hostname MYASA
enable password xxxxxx
password encryption aes
username stan privilege 15
username stan password xxxx

user-identity default-domain LOCAL
aaa authentication ssh console LOCAL 
aaa authentication http console LOCAL 
aaa authentication enable console LOCAL 
aaa authentication secure-http-client
aaa local authentication attempts max-fail 3
aaa authorization exec LOCAL auto-enable
aaa authorization http console LOCAL
aaa authentication login-history

banner motd "Access to this Device only permitted on authoisaton by $(domain) 

crypto key generate rsa modules 1024
ssh x.x.x.x y.y.y.y Management


interface GigabitEthernet0/0.100
vlan 100
nameif LAN-Vl100
security-level 100
ip address x.x.100.1 255.255.255.0 

interface GigabitEthernet0/0.101
vlan 101
nameif LAN-Vl101
security-level 100
ip address x.x.101.1 255.255.255.0 

interface GigabitEthernet0/0.102
vlan 102
nameif LAN-Vl102
security-level 100
ip address x.x.102.1 255.255.255.0 

interface GigabitEthernet0/1
nameif Outside
security-level 0
ip address 1.1.1.1 255.255.255.252 


interface Management0/0
nameif Management
no security-level
ip address x.x.x.x y.y.y.y

ftp mode passive
same-security-traffic permit inter-interface

object network LAN1
subnet x.x.100.0 255.255.255.0

object network LAN2
subnet x.x.101.0 255.255.255.0

object network LAN3
subnet x.x.102.0 255.255.255.0

object-group network LANs
network-object object LAN1
network-object object LAN2
network-object object LAN3

route Outside 0.0.0.0 0.0.0.0 1.1.1.2
nat (any,Outside) source dynamic LANs interface description PAT



dhcpd dns 8.8.8.8 8.8.4.4
dhcpd lease 14400
dhcpd domain mydomain.net
dhcpd address 10.1.100.10-10.1.100.250 Vl100
dhcpd enable Vl100

dhcpd address 10.1.101.10-10.1.101.250 Vl101
dhcpd enable Vl101

dhcpd address 10.1.102.10-10.1.102.250 Vl102
dhcpd enable Vl102


policy-map global_policy
class inspection_default
inspect icmp