Syslog logging: enabled Facility: 20 Timestamp logging: enabled Standby logging: disabled Debug-trace logging: disabled Console logging: level emergencies, 0 messages logged Monitor logging: level emergencies, 0 messages logged Buffer logging: level informational, 132544 messages logged Trap logging: disabled Permit-hostdown logging: disabled History logging: disabled Device ID: disabled Mail logging: disabled ASDM logging: level informational, 132544 messages logged .146/80 duration 0:00:30 bytes 0 SYN Timeout (test) Dec 17 2015 14:42:11: %ASA-6-302013: Built inbound TCP connection 64614 for internet:172.16.26.101/49485 (172.16.26.101/49485)(LOCAL\test) to local:172.30.1.1/80 (172.30.1.1/80) (test) Dec 17 2015 14:42:12: %ASA-6-302013: Built inbound TCP connection 64615 for internet:172.16.26.101/49486 (172.16.26.101/49486)(LOCAL\test) to local:10.76.74.145/80 (10.76.74.145/80) (test) Dec 17 2015 14:42:20: %ASA-6-302014: Teardown TCP connection 64612 for internet:172.16.26.101/49484(LOCAL\test) to local:172.30.1.1/80 duration 0:00:30 bytes 0 SYN Timeout (test) Dec 17 2015 14:42:33: %ASA-6-302013: Built inbound TCP connection 64616 for internet:172.16.26.101/49487 (172.16.26.101/49487)(LOCAL\test) to local:10.76.74.145/80 (10.76.74.145/80) (test) Dec 17 2015 14:42:41: %ASA-6-302014: Teardown TCP connection 64614 for internet:172.16.26.101/49485(LOCAL\test) to local:172.30.1.1/80 duration 0:00:30 bytes 0 SYN Timeout (test) Dec 17 2015 14:42:42: %ASA-6-302014: Teardown TCP connection 64615 for internet:172.16.26.101/49486(LOCAL\test) to local:10.76.74.145/80 duration 0:00:30 bytes 0 SYN Timeout (test) Dec 17 2015 14:42:43: %ASA-6-302013: Built inbound TCP connection 64617 for internet:172.16.26.101/49488 (172.16.26.101/49488)(LOCAL\test) to local:10.76.74.145/80 (10.76.74.145/80) (test) Dec 17 2015 14:42:51: %ASA-6-302016: Teardown UDP connection 64464 for internet:61.61.61.2/57223 to identity:210.210.114.1/500 duration 0:02:57 bytes 3589 Dec 17 2015 14:43:04: %ASA-6-302013: Built inbound TCP connection 64618 for internet:172.16.26.101/49489 (172.16.26.101/49489)(LOCAL\test) to local:172.30.1.1/80 (172.30.1.1/80) (test) Dec 17 2015 14:43:18: %ASA-6-302016: Teardown UDP connection 64605 for internet:61.61.61.2/63286 to identity:210.210.114.1/500 duration 0:02:05 bytes 3445 Dec 17 2015 14:43:25: %ASA-6-302021: Teardown ICMP connection for faddr 172.16.26.101/0(LOCAL\test) gaddr 10.254.238.254/0 laddr 10.254.238.254/0 Dec 17 2015 14:43:34: %ASA-6-302014: Teardown TCP connection 64618 for internet:172.16.26.101/49489(LOCAL\test) to local:172.30.1.1/80 duration 0:00:30 bytes 0 SYN Timeout (test) Dec 17 2015 14:43:36: %ASA-6-302015: Built inbound UDP connection 64619 for internet:61.61.61.2/63286 (61.61.61.2/63286) to identity:210.210.114.1/500 (210.210.114.1/500) Dec 17 2015 14:43:38: %ASA-6-302013: Built inbound TCP connection 64620 for internet:172.16.26.101/49490 (172.16.26.101/49490)(LOCAL\test) to local:10.75.74.147/80 (10.75.74.147/80) (test) Dec 17 2015 14:43:38: %ASA-6-302020: Built outbound ICMP connection for faddr 172.16.26.101/0(LOCAL\test) gaddr 10.254.238.254/0 laddr 10.254.238.254/0 Dec 17 2015 14:43:40: %ASA-6-302021: Teardown ICMP connection for faddr 172.16.26.101/0(LOCAL\test) gaddr 10.254.238.254/0 laddr 10.254.238.254/0 Dec 17 2015 14:43:41: %ASA-6-302020: Built outbound ICMP connection for faddr 172.16.26.101/0(LOCAL\test) gaddr 10.254.238.254/0 laddr 10.254.238.254/0 Dec 17 2015 14:43:43: %ASA-6-302021: Teardown ICMP connection for faddr 172.16.26.101/0(LOCAL\test) gaddr 10.254.238.254/0 laddr 10.254.238.254/0 Dec 17 2015 14:43:44: %ASA-6-302020: Built outbound ICMP connection for faddr 172.16.26.101/0(LOCAL\test) gaddr 10.254.238.254/0 laddr 10.254.238.254/0 Dec 17 2015 14:43:46: %ASA-6-302021: Teardown ICMP connection for faddr 172.16.26.101/0(LOCAL\test) gaddr 10.254.238.254/0 laddr 10.254.238.254/0 Dec 17 2015 14:43:47: %ASA-6-302020: Built outbound ICMP connection for faddr 172.16.26.101/0(LOCAL\test) gaddr 10.254.238.254/0 laddr 10.254.238.254/0 VPN001# sh running-config : Saved : ASA Version 9.1(2) ! hostname VPN001 enable password 2KFQnbNIdI.2KYOU encrypted xlate per-session deny tcp any4 any4 xlate per-session deny tcp any4 any6 xlate per-session deny tcp any6 any4 xlate per-session deny tcp any6 any6 xlate per-session deny udp any4 any4 eq domain xlate per-session deny udp any4 any6 eq domain xlate per-session deny udp any6 any4 eq domain xlate per-session deny udp any6 any6 eq domain passwd 2KFQnbNIdI.2KYOU encrypted names name 10.0.0.0 local-classA description ClassA name 172.16.0.0 local-classB description ClassB name 192.168.0.0 local-classC description ClassC ip local pool Test 172.16.26.101-172.16.26.200 ! interface GigabitEthernet0/0 nameif internet security-level 0 ip address 210.210.114.1 255.255.255.252 ! interface GigabitEthernet0/1 nameif local security-level 100 ip address 10.254.238.253 255.255.255.0 ! interface GigabitEthernet0/2 nameif dmz security-level 50 ip address 202.21.200.146 255.255.255.240 ! interface GigabitEthernet0/3 description LAN Failover Interface no nameif no security-level no ip address ! interface GigabitEthernet0/4 description STATE Failover Interface shutdown no nameif no security-level no ip address ! interface GigabitEthernet0/5 shutdown no nameif no security-level no ip address ! interface Management0/0 management-only nameif management security-level 100 ip address 10.91.137.226 255.255.255.0 ! ftp mode passive clock timezone JST 9 dns server-group DefaultDNS domain-name test.co.jp access-list ACL_IN remark Test access-list ACL_IN extended permit ip any any no pager logging enable logging timestamp logging list DAP level informational class auth logging list DAP level debugging class dap logging console emergencies logging monitor emergencies logging buffered informational logging asdm informational logging host local 172.16.2.11 format emblem mtu internet 1500 mtu local 1500 mtu dmz 1500 mtu management 1500 no failover icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 no arp permit-nonconnected access-group ACL_IN in interface internet access-group ACL_IN out interface internet route internet 0.0.0.0 0.0.0.0 210.210.114.2 1 route local local-classA 255.0.0.0 10.254.238.254 1 route local local-classB 255.240.0.0 10.254.238.254 1 route local local-classC 255.255.0.0 10.254.238.254 1 timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 user-identity default-domain LOCAL http server enable http 10.0.8.0 255.255.255.0 local http 10.0.254.170 255.255.255.255 local http 172.16.21.0 255.255.255.0 local http 10.0.249.1 255.255.255.255 local http 10.0.249.2 255.255.255.255 local snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec ikev1 transform-set myset esp-3des esp-md5-hmac crypto ipsec ikev1 transform-set Test esp-3des esp-md5-hmac crypto ipsec security-association pmtu-aging infinite crypto dynamic-map Test 1 set ikev1 transform-set Test crypto dynamic-map Test 1 set security-association lifetime seconds 28800 crypto dynamic-map Test 1 set security-association lifetime kilobytes 4608000 crypto dynamic-map Test 1 set reverse-route crypto map Internet_map 1 ipsec-isakmp dynamic Test crypto map Internet_map interface internet crypto ca trustpool policy crypto ikev1 enable internet crypto ikev1 policy 1 authentication pre-share encryption 3des hash md5 group 2 lifetime 86400 crypto ikev1 policy 2 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 crypto ikev1 policy 3 authentication pre-share encryption 3des hash sha group 2 lifetime 28800 crypto ikev1 policy 65535 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 telnet local-classA 255.0.0.0 management ssh timeout 5 ssh key-exchange group dh-group1-sha1 console timeout 0 threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept username test password klG8DjnONmXulxVH encrypted tunnel-group Test type remote-access tunnel-group Test general-attributes address-pool Test tunnel-group Test ipsec-attributes ikev1 pre-shared-key ***** ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect ip-options inspect netbios inspect rsh inspect rtsp inspect skinny inspect esmtp inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp inspect icmp ! service-policy global_policy global prompt hostname context call-home reporting anonymous prompt 2 call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email callhome@cisco.com destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly 20 subscribe-to-alert-group configuration periodic monthly 20 subscribe-to-alert-group telemetry periodic daily Cryptochecksum:3223497b9868ac9d4fce20b9dc3a48e6 : end VPN001#