393
access-list 201 extended deny udp any any eq 135
access-list 201 extended deny udp any any eq netbios-ns
access-list 201 extended deny udp any any eq 445
access-list 201 extended deny udp any any eq 593
access-list 201 extended deny udp any any eq 1434
access-list 201 extended deny tcp any any eq 9995
access-list 201 extended deny tcp any any eq 5554
access-list 201 extended deny tcp any any eq 9996
access-list 201 extended deny udp any any eq 6346
access-list 201 extended deny udp any any eq 6881
access-list 201 extended deny udp any any eq 6882
access-list 201 extended deny udp any any eq 6883
access-list 201 extended deny udp any any eq 6885
access-list 201 extended deny udp any any eq 6886
access-list 201 extended deny udp any any eq 6887
access-list 201 extended deny udp any any eq 6888
access-list 201 extended deny udp any any eq 6889
access-list 201 extended deny tcp any any eq 6881
access-list 201 extended deny tcp any any eq 6882
access-list 201 extended deny tcp any any eq 6883
access-list 201 extended deny tcp any any eq 6884
access-list 201 extended deny tcp any any eq 6885
access-list 201 extended deny tcp any any eq 6886
access-list 201 extended deny tcp any any eq 6887
access-list 201 extended deny tcp any any eq 6888
access-list 201 extended deny tcp any any eq 6889
access-list 201 extended deny tcp any any eq 135
access-list 201 extended deny tcp any any eq 445
access-list 201 extended deny tcp any any eq 137
access-list 201 extended deny tcp any any eq netbios-ssn
access-list 201 extended permit ip any any
access-list 201 extended deny udp any any eq 139
access-list acl_out1 extended permit gre any any
access-list acl_out1 extended permit icmp any any
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu outside1 1500
mtu inside 1500
mtu guanli 1500
mtu dmz 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm p_w_picpath disk0:/asdm-603.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
global (outside1) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 10.10.10.0 255.255.255.0
nat (inside) 1 192.168.201.0 255.255.255.0
nat (inside) 1 192.168.202.0 255.255.255.0
nat (inside) 1 10.10.10.0 255.255.255.0
nat (inside) 1 192.168.204.0 255.255.255.0
nat (inside) 1 192.168.205.0 255.255.255.0
nat (inside) 1 192.168.206.0 255.255.255.0
nat (inside) 1 192.168.207.0 255.255.255.0
nat (inside) 1 192.168.208.0 255.255.255.0
alias (inside) 10.10.10.14 X.X.X.6 255.255.255.255
alias (inside) 10.10.10.10 X.X.X.5 255.255.255.255
alias (inside) 10.10.10.40 X.X.X.8 255.255.255.255
alias (inside) 10.10.10.35 X.X.X.2 255.255.255.255
alias (inside) 10.10.10.5 X.X.X.0 255.255.255.255
alias (inside) 10.10.10.120 X.X.X.1 255.255.255.255
alias (inside) 10.10.10.123 X.X.X.4 255.255.255.255
static (inside,outside) X.X.X.3 10.10.10.130 netmask 255.255.255.255
static (inside,outside) X.X.X.6 10.10.10.14 netmask 255.255.255.255
static (inside,outside) X.X.X.2 10.10.10.35 netmask 255.255.255.255
static (inside,outside) X.X.X.8 10.10.10.40 netmask 255.255.255.255
static (inside,outside) X.X.X.7 10.10.10.12 netmask 255.255.255.255
static (inside,outside) X.X.X.8 10.10.10.113 netmask 255.255.255.255
static (inside,outside) X.X.X.3 10.10.10.119 netmask 255.255.255.255
static (inside,outside) X.X.X.1 10.10.10.110 netmask 255.255.255.255
static (inside,outside) X.X.X.2 10.10.10.111 netmask 255.255.255.255
static (inside,outside) X.X.X.3 10.10.10.112 netmask 255.255.255.255
static (inside,outside) X.X.X.4 10.10.10.113 netmask 255.255.255.255
static (inside,outside) X.X.X.5 10.10.10.22 netmask 255.255.255.255
static (inside,outside) X.X.X.0 10.10.10.5 netmask 255.255.255.255
static (inside,outside) X.X.X.1 10.10.10.120 netmask 255.255.255.255
static (inside,outside) X.X.X.5 10.10.10.10 netmask 255.255.255.255
static (inside,outside) X.X.X.4 10.10.10.123 netmask 255.255.255.255
static (inside,outside) X.X.X.9 10.10.10.126 netmask 255.255.255.255
static (inside,outside1) X.X.X.4 192.168.207.20 netmask 255.255.255.255
access-group acl_out in interface outside
access-group acl_out1 in interface outside1
access-group 201 in interface inside
route outside 0.0.0.0 0.0.0.0 X.X.X.6 1
route outside1 0.0.0.0 0.0.0.0 X.X.X.1 10
route outside 58.16.0.0 255.255.0.0 X.X.X.6 1
route outside 58.17.0.0 255.255.128.0 X.X.X.6 1
route outside 58.18.0.0 255.255.0.0 X.X.X.6 1
route outside 58.19.0.0 255.255.0.0 X.X.X.6 1
route outside 58.20.0.0 255.255.0.0 X.X.X.6 1
route outside 58.22.0.0 255.254.0.0 X.X.X.6 1
route outside1 58.32.0.0 255.248.0.0 X.X.X.1 1
route outside1 58.40.0.0 255.254.0.0 X.X.X.1 1
route outside1 58.42.0.0 255.255.0.0 X.X.X.1 1
route outside1 58.44.0.0 255.252.0.0 X.X.X.1 1
route outside1 58.48.0.0 255.248.0.0 X.X.X.1 1
route outside1 58.56.0.0 255.254.0.0 X.X.X.1 1
route outside1 58.58.0.0 255.255.0.0 X.X.X.1 1
route outside1 58.59.0.0 255.255.128.0 X.X.X.1 1
route outside1 58.59.128.0 255.255.128.0 X.X.X.1 1
route outside1 58.60.0.0 255.252.0.0 X.X.X.1 1
route outside 58.100.0.0 255.254.0.0 X.X.X.6 1
route outside1 58.208.0.0 255.240.0.0 X.X.X.1 1
route outside 58.240.0.0 255.240.0.0 X.X.X.6 1
route outside1 59.40.0.0 255.254.0.0 X.X.X.1 1
route outside1 59.42.0.0 255.255.0.0 X.X.X.1 1
route outside1 59.44.0.0 255.252.0.0 X.X.X.1 1
route outside1 59.48.0.0 255.255.0.0 X.X.X.1 1
route outside1 59.49.0.0 255.255.128.0 X.X.X.1 1
route outside1 59.49.128.0 255.255.128.0 X.X.X.1 1
route outside1 59.50.0.0 255.255.0.0 X.X.X.1 1
route outside1 59.51.0.0 255.255.128.0 X.X.X.1 1
route outside1 59.51.128.0 255.255.128.0 X.X.X.1 1
route outside1 59.52.0.0 255.252.0.0 X.X.X.1 1
route outside1 59.56.0.0 255.252.0.0 X.X.X.1 1
route outside1 59.60.0.0 255.254.0.0 X.X.X.1 1
route outside1 59.62.0.0 255.254.0.0 X.X.X.1 1
route outside 59.80.0.0 255.252.0.0 X.X.X.6 1
route outside 60.0.0.0 255.248.0.0 X.X.X.6 1
route outside 60.8.0.0 255.252.0.0 X.X.X.6 1
route outside 60.12.0.0 255.255.0.0 X.X.X.6 1
route outside 60.13.0.0 255.255.192.0 X.X.X.6 1
route outside 60.13.128.0 255.255.128.0 X.X.X.6 1
route outside 60.14.0.0 255.254.0.0 X.X.X.6 1
route outside 60.16.0.0 255.240.0.0 X.X.X.6 1
route outside 60.55.0.0 255.255.0.0 X.X.X.6 1
route outside1 60.160.0.0 255.254.0.0 X.X.X.1 1
route outside1 60.162.0.0 255.254.0.0 X.X.X.1 1
route outside1 60.164.0.0 255.254.0.0 X.X.X.1 1
route outside1 60.166.0.0 255.254.0.0 X.X.X.1 1
route outside1 60.168.0.0 255.248.0.0 X.X.X.1 1
route outside1 60.176.0.0 255.240.0.0 X.X.X.1 1
route outside 60.208.0.0 255.240.0.0 X.X.X.6 1
route outside 60.216.0.0 255.254.0.0 X.X.X.6 1
route outside 60.220.0.0 255.252.0.0 X.X.X.6 1
route outside 61.4.64.0 255.255.240.0 X.X.X.6 1
route outside 61.47.128.0 255.255.192.0 X.X.X.6 1
route outside 61.48.0.0 255.248.0.0 X.X.X.6 1
route outside 61.128.210.0 255.255.255.0 X.X.X.6 1
route outside 61.133.0.0 255.255.128.0 X.X.X.6 1
route outside1 61.133.128.0 255.255.128.0 X.X.X.1 1
route outside1 61.134.64.0 255.255.224.0 X.X.X.1 1
route outside 61.134.96.0 255.255.224.0 X.X.X.6 1
route outside 61.134.128.0 255.255.128.0 X.X.X.6 1
route outside 61.135.0.0 255.255.0.0 X.X.X.6 1
route outside 61.136.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.136.128.0 255.255.128.0 X.X.X.1 1
route outside1 61.137.0.0 255.255.128.0 X.X.X.1 1
route outside 61.137.128.0 255.255.128.0 X.X.X.6 1
route outside 61.138.0.0 255.255.128.0 X.X.X.6 1
route outside1 61.138.192.0 255.255.192.0 X.X.X.1 1
route outside1 61.139.0.0 255.255.128.0 X.X.X.1 1
route outside 61.139.128.0 255.255.192.0 X.X.X.6 1
route outside1 61.139.192.0 255.255.192.0 X.X.X.1 1
route outside1 61.140.0.0 255.252.0.0 X.X.X.1 1
route outside 61.144.0.0 255.248.0.0 X.X.X.6 1
route outside1 61.144.0.0 255.252.0.0 X.X.X.1 1
route outside 61.148.0.0 255.254.0.0 X.X.X.6 1
route outside1 61.152.0.0 255.252.0.0 X.X.X.1 1
route outside 61.156.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.157.0.0 255.255.0.0 X.X.X.1 1
route outside 61.158.0.0 255.255.0.0 X.X.X.6 1
route outside 61.159.0.0 255.255.192.0 X.X.X.6 1
route outside1 61.159.64.0 255.255.192.0 X.X.X.1 1
route outside1 61.159.128.0 255.255.128.0 X.X.X.1 1
route outside1 61.160.0.0 255.255.0.0 X.X.X.1 1
route outside 61.161.0.0 255.255.192.0 X.X.X.6 1
route outside1 61.161.64.0 255.255.192.0 X.X.X.1 1
route outside 61.161.128.0 255.255.128.0 X.X.X.6 1
route outside 61.162.0.0 255.254.0.0 X.X.X.6 1
route outside1 61.164.0.0 255.254.0.0 X.X.X.1 1
route outside1 61.166.0.0 255.255.0.0 X.X.X.1 1
route outside 61.167.0.0 255.255.0.0 X.X.X.6 1
route outside 61.168.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.169.0.0 255.255.0.0 X.X.X.1 1
route outside1 61.170.0.0 255.254.0.0 X.X.X.1 1
route outside1 61.172.0.0 255.252.0.0 X.X.X.1 1
route outside 61.176.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.177.0.0 255.255.0.0 X.X.X.1 1
route outside1 61.178.0.0 255.255.0.0 X.X.X.1 1
route outside 61.179.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.180.0.0 255.255.128.0 X.X.X.1 1
route outside 61.180.13.0 255.255.255.0 X.X.X.6 1
route outside 61.180.128.0 255.255.128.0 X.X.X.6 1
route outside 61.181.0.0 255.255.0.0 X.X.X.6 1
route outside 61.182.0.0 255.255.0.0 X.X.X.6 1
route outside1 61.183.0.0 255.255.0.0 X.X.X.1 1
route outside1 61.184.0.0 255.252.0.0 X.X.X.1 1
route outside1 61.188.0.0 255.255.0.0 X.X.X.1 1
route outside 61.189.0.0 255.255.128.0 X.X.X.6 1
route outside1 61.189.128.0 255.255.128.0 X.X.X.1 1
route outside1 61.190.0.0 255.254.0.0 X.X.X.1 1
route outside 61.236.0.0 255.254.0.0 X.X.X.6 1
route outside 61.237.148.0 255.255.255.0 X.X.X.6 1
route outside 125.32.0.0 255.255.0.0 X.X.X.6 1
route outside 125.58.128.0 255.255.128.0 X.X.X.6 1
route outside1 125.64.0.0 255.248.0.0 X.X.X.1 1
route outside1 125.72.0.0 255.255.0.0 X.X.X.1 1
route outside1 125.73.0.0 255.255.0.0 X.X.X.1 1
route outside1 125.80.0.0 255.248.0.0 X.X.X.1 1
route outside1 125.88.0.0 255.248.0.0 X.X.X.1 1
route outside1 125.104.0.0 255.248.0.0 X.X.X.1 1
route outside1 125.112.0.0 255.240.0.0 X.X.X.1 1
route inside 192.168.201.0 255.255.255.0 10.10.10.254 1
route inside 192.168.202.0 255.255.255.0 10.10.10.254 1
route inside 10.10.10.0 255.255.255.0 10.10.10.254 1
route inside 192.168.204.0 255.255.255.0 10.10.10.254 1
route inside 192.168.205.0 255.255.255.0 10.10.10.254 1
route inside 192.168.206.0 255.255.255.0 10.10.10.254 1
route inside 192.168.207.0 255.255.255.0 10.10.10.254 1
route outside 202.4.252.0 255.255.252.0 X.X.X.6 1
route outside 202.8.128.0 255.255.224.0 X.X.X.6 1
route outside 202.10.64.0 255.255.240.0 X.X.X.6 1
route outside 202.14.235.0 255.255.255.0 X.X.X.6 1
route outside 202.14.236.0 255.255.254.0 X.X.X.6 1
route outside 202.14.238.0 255.255.255.0 X.X.X.6 1
route outside 202.38.164.0 255.255.252.0 X.X.X.6 1
route outside 202.63.248.0 255.255.252.0 X.X.X.6 1
route outside 202.69.4.0 255.255.252.0 X.X.X.6 1
route outside 202.85.208.0 255.255.240.0 X.X.X.6 1
route outside 202.90.224.0 255.255.240.0 X.X.X.6 1
route outside 202.91.0.0 255.255.252.0 X.X.X.6 1
route outside 202.91.128.0 255.255.252.0 X.X.X.6 1
route outside 202.91.176.0 255.255.240.0 X.X.X.6 1
route outside 202.94.0.0 255.255.224.0 X.X.X.6 1
route outside 202.95.0.0 255.255.224.0 X.X.X.6 1
route outside 202.96.0.0 255.240.0.0 X.X.X.6 1
route outside1 202.96.96.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.104.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.112.0 255.255.240.0 X.X.X.1 1
route outside1 202.96.128.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.136.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.144.0 255.255.240.0 X.X.X.1 1
route outside1 202.96.160.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.168.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.176.0 255.255.240.0 X.X.X.1 1
route outside1 202.96.200.0 255.255.248.0 X.X.X.1 1
route outside1 202.96.208.0 255.255.240.0 X.X.X.1 1
route outside1 202.96.224.0 255.255.248.0 X.X.X.1 1
route outside1 202.97.0.0 255.255.248.0 X.X.X.1 1
route outside1 202.97.8.0 255.255.248.0 X.X.X.1 1
route outside1 202.97.16.0 255.255.240.0 X.X.X.1 1
route outside1 202.97.32.0 255.255.224.0 X.X.X.1 1
route outside1 202.97.64.0 255.255.224.0 X.X.X.1 1
route outside1 202.97.96.0 255.255.240.0 X.X.X.1 1
route outside1 202.97.112.0 255.255.240.0 X.X.X.1 1
route outside1 202.98.32.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.48.0 255.255.240.0 X.X.X.1 1
route outside1 202.98.64.0 255.255.224.0 X.X.X.1 1
route outside1 202.98.96.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.128.0 255.255.224.0 X.X.X.1 1
route outside1 202.98.160.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.168.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.192.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.200.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.208.0 255.255.240.0 X.X.X.1 1
route outside1 202.98.224.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.232.0 255.255.248.0 X.X.X.1 1
route outside1 202.98.240.0 255.255.240.0 X.X.X.1 1
route outside1 202.99.192.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.96.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.104.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.112.0 255.255.240.0 X.X.X.1 1
route outside1 202.100.136.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.160.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.168.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.176.0 255.255.240.0 X.X.X.1 1
route outside1 202.100.192.0 255.255.248.0 X.X.X.1 1
route outside1 202.100.208.0 255.255.240.0 X.X.X.1 1
route outside1 202.100.224.0 255.255.224.0 X.X.X.1 1
route outside1 202.101.0.0 255.255.192.0 X.X.X.1 1
route outside1 202.101.64.0 255.255.224.0 X.X.X.1 1
route outside1 202.101.96.0 255.255.224.0 X.X.X.1 1
route outside1 202.101.128.0 255.255.192.0 X.X.X.1 1
route outside1 202.101.224.0 255.255.248.0 X.X.X.1 1
route outside1 202.102.0.0 255.255.224.0 X.X.X.1 1
route outside1 202.102.32.0 255.255.224.0 X.X.X.1 1
route outside1 202.102.64.0 255.255.192.0 X.X.X.1 1
route outside1 202.103.0.0 255.255.248.0 X.X.X.1 1
route outside1 202.103.8.0 255.255.248.0 X.X.X.1 1
route outside1 202.103.16.0 255.255.240.0 X.X.X.1 1
route outside1 202.103.32.0 255.255.224.0 X.X.X.1 1
route outside1 202.103.192.0 255.255.224.0 X.X.X.1 1
route outside1 202.103.224.0 255.255.248.0 X.X.X.1 1
route outside1 202.104.0.0 255.254.0.0 X.X.X.1 1
route outside1 202.107.128.0 255.255.128.0 X.X.X.1 1
route outside1 202.109.0.0 255.255.0.0 X.X.X.1 1
route outside1 202.110.128.0 255.255.192.0 X.X.X.1 1
route outside1 202.111.0.0 255.255.128.0 X.X.X.1 1
route outside 202.122.32.0 255.255.248.0 X.X.X.6 1
route outside 202.122.64.0 255.255.224.0 X.X.X.6 1
route outside 202.123.96.0 255.255.240.0 X.X.X.6 1
route outside 202.127.0.0 255.255.248.0 X.X.X.6 1
route outside 202.127.212.0 255.255.252.0 X.X.X.6 1
route outside 202.136.252.0 255.255.252.0 X.X.X.6 1
route outside 202.180.128.0 255.255.224.0 X.X.X.6 1
route outside 203.79.0.0 255.255.240.0 X.X.X.6 1
route outside 203.90.0.0 255.255.252.0 X.X.X.6 1
route outside 203.90.192.0 255.255.224.0 X.X.X.6 1
route outside 203.93.0.0 255.255.0.0 X.X.X.6 1
route outside 203.128.128.0 255.255.224.0 X.X.X.6 1
route outside 203.134.240.0 255.255.248.0 X.X.X.6 1
route outside 203.175.128.0 255.255.224.0 X.X.X.6 1
route outside 203.175.192.0 255.255.192.0 X.X.X.6 1
route outside 203.196.0.0 255.255.248.0 X.X.X.6 1
route outside 203.207.64.0 255.255.192.0 X.X.X.6 1
route outside 203.207.128.0 255.255.128.0 X.X.X.6 1
route outside 210.12.0.0 255.254.0.0 X.X.X.6 1
route outside 210.14.160.0 255.255.224.0 X.X.X.6 1
route outside 210.14.192.0 255.255.192.0 X.X.X.6 1
route outside 210.15.0.0 255.255.128.0 X.X.X.6 1
route outside 210.15.128.0 255.255.192.0 X.X.X.6 1
route outside 210.21.0.0 255.255.0.0 X.X.X.6 1
route outside 210.22.0.0 255.255.0.0 X.X.X.6 1
route outside 210.45.128.0 255.255.240.0 X.X.X.6 1
route outside 210.51.0.0 255.255.0.0 X.X.X.6 1
route outside 210.52.0.0 255.254.0.0 X.X.X.6 1
route outside 210.72.96.0 255.255.240.0 X.X.X.6 1
route outside 210.73.32.0 255.255.224.0 X.X.X.6 1
route outside 210.74.96.0 255.255.224.0 X.X.X.6 1
route outside 210.74.128.0 255.255.224.0 X.X.X.6 1
route outside 210.78.0.0 255.255.224.0 X.X.X.6 1
route outside 210.82.0.0 255.254.0.0 X.X.X.6 1
route outside 211.64.0.0 255.248.0.0 X.X.X.6 1
route outside 211.95.192.0 255.255.192.0 X.X.X.6 1
route outside 211.97.245.0 255.255.255.0 X.X.X.6 1
route outside 211.144.0.0 255.240.0.0 X.X.X.6 1
route outside 211.163.0.0 255.255.0.0 X.X.X.6 1
route outside 218.4.0.0 255.252.0.0 X.X.X.6 1
route outside1 218.4.0.0 255.254.0.0 X.X.X.1 1
route outside1 218.6.0.0 255.255.0.0 X.X.X.1 1
route outside 218.8.0.0 255.252.0.0 X.X.X.6 1
route outside 218.12.0.0 255.255.0.0 X.X.X.6 1
route outside1 218.13.0.0 255.255.0.0 X.X.X.1 1
route outside1 218.14.0.0 255.254.0.0 X.X.X.1 1
route outside1 218.16.0.0 255.252.0.0 X.X.X.1 1
route outside1 218.20.0.0 255.255.0.0 X.X.X.1 1
route outside1 218.21.0.0 255.255.128.0 X.X.X.1 1
route outside 218.21.128.0 255.255.128.0 X.X.X.6 1
route outside1 218.22.0.0 255.254.0.0 X.X.X.1 1
route outside 218.24.0.0 255.252.0.0 X.X.X.6 1
route outside 218.28.0.0 255.254.0.0 X.X.X.6 1
route outside1 218.30.0.0 255.254.0.0 X.X.X.1 1
route outside 218.56.0.0 255.252.0.0 X.X.X.6 1
route outside 218.60.0.0 255.254.0.0 X.X.X.6 1
route outside 218.62.0.0 255.255.128.0 X.X.X.6 1
route outside1 218.62.128.0 255.255.128.0 X.X.X.1 1
route outside1 218.63.0.0 255.255.0.0 X.X.X.1 1
route outside1 218.64.0.0 255.254.0.0 X.X.X.1 1
route outside1 218.66.0.0 255.255.0.0 X.X.X.1 1
route outside1 218.67.0.0 255.255.128.0 X.X.X.1 1
route outside 218.67.128.0 255.255.128.0 X.X.X.6 1
route outside 218.68.0.0 255.254.0.0 X.X.X.6 1
route outside1 218.70.0.0 255.254.0.0 X.X.X.1 1
route outside1 218.72.0.0 255.248.0.0 X.X.X.1 1
route outside1 218.80.0.0 255.240.0.0 X.X.X.1 1
route outside 218.96.0.0 255.252.0.0 X.X.X.6 1
route outside 218.104.0.0 255.255.0.0 X.X.X.6 1
route outside 218.106.0.0 255.254.0.0 X.X.X.6 1
route outside 218.108.0.0 255.254.0.0 X.X.X.6 1
route outside 219.82.0.0 255.255.0.0 X.X.X.6 1
route outside1 219.128.0.0 255.240.0.0 X.X.X.1 1
route outside 219.141.128.0 255.255.128.0 X.X.X.6 1
route outside 219.142.0.0 255.254.0.0 X.X.X.6 1
route outside1 219.144.0.0 255.248.0.0 X.X.X.1 1
route outside1 219.152.0.0 255.254.0.0 X.X.X.1 1
route outside 219.154.0.0 255.254.0.0 X.X.X.6 1
route outside 219.156.0.0 255.254.0.0 X.X.X.6 1
route outside 219.158.0.0 255.255.0.0 X.X.X.6 1
route outside 219.159.0.0 255.255.192.0 X.X.X.6 1
route outside1 219.159.64.0 255.255.192.0 X.X.X.1 1
route outside1 219.159.128.0 255.255.128.0 X.X.X.1 1
route outside 219.216.0.0 255.248.0.0 X.X.X.6 1
route outside1 220.160.0.0 255.224.0.0 X.X.X.1 1
route outside 220.192.0.0 255.240.0.0 X.X.X.6 1
route outside 220.248.0.0 255.252.0.0 X.X.X.6 1
route outside 220.250.0.0 255.255.0.0 X.X.X.6 1
route outside 220.252.0.0 255.255.0.0 X.X.X.6 1
route outside 221.0.0.0 255.248.0.0 X.X.X.6 1
route outside 221.6.0.0 255.255.0.0 X.X.X.6 1
route outside 221.7.0.0 255.255.192.0 X.X.X.6 1
route outside 221.7.64.0 255.255.224.0 X.X.X.6 1
route outside 221.7.128.0 255.255.128.0 X.X.X.6 1
route outside 221.8.0.0 255.254.0.0 X.X.X.6 1
route outside 221.10.0.0 255.255.0.0 X.X.X.6 1
route outside 221.11.0.0 255.255.128.0 X.X.X.6 1
route outside 221.11.128.0 255.255.192.0 X.X.X.6 1
route outside 221.11.192.0 255.255.224.0 X.X.X.6 1
route outside 221.12.0.0 255.255.128.0 X.X.X.6 1
route outside 221.13.0.0 255.255.0.0 X.X.X.6 1
route outside 221.14.0.0 255.254.0.0 X.X.X.6 1
route outside 221.122.0.0 255.254.0.0 X.X.X.6 1
route outside 221.136.0.0 255.254.0.0 X.X.X.6 1
route outside 221.172.0.0 255.252.0.0 X.X.X.6 1
route outside 221.192.0.0 255.252.0.0 X.X.X.6 1
route outside 221.196.0.0 255.254.0.0 X.X.X.6 1
route outside 221.198.0.0 255.255.0.0 X.X.X.6 1
route outside 221.199.0.0 255.255.224.0 X.X.X.6 1
route outside 221.199.32.0 255.255.240.0 X.X.X.6 1
route outside 221.199.128.0 255.255.192.0 X.X.X.6 1
route outside 221.199.192.0 255.255.240.0 X.X.X.6 1
route outside 221.200.0.0 255.248.0.0 X.X.X.6 1
route outside 221.207.0.0 255.255.192.0 X.X.X.6 1
route outside 221.208.0.0 255.240.0.0 X.X.X.6 1
route outside 221.208.0.0 255.252.0.0 X.X.X.6 1
route outside1 221.224.0.0 255.248.0.0 X.X.X.1 1
route outside1 221.232.0.0 255.252.0.0 X.X.X.1 1
route outside1 221.236.0.0 255.254.0.0 X.X.X.1 1
route outside1 221.238.0.0 255.255.0.0 X.X.X.1 1
route outside1 221.239.0.0 255.255.128.0 X.X.X.1 1
route outside1 221.239.128.0 255.255.128.0 X.X.X.1 1
route outside 222.32.0.0 255.224.0.0 X.X.X.6 1
route outside1 222.72.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.74.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.75.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.76.0.0 255.252.0.0 X.X.X.1 1
route outside1 222.80.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.82.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.83.0.0 255.255.128.0 X.X.X.1 1
route outside1 222.83.128.0 255.255.128.0 X.X.X.1 1
route outside1 222.84.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.85.0.0 255.255.128.0 X.X.X.1 1
route outside1 222.85.128.0 255.255.128.0 X.X.X.1 1
route outside1 222.86.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.88.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.90.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.92.0.0 255.252.0.0 X.X.X.1 1
route outside 222.128.0.0 255.240.0.0 X.X.X.6 1
route outside 222.160.0.0 255.252.0.0 X.X.X.6 1
route outside1 222.168.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.172.0.0 255.255.128.0 X.X.X.1 1
route outside1 222.172.128.0 255.255.128.0 X.X.X.1 1
route outside1 222.173.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.174.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.176.0.0 255.248.0.0 X.X.X.1 1
route outside1 222.184.0.0 255.248.0.0 X.X.X.1 1
route outside1 222.208.0.0 255.248.0.0 X.X.X.1 1
route outside1 222.216.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.218.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.219.0.0 255.255.0.0 X.X.X.1 1
route outside1 222.220.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.222.0.0 255.254.0.0 X.X.X.1 1
route outside1 222.240.0.0 255.248.0.0 X.X.X.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
http server enable
http 0.0.0.0 0.0.0.0 inside
http 0.0.0.0 0.0.0.0 guanli
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps snmp authentication linkup linkdown coldstart
sysopt noproxyarp inside
crypto ipsec transform-set *** esp-des esp-md5-hmac
crypto map *** 10 match address ***
crypto map *** 10 set pfs group1
crypto map *** 10 set peer X.X.X.X
crypto map *** 10 set transform-set ***
crypto map *** 20 match address ***1
crypto map *** 20 set pfs group1
crypto map *** 20 set peer X.X.X.X
crypto map *** 20 set transform-set ***
crypto map *** interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption des
hash md5
group 1
lifetime 86400
crypto isakmp ipsec-over-tcp port 10000
telnet 10.10.10.0 255.255.255.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 10
console timeout 0
threat-detection basic-threat
threat-detection statistics port
threat-detection statistics protocol
threat-detection statistics access-list
group-policy DfltGrpPolicy attributes
***-tunnel-protocol IPSec -ipsec
group-policy ipsec internal
username cisco password 9bDthaBXlMp encrypted
tunnel-group DefaultRAGroup general-attributes
default-group-policy ipsec
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key *
tunnel-group DefaultRAGroup ppp-attributes
authentication ms-chap-v2
tunnel-group X.X.X.X type ipsec-l2l
tunnel-group X.X.X.X ipsec-attributes
pre-shared-key *
tunnel-group X.X.X.X type ipsec-l2l
tunnel-group X.X.X.X ipsec-attributes
pre-shared-key *
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect pptp
inspect icmp
inspect ipsec-pass-thru
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:d89690e3e03538a3a0dcf52bc94320c8
: end