ciscoasa# sh run
: Saved

: 
: Serial Number: JAD23260QLS
: Hardware:   ASA5508, 8192 MB RAM, CPU Atom C2000 series 2000 MHz, 1 CPU (8 cores)
:
ASA Version 9.8(4)8 
!
hostname ciscoasa
enable password $sha512$5000$jWkJMPPQmQWUEjWhrmYvOw==$tHB8TPhBIkQeoknGXl8P4Q== pbkdf2
names
no mac-address auto

!
interface GigabitEthernet1/1
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/2
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/3
 shutdown     
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/4
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/5
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/6
 nameif TEST
 security-level 0
 ip address 10.10.10.10 255.255.255.0 
!
interface GigabitEthernet1/7
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/8
 no nameif
 no security-level
 no ip address
!
interface Management1/1
 management-only
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Redundant1
 member-interface GigabitEthernet1/1
 member-interface GigabitEthernet1/2
 nameif OA
 security-level 0
 ip address 192.168.94.11 255.255.255.0 
!
interface Redundant2
 member-interface GigabitEthernet1/7
 member-interface GigabitEthernet1/8
 nameif FA
 security-level 0
 ip address 192.168.247.11 255.255.255.0 
!
boot system disk0:/asa984-8-lfbff-k8.SPA
ftp mode passive
clock timezone KST 9
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj_any
 subnet 0.0.0.0 0.0.0.0
object network TCO
 host 192.168.247.15
object network TCO-TEST
 host 192.168.247.15
object network TCO-TEST1
 host 192.168.94.16
access-list OA_access_in extended permit ip any any 
access-list OA_access_in extended permit icmp any any 
access-list FA_access_in extended permit icmp any any 
access-list FA_access_in extended permit ip any any 
access-list global_access extended permit ip any any 
pager lines 24
logging enable
logging asdm informational
mtu TEST 1500
mtu OA 1500
mtu FA 1500
no failover
no monitor-interface service-module 
icmp unreachable rate-limit 1 burst-size 1
icmp permit any TEST
icmp permit any OA
icmp permit any FA
asdm image disk0:/asdm-7121.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
arp rate-limit 16384
!
object network TCO
 nat (FA,OA) static 192.168.94.16
access-group OA_access_in in interface OA
access-group FA_access_in in interface FA
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
timeout conn-holddown 0:00:15
timeout igp stale-route 0:01:10
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL 
aaa authentication http console LOCAL 
aaa authentication login-history
http server enable
http 0.0.0.0 0.0.0.0 OA
http 0.0.0.0 0.0.0.0 FA
http 0.0.0.0 0.0.0.0 TEST
no snmp-server location
no snmp-server contact
service sw-reset-button
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpool policy
telnet timeout 5
ssh stricthostkeycheck
ssh 0.0.0.0 0.0.0.0 OA
ssh 0.0.0.0 0.0.0.0 FA
ssh timeout 5 
ssh key-exchange group dh-group1-sha1
console timeout 0

dhcpd auto_config OA
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
dynamic-access-policy-record DfltAccessPolicy
username admin password $sha512$5000$NVLsiRNN4PXXu45HlIx6xA==$H1CsIpdsudHtA3f6Y9ZY0Q== pbkdf2 privilege 15
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum client auto
  message-length maximum 512
  no tcp-inspection
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect rsh 
  inspect rtsp 
  inspect esmtp 
  inspect sqlnet 
  inspect skinny  
  inspect sunrpc 
  inspect xdmcp 
  inspect sip  
  inspect netbios 
  inspect tftp 
  inspect ip-options 
!
service-policy global_policy global
prompt hostname context 
no call-home reporting anonymous
Cryptochecksum:9ba614951b934278f4f46c2e922edd91
: end
ciscoasa# sh xlate
1 in use, 3 most used
Flags: D - DNS, e - extended, I - identity, i - dynamic, r - portmap,
       s - static, T - twice, N - net-to-net
NAT from FA:192.168.247.15 to OA:192.168.94.16
    flags s idle 0:21:53 timeout 0:00:00

ciscoasa# sh nat

Auto NAT Policies (Section 2)
1 (FA) to (OA) source static TCO 192.168.94.16 
    translate_hits = 6, untranslate_hits = 358
ciscoasa#