ASA-INDRA# show tech-support Cisco Adaptive Security Appliance Software Version 9.1(1) Device Manager Version 7.1(1) Compiled on Wed 28-Nov-12 10:38 by builders System image file is "disk0:/asa911-k8.bin" Config file at boot was "startup-config" ASA-INDRA up 54 days 18 hours failover cluster up 54 days 18 hours Hardware: ASA5540, 2048 MB RAM, CPU Pentium 4 2000 MHz, Internal ATA Compact Flash, 256MB BIOS Flash M50FW080 @ 0xfff00000, 1024KB Encryption hardware device : Cisco ASA-55xx on-board accelerator (revision 0x0) Boot microcode : CN1000-MC-BOOT-2.00 SSL/IKE microcode : CNLite-MC-SSLm-PLUS-2.03 IPSec microcode : CNlite-MC-IPSECm-MAIN-2.08 Number of accelerators: 1 0: Ext: GigabitEthernet0/0 : address is 5475.d026.e0e4, irq 9 1: Ext: GigabitEthernet0/1 : address is 5475.d026.e0e5, irq 9 2: Ext: GigabitEthernet0/2 : address is 5475.d026.e0e6, irq 9 3: Ext: GigabitEthernet0/3 : address is 5475.d026.e0e7, irq 9 4: Ext: Management0/0 : address is 5475.d026.e0e8, irq 11 5: Int: Not used : irq 11 6: Int: Not used : irq 5 Licensed features for this platform: Maximum Physical Interfaces : Unlimited perpetual Maximum VLANs : 200 perpetual Inside Hosts : Unlimited perpetual Failover : Active/Active perpetual Encryption-DES : Enabled perpetual Encryption-3DES-AES : Enabled perpetual Security Contexts : 2 perpetual GTP/GPRS : Disabled perpetual AnyConnect Premium Peers : 2 perpetual AnyConnect Essentials : Disabled perpetual Other VPN Peers : 5000 perpetual Total VPN Peers : 5000 perpetual Shared License : Disabled perpetual AnyConnect for Mobile : Disabled perpetual AnyConnect for Cisco VPN Phone : Disabled perpetual Advanced Endpoint Assessment : Disabled perpetual UC Phone Proxy Sessions : 2 perpetual Total UC Proxy Sessions : 2 perpetual Botnet Traffic Filter : Disabled perpetual Intercompany Media Engine : Disabled perpetual Cluster : Enabled perpetual This platform has an ASA 5540 VPN Premium license. Serial Number: JMX1419L0EU Running Permanent Activation Key: 0xf8204668 0xe81efec9 0x08e16dc4 0xbe58fc04 0xcd24d191 Configuration register is 0x1 Configuration last modified by aramosd at 18:25:20.341 BRST Mon Mar 16 2015 ------------------ show disk0: controller ------------------ Flash Model: Flash Card ------------------ show clock ------------------ 10:07:18.819 BRST Tue Mar 17 2015 ------------------ show crashinfo ------------------ Saved crash: 21:00:00.000 BRST Wed Dec 31 1969 ------------------ show module ------------------ Mod Card Type Model Serial No. ---- -------------------------------------------- ------------------ ----------- 0 ASA 5540 Adaptive Security Appliance ASA5540 JMX1419L0EU Mod MAC Address Range Hw Version Fw Version Sw Version ---- --------------------------------- ------------ ------------ --------------- 0 5475.d026.e0e4 to 5475.d026.e0e8 2.0 1.0(11)5 9.1(1) Mod SSM Application Name Status SSM Application Version ---- ------------------------------ ---------------- -------------------------- Mod Status Data Plane Status Compatibility ---- ------------------ --------------------- ------------- 0 Up Sys Not Applicable ------------------ show memory ------------------ Free memory: 1611771976 bytes (75%) Used memory: 535711672 bytes (25%) ------------- ------------------ Total memory: 2147483648 bytes (100%) ------------------ show conn count ------------------ 2619 in use, 7394 most used ------------------ show xlate count ------------------ 98 in use, 165 most used ------------------ show vpn-sessiondb summary ------------------ --------------------------------------------------------------------------- VPN Session Summary --------------------------------------------------------------------------- Active : Cumulative : Peak Concur : Inactive ---------------------------------------------- Site-to-Site VPN : 1 : 42 : 2 IKEv2 IPsec : 1 : 17 : 1 IKEv1 IPsec : 0 : 25 : 1 --------------------------------------------------------------------------- Total Active and Inactive : 1 Total Cumulative : 42 Device Total VPN Capacity : 5000 Device Load : 0% --------------------------------------------------------------------------- --------------------------------------------------------------------------- Tunnels Summary --------------------------------------------------------------------------- Active : Cumulative : Peak Concurrent ---------------------------------------------- IKEv1 : 0 : 25 : 1 IKEv2 : 1 : 17 : 1 IPsec : 3 : 63 : 5 --------------------------------------------------------------------------- Totals : 4 : 105 --------------------------------------------------------------------------- ------------------ show blocks ------------------ SIZE MAX LOW CNT 0 950 945 950 4 500 499 499 80 1400 1374 1400 256 2600 2584 2595 1550 11986 11602 11719 2048 2100 2098 2100 2560 3852 3851 3852 4096 100 99 100 8192 152 151 152 16384 210 210 210 65536 16 16 16 CORE LIMIT ALLOC HIGH CNT FAILED 0 24576 937 937 901 0 ------------------ show blocks queue history detail ------------------ History buffer memory usage: 2832 bytes (default) History analysis time limit: 100 msec Please see 'show blocks exhaustion snapshot' for more information ------------------ show interface ------------------ Interface GigabitEthernet0/0 "inside", is up, line protocol is up Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec Auto-Duplex(Full-duplex), Auto-Speed(1000 Mbps) Input flow control is unsupported, output flow control is off MAC address 5475.d026.e0e4, MTU 1500 IP address 10.209.14.1, subnet mask 255.255.255.128 2820569755 packets input, 1550986464369 bytes, 0 no buffer Received 152 broadcasts, 0 runts, 0 giants 121496 input errors, 0 CRC, 0 frame, 121496 overrun, 0 ignored, 0 abort 0 pause input, 0 resume input 0 L2 decode drops 4195436430 packets output, 4675378426536 bytes, 0 underruns 0 pause output, 0 resume output 0 output errors, 0 collisions, 1 interface resets 0 late collisions, 0 deferred 0 input reset drops, 0 output reset drops, 0 tx hangs input queue (blocks free curr/low): hardware (511/486) output queue (blocks free curr/low): hardware (511/345) Traffic Statistics for "inside": 2820569740 packets input, 1497207298240 bytes 4195436430 packets output, 4596496167759 bytes 1571739 packets dropped 1 minute input rate 730 pkts/sec, 744059 bytes/sec 1 minute output rate 523 pkts/sec, 135512 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 1652 pkts/sec, 2112975 bytes/sec 5 minute output rate 789 pkts/sec, 122109 bytes/sec 5 minute drop rate, 0 pkts/sec Control Point Interface States: Interface number is 2 Interface config status is active Interface state is active Interface GigabitEthernet0/1 "", is up, line protocol is up Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec Auto-Duplex(Full-duplex), Auto-Speed(1000 Mbps) Input flow control is unsupported, output flow control is off Available but not configured via nameif MAC address 5475.d026.e0e5, MTU not set IP address unassigned 5237437991 packets input, 4922081885542 bytes, 0 no buffer Received 259 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 pause input, 0 resume input 0 L2 decode drops 4628060283 packets output, 3477684946665 bytes, 0 underruns 0 pause output, 0 resume output 0 output errors, 0 collisions, 41 interface resets 0 late collisions, 0 deferred 4 input reset drops, 8029 output reset drops, 37 tx hangs input queue (blocks free curr/low): hardware (511/486) output queue (blocks free curr/low): hardware (511/319) Control Point Interface States: Interface number is 3 Interface config status is active Interface state is active Interface GigabitEthernet0/1.10 "MPLS_INTELIG", is up, line protocol is up Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec VLAN identifier 10 MAC address 5475.d026.e0e5, MTU 1500 IP address 172.19.235.113, subnet mask 255.255.255.248 Traffic Statistics for "MPLS_INTELIG": 2164770 packets input, 206578362 bytes 1449001 packets output, 105773378 bytes 699863 packets dropped Control Point Interface States: Interface number is 8 Interface config status is active Interface state is active Control Point Vlan10 States: Interface vlan config status is active Interface vlan state is UP Interface GigabitEthernet0/1.20 "MPLS_EBT", is up, line protocol is up Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec VLAN identifier 20 MAC address 5475.d026.e0e5, MTU 1500 IP address 172.19.235.97, subnet mask 255.255.255.248 Traffic Statistics for "MPLS_EBT": 5234947336 packets input, 4802387046360 bytes 4626642779 packets output, 3375166236456 bytes 694821 packets dropped Control Point Interface States: Interface number is 9 Interface config status is active Interface state is active Control Point Vlan20 States: Interface vlan config status is active Interface vlan state is UP Interface GigabitEthernet0/2 "", is up, line protocol is up Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec Auto-Duplex(Full-duplex), Auto-Speed(1000 Mbps) Input flow control is unsupported, output flow control is off Available but not configured via nameif MAC address 5475.d026.e0e6, MTU not set IP address unassigned 317278 packets input, 27389714 bytes, 0 no buffer Received 147860 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 pause input, 0 resume input 0 L2 decode drops 169332 packets output, 18652656 bytes, 0 underruns 0 pause output, 0 resume output 0 output errors, 0 collisions, 1 interface resets 0 late collisions, 0 deferred 1 input reset drops, 0 output reset drops, 0 tx hangs input queue (blocks free curr/low): hardware (511/510) output queue (blocks free curr/low): hardware (511/509) Control Point Interface States: Interface number is 4 Interface config status is active Interface state is active Interface GigabitEthernet0/2.70 "DMZ", is up, line protocol is up Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec VLAN identifier 70 Description: CONEXAO DMZ MAC address 5475.d026.e0e6, MTU 1500 IP address 10.209.12.129, subnet mask 255.255.255.128 Traffic Statistics for "DMZ": 317287 packets input, 20409342 bytes 169332 packets output, 14922486 bytes 66068 packets dropped Control Point Interface States: Interface number is 10 Interface config status is active Interface state is active Control Point Vlan70 States: Interface vlan config status is active Interface vlan state is UP Interface GigabitEthernet0/3 "SONICWALL", is up, line protocol is up Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec Auto-Duplex(Full-duplex), Auto-Speed(1000 Mbps) Input flow control is unsupported, output flow control is off MAC address 5475.d026.e0e7, MTU 1500 IP address 10.209.8.253, subnet mask 255.255.255.252 518729968683 packets input, 47115456284582 bytes, 0 no buffer Received 15646 broadcasts, 0 runts, 0 giants 199340 input errors, 1 CRC, 0 frame, 199339 overrun, 0 ignored, 0 abort 0 pause input, 0 resume input 0 L2 decode drops 518063147449 packets output, 45489999061951 bytes, 6 underruns 0 pause output, 0 resume output 0 output errors, 0 collisions, 5 interface resets 0 late collisions, 0 deferred 0 input reset drops, 0 output reset drops, 0 tx hangs input queue (blocks free curr/low): hardware (511/486) output queue (blocks free curr/low): hardware (510/0) Traffic Statistics for "SONICWALL": 518729967468 packets input, 37776297142769 bytes 518063147475 packets output, 36160587138571 bytes 5572834 packets dropped 1 minute input rate 106588 pkts/sec, 8355932 bytes/sec 1 minute output rate 106236 pkts/sec, 7432357 bytes/sec 1 minute drop rate, 6 pkts/sec 5 minute input rate 107509 pkts/sec, 8295759 bytes/sec 5 minute output rate 107226 pkts/sec, 7524754 bytes/sec 5 minute drop rate, 5 pkts/sec Control Point Interface States: Interface number is 5 Interface config status is active Interface state is active Interface GigabitEthernet0/3.110 "TESA", is administratively down, line protocol is down Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec VLAN identifier 110 Description: LINK INTERNET TESA MAC address 5475.d026.e0e7, MTU 1500 IP address 200.236.223.138, subnet mask 255.255.255.252 Traffic Statistics for "TESA": 0 packets input, 0 bytes 0 packets output, 0 bytes 0 packets dropped Control Point Interface States: Interface number is 11 Interface config status is not active Interface state is not active Control Point Vlan110 States: Interface vlan config status is not active Interface vlan state is DOWN Interface GigabitEthernet0/3.120 "LEVEL3", is up, line protocol is up Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec VLAN identifier 120 Description: LINK INTERNET LEVEL 3 MAC address 5475.d026.e0e7, MTU 1500 IP address unassigned Traffic Statistics for "LEVEL3": 2 packets input, 80 bytes 0 packets output, 0 bytes 1 packets dropped Control Point Interface States: Interface number is 12 Interface config status is active Interface state is active Control Point Vlan120 States: Interface vlan config status is active Interface vlan state is UP Interface Management0/0 "maneger", is down, line protocol is down Hardware is i82557, BW 100 Mbps, DLY 100 usec Auto-Duplex, Auto-Speed Input flow control is unsupported, output flow control is unsupported Description: LAN/STATE Failover Interface MAC address 5475.d026.e0e8, MTU 1500 IP address 192.168.1.1, subnet mask 255.255.255.0 1806351 packets input, 109882357 bytes, 0 no buffer Received 6245 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 pause input, 0 resume input 0 L2 decode drops 3550911 packets output, 802363574 bytes, 0 underruns 0 pause output, 0 resume output 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collisions, 0 deferred 79 lost carrier, 0 no carrier 0 input reset drops, 0 output reset drops input queue (curr/max packets): hardware (0/1) software (0/41) output queue (curr/max packets): hardware (0/52) software (0/1) Traffic Statistics for "maneger": 1806454 packets input, 73946447 bytes 3551182 packets output, 752536803 bytes 20937 packets dropped 1 minute input rate 0 pkts/sec, 0 bytes/sec 1 minute output rate 0 pkts/sec, 0 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 0 pkts/sec, 0 bytes/sec 5 minute output rate 0 pkts/sec, 0 bytes/sec 5 minute drop rate, 0 pkts/sec Management-only interface. Blocked 75580 through-the-device packets 13953 IPv4 packets originated from management network 61627 IPv4 packets destined to management network 0 IPv6 packets originated from management network 0 IPv6 packets destined to management network Control Point Interface States: Interface number is 6 Interface config status is active Interface state is not active ------------------ show cpu usage ------------------ CPU utilization for 5 seconds = 60%; 1 minute: 60%; 5 minutes: 61% ------------------ show cpu hogging process ------------------ Process: Unicorn Admin Handler, NUMHOG: 77, MAXHOG: 35, LASTHOG: 5 LASTHOG At: 13:10:44 BRDT Jan 23 2015 PC: 0x0910b21e (suspend) Call stack: 0x0910b21e 0x0910b4e2 0x08552692 0x0854b41d 0x0854b65c 0x0854b94e 0x08551b6b 0x0806922c Process: Unicorn Admin Handler, PROC_PC_TOTAL: 8, MAXHOG: 30, LASTHOG: 28 LASTHOG At: 14:16:36 BRDT Jan 23 2015 PC: 0x084c44e2 (suspend) Process: Unicorn Admin Handler, NUMHOG: 4, MAXHOG: 30, LASTHOG: 28 LASTHOG At: 14:16:36 BRDT Jan 23 2015 PC: 0x084c44e2 (suspend) Call stack: 0x084c44e2 0x085fb9ad 0x0860516b 0x0860fce4 0x08d54229 0x08d54391 0x08c51654 0x080f8b5a 0x080f9505 0x08c51654 0x08c52f61 0x080ecf73 0x080ed986 0x080edb49 Process: rtcli async executor process, PROC_PC_TOTAL: 6, MAXHOG: 2, LASTHOG: 2 LASTHOG At: 13:57:33 BRDT Jan 24 2015 PC: 0x0916ad6d (suspend) Process: rtcli async executor process, NUMHOG: 6, MAXHOG: 2, LASTHOG: 2 LASTHOG At: 13:57:33 BRDT Jan 24 2015 PC: 0x0916ad6d (suspend) Call stack: 0x0806a82a 0x0916ad6d 0x0914e906 0x091503dd 0x09150495 0x788bee80 Process: Unicorn Admin Handler, NUMHOG: 4, MAXHOG: 20, LASTHOG: 19 LASTHOG At: 13:57:33 BRDT Jan 24 2015 PC: 0x08c483c5 (suspend) Call stack: 0x08c483c5 0x09875a7e 0x08e4a55d 0x08c51654 0x08c52f61 0x080ecf73 0x08552e9c 0x0854b2ae 0x0854b65c 0x0854b94e 0x08551b6b 0x0806922c Process: ssh, NUMHOG: 1, MAXHOG: 3, LASTHOG: 3 LASTHOG At: 17:14:58 BRDT Jan 28 2015 PC: 0x08c483c5 (suspend) Call stack: 0x08c483c5 0x0987be58 0x087a5253 0x08df2305 0x08df233c 0x08c50587 0x08c48c3b 0x08d810a3 0x08d8114d 0x08c492b7 0x08c51654 0x08c52f61 0x080ecf73 0x080efbf7 Process: Unicorn Admin Handler, NUMHOG: 2, MAXHOG: 4, LASTHOG: 4 LASTHOG At: 18:11:15 BRDT Jan 29 2015 PC: 0x08c483c5 (suspend) Call stack: 0x08c483c5 0x0987be58 0x08d0ccff 0x08d0db01 0x08d0de00 0x08d0e3c1 0x08d7ad2f 0x080eca36 0x080ed2ca 0x08552e9c 0x0854b2ae 0x0854b65c 0x0854b94e 0x08551b6b Process: Unicorn Admin Handler, NUMHOG: 2, MAXHOG: 57, LASTHOG: 6 LASTHOG At: 21:20:40 BRST Feb 20 2015 PC: 0x0914eb33 (suspend) Call stack: 0x0806b131 0x0914eb33 0x0916c0f8 0x0928eb68 0x09267c79 0x0927955d 0x09268a40 0x0925fef1 0x09266f6b 0x0926716f 0x0925fcca 0x0927eff1 0x09267c79 0x0927955d Process: Unicorn Admin Handler, NUMHOG: 5, MAXHOG: 4, LASTHOG: 4 LASTHOG At: 10:12:24 BRST Mar 6 2015 PC: 0x08c483c5 (suspend) Call stack: 0x08c483c5 0x0987be58 0x08cfc87b 0x08d0c762 0x08d0db01 0x08d0de00 0x08d0e3c1 0x08d7ad2f 0x080eca36 0x080ed2ca 0x08552e9c 0x0854b2ae 0x0854b65c 0x0854b94e Process: ssh, PROC_PC_TOTAL: 1, MAXHOG: 2, LASTHOG: 2 LASTHOG At: 12:09:00 BRST Mar 6 2015 PC: 0x08d0e2a5 (suspend) Process: ssh, NUMHOG: 1, MAXHOG: 2, LASTHOG: 2 LASTHOG At: 12:09:00 BRST Mar 6 2015 PC: 0x08d0e2a5 (suspend) Call stack: 0x08d0e2a5 0x08d7ad2f 0x080eca36 0x080ed2ca 0x080efbf7 0x080f0a1c 0x0806922c Process: Unicorn Admin Handler, PROC_PC_TOTAL: 16, MAXHOG: 20, LASTHOG: 4 LASTHOG At: 12:09:28 BRST Mar 6 2015 PC: 0x08c483c5 (suspend) Process: ssh, NUMHOG: 4, MAXHOG: 4, LASTHOG: 4 LASTHOG At: 12:09:28 BRST Mar 6 2015 PC: 0x08c483c5 (suspend) Call stack: 0x08c483c5 0x0987be58 0x08d0c1da 0x08d0db01 0x08d0de00 0x08d0e3c1 0x08d7ad2f 0x080eca36 0x080ed2ca 0x080efbf7 0x080f0a1c 0x0806922c Process: Unicorn Admin Handler, PROC_PC_TOTAL: 21, MAXHOG: 4, LASTHOG: 3 LASTHOG At: 17:56:17 BRST Mar 13 2015 PC: 0x08c6f370 (suspend) Process: Unicorn Admin Handler, NUMHOG: 21, MAXHOG: 4, LASTHOG: 3 LASTHOG At: 17:56:17 BRST Mar 13 2015 PC: 0x08c6f370 (suspend) Call stack: 0x08c6f370 0x0854b3cb 0x0854b65c 0x0854b94e 0x08551b6b 0x0806922c Process: rtcli async executor process, NUMHOG: 26, MAXHOG: 33, LASTHOG: 23 LASTHOG At: 16:45:40 BRST Mar 14 2015 PC: 0x0914eb33 (suspend) Call stack: 0x0806b131 0x0914eb33 0x0916193d 0x091632dc 0x09283fda 0x092841b4 0x09267c79 0x0927955d 0x09268a40 0x09294223 0x09267c79 0x0927955d 0x09268a40 0x0925fef1 Process: rtcli async executor process, NUMHOG: 21, MAXHOG: 47, LASTHOG: 47 LASTHOG At: 16:45:40 BRST Mar 14 2015 PC: 0x0914eb33 (suspend) Call stack: 0x0806b131 0x0914eb33 0x0916bee2 0x0928e878 0x09267c79 0x0927955d 0x09268a40 0x09294223 0x09267c79 0x0927955d 0x09268a40 0x0925fef1 0x09266f6b 0x0926716f Process: rtcli async executor process, PROC_PC_TOTAL: 194, MAXHOG: 64, LASTHOG: 2 LASTHOG At: 16:45:41 BRST Mar 14 2015 PC: 0x0914eb33 (suspend) Process: Dispatch Unit, PROC_PC_TOTAL: 1897, MAXHOG: 132, LASTHOG: 4 LASTHOG At: 17:53:41 BRST Mar 14 2015 PC: 0x0827e9aa (suspend) Process: Dispatch Unit, NUMHOG: 342, MAXHOG: 132, LASTHOG: 4 LASTHOG At: 17:53:41 BRST Mar 14 2015 PC: 0x0827e9aa (suspend) Call stack: 0x0827e9aa 0x0806922c Process: Dispatch Unit, PROC_PC_TOTAL: 365, MAXHOG: 47, LASTHOG: 2 LASTHOG At: 11:50:13 BRST Mar 16 2015 PC: 0x0827e8d2 (suspend) Process: Dispatch Unit, NUMHOG: 167, MAXHOG: 47, LASTHOG: 2 LASTHOG At: 11:50:13 BRST Mar 16 2015 PC: 0x0827e8d2 (suspend) Call stack: 0x0827e8d2 0x0806922c Process: Unicorn Admin Handler, NUMHOG: 10133, MAXHOG: 3, LASTHOG: 2 LASTHOG At: 16:54:52 BRST Mar 16 2015 PC: 0x0806b172 (suspend) Call stack: 0x0806b172 0x08ceb515 0x08d0dd9c 0x08d7b03a 0x080eca36 0x080ed2ca 0x080ed986 0x080edb49 0xdd708c1c 0xdd7091b5 0xdd709b07 0xdd70ad5c 0xdd70338d 0xdd70447a Process: Unicorn Admin Handler, PROC_PC_TOTAL: 10576, MAXHOG: 7, LASTHOG: 5 LASTHOG At: 16:54:52 BRST Mar 16 2015 PC: 0x080edd45 (suspend) Process: Unicorn Admin Handler, NUMHOG: 10576, MAXHOG: 7, LASTHOG: 5 LASTHOG At: 16:54:52 BRST Mar 16 2015 PC: 0x080edd45 (suspend) Call stack: 0x080edd45 0xdd708c1c 0xdd7091b5 0xdd709b07 0xdd70ad5c 0xdd70338d 0xdd70447a 0x080eb802 0x0855112a 0x08549d77 0x0854ba51 0x08551b6b 0x0806922c Process: rtcli async executor process, PROC_PC_TOTAL: 84, MAXHOG: 16, LASTHOG: 3 LASTHOG At: 18:15:54 BRST Mar 16 2015 PC: 0x0914e19b (suspend) Process: rtcli async executor process, NUMHOG: 84, MAXHOG: 16, LASTHOG: 3 LASTHOG At: 18:15:54 BRST Mar 16 2015 PC: 0x0914e19b (suspend) Call stack: 0x0806b131 0x0914e19b 0x091503dd 0x09150495 0x788bee80 Process: Unicorn Admin Handler, PROC_PC_TOTAL: 10179, MAXHOG: 25, LASTHOG: 3 LASTHOG At: 10:03:24 BRST Mar 17 2015 PC: 0x0806b172 (suspend) Process: ssh_init, NUMHOG: 33, MAXHOG: 3, LASTHOG: 3 LASTHOG At: 10:03:24 BRST Mar 17 2015 PC: 0x0806b172 (suspend) Call stack: 0x0806b172 0x0818545b 0x097c048b 0x097c452a 0x097b67ce 0x097b69f7 0x097db4cf 0x097ea517 0x097defba 0x0817df40 0x0814bc8a 0x090bfefb 0x090bccfb 0x090bc01f CPU hog threshold (msec): 2.560 Last cleared: None ------------------ show process ------------------ PC SP STATE Runtime SBASE Stack Process Lwe 0x080596a4 0x726ea17c 0x0ad37aa8 0 0x726e6290 15760/16384 block_diag Mrd 0x0827e9aa 0x7271d7ec 0x0ad38468 2377167625 0x726fd980 119588/131072 Dispatch Unit Mwe 0x090b527d 0x7284c51c 0x0ad37bd0 8 0x72848670 13616/16384 ssh/timer Msi 0x08854a74 0x7273e204 0x0ad37bd0 5042 0x7273a2f8 15688/16384 WebVPN KCD Process Mwe 0x084c6b6d 0x7274532c 0x0ad37bd0 0 0x727414e0 15680/16384 CF OIR Mwe 0x08eafaec 0x72749544 0x0abda120 0 0x72745678 16072/16384 lina_int Mwe 0x0807209d 0x72834bb4 0x0ad37bd0 0 0x7282ccf8 32192/32768 Reload Control Thread Mwe 0x08086369 0x7283fb64 0x0ad3918c 861 0x7283bfc8 12328/16384 aaa Mwe 0x0916ad6d 0x7387d644 0x0ad37bd0 4 0x72840160 15056/16384 UserFromCert Thread Mwe 0x0916ad6d 0x73833204 0x0ad37bd0 2 0x72844338 14528/16384 aaa_shim_thread Mwe 0x080bae3c 0x72854f84 0x0ad3a234 0 0x7284d0a8 32144/32768 CMGR Server Process Mwe 0x080bd4ad 0x728590ec 0x0ad37bd0 0 0x72855240 15416/16384 CMGR Timer Process Mwe 0x0816d455 0x72875c14 0x0ad37bd0 0 0x72871d68 15832/16384 CTM Daemon Mwe 0x081df2c5 0x7287c304 0x0ad37bd0 0 0x72878478 15624/16384 SXP CORE Mwe 0x081d7041 0x728855fc 0x0ad37bd0 0 0x72881760 15488/16384 RBM CORE Mwe 0x081cde3c 0x7289e484 0x0ad45288 0 0x72896708 31704/32768 cts_task Mwe 0x081cf2ed 0x728a275c 0x0ad37bd0 0 0x7289e8a0 15672/16384 cts_timer_task Lwe 0x0827c804 0x728b3204 0x0ad4a9c0 0 0x728af318 15632/16384 dbgtrace Msi 0x0856b194 0x728c39d4 0x0ad37bd0 17632 0x728bfac8 15688/16384 557mcfix Msi 0x0856b126 0x728c7b7c 0x0ad37bd0 2 0x728c3c60 15672/16384 557statspoll Mwe 0x0859389d 0x728d6634 0x0ad37bd0 0 0x728ce798 31680/32768 idfw_proc Mwe 0x0859f56b 0x728de7dc 0x0ad37bd0 0 0x728d6930 32216/32768 idfw_service Mwe 0x085ab0e5 0x728e2934 0x0ad37bd0 0 0x728deac8 15524/16384 idfw_adagent Mwe 0x0820b305 0x728f8254 0x0ad37bd0 0 0x728f4398 15656/16384 cluster interface health monitor Mwe 0x0916ad6d 0x73266574 0x0ad37bd0 0 0x72942250 15280/16384 netfs_thread_init Mwe 0x098099d5 0x7295a8bc 0x0ad37bd0 0 0x72956a40 15848/16384 Chunk Manager Msi 0x08cadf8e 0x72f4ce4c 0x0ad37bd0 30619 0x72f48f60 14592/16384 PIX Garbage Collector Mwe 0x08c89f2a 0x72f7da2c 0x0abc49c4 0 0x72f79b40 16104/16384 IP Address Assign Mwe 0x08f10fda 0x73117e74 0x0ac41198 0 0x73113f88 16104/16384 QoS Support Module Mwe 0x08d3941a 0x7311c04c 0x0abc5928 0 0x73118160 16104/16384 Client Update Task Lwe 0x0987e775 0x73120d0c 0x0ad37bd0 1226208 0x7311ce60 14432/16384 Checkheaps Mwe 0x08f1651d 0x731368dc 0x0ad37bd0 0 0x7312ea70 31776/32768 Quack process Mwe 0x08f9817d 0x7313ea94 0x0ad37bd0 3476 0x73136c08 30804/32768 Session Manager Mwe 0x090fb11d 0x7314ad84 0x7853a720 5 0x73146f38 15464/16384 uauth Mwe 0x09084331 0x7314efbc 0x0ac54b10 0 0x7314b0d0 15632/16384 Uauth_Proxy Msp 0x090c92bf 0x7315b4b4 0x0ad37bd0 4015 0x73157598 15704/16384 SSL Mwe 0x090f8e14 0x7315f5fc 0x0ac5cdd4 0 0x7315b730 15708/16384 SMTP Mwe 0x090f312c 0x73163754 0x0ac5c0f8 1965277 0x7315f8c8 13144/16384 Logger Mwe 0x090f173d 0x731678dc 0x0ad37bd0 0 0x73163a60 15784/16384 Syslog Retry Thread Mwe 0x090ec9e5 0x7316baa4 0x0ad37bd0 0 0x73167bf8 15600/16384 Thread Logger Mwe 0x090f6b37 0x73190b3c 0x0ac5c7a0 0 0x7318cc50 15592/16384 syslogd Mwe 0x0937cdc2 0x731ad644 0x0ac96428 0 0x731a9778 15328/16384 vpnlb_thread Mwe 0x094526cc 0x731bdc74 0x0ac9b7c8 0 0x731b9dd8 16024/16384 pci_nt_bridge Mwe 0x0945a89d 0x731c1dac 0x0ad37bd0 1531 0x731bdf70 15200/16384 scansafe_poll M* 0x090b0155 0x68b3ff2c 0x0ad38468 1421 0x7c683858 12316/32768 ssh Mwe 0x08366895 0x7324ce5c 0x0ad37bd0 0 0x73248fd0 15864/16384 TLS Proxy Inspector Msi 0x08fb69cc 0x732ca4bc 0x0ad37bd0 30320 0x732c65b0 15688/16384 emweb/cifs_timer Mwe 0x08962fb4 0x7331f1bc 0x0a65c824 0 0x7331b2e0 15712/16384 netfs_mount_handler Msi 0x0878bcf8 0x728bf81c 0x0ad37bd0 70400 0x728bb930 15456/16384 arp_timer Mwe 0x0879676e 0x728eac94 0x0ad85710 0 0x728e6df8 16024/16384 arp_forward_thread Mwe 0x08855766 0x7292d6d4 0x0ad8e440 818 0x72929808 11712/16384 Lic TMR Mwe 0x08855515 0x7312e7b4 0x0a658980 1897 0x7312a8d8 15800/16384 Lic HA Cluster Mwe 0x090ff5e7 0x72956784 0x0ac5d840 0 0x729528a8 15672/16384 tcp_fast Mwe 0x09108028 0x72939c54 0x0ac5d840 0 0x72935d88 15656/16384 tcp_slow Mwe 0x09146474 0x7286144c 0x0ac657d0 0 0x7285d570 15672/16384 udp_timer Mwe 0x0812d75d 0x728cbca4 0x0ad37bd0 0 0x728c7df8 15832/16384 CTCP Timer process Mwe 0x09317075 0x7294a32c 0x0ad37bd0 0 0x72946490 15816/16384 L2TP data daemon Mwe 0x093198e5 0x7294e35c 0x0ad37bd0 0 0x7294a4c0 15816/16384 L2TP mgmt daemon Mwe 0x09305f2e 0x751baefc 0x0ac8af2c 4128 0x751b7050 16040/16384 ppp_timer_thread Msi 0x0937d12d 0x751bef5c 0x0ad37bd0 15567 0x751bb080 15640/16384 vpnlb_timer_thread Mwe 0x0815acba 0x755b98ac 0x731a0778 530 0x755b5a20 8928/16384 IPsec message handler Msi 0x081735b4 0x755bd89c 0x0ad37bd0 449428 0x755b9a50 14568/16384 CTM message handler Mwe 0x08264cc0 0x755ebb74 0x0a5d67c0 39521 0x755cbe18 119268/131072 tmatch compile thread Mwe 0x08f47eed 0x782d3e1c 0x0ad37bd0 0 0x782cff60 15848/16384 ICMP event handler Mwe 0x092a9f4d 0x782d7fa4 0x0ad37bd0 0 0x782d40f8 15832/16384 Dynamic Filter VC Housekeeper Mwe 0x08b34422 0x78338e84 0x0ad37bd0 8854 0x78334fd8 14208/16384 IP Background Mwe 0x08e1c923 0x786704dc 0x0ad37bd0 0 0x7866c630 15832/16384 Crypto CA Mwe 0x08e5bd58 0x7867450c 0x0ad37bd0 0 0x78670660 15896/16384 CERT API Mwe 0x08e1b295 0x7867d00c 0x0ad37bd0 0 0x78679140 15928/16384 Crypto PKI RECV Lsi 0x08cc2589 0x728e6b7c 0x0ad37bd0 401 0x728e2c60 15704/16384 uauth_urlb clean Lwe 0x08c95dc6 0x72941f0c 0x0ad37bd0 50253 0x7293e090 12408/16384 pm_timer_thread Mwe 0x0861ab2d 0x73142c4c 0x0ad37bd0 145 0x7313eda0 14116/16384 IKE Common thread Mwe 0x086532f5 0x73146bfc 0x0ad37bd0 61688 0x73142dd0 15480/16384 IKE Timekeeper Mwe 0x08641b3b 0x787288c4 0x0a654490 43109 0x78720d08 22244/32768 IKE Daemon Mwe 0x086f9223 0x72928cc4 0x0ad37bd0 7692 0x72925178 7060/16384 IKEv2 Daemon Mwe 0x086f8772 0x7872cbe4 0x0ad37bd0 5987 0x78728d38 15624/16384 IKEv2 DPD Client Process Mwe 0x0909bf14 0x7876f36c 0x0ac5a274 0 0x7876b4a0 16072/16384 RADIUS Proxy Event Daemon Mwe 0x0905b923 0x78773344 0x787ddd38 31 0x7876f638 14800/16384 RADIUS Proxy Listener Mwe 0x0909b63d 0x7877767c 0x0ad37bd0 0 0x787737d0 15832/16384 RADIUS Proxy Time Keeper Mwe 0x0877a6e4 0x7877b774 0x0ad856c8 0 0x78777968 15264/16384 Integrity FW Task Mrd 0x08370f9a 0x787c0304 0x0ad38468 0 0x787bc448 14552/16384 CP Threat-Detection Processing Mwe 0x082984ce 0x787feb54 0x09f9b57c 6556 0x787df418 119524/131072 ci/console Msi 0x08507430 0x7285d2a4 0x0ad37bd0 15200 0x728593d8 13248/16384 fover_thread Mwe 0x092eae2c 0x788032d4 0x0afe0584 778 0x787ff448 15648/16384 lu_ctl Msi 0x08cdd5cc 0x78807394 0x0ad37bd0 533625 0x78803478 14004/16384 update_cpu_usage Msi 0x08cdcea4 0x7880b3b4 0x0ad37bd0 45 0x788074a8 15688/16384 health_check Mwe 0x090f173d 0x731678dc 0x0ad37bd0 0 0x73163a60 15784/16384 Syslog Retry Thread Mwe 0x090ec9e5 0x7316baa4 0x0ad37bd0 0 0x73167bf8 15600/16384 Thread Logger Mwe 0x090f6b37 0x73190b3c 0x0ac5c7a0 0 0x7318cc50 15592/16384 syslogd Mwe 0x0937cdc2 0x731ad644 0x0ac96428 0 0x731a9778 15328/16384 vpnlb_thread Mwe 0x094526cc 0x731bdc74 0x0ac9b7c8 0 0x731b9dd8 16024/16384 pci_nt_bridge Mwe 0x0945a89d 0x731c1dac 0x0ad37bd0 1531 0x731bdf70 15200/16384 scansafe_poll M* 0x090b0155 0x68b3ff2c 0x0ad38468 1421 0x7c683858 12316/32768 ssh Mwe 0x08366895 0x7324ce5c 0x0ad37bd0 0 0x73248fd0 15864/16384 TLS Proxy Inspector Msi 0x08fb69cc 0x732ca4bc 0x0ad37bd0 30320 0x732c65b0 15688/16384 emweb/cifs_timer Mwe 0x08962fb4 0x7331f1bc 0x0a65c824 0 0x7331b2e0 15712/16384 netfs_mount_handler Msi 0x0878bcf8 0x728bf81c 0x0ad37bd0 70400 0x728bb930 15456/16384 arp_timer Mwe 0x0879676e 0x728eac94 0x0ad85710 0 0x728e6df8 16024/16384 arp_forward_thread Mwe 0x08855766 0x7292d6d4 0x0ad8e440 818 0x72929808 11712/16384 Lic TMR Mwe 0x08855515 0x7312e7b4 0x0a658980 1897 0x7312a8d8 15800/16384 Lic HA Cluster Mwe 0x090ff5e7 0x72956784 0x0ac5d840 0 0x729528a8 15672/16384 tcp_fast Mwe 0x09108028 0x72939c54 0x0ac5d840 0 0x72935d88 15656/16384 tcp_slow Mwe 0x09146474 0x7286144c 0x0ac657d0 0 0x7285d570 15672/16384 udp_timer Mwe 0x0812d75d 0x728cbca4 0x0ad37bd0 0 0x728c7df8 15832/16384 CTCP Timer process Mwe 0x09317075 0x7294a32c 0x0ad37bd0 0 0x72946490 15816/16384 L2TP data daemon Mwe 0x093198e5 0x7294e35c 0x0ad37bd0 0 0x7294a4c0 15816/16384 L2TP mgmt daemon Mwe 0x09305f2e 0x751baefc 0x0ac8af2c 4128 0x751b7050 16040/16384 ppp_timer_thread Msi 0x0937d12d 0x751bef5c 0x0ad37bd0 15567 0x751bb080 15640/16384 vpnlb_timer_thread Mwe 0x0815acba 0x755b98ac 0x731a0778 530 0x755b5a20 8928/16384 IPsec message handler Msi 0x081735b4 0x755bd89c 0x0ad37bd0 449428 0x755b9a50 14568/16384 CTM message handler Mwe 0x08264cc0 0x755ebb74 0x0a5d67c0 39521 0x755cbe18 119268/131072 tmatch compile thread Mwe 0x08f47eed 0x782d3e1c 0x0ad37bd0 0 0x782cff60 15848/16384 ICMP event handler Mwe 0x092a9f4d 0x782d7fa4 0x0ad37bd0 0 0x782d40f8 15832/16384 Dynamic Filter VC Housekeeper Mwe 0x08b34422 0x78338e84 0x0ad37bd0 8854 0x78334fd8 14208/16384 IP Background Mwe 0x08e1c923 0x786704dc 0x0ad37bd0 0 0x7866c630 15832/16384 Crypto CA Mwe 0x08e5bd58 0x7867450c 0x0ad37bd0 0 0x78670660 15896/16384 CERT API Mwe 0x08e1b295 0x7867d00c 0x0ad37bd0 0 0x78679140 15928/16384 Crypto PKI RECV Lsi 0x08cc2589 0x728e6b7c 0x0ad37bd0 401 0x728e2c60 15704/16384 uauth_urlb clean Lwe 0x08c95dc6 0x72941f0c 0x0ad37bd0 50253 0x7293e090 12408/16384 pm_timer_thread Mwe 0x0861ab2d 0x73142c4c 0x0ad37bd0 145 0x7313eda0 14116/16384 IKE Common thread Mwe 0x086532f5 0x73146bfc 0x0ad37bd0 61688 0x73142dd0 15480/16384 IKE Timekeeper Mwe 0x08641b3b 0x787288c4 0x0a654490 43109 0x78720d08 22244/32768 IKE Daemon Mwe 0x086f9223 0x72928cc4 0x0ad37bd0 7692 0x72925178 7060/16384 IKEv2 Daemon Mwe 0x086f8772 0x7872cbe4 0x0ad37bd0 5987 0x78728d38 15624/16384 IKEv2 DPD Client Process Mwe 0x0909bf14 0x7876f36c 0x0ac5a274 0 0x7876b4a0 16072/16384 RADIUS Proxy Event Daemon Mwe 0x0905b923 0x78773344 0x787ddd38 31 0x7876f638 14800/16384 RADIUS Proxy Listener Mwe 0x0909b63d 0x7877767c 0x0ad37bd0 0 0x787737d0 15832/16384 RADIUS Proxy Time Keeper Mwe 0x0877a6e4 0x7877b774 0x0ad856c8 0 0x78777968 15264/16384 Integrity FW Task Mrd 0x08370f9a 0x787c0304 0x0ad38468 0 0x787bc448 14552/16384 CP Threat-Detection Processing Mwe 0x082984ce 0x787feb54 0x09f9b57c 6556 0x787df418 119524/131072 ci/console Msi 0x08507430 0x7285d2a4 0x0ad37bd0 15200 0x728593d8 13248/16384 fover_thread Mwe 0x092eae2c 0x788032d4 0x0afe0584 778 0x787ff448 15648/16384 lu_ctl Msi 0x08cdd5cc 0x78807394 0x0ad37bd0 533625 0x78803478 14004/16384 update_cpu_usage Msi 0x08cdcea4 0x7880b3b4 0x0ad37bd0 45 0x788074a8 15688/16384 health_check Mwe 0x091198f5 0x7880f314 0x0ad37bd0 5028 0x7880b4d8 14408/16384 npshim_thread Msi 0x08cdd664 0x7881b324 0x0ad37bd0 0 0x78817538 12616/16384 NIC status poll Mwe 0x0850171c 0x73126434 0x0ad79f80 0 0x731225a8 16008/16384 fover_rx Mwe 0x085032b6 0x7882b434 0x0ad7a27c 0 0x788275f8 15928/16384 fover_tx Mwe 0x085032b6 0x7882f464 0x0ad7a284 0 0x7882b628 15928/16384 fover_tx_2 Mwe 0x084f3c9c 0x78833444 0x0ad85ce8 0 0x7882f658 15816/16384 fover_ip Mwe 0x0850c704 0x78837354 0x0ad7a298 0 0x78833688 15560/16384 fover_rep Mwe 0x085015f4 0x7883f264 0x0ad7a2a0 9825 0x788376b8 31652/32768 fover_parse Mwe 0x084e0aad 0x78843594 0x0ad37bd0 0 0x7883f6e8 15832/16384 fover_fail_check Mwe 0x084dea50 0x788475b4 0x0ad7a8ec 4412 0x78843718 16024/16384 fover_ifc_test Mwe 0x084e2936 0x7884b5e4 0x0ad37bd0 0 0x78847748 15816/16384 fover_health_monitoring_thread Mwe 0x0851d64f 0x788539d4 0x0ad37bd0 0 0x7884fba8 15704/16384 ha_trans_ctl_tx Mwe 0x0851d64f 0x78879a34 0x0ad37bd0 0 0x78875c08 15704/16384 ha_trans_data_tx Mwe 0x08513aed 0x78881af4 0x0ad37bd0 0 0x78879c38 30736/32768 fover_FSM_thread Mwe 0x092eace5 0x78889b54 0x0ad85c88 0 0x78881c68 32456/32768 lu_rx Lwe 0x092ead34 0x7888db94 0x0afe0528 0 0x78889c98 16120/16384 lu_dynamic_sync Mwe 0x0916ad6d 0x78931ef4 0x0ad37bd0 3348 0x788b7058 26600/32768 rtcli async executor process Mwe 0x08fea744 0x78b77944 0x0ac498c8 911 0x78b73a68 8356/16384 SNMP Notify Thread Mwe 0x08785b0e 0x78c3e6ac 0x0ad85d6c 7412 0x78c367f0 30400/32768 IP Thread Mwe 0x0878d2de 0x78c42864 0x0ad85700 9940 0x78c3e988 8948/16384 ARP Thread Mwe 0x0857089e 0x78c46a5c 0x0ad85d28 14347 0x78c42cb0 12856/16384 icmp_thread Mwe 0x09147041 0x78c4acc4 0x0ad37bd0 183 0x78c46e48 15736/16384 udp_thread Mwe 0x09102974 0x78c4eb3c 0x0ad85dec 0 0x78c4afe0 15192/16384 tcp_thread Lwe 0x0828b634 0x78d4c514 0x0ad37bd0 270 0x78d48668 15608/16384 dns_cache_timer Mwe 0x08287ed9 0x78d505fc 0x0ad37bd0 0 0x78d4c850 15576/16384 dns_process Mwe 0x0905b923 0x78f73ec4 0x78dd8b60 30 0x78f701c8 15304/16384 EAPoUDP-sock Mwe 0x082c07dd 0x78f77d74 0x0ad37bd0 0 0x78f741f8 15016/16384 EAPoUDP Mrd 0x08ba4f45 0x7a121c94 0x0ad38468 56529 0x7a119e08 28784/32768 OSPF Router Mwe 0x08ba16a1 0x7a114ee4 0x0ad37bd0 32952 0x7a111098 10120/16384 OSPF Hello Mrd 0x08ba4f45 0x7a1584dc 0x0ad38468 16326 0x7a150650 28460/32768 OSPF Router Mwe 0x08ba16a1 0x7a14b72c 0x0ad37bd0 32967 0x7a1478e0 10120/16384 OSPF Hello Mwe 0x082fa14a 0x7a46a59c 0x0ad37bd0 2225 0x7a466b80 10160/16384 emweb/https Mwe 0x082ef425 0x7a46f54c 0x0ad37bd0 1092 0x7a46b690 15624/16384 Timekeeper Mwe 0x0916ad6d 0x7a5becf4 0x0ad37bd0 13290 0x7a4eb750 15008/16384 Unicorn Proxy Thread Mwe 0x09145c99 0x7a9c69f4 0x73aa8138 189 0x7a9c2e68 11704/16384 snmp Lwe 0x09045d15 0x7a9dbda4 0x0ad37bd0 148238 0x7a9d7ef8 10456/16384 Event mib process Mwe 0x0905b923 0x7aa38abc 0x7aa3b7c8 233 0x7aa34eb0 14080/16384 IKE Receiver Mwe 0x08b0afd3 0x7aa6ce1c 0x0ad37bd0 53688 0x7aa68f70 8804/16384 NTP Mwe 0x09353964 0x7ab1c0f4 0x0ac960b8 0 0x7ab14218 32472/32768 vpnfol_thread_msg Msi 0x0935c832 0x7ab2018c 0x0ad37bd0 30005 0x7ab1c2a0 15656/16384 vpnfol_thread_timer Mwe 0x0935a892 0x7ab242b4 0x0ac96100 0 0x7ab20438 15992/16384 vpnfol_thread_sync Msi 0x0935c5be 0x7ab284bc 0x0ad37bd0 48594 0x7ab245d0 15656/16384 vpnfol_thread_unsent Lwe 0x08d22c66 0x731a945c 0x0ad37bd0 364 0x731a55e0 15560/16384 vPif_stats_cleaner Mwe 0x08776c05 0x731a52f4 0x0ad37bd0 0 0x731a1448 15832/16384 Integrity Fw Timer Thread Msi 0x089632c6 0x78823444 0x0ad37bd0 1621 0x7881f558 15656/16384 netfs_vnode_reclaim Mwe 0x08c6f370 0x7966de1c 0x78d74e54 1780091 0x7964e5d0 126784/131072 Unicorn Admin Handler Mwe 0x08ee4a01 0x7b5a82ec 0x0af20048 0 0x7b5a4430 15816/16384 qos_metric_daemon Mwe 0x08c6f370 0x7bfaeed4 0x78d74e54 73 0x7bf8f688 127524/131072 Unicorn Admin Handler Mwe 0x08c6e63d 0x7d455244 0x0ad37bd0 52 0x7d435b18 123808/131072 Unicorn Admin Handler M* 0x090b0155 0x68b3ff2c 0x0ad38468 246 0x7c683858 19536/32768 ssh Mwe 0x09110128 0x726f8474 0x78ba6ca8 2 0x726f4758 14780/16384 listen/ssh - - - - 0 - - DATAPATH-0-519 - - - - 2343606155 - - scheduler - - - - 4733446734 - - total elapsed ------------------ show kernel process ------------------ PID PPID PRI NI VSIZE RSS WCHAN STAT RUNTIME GTIME CGTIME COMMAND 1 0 20 0 2084864 616 3725686580 S 147 0 0 init 2 0 15 - 5 0 0 3725738556 S 0 0 0 kthreadd 3 2 15 - 5 0 0 3725692956 S 0 0 0 ksoftirqd/0 4 2 15 - 5 0 0 3725728656 S 18 0 0 events/0 5 2 15 - 5 0 0 3725728656 S 0 0 0 khelper 50 2 15 - 5 0 0 3725728656 S 0 0 0 kblockd/0 53 2 15 - 5 0 0 3726777703 S 0 0 0 kseriod 112 2 20 0 0 0 3725848262 S 0 0 0 pdflush 113 2 20 0 0 0 3725848262 S 0 0 0 pdflush 114 2 15 - 5 0 0 3725861131 S 18 0 0 kswapd0 115 2 15 - 5 0 0 3725728656 S 0 0 0 aio/0 116 2 15 - 5 0 0 3725728656 S 0 0 0 nfsiod 227 2 15 - 5 0 0 3725728656 S 0 0 0 hid_compat 228 2 15 - 5 0 0 3725728656 S 0 0 0 rpciod/0 253 1 16 - 4 1925120 632 3725997327 S 0 0 0 udevd 298 253 18 - 2 1921024 628 3725997327 S 0 0 0 udevd 299 253 18 - 2 1921024 576 3725997327 S 0 0 0 udevd 484 1 20 0 5206016 1604 4294967295 S 0 0 0 lwsmd 486 484 20 0 16736256 3604 4294967295 S 27 0 0 lwregd 511 1 20 0 2088960 516 3725686580 S 0 0 0 sh 512 511 20 0 10186752 524 4294967295 S 0 0 0 lina_monitor 514 512 0 -20 2006495232 66360 4294967295 S 43885379 0 0 lina ------------------ show kernel cgroup-controller detail ------------------ memory controller: ----------------- memory.limit_in_bytes: unlimited memory.usage_in_bytes: 66293760 (3%) memory.max_usage_in_bytes: 69533696 (4%) memory.failcnt: 0 tasks: group "normal" memory.limit_in_bytes: unlimited memory.usage_in_bytes: 77824 (0%) memory.max_usage_in_bytes: 700416 (0%) memory.failcnt: 0 tasks: PID RSS COMMAND 1 630784 init 2 0 kthreadd 3 0 ksoftirqd/0 4 0 events/0 5 0 khelper 50 0 kblockd/0 53 0 kseriod 112 0 pdflush 113 0 pdflush 114 0 kswapd0 115 0 aio/0 116 0 nfsiod 227 0 hid_compat 228 0 rpciod/0 253 647168 udevd 298 643072 udevd 299 589824 udevd 511 528384 sh group "privileged" memory.limit_in_bytes: unlimited memory.usage_in_bytes: 37744640 (2%) memory.max_usage_in_bytes: 37904384 (2%) memory.failcnt: 0 tasks: PID RSS COMMAND 512 536576 lina_monitor 513 0 lina_monitor 514 67960832 lina 515 0 lina 516 0 lina 517 0 lina 518 0 lina 519 0 lina group "restricted" memory.limit_in_bytes: 23068672 (1%) memory.usage_in_bytes: 1732608 (0%) memory.max_usage_in_bytes: 1908736 (0%) memory.failcnt: 0 tasks: PID RSS COMMAND 484 1642496 lwsmd 485 0 lwsmd 486 3690496 lwregd 488 0 lwregd 489 0 lwregd 490 0 lwregd 491 0 lwregd 492 0 lwregd 493 0 lwsmd 494 0 lwsmd 495 0 lwsmd 496 0 lwsmd 497 0 lwsmd cpu controller: --------------- cpu.shares: 1024 cpuacct.usage: 4733634160020619 tasks: group "normal" cpu.shares: 4106 cpuacct.usage: 123519023779 (0%) tasks: PID RSS COMMAND 1 630784 init 2 0 kthreadd 3 0 ksoftirqd/0 4 0 events/0 5 0 khelper 50 0 kblockd/0 53 0 kseriod 112 0 pdflush 113 0 pdflush 114 0 kswapd0 115 0 aio/0 116 0 nfsiod 227 0 hid_compat 228 0 rpciod/0 253 647168 udevd 298 643072 udevd 299 589824 udevd 511 528384 sh 512 536576 lina_monitor 513 0 lina_monitor 514 67960832 lina 515 0 lina 516 0 lina 517 0 lina 518 0 lina group "privileged" cpu.shares: 65696 cpuacct.usage: 4733508481648152 (100%) tasks: PID RSS COMMAND 519 0 lina group "restricted" cpu.shares: 1024 cpuacct.usage: 325596589 (0%) tasks: PID RSS COMMAND 484 1642496 lwsmd 485 0 lwsmd 486 3690496 lwregd 488 0 lwregd 489 0 lwregd 490 0 lwregd 491 0 lwregd 492 0 lwregd 493 0 lwsmd 494 0 lwsmd 495 0 lwsmd 496 0 lwsmd 497 0 lwsmd ------------------ show failover ------------------ Failover On Failover unit Secondary Failover LAN Interface: not Configured Unit Poll frequency 300 milliseconds, holdtime 900 milliseconds Interface Poll frequency 1 seconds, holdtime 5 seconds Interface Policy 1 Monitored Interfaces 3 of 210 maximum Version: Ours 9.1(1), Mate Unknown Last Failover at: 16:15:31 BRDT Jan 21 2015 This host: Secondary - Disabled Active time: 0 (sec) slot 0: ASA5540 hw/sw rev (2.0/9.1(1)) status (Up Sys) Interface MPLS_INTELIG (172.19.235.113): Normal (Not-Monitored) Interface MPLS_EBT (172.19.235.97): Normal (Not-Monitored) Interface DMZ (10.209.12.129): Normal (Not-Monitored) Interface SONICWALL (10.209.8.253): Unknown (Waiting) Interface TESA (200.236.223.138): Link Down (Not-Monitored) Interface LEVEL3 (0.0.0.0): Normal (Not-Monitored) Interface maneger (192.168.1.1): No Link (Waiting) Interface inside (10.209.14.1): Unknown (Waiting) slot 1: empty Other host: Primary - Not Detected Active time: 0 (sec) Interface MPLS_INTELIG (0.0.0.0): Unknown (Not-Monitored) Interface MPLS_EBT (0.0.0.0): Unknown (Not-Monitored) Interface DMZ (0.0.0.0): Unknown (Not-Monitored) Interface SONICWALL (0.0.0.0): Unknown (Waiting) Interface TESA (0.0.0.0): Unknown (Not-Monitored) Interface LEVEL3 (0.0.0.0): Unknown (Not-Monitored) Interface maneger (0.0.0.0): Unknown (Waiting) Interface inside (0.0.0.0): Unknown (Waiting) Stateful Failover Logical Update Statistics Link : Unconfigured. ------------------ show failover history ------------------ ========================================================================== From State To State Reason ========================================================================== 16:15:36 BRDT Jan 21 2015 Not Detected Disabled LAN Interface become un-configured ========================================================================== ------------------ show cluster info ------------------ Clustering is not configured ------------------ show cluster history ------------------ ========================================================================== From State To State Reason ========================================================================== 16:29:18 BRDT Jan 21 2015 DISABLED DISABLED Disabled at startup ========================================================================== ------------------ show traffic ------------------ MPLS_INTELIG: received (in 438703.654 secs): 2165089 packets 206636228 bytes 4 pkts/sec 1 bytes/sec transmitted (in 438703.654 secs): 1449289 packets 105796401 bytes 3 pkts/sec 6 bytes/sec 1 minute input rate 0 pkts/sec, 351 bytes/sec 1 minute output rate 0 pkts/sec, 41 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 0 pkts/sec, 25 bytes/sec 5 minute output rate 0 pkts/sec, 15 bytes/sec 5 minute drop rate, 0 pkts/sec MPLS_EBT: received (in 438704.394 secs): 5236217412 packets 4802618853825 bytes 11005 pkts/sec 10947003 bytes/sec transmitted (in 438704.394 secs): 4628995660 packets 3377930036953 bytes 10003 pkts/sec 7699002 bytes/sec 1 minute input rate 1535 pkts/sec, 274738 bytes/sec 1 minute output rate 3181 pkts/sec, 3923233 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 1644 pkts/sec, 276497 bytes/sec 5 minute output rate 3047 pkts/sec, 3665386 bytes/sec 5 minute drop rate, 0 pkts/sec DMZ: received (in 438704.404 secs): 317313 packets 20410538 bytes 0 pkts/sec 7 bytes/sec transmitted (in 438704.404 secs): 169332 packets 14922486 bytes 0 pkts/sec 4 bytes/sec 1 minute input rate 0 pkts/sec, 1 bytes/sec 1 minute output rate 0 pkts/sec, 0 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 0 pkts/sec, 1 bytes/sec 5 minute output rate 0 pkts/sec, 0 bytes/sec 5 minute drop rate, 0 pkts/sec SONICWALL: received (in 438717.154 secs): 518822723952 packets 37783567521529 bytes 1182003 pkts/sec 86122008 bytes/sec transmitted (in 438717.154 secs): 518155623206 packets 36167095671058 bytes 1181001 pkts/sec 82438004 bytes/sec 1 minute input rate 108847 pkts/sec, 8510133 bytes/sec 1 minute output rate 108554 pkts/sec, 7659709 bytes/sec 1 minute drop rate, 4 pkts/sec 5 minute input rate 111301 pkts/sec, 8970828 bytes/sec 5 minute output rate 110865 pkts/sec, 7796599 bytes/sec 5 minute drop rate, 7 pkts/sec TESA: received (in 438717.154 secs): 0 packets 0 bytes 0 pkts/sec 0 bytes/sec transmitted (in 438717.154 secs): 0 packets 0 bytes 0 pkts/sec 0 bytes/sec 1 minute input rate 0 pkts/sec, 0 bytes/sec 1 minute output rate 0 pkts/sec, 0 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 0 pkts/sec, 0 bytes/sec 5 minute output rate 0 pkts/sec, 0 bytes/sec 5 minute drop rate, 0 pkts/sec LEVEL3: received (in 438718.024 secs): 2 packets 80 bytes 0 pkts/sec 0 bytes/sec transmitted (in 438718.024 secs): 0 packets 0 bytes 0 pkts/sec 0 bytes/sec 1 minute input rate 0 pkts/sec, 0 bytes/sec 1 minute output rate 0 pkts/sec, 0 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 0 pkts/sec, 0 bytes/sec 5 minute output rate 0 pkts/sec, 0 bytes/sec 5 minute drop rate, 0 pkts/sec maneger: received (in 438718.034 secs): 1806454 packets 73946447 bytes 4 pkts/sec 2 bytes/sec transmitted (in 438718.034 secs): 3551182 packets 752536803 bytes 8 pkts/sec 1000 bytes/sec 1 minute input rate 0 pkts/sec, 0 bytes/sec 1 minute output rate 0 pkts/sec, 0 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 0 pkts/sec, 0 bytes/sec 5 minute output rate 0 pkts/sec, 0 bytes/sec 5 minute drop rate, 0 pkts/sec inside: received (in 438756.644 secs): 2822142192 packets 1499184929194 bytes 6001 pkts/sec 3416003 bytes/sec transmitted (in 438756.644 secs): 4196195152 packets 4596621614460 bytes 9005 pkts/sec 10476001 bytes/sec 1 minute input rate 2106 pkts/sec, 2732493 bytes/sec 1 minute output rate 921 pkts/sec, 166989 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 1881 pkts/sec, 2403697 bytes/sec 5 minute output rate 850 pkts/sec, 138655 bytes/sec 5 minute drop rate, 0 pkts/sec ---------------------------------------- Aggregated Traffic on Physical Interface ---------------------------------------- GigabitEthernet0/0: received (in 438758.084 secs): 2822145910 packets 1552997841313 bytes 6001 pkts/sec 3539002 bytes/sec transmitted (in 438758.084 secs): 4196196745 packets 4675520604566 bytes 9005 pkts/sec 10656006 bytes/sec 1 minute input rate 2106 pkts/sec, 2770996 bytes/sec 1 minute output rate 921 pkts/sec, 187284 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 1881 pkts/sec, 2438151 bytes/sec 5 minute output rate 850 pkts/sec, 157210 bytes/sec 5 minute drop rate, 0 pkts/sec GigabitEthernet0/1: received (in 438758.084 secs): 5238807761 packets 4922365785551 bytes 11000 pkts/sec 11218008 bytes/sec transmitted (in 438758.084 secs): 4630604354 packets 3480725976075 bytes 10005 pkts/sec 7933005 bytes/sec 1 minute input rate 1589 pkts/sec, 354753 bytes/sec 1 minute output rate 3183 pkts/sec, 3858158 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 1600 pkts/sec, 335551 bytes/sec 5 minute output rate 3045 pkts/sec, 3602619 bytes/sec 5 minute drop rate, 0 pkts/sec GigabitEthernet0/2: received (in 438786.954 secs): 317306 packets 27391618 bytes 0 pkts/sec 3 bytes/sec transmitted (in 438786.954 secs): 169332 packets 18652656 bytes 0 pkts/sec 3 bytes/sec 1 minute input rate 0 pkts/sec, 2 bytes/sec 1 minute output rate 0 pkts/sec, 0 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 0 pkts/sec, 2 bytes/sec 5 minute output rate 0 pkts/sec, 0 bytes/sec 5 minute drop rate, 0 pkts/sec GigabitEthernet0/3: received (in 438786.964 secs): 518830261852 packets 47125107753119 bytes 1182008 pkts/sec 107398007 bytes/sec transmitted (in 438786.964 secs): 518163142603 packets 45498840685567 bytes 1180008 pkts/sec 103692002 bytes/sec 1 minute input rate 109539 pkts/sec, 10503492 bytes/sec 1 minute output rate 109229 pkts/sec, 9698555 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 109623 pkts/sec, 10560042 bytes/sec 5 minute output rate 109310 pkts/sec, 9678077 bytes/sec 5 minute drop rate, 0 pkts/sec Management0/0: received (in 438787.894 secs): 1806351 packets 109882357 bytes 4 pkts/sec 5 bytes/sec transmitted (in 438787.894 secs): 3550911 packets 802363574 bytes 8 pkts/sec 1006 bytes/sec 1 minute input rate 0 pkts/sec, 0 bytes/sec 1 minute output rate 0 pkts/sec, 0 bytes/sec 1 minute drop rate, 0 pkts/sec 5 minute input rate 0 pkts/sec, 0 bytes/sec 5 minute output rate 0 pkts/sec, 0 bytes/sec 5 minute drop rate, 0 pkts/sec ------------------ show perfmon ------------------ PERFMON STATS: Current Average Xlates 0/s 0/s Connections 53/s 0/s TCP Conns 39/s 0/s UDP Conns 13/s 0/s URL Access 0/s 0/s URL Server Req 0/s 0/s TCP Fixup 0/s 0/s TCP Intercept Established Conns 0/s 0/s TCP Intercept Attempts 0/s 0/s TCP Embryonic Conns Timeout 0/s 0/s HTTP Fixup 0/s 0/s FTP Fixup 0/s 0/s AAA Authen 0/s 0/s AAA Author 0/s 0/s AAA Account 0/s 0/s VALID CONNS RATE in TCP INTERCEPT: Current Average N/A 100.00% ------------------ show counters ------------------ Protocol Counter Value Context IP IN_PKTS 607016 Summary IP OUT_PKTS 1408461 Summary IP OUT_DROP_DWN 1046 Summary IP TO_ARP 167330 Summary IP TO_UDP 64119 Summary IP TO_ICMP 375567 Summary UDP IN_PKTS 64119 Summary UDP OUT_PKTS 67630 Summary ICMP IN_PKTS 375567 Summary ICMP OUT_PKTS 374466 Summary ICMP DROP_IGNORE 1 Summary ICMP PORT_UNREACH 9 Summary SSLERR BAD_PROTOCOL_VERSION_NUMBER 5 Summary SSLERR BAD_SIGNATURE 2 Summary SSLALERT RX_CLOSE_NOTIFY 103 Summary SSLALERT RX_WARNING_ALERT 103 Summary SSLALERT TX_CLOSE_NOTIFY 14961 Summary SSLALERT TX_WARNING_ALERT 14961 Summary SSLDEV NEW_CTX 1 Summary SSL_NP OPEN_CONN 9 Summary SSL_NP DTLS_OPEN_CONN 5 Summary SSL_NP HANDSHAKE_START 15103 Summary SSL_NP HANDSHAKE_DONE 15103 Summary SSL_NP DOWNSTREAM_CLOSE 17681 Summary SSL_NP DOWNSTREAM_CLOSE_NEXT 15106 Summary SSL_NP UPSTREAM_CLOSE 15206 Summary SSL_NP UPSTREAM_CLOSE_NEXT 15106 Summary SSL_NP FREE_CONN 15106 Summary SSL_NP NEW_CONN_SERVER 15103 Summary SSL_NP IN_PKTS_RX 87404 Summary SSL_NP IN_PKTS_TX 26890 Summary SSL_NP OUT_PKTS_RX 209326555 Summary SSL_NP OUT_PKTS_TX 209371722 Summary SSL_NP SESSIONS_CLEARED 15009 Summary TM_NP LISTEN_FAIL 2 Summary EmWeb IN_PKTS 33 Summary EmWeb OUT_PKTS 138 Summary NPSHIM CTX_ALLOC 15085 Summary NPSHIM CTX_FREE 15077 Summary NPSHIM WRITE_UNBLOCKED 407658 Summary NPSHIM PUT_REQUEST 234 Summary NPSHIM PUT_XMT 234 Summary NPSHIM READ_RECV 15125 Summary VPIF BAD_VALUE 161271 Summary VPIF NOT_FOUND 70681962 Summary IPSEC IN_SA_CREATED 992 Summary IPSEC OUT_SA_CREATED 992 Summary IPSEC IN_SA_ACTIVATED 418 Summary IPSEC SA_DELETION_RETRY 21 Summary IPSEC INVALID_PFKEY_PARAMETERS 209 Summary SSLENC CONTEXT_CREATED 15103 Summary SSLENC CONTEXT_UPDATED 15103 Summary SSLENC CONTEXT_DESTROYED 15100 Summary ------------------ show service-policy ------------------ Global policy: Service-policy: global_policy Class-map: inspection_default Inspect: dns preset_dns_map, packet 2947494860, drop 164160, reset-drop 0, v6-fail-close 0 message-length maximum client auto, drop 0 message-length maximum 512, drop 0 dns-guard, count 14607583 protocol-enforcement, drop 0 nat-rewrite, count 1083 Inspect: ftp, packet 798700, drop 6, reset-drop 0, v6-fail-close 0 Cmd not port drop 6 Inspect: h323 h225 _default_h323_map, packet 142544, drop 0, reset-drop 32, v6-fail-close 0 tcp-proxy: bytes in buffer 0, bytes dropped 1664 h245-tunnel-block drops 0 connection Inspect: h323 ras _default_h323_map, packet 8, drop 1, reset-drop 0, v6-fail-close 0 h245-tunnel-block drops 0 connection Inspect: rsh, packet 0, drop 0, reset-drop 0, v6-fail-close 0 Inspect: rtsp, packet 917, drop 0, reset-drop 0, v6-fail-close 0 tcp-proxy: bytes in buffer 0, bytes dropped 0 Inspect: esmtp _default_esmtp_map, packet 21256773, drop 0, reset-drop 0, v6-fail-close 0 mask-banner, count 47283 match cmd line length gt 512 drop-connection log, packet 0 match cmd RCPT count gt 100 drop-connection log, packet 0 match body line length gt 998 log, packet 72 match header line length gt 998 drop-connection log, packet 0 match sender-address length gt 320 drop-connection log, packet 0 match MIME filename length gt 255 drop-connection log, packet 0 match ehlo-reply-parameter others mask, packet 131647 Inspect: sqlnet, packet 0, drop 0, reset-drop 0, v6-fail-close 0 Inspect: skinny , packet 6, drop 0, reset-drop 0, v6-fail-close 0 tcp-proxy: bytes in buffer 0, bytes dropped 0 Inspect: sunrpc, packet 156, drop 0, reset-drop 0, v6-fail-close 0 tcp-proxy: bytes in buffer 0, bytes dropped 0 Inspect: xdmcp, packet 0, drop 0, reset-drop 0, v6-fail-close 0 Inspect: sip , packet 175, drop 0, reset-drop 0, v6-fail-close 0 tcp-proxy: bytes in buffer 0, bytes dropped 0 Inspect: netbios, packet 2630082453, drop 0, reset-drop 0, v6-fail-close 0 Inspect: tftp, packet 6600, drop 0, reset-drop 0, v6-fail-close 0 Inspect: ip-options _default_ip_options_map, packet 0, drop 0, reset-drop 0, v6-fail-close 0 Router Alert: allow 0, clear 0 Inspect: icmp, packet 27211931, drop 1154, reset-drop 0, v6-fail-close 0 Inspect: pptp, packet 37028, drop 0, reset-drop 0, v6-fail-close 0 Inspect: icmp error, packet 78741141, drop 11820, reset-drop 0, v6-fail-close 0 Inspect: snmp, packet 8869400, drop 0, reset-drop 0, v6-fail-close 0 ------------------ show mode ------------------ Security context mode: single ------------------ show history ------------------ enable ------------------ show firewall ------------------ Firewall mode: Router ------------------ show running-config ------------------ : Saved : ASA Version 9.1(1) ! hostname ASA-INDRA enable password passwd names ip local pool INSIDE_INDRA 10.209.14.10-10.209.14.15 mask 255.255.255.128 ip local pool DESENVOLVEDORES 10.209.14.17-10.209.14.20 mask 255.255.255.128 ip local pool VPNCOC 10.209.14.129-10.209.14.134 mask 255.255.255.248 ! interface GigabitEthernet0/0 nameif inside security-level 100 ip address 10.209.14.1 255.255.255.128 ospf cost 10 ospf authentication null ! interface GigabitEthernet0/1 no nameif no security-level no ip address ! interface GigabitEthernet0/1.10 vlan 10 nameif MPLS_INTELIG security-level 60 ip address 172.19.235.113 255.255.255.248 ospf cost 10 ospf authentication null ! interface GigabitEthernet0/1.20 vlan 20 nameif MPLS_EBT security-level 60 ip address 172.19.235.97 255.255.255.248 ospf cost 10 ospf authentication null ! interface GigabitEthernet0/2 no nameif no security-level no ip address ! interface GigabitEthernet0/2.70 description CONEXAO DMZ vlan 70 nameif DMZ security-level 50 ip address 10.209.12.129 255.255.255.128 ospf authentication null ! interface GigabitEthernet0/3 nameif SONICWALL security-level 0 ip address 10.209.8.253 255.255.255.252 ! interface GigabitEthernet0/3.110 description LINK INTERNET TESA shutdown vlan 110 nameif TESA security-level 0 ip address 200.236.223.138 255.255.255.252 ospf network point-to-point non-broadcast ospf authentication null <--- More ---> WARNING: Failover enabled but the failover interface configuration is incomplete Failover will not take effect until the interface is fully configured interface GigabitEthernet0/3.120 description LINK INTERNET LEVEL 3 vlan 120 nameif LEVEL3 security-level 0 no ip address ospf cost 10 ospf network point-to-point non-broadcast ospf authentication null ! interface Management0/0 description LAN/STATE Failover Interface management-only nameif maneger security-level 0 ip address 192.168.1.1 255.255.255.0 ! banner login ||========================================|| banner login SOMENTE USUARIOS AUTORIZADOS banner login AUTHORIZED USERS ONLY banner login OS ACESSOS SERAO MONITORADOS banner login ||========================================|| boot system disk0:/asdm-645.bin ftp mode passive clock timezone BRST -3 clock summer-time BRDT recurring 2 Sun Oct 0:00 3 Sun Feb 0:00 dns domain-lookup MPLS_INTELIG dns domain-lookup MPLS_EBT dns domain-lookup DMZ dns domain-lookup SONICWALL dns domain-lookup LEVEL3 dns domain-lookup maneger same-security-traffic permit intra-interface object network SERVIDORES-LEVEL3 subnet 10.209.8.0 255.255.255.128 description Rede Servidores Alphaville - VLAN 10 object network DESKTOP-LEVEL3 subnet 10.209.10.0 255.255.255.0 description Rede Desktop Alphaville - VLAN 40 object network DESKTOP-2 subnet 10.209.11.0 255.255.255.0 description Rede Desktop Alphaville - VLAN 50 object network DESKTOP-3 subnet 10.209.12.0 255.255.255.128 description Rede Desktop Alphaville - VLAN 60 object network IMPRESSORAS subnet 10.209.8.192 255.255.255.192 description Rede Impressoras Alphaville - VLAN 30 object network GERENCIA subnet 10.209.9.0 255.255.255.0 description Rede Gerencia Alphaville - VLAN 255 object network WIRELESS-ALPHAVILLE subnet 10.209.8.128 255.255.255.192 description Rede Wirelless Alphaville - VLAN 20 object network FONES-IP subnet 10.209.13.0 255.255.255.0 description Rede Fones IP Alphaville - VLAN 100 object network INDRA-DUMAS subnet 10.209.32.0 255.255.248.0 description Rede Indra Dumas object network ALGAR-LAN subnet 10.209.17.0 255.255.255.0 description Rede Servidores Algar object network ALGAR subnet 10.209.16.0 255.255.255.248 description Rede WAN Site Algar object network ALGAR-CAMPINAS subnet 10.209.18.0 255.255.254.0 description Rede Site Algar Campinas object network DATAMETRICA-RECIFE subnet 10.209.24.0 255.255.248.0 description Site Datametrica Itapetininga object network DATAMETRICA-ITAPETININGA description Site Datametrica Itapetininga object network NAT-CEF host 172.28.6.26 description IP Sada NAT to CEF object network HSRP-VLAN-FIREWALL host 10.209.14.3 description Endereco VIP HSRP Switch Core 4507R object network FIREWALL subnet 10.209.14.0 255.255.255.240 description Rede Transito Interno Alphaville - VLAN 150 object network CEF subnet 172.19.240.0 255.255.248.0 description Rede Interna CEF object network NAT-INTERNET-TESA host 200.236.223.138 object network DNS_EXTERNO_PRIMARIO host 10.209.12.140 description DNS EXTERNO - DMZ object service DNS_EXTERNO_TCP service tcp destination eq domain object service DNS_SERVICE_UDP service udp destination eq domain object network EXCHANGE host 10.209.8.15 description Servidor de E-mail object service HTTPS service tcp destination eq https object service SMTP service tcp destination eq smtp object service SMTP587 service tcp destination eq 587 object network NAT-CEF-2 host 172.28.6.25 description Ip Sada NAT to CEF 2 object network LAN-ROUTER-MPLS-INTELIG host 172.19.232.126 description LAN-ROUTER-MPLS-INTELIG object network DNS host 172.16.32.162 object network DNS-CEF host 172.16.32.163 object network FALCON subnet 172.19.82.0 255.255.255.0 object network CONNECT_DIRECT host 172.16.32.148 object network MPLS_CAMPINAS_INTERNO subnet 10.201.0.0 255.255.0.0 description Rede interna campinas fones object network VOIP_EXTERNO subnet 10.201.58.0 255.255.255.0 description POSSIBILITAR VOIP_EXTERNO - ALGAR object service HTTP service tcp destination eq www description KASEYA object network SERVIDOR-NTP-INTERNO host 10.209.8.23 description SERVIDOR-NTP object network SERVIDOR_NTP-1-EXTERNO host 200.160.7.186 description a.st1.ntp.br object network SERVIDOR_NTP-2-EXTERNO host 200.186.125.195 description c.st1.ntp.br object network SERVIDOR_NTP-3-EXTERNO host 200.20.186.76 description d.st1.ntp.br object network SERVIDOR_NTP-4-EXTERNO host 200.160.7.193 description gps.ntp.br object network SERVIDOR_NTP-5-EXTERNO host 200.189.40.8 description b.ntp.br object network SERVIDOR_NTP-6-EXTERNO host 200.192.232.8 description c.ntp.br object network SERVIDOR_VPN host 10.209.8.28 description SERVIDOR_VPN object service VPN1 service tcp destination eq pptp object network A_200.236.223.137 host 200.236.223.137 object service L2TP service tcp destination eq 1701 object network Redmine host 10.209.8.51 object service HTTP1 service tcp destination eq 8080 description REDMINE PRODU..O object network SERVER-BATIMENTO host 10.209.8.52 object service HTTP2 service tcp destination eq 8081 description MANTIS PRODU..O object service AGENT_KASEYA service tcp destination eq 5721 object network A_201.90.225.177 host 201.90.225.177 description Link Internet Embratel object service BO_FALCON service tcp destination eq 6400 object service BO_FALCON1 service tcp destination eq ldap object service BO_FALCON2 service tcp destination eq sqlnet object network VOIP_EXTERNO2 subnet 10.201.57.0 255.255.255.0 object network LAN-MPLS-EMBRATEL subnet 172.19.240.0 255.255.255.128 object network LAN-ROUTER-MPLS-EMBRATEL host 172.19.240.246 object network ALGAR-LAN-EBT subnet 172.19.242.0 255.255.255.0 description ALGAR-LAN-EBT object network Datametrica-LAN-EBT subnet 172.19.243.248 255.255.255.252 description REDE DMZ Datametrica EBT object network BSB-LAN-EBT subnet 172.28.6.64 255.255.255.252 description Rede DMZ Brasilia EBT object network DUMAS-LAN-EBT subnet 172.19.241.0 255.255.255.0 description DUMAS-LAN-EBT object network DMZ-EBT-LAN subnet 172.19.240.240 255.255.255.248 description Rede DMZ EBT object network NAT-CEF-EBT host 172.28.6.66 description IP Sada to CEF EBT object network NAT-CEF2-EBT host 172.28.6.65 description IP Sada NAT to CEF 2 object network Redmine_Prev host 10.209.8.24 description Redmine_Prev object service HTTP3 service tcp destination eq 8082 description REDMINE_PREV object network FALCON-BO host 10.195.192.134 object network FALCON-BO-NAT host 172.19.82.14 object network SERVIDOR_PRTG host 10.209.10.254 description SERVER_PRTG object service HTTP4 service tcp destination eq 8083 description MONITORAMENTO PRTG object network Recife_Lan subnet 10.0.0.0 255.255.240.0 description Recife_Lan object network ALGAR1_FRONTEND host 10.209.17.50 description ALGAR1_FRONTEND object network ALGAR2_FRONTEND host 10.209.17.51 description ALGAR2_FRONTEND object service ALGAR_FRONTEND service tcp destination eq 8090 description ALGAR_FRONTEND object network NETWORK_OBJ_10.209.8.128_29 subnet 10.209.8.128 255.255.255.248 object network ACTIVE_DIRECTORY_EBT host 10.209.8.14 description ACTIVE_DIRECTORY_EBT object network ACTIVE_DIRECTORY_INT host 10.209.8.14 description ACTIVE_DIRECTORY_INT object network SIPCS_NAT_EBT host 172.19.240.126 description SIPCS_NAT_EBT object network SIPCS_NAT_INT host 172.19.232.116 description SIPCS_NAT_INT object network CLAN_AVAYA host 10.209.8.72 description CLAN_AVAYA object network CONNECT_LAN_EBT host 10.209.8.25 description CONNECT_LAN_EBT object network CONNECT_NAT_EBT host 172.19.240.50 description CONNECT_NAT_EBT object network CONNECT_LAN_INT host 10.209.8.25 description CONNECT_LAN_INT object network CONNECT_NAT_INT host 172.19.232.50 description CONNECT_NAT_INT object network DNS_EXTERNO_SECUNDARIO host 10.209.12.141 description DNS_EXTERNO_SECUNDARIO object network DUMAS_NAT_EBT range 172.19.240.161 172.19.240.190 description DUMAS_NAT_EBT object network ALGAR-LAN-INT subnet 172.19.233.0 255.255.255.128 description ALGAR-LAN-INT object network DUMAS-LAN-INT subnet 172.19.232.128 255.255.255.128 description DUMAS-LAN-INT object network DUMAS-NAT-INT range 172.19.232.240 172.19.232.247 description DUMAS-NAT-INT object network PABX_DATAMETRICA host 10.0.0.66 description PABX_DATAMETRICA_DIGITRO object network PROULER_AVAYA host 10.209.8.73 description PROULER_AVAYA object network REDE_LAN_RECIFE subnet 172.19.243.0 255.255.255.0 description REDE_LAN_RECIFE object network REDE_LAN_RECIFE_INT subnet 172.19.233.128 255.255.255.128 description REDE_LAN_RECIFE_INT object service AVAYA_TELEFONE service udp source eq 1719 destination eq 1719 object service FTP service tcp destination eq ftp description FTP object service FTP-DATA service tcp destination eq ftp-data description FTP-DATA object service PRAWLER service udp destination eq 72 description PRAWLER object service PRAWLER_VOZ1 service udp destination eq 2580 description PRAWLER_VOZ1 object service PRAWLER_VOZ2 service udp destination eq 2581 description PRAWLER_VOZ2 object network 10.192.195.132 subnet 10.192.195.132 255.255.255.252 object network ALGAR-TESTE subnet 10.201.37.0 255.255.255.0 object network NETWORK_OBJ_10.209.10.192_27 subnet 10.209.10.192 255.255.255.224 object network SERVIDOR-SNMP host 10.209.8.90 description SERVIDOR-SNMP object network SERVIDOR-SNMP-NAT-EBT host 172.19.240.30 description SERVIDOR-SNMP-NAT object network ALGAR-UBERLANDIA host 172.19.244.113 description ALGAR-UBERLANDIA object service HTTP5 service tcp destination eq 8084 description SERVER-CACTI object network SERVIDOR-SNMP-INT host 10.209.8.90 description SERVIDOR-SNMP-INT object network SERVIDOR-SNMP-NAT-INT host 172.19.232.30 description SERVIDOR-SNMP-NAT-INT object network SERVIDOR-CACTI host 10.209.8.90 description SERVIDOR-CACTI object network VITOR-VPN host 10.209.10.40 description VITOR-VPN object network VITOR-VPN-2 host 10.209.10.68 description VITOR-VPN-2 object network SIPCS_NAT_EBT_VPN02 host 172.19.240.125 description NAT para aceso ao sipcs atraves da vpn bpo. object network VPN02_EBT host 10.209.8.28 description NAT para acesso ao Sipcs.extracaixa atraves da vpn bpo object network SIPCS_NAT_INT_VPN02 host 172.19.232.115 description Nat para acesso ao sipcs atraves da VPN BPO object network VPN02_INT host 10.209.8.28 description Servidor de VPN. object network SONICWALL-FW host 10.209.8.254 description SONICWALL object network ACTIVE-DIRECTORY-INSIDE host 10.209.8.14 description ACTIVE-DIRECTORY-INSIDE object network NETWORK_OBJ_10.209.12.0_25 subnet 10.209.12.0 255.255.255.128 object network BPOSRV-GIS_ALPHAVILLE_NAT host 172.19.235.71 description BPOSRV-GIS_ALPHAVILLE_NAT object network NETWORK_OBJ_10.209.14.0_27 subnet 10.209.14.0 255.255.255.224 object network NETWORK_OBJ_10.209.14.0_28 subnet 10.209.14.0 255.255.255.240 object network VPN-CISCO range 10.209.14.10 10.209.14.30 object network VPN-CISCO-NAT host 172.19.240.127 description VPN-CISCO-NAT object network SIPCS-CAIXA host 172.16.32.190 description SIPCS-CAIXA object network WIFI-DUMAS host 10.209.35.25 object network NETWORK_OBJ_10.209.14.16_28 subnet 10.209.14.16 255.255.255.240 object network NETWORK_OBJ_10.209.8.252_30 subnet 10.209.8.252 255.255.255.252 object network ALGAR_UBERLANDIA_CLAN host 10.200.132.103 description IP CLAN AlGAR UBERLANDIA object network NETWORK_OBJ_10.209.14.128_29 subnet 10.209.14.128 255.255.255.248 object network ALGAR_UBERLANDIA_MEDPRO subnet 10.200.96.128 255.255.255.240 description Endreos IPs da MEDPRO da Algar Uberlandia object network FILE-SERVER host 10.209.8.19 description FILE-SERVER object service SMB service tcp destination eq 445 description SMB object service SMB-UDP service udp destination eq 445 description SMB object service netbios-dgm service tcp destination eq 138 description netbios-dgm object service netbios-ns service tcp destination eq 137 description netbios-ns object service netbios-ssn service udp destination eq 139 description netbios-ssn object network CONNECT-LAN host 10.209.8.25 object network Algar_Uberlandia_Firewall host 172.19.244.249 description Porta LAN firewall da Algar Uberlandia object network NETWORK_OBJ_10.209.14.8_29 subnet 10.209.14.8 255.255.255.248 object network NETWORK_OBJ_10.209.14.136_29 subnet 10.209.14.136 255.255.255.248 object network SISCC-CAIXA host 172.16.32.246 description Objeto para acesso ao SISCC da caixa. object service SMTP-587 service tcp source eq 587 destination eq 587 description SMTP-587 object service Remote_Desktop service tcp source eq 3389 destination eq 3389 description Remote Desktop Windows object network Right_Fax host 10.209.8.21 description Servidor Right Fax object network Right_Fax_NAT host 172.19.240.9 description NAT de traduo Right FAX object network AD_MPLS_DC host 172.19.235.65 description AD_MPLS_DC object network LAN-ROUTER-MPLS-EMBRATEL-DC subnet 172.19.235.96 255.255.255.248 description LAN-ROUTER-MPLS-EMBRATEL-DC object network CONNECT_NAT_DC host 172.19.235.66 description CONNECT_NAT_DC object network Active-directory host 10.209.8.14 description AD object network INTERNET_EBT host 201.90.225.178 description INTERNET EBT object network INTERNET-DC host 189.125.156.83 description INTERNET-DC object network INTERNET-WS host 201.90.225.178 description INTERNET-WS object network EXCHANGE_02 host 10.209.8.27 description EXCHANGE_02 object network Alphaville_WestSide_NAT_EBT range 172.19.240.129 172.19.240.158 description Alphaville_WestSide_NAT_EBT object service MYSQL service tcp source eq 3306 destination eq 3306 description Banco de dados MySql object network RIONEGRO_NETWORK_NAT subnet 172.19.235.128 255.255.255.128 description RIONEGRO_NETWORK_NAT_MPLS object network TOCANTIS_NAT_INTELIG subnet 172.19.232.0 255.255.255.128 description TOCANTIS_NAT_INTELIG object network RIONEGRO_AD_NAT host 172.19.235.199 description RIONEGRO_AD_NAT object network COTIA_FS_NAT host 172.19.235.72 description COTIA_FS_NAT object network NETWORK_OBJ_10.209.42.14 host 10.209.42.14 object network RIONEGRO_NAT_EBT_TEMP host 172.19.240.225 description RIONEGRO_NAT_EBT_TEMP object network ACTIVE_DIRECTORY_INT_NAT host 172.19.235.65 description ACTIVE_DIRECTORY_INTELIG_NAT object network RIONEGRO_NAT_INT_TEMP host 172.19.232.105 description RIONEGRO_NAT_INT_TEMP object network RIONEGRO_NAT_INT_TESTE host 172.19.235.246 description RIONEGRO_NAT_INT_TESTE object network RIONEGRO_NETWORK_TESTE subnet 172.19.235.0 255.255.255.0 description RIONEGRO_NETWORK_TESTE object service HTTP6 service tcp destination eq 8085 description SERVIDOR_GIS object network Servidor_GIS host 10.209.8.79 description Servidor_GIS object service PORTA_BPOSRVZAB service tcp source eq 10051 destination eq 10051 description PORTA_BPOSRVZAB object network RIONEGRO-BPOSRV_ZBX_NAT host 172.19.235.214 description BPOSRV_ZBX_NAT object service SERVER_JAVA service tcp destination eq 12345 description SERVER_JAVA object service ALGAR_RIDFAX service tcp source eq h323 object network NETWORK_OBJ_10.209.42.0 host 10.209.42.0 object service FRONT_ALGAR service tcp source eq ssh destination eq ssh object network NETWORK_OBJ_10.209.42.0_26 subnet 10.209.42.0 255.255.255.192 object network NETWORK_OBJ_10.209.8.0_25 subnet 10.209.8.0 255.255.255.128 object network BPOSRV-ZBX02 host 10.209.8.11 description BPOSRV-ZBX02 object service SSH_ZBX service tcp source eq ssh destination eq ssh description SSH_ZBX object network HOST_BPOSRV_AD05_RN host 10.209.42.20 description HOST_BPOSRV_AD05_RN object network MPLS_TESTE host 172.19.235.97 object network HOST_RN_TEMP host 10.209.41.19 description HOST_RN_TEMP object network RIONEGRO_NETWOK_BACKOFFICE subnet 10.209.40.0 255.255.255.0 object network BPOSRV_OPNVPN host 10.209.8.12 description BPOSRV_OPNVPN object service BPOSRV_OPENVPN service tcp destination eq 943 description BPOSRV_OPENVPN object service BPOSRV_OPENVPN2 service udp source eq 1154 object service BPOSRV_OPENVPN3 service tcp source eq 4443 object network KASEYA host 10.209.8.14 description KASEYA object network KASEYA_B host 10.209.8.14 description KASEYA_B object network SERASA host 200.245.207.181 description SERASA object service SERVIDOR_ATC service tcp destination eq 3306 description SERVIDOR_ATC object-group network REDES-INTERNAS network-object object SERVIDORES-LEVEL3 network-object object DESKTOP-LEVEL3 network-object object DESKTOP-2 network-object object IMPRESSORAS network-object object GERENCIA network-object object FONES-IP network-object object WIRELESS-ALPHAVILLE network-object object FIREWALL network-object object DESKTOP-3 network-object object LAN-MPLS-EMBRATEL object-group network REDES-EXTERNAS network-object object ALGAR-LAN network-object object ALGAR network-object object ALGAR-CAMPINAS network-object object DATAMETRICA-RECIFE network-object object NAT-CEF network-object object NAT-CEF-2 network-object object INDRA-DUMAS network-object object DNS network-object object DNS-CEF network-object object FALCON network-object object CONNECT_DIRECT network-object object VOIP_EXTERNO network-object object VOIP_EXTERNO2 network-object object LAN-ROUTER-MPLS-EMBRATEL network-object object ALGAR-LAN-INT network-object object DUMAS-LAN-INT network-object object REDE_LAN_RECIFE_INT network-object object DUMAS-NAT-INT network-object object LAN-ROUTER-MPLS-INTELIG network-object object Recife_Lan network-object object ALGAR_UBERLANDIA_CLAN network-object object ALGAR_UBERLANDIA_MEDPRO network-object object LAN-ROUTER-MPLS-EMBRATEL-DC network-object object Alphaville_WestSide_NAT_EBT network-object object TOCANTIS_NAT_INTELIG network-object object RIONEGRO_NETWORK_NAT network-object object ALGAR-LAN-EBT network-object 10.209.41.0 255.255.255.0 network-object 10.209.42.0 255.255.255.192 network-object object NETWORK_OBJ_10.209.42.0_26 network-object object RIONEGRO_NETWOK_BACKOFFICE object-group service DM_INLINE_SERVICE_62 service-object ip service-object tcp destination eq smtp service-object udp destination eq snmp object-group service DM_INLINE_SERVICE_1 service-object tcp destination eq domain service-object udp destination eq domain object-group service DNS_SERVICES service-object tcp destination eq domain service-object udp destination eq domain object-group service DM_INLINE_TCP_1 tcp port-object eq https port-object eq smtp port-object eq 587 object-group network mpls-campinas-interno description Rede interna campinas fones network-object object MPLS_CAMPINAS_INTERNO object-group network SERVIDORES_NTP_EXTERNOS description GRUPO COM OS SERVIDORES NTP EXTERNOS network-object object SERVIDOR_NTP-1-EXTERNO network-object object SERVIDOR_NTP-2-EXTERNO network-object object SERVIDOR_NTP-3-EXTERNO network-object object SERVIDOR_NTP-4-EXTERNO network-object object SERVIDOR_NTP-5-EXTERNO network-object object SERVIDOR_NTP-6-EXTERNO object-group service DM_INLINE_SERVICE_2 service-object tcp destination eq domain service-object udp destination eq domain object-group network DM_INLINE_NETWORK_14 network-object 10.209.42.0 255.255.255.192 network-object 10.209.8.0 255.255.255.128 object-group network DM_INLINE_NETWORK_1 network-object object FALCON network-object object FALCON-BO-NAT object-group network REDES-EXTERNAS-EBT network-object object ALGAR network-object object ALGAR-CAMPINAS network-object object ALGAR-LAN network-object object CEF network-object object CONNECT_DIRECT network-object object DATAMETRICA-RECIFE network-object object DNS network-object object DNS-CEF network-object object FALCON network-object object LAN-ROUTER-MPLS-EMBRATEL network-object object VOIP_EXTERNO network-object object VOIP_EXTERNO2 network-object object NAT-CEF-EBT network-object object NAT-CEF2-EBT network-object object ALGAR-LAN-EBT network-object object DUMAS-LAN-EBT network-object object DUMAS_NAT_EBT network-object object INDRA-DUMAS network-object object REDE_LAN_RECIFE network-object object Recife_Lan network-object object ALGAR-UBERLANDIA network-object object ALGAR_UBERLANDIA_CLAN network-object object ALGAR_UBERLANDIA_MEDPRO network-object object LAN-ROUTER-MPLS-EMBRATEL-DC network-object object LAN-MPLS-EMBRATEL network-object object Alphaville_WestSide_NAT_EBT network-object object RIONEGRO_NETWORK_NAT network-object 10.209.41.0 255.255.255.0 network-object 10.209.42.0 255.255.255.192 network-object object NETWORK_OBJ_10.209.42.0_26 network-object object RIONEGRO_NETWOK_BACKOFFICE object-group network REDES-INTERNAS-EBT network-object object LAN-ROUTER-MPLS-EMBRATEL object-group service DM_INLINE_SERVICE_66 service-object ip service-object object SMTP object-group network AVAYA_EBT network-object object CLAN_AVAYA network-object object PROULER_AVAYA object-group service DIGITRO udp port-object eq 2060 port-object eq 4060 port-object eq 6060 object-group service Digitro tcp port-object eq 3060 port-object eq 5061 object-group service DM_INLINE_TCP_3 tcp port-object eq ftp port-object eq ftp-data object-group service DM_INLINE_SERVICE_3 service-object tcp destination eq 3060 service-object tcp destination eq 5061 service-object tcp destination eq sip service-object udp destination eq 2060 service-object udp destination eq 4060 service-object udp destination eq 6060 object-group service DM_INLINE_SERVICE_4 service-object object AVAYA_TELEFONE service-object object PRAWLER service-object object PRAWLER_VOZ1 service-object object PRAWLER_VOZ2 service-object tcp destination eq 3060 service-object tcp destination eq 5061 service-object tcp destination eq h323 service-object tcp destination eq sip service-object udp destination eq 2060 service-object udp destination eq 4060 service-object udp destination eq 6060 service-object udp destination eq bootps object-group service DM_INLINE_SERVICE_5 service-object tcp destination eq 3060 service-object tcp destination eq 5061 service-object tcp destination eq sip service-object udp destination eq 2060 service-object udp destination eq 4060 service-object udp destination eq 6060 object-group service DM_INLINE_SERVICE_6 service-object object AVAYA_TELEFONE service-object object PRAWLER service-object object PRAWLER_VOZ1 service-object object PRAWLER_VOZ2 service-object tcp destination eq 3060 service-object tcp destination eq 5061 service-object tcp destination eq h323 service-object tcp destination eq sip service-object udp destination eq 2060 service-object udp destination eq 4060 service-object udp destination eq 6060 service-object udp destination eq bootps object-group service DM_INLINE_TCP_4 tcp port-object eq ftp port-object eq ftp-data object-group service DM_INLINE_SERVICE_7 service-object ip service-object gre service-object object L2TP service-object object Remote_Desktop service-object tcp destination eq pptp object-group service DM_INLINE_SERVICE_8 service-object ip service-object icmp service-object gre service-object object L2TP service-object object PORTA_BPOSRVZAB service-object tcp destination eq pptp object-group service DM_INLINE_SERVICE_9 service-object tcp destination eq domain service-object udp destination eq domain object-group protocol TCPUDP protocol-object udp protocol-object tcp object-group service DM_INLINE_TCP_6 tcp port-object eq ftp port-object eq ftp-data object-group service DM_INLINE_SERVICE_10 service-object gre service-object tcp destination eq pptp service-object icmp object-group service DM_INLINE_SERVICE_11 service-object ip service-object tcp destination eq pptp object-group service DM_INLINE_SERVICE_12 service-object ip service-object object ALGAR_RIDFAX service-object tcp destination eq h323 object-group service DM_INLINE_SERVICE_13 service-object object HTTP2 service-object object HTTP3 service-object object HTTP4 service-object object HTTP5 object-group service DM_INLINE_SERVICE_14 service-object gre service-object tcp destination eq www service-object tcp destination eq https service-object tcp destination eq pptp object-group service DM_INLINE_SERVICE_16 service-object object SMB service-object object SMB-UDP service-object object netbios-dgm service-object object netbios-ns service-object object netbios-ssn service-object tcp destination eq netbios-ssn service-object udp destination eq netbios-dgm service-object udp destination eq netbios-ns object-group service DM_INLINE_SERVICE_17 service-object object SMB service-object object SMB-UDP service-object object netbios-dgm service-object object netbios-ns service-object object netbios-ssn service-object tcp destination eq netbios-ssn service-object udp destination eq netbios-dgm service-object udp destination eq netbios-ns object-group network DM_INLINE_NETWORK_4 network-object object SIPCS-CAIXA network-object object SISCC-CAIXA object-group service DM_INLINE_SERVICE_18 service-object object SMTP service-object tcp destination eq 587 service-object tcp destination eq https service-object ip service-object tcp destination eq www object-group service DM_INLINE_SERVICE_15 service-object ip service-object object Remote_Desktop service-object gre service-object object L2TP service-object tcp destination eq pptp service-object icmp service-object object SERVER_JAVA service-object tcp destination eq h323 service-object object ALGAR_RIDFAX service-object tcp destination eq ssh service-object object FRONT_ALGAR service-object tcp destination eq smtp service-object udp destination eq snmp object-group network DM_INLINE_NETWORK_5 network-object object DUMAS_NAT_EBT network-object object RIONEGRO_NAT_EBT_TEMP object-group service Desenv_Contabil udp description Portas de VPN para o Desenvolvimento Contabil port-object eq 10000 port-object eq 4500 port-object eq isakmp object-group service DM_INLINE_SERVICE_19 service-object tcp destination eq ssh service-object udp destination eq 10000 service-object udp destination eq 4500 service-object udp destination eq isakmp object-group network DM_INLINE_NETWORK_19 network-object 10.209.40.0 255.255.255.0 network-object 10.209.41.0 255.255.255.0 network-object 10.209.42.0 255.255.255.192 network-object object FALCON-BO-NAT object-group service DM_INLINE_SERVICE_20 service-object object MYSQL service-object tcp destination eq ssh service-object udp destination eq 10000 service-object udp destination eq 4500 service-object udp destination eq isakmp object-group service DM_INLINE_SERVICE_21 service-object ip service-object gre service-object object L2TP service-object tcp destination eq pptp service-object icmp service-object object PORTA_BPOSRVZAB service-object object SERVER_JAVA object-group service DM_INLINE_SERVICE_22 service-object ip service-object gre service-object object L2TP service-object object Remote_Desktop service-object tcp destination eq pptp service-object icmp service-object object PORTA_BPOSRVZAB service-object object SERVER_JAVA object-group service DM_INLINE_SERVICE_23 service-object ip service-object gre service-object object L2TP service-object tcp destination eq pptp service-object tcp destination eq smtp object-group service DM_INLINE_SERVICE_24 service-object ip service-object gre service-object object L2TP service-object tcp destination eq pptp object-group service DM_INLINE_SERVICE_25 service-object ip service-object gre service-object object L2TP service-object tcp destination eq pptp object-group service DM_INLINE_SERVICE_26 service-object ip service-object gre service-object object L2TP service-object tcp destination eq pptp object-group service DM_INLINE_SERVICE_27 service-object ip service-object gre service-object object L2TP service-object tcp destination eq pptp service-object icmp service-object tcp destination eq www object-group service DM_INLINE_SERVICE_28 service-object ip service-object object ALGAR_RIDFAX service-object tcp destination eq h323 object-group network DM_INLINE_NETWORK_6 network-object 10.209.41.0 255.255.255.0 network-object 10.209.42.0 255.255.255.192 network-object object FALCON-BO-NAT network-object object RIONEGRO_NETWOK_BACKOFFICE object-group service DM_INLINE_SERVICE_29 service-object ip service-object tcp destination eq 587 service-object tcp destination eq https object-group service GRUP_PORTS-OPENVPN service-object object BPOSRV_OPENVPN2 service-object object BPOSRV_OPENVPN3 service-object object BPOSRV_OPENVPN object-group service DM_INLINE_SERVICE_31 service-object ip service-object gre service-object object L2TP service-object tcp destination eq pptp service-object icmp service-object object PORTA_BPOSRVZAB service-object object SERVER_JAVA service-object object BPOSRV_OPENVPN group-object GRUP_PORTS-OPENVPN service-object tcp destination eq https service-object udp destination eq snmp object-group network DM_INLINE_NETWORK_18 group-object REDES-EXTERNAS group-object REDES-EXTERNAS-EBT object-group service DM_INLINE_SERVICE_30 service-object ip service-object object HTTP service-object tcp destination eq 587 service-object tcp destination eq https object-group service DM_INLINE_SERVICE_34 service-object ip service-object gre service-object object L2TP service-object object Remote_Desktop service-object tcp destination eq pptp service-object icmp service-object tcp destination eq www object-group service DM_INLINE_SERVICE_35 service-object ip service-object gre service-object object L2TP service-object object Remote_Desktop service-object tcp destination eq pptp object-group service DM_INLINE_SERVICE_36 service-object object HTTP service-object object HTTP6 service-object icmp service-object object SERVER_JAVA object-group network DM_INLINE_NETWORK_7 network-object 10.209.41.0 255.255.255.0 network-object 10.209.42.0 255.255.255.192 object-group service DM_INLINE_SERVICE_37 service-object icmp service-object object HTTP service-object object HTTP6 service-object object SERVER_JAVA object-group service DM_INLINE_SERVICE_38 service-object ip service-object tcp destination eq h323 object-group service DM_INLINE_SERVICE_33 service-object ip service-object tcp destination eq smtp object-group service DM_INLINE_SERVICE_40 service-object ip service-object tcp destination eq h323 service-object object ALGAR_RIDFAX object-group service DM_INLINE_SERVICE_39 service-object ip service-object tcp destination eq smtp object-group service DM_INLINE_SERVICE_42 service-object ip service-object tcp destination eq ssh object-group service DM_INLINE_SERVICE_43 service-object ip service-object tcp destination eq ssh object-group service DM_INLINE_SERVICE_44 service-object ip service-object tcp destination eq ssh object-group service DM_INLINE_SERVICE_45 service-object ip service-object tcp destination eq ssh object-group service DM_INLINE_SERVICE_46 service-object ip service-object icmp service-object gre service-object tcp destination eq pptp object-group network DM_INLINE_NETWORK_8 network-object 10.209.41.0 255.255.255.0 network-object 10.209.42.0 255.255.255.192 network-object object RIONEGRO_NETWOK_BACKOFFICE object-group network DM_INLINE_NETWORK_9 network-object 10.209.14.0 255.255.255.128 network-object 10.209.8.0 255.255.255.128 object-group protocol DM_INLINE_PROTOCOL_1 protocol-object ip protocol-object icmp object-group network DM_INLINE_NETWORK_10 network-object 10.209.41.0 255.255.255.0 network-object 10.209.42.0 255.255.255.192 network-object object RIONEGRO_NETWOK_BACKOFFICE object-group service DM_INLINE_SERVICE_59 service-object ip service-object object HTTP object-group network DM_INLINE_NETWORK_11 network-object 10.209.41.0 255.255.255.0 network-object object RIONEGRO_NETWOK_BACKOFFICE object-group network DM_INLINE_NETWORK_12 network-object 10.209.41.0 255.255.255.0 network-object object RIONEGRO_NETWOK_BACKOFFICE object-group network DM_INLINE_NETWORK_13 network-object 10.209.42.0 255.255.255.192 network-object host 10.209.42.19 network-object object HOST_BPOSRV_AD05_RN object-group service DM_INLINE_SERVICE_47 service-object ip group-object GRUP_PORTS-OPENVPN object-group service DM_INLINE_SERVICE_48 service-object object SMTP service-object tcp destination eq 587 service-object tcp destination eq https object-group service DM_INLINE_SERVICE_50 service-object ip group-object GRUP_PORTS-OPENVPN service-object object BPOSRV_OPENVPN object-group network DM_INLINE_NETWORK_15 network-object 10.209.40.0 255.255.255.0 network-object 10.209.41.0 255.255.255.0 network-object 10.209.42.0 255.255.255.192 object-group network DM_INLINE_NETWORK_16 network-object 10.209.40.0 255.255.255.0 network-object 10.209.41.0 255.255.255.0 network-object 10.209.42.0 255.255.255.192 object-group network DM_INLINE_NETWORK_17 network-object 10.209.40.0 255.255.255.0 network-object 10.209.41.0 255.255.255.0 network-object 10.209.42.0 255.255.255.192 object-group service DM_INLINE_SERVICE_49 service-object ip service-object object SMTP service-object tcp destination eq 587 service-object tcp destination eq https service-object object SMTP-587 service-object tcp destination eq www service-object udp destination eq snmp service-object udp destination eq isakmp object-group service DM_INLINE_SERVICE_51 service-object ip service-object object SMTP service-object tcp destination eq 587 service-object tcp destination eq https service-object object SMTP-587 service-object tcp destination eq www service-object udp destination eq isakmp object-group service DM_INLINE_SERVICE_52 service-object object SMTP service-object tcp destination eq 587 service-object ip service-object tcp destination eq https service-object object SMTP-587 service-object tcp destination eq www service-object udp destination eq isakmp object-group service DM_INLINE_SERVICE_53 service-object ip service-object icmp service-object object SMTP service-object tcp destination eq 587 service-object tcp destination eq https service-object tcp destination eq www object-group service DM_INLINE_SERVICE_54 service-object ip service-object object SMTP service-object tcp destination eq 587 service-object tcp destination eq https service-object udp destination eq snmp object-group service DM_INLINE_SERVICE_55 service-object ip service-object object SMTP service-object tcp destination eq 587 service-object tcp destination eq https service-object object HTTP service-object udp destination eq snmp object-group service DM_INLINE_SERVICE_56 service-object object SMTP service-object tcp destination eq https service-object ip object-group service DM_INLINE_SERVICE_57 service-object ip service-object object SMTP service-object tcp destination eq 587 service-object tcp destination eq https service-object object SMTP-587 object-group service DM_INLINE_SERVICE_58 service-object ip service-object object SMTP service-object tcp destination eq 587 service-object tcp destination eq https service-object object SMTP-587 object-group service DM_INLINE_SERVICE_60 service-object ip service-object tcp destination eq www service-object icmp service-object gre service-object object FRONT_ALGAR service-object object L2TP service-object tcp destination eq h323 service-object tcp destination eq pptp service-object tcp destination eq ssh service-object object MYSQL service-object object SERVIDOR_ATC service-object udp destination eq isakmp object-group service DM_INLINE_SERVICE_41 service-object ip service-object tcp destination eq smtp object-group service DM_INLINE_SERVICE_61 service-object ip service-object tcp destination eq smtp object-group service DM_INLINE_SERVICE_63 service-object ip service-object object HTTP object-group service DM_INLINE_SERVICE_64 service-object ip service-object icmp service-object gre service-object object FRONT_ALGAR service-object object L2TP service-object object PORTA_BPOSRVZAB service-object object SERVER_JAVA service-object tcp destination eq h323 service-object tcp destination eq pptp service-object tcp destination eq ssh service-object udp destination eq snmp service-object udp destination eq isakmp object-group service DM_INLINE_SERVICE_65 service-object ip service-object icmp service-object gre group-object GRUP_PORTS-OPENVPN service-object object L2TP service-object tcp destination eq pptp service-object udp destination eq isakmp object-group service DM_INLINE_SERVICE_32 service-object ip service-object icmp service-object gre service-object object ALGAR_RIDFAX service-object object FRONT_ALGAR service-object object L2TP service-object object PORTA_BPOSRVZAB service-object object SERVER_JAVA service-object tcp destination eq h323 service-object tcp destination eq pptp service-object tcp destination eq ssh service-object udp destination eq snmp object-group service DM_INLINE_SERVICE_67 service-object ip service-object tcp destination eq smtp object-group network DM_INLINE_NETWORK_2 network-object object FALCON network-object object FALCON-BO-NAT object-group network DM_INLINE_NETWORK_3 network-object object FALCON network-object object FALCON-BO-NAT object-group service DM_INLINE_SERVICE_68 service-object ip service-object tcp destination eq smtp object-group service DM_INLINE_SERVICE_69 service-object ip service-object tcp destination eq smtp object-group network DM_INLINE_NETWORK_20 network-object object FALCON network-object object FALCON-BO-NAT object-group network DM_INLINE_NETWORK_21 network-object 10.209.14.0 255.255.255.128 network-object 10.209.42.0 255.255.255.192 network-object 10.209.8.0 255.255.255.128 object-group service DM_INLINE_SERVICE_70 service-object ip service-object udp destination eq snmp object-group network DM_INLINE_NETWORK_22 network-object 10.209.40.0 255.255.255.0 network-object 10.209.41.0 255.255.255.0 network-object 10.209.42.0 255.255.255.192 object-group service DM_INLINE_SERVICE_71 service-object ip service-object udp destination eq snmp object-group service DM_INLINE_SERVICE_72 service-object ip service-object udp destination eq snmp service-object udp destination eq snmptrap object-group service DM_INLINE_SERVICE_73 service-object ip service-object udp destination eq snmp object-group service DM_INLINE_SERVICE_74 service-object ip service-object udp destination eq snmp object-group service DM_INLINE_SERVICE_75 service-object ip service-object udp destination eq snmp object-group network DM_INLINE_NETWORK_23 network-object 10.209.42.0 255.255.255.192 network-object 10.209.8.0 255.255.255.128 object-group service DM_INLINE_SERVICE_76 service-object ip service-object udp destination eq isakmp object-group network DM_INLINE_NETWORK_24 network-object 10.209.42.0 255.255.255.192 network-object 10.209.8.0 255.255.255.128 object-group service DM_INLINE_SERVICE_77 service-object ip service-object object MYSQL service-object tcp destination eq ssh service-object udp destination eq 10000 service-object udp destination eq 4500 service-object udp destination eq isakmp object-group service DM_INLINE_SERVICE_78 service-object ip service-object udp destination eq isakmp object-group service DM_INLINE_SERVICE_79 service-object ip service-object udp destination eq isakmp object-group service DM_INLINE_SERVICE_80 service-object ip service-object udp destination eq isakmp access-list INSIDE_access_in extended permit ip object SERVIDORES-LEVEL3 object RIONEGRO-BPOSRV_ZBX_NAT inactive access-list INSIDE_access_in extended permit object-group DM_INLINE_SERVICE_43 object BPOSRV-ZBX02 any inactive access-list INSIDE_access_in extended permit object-group DM_INLINE_SERVICE_45 object BPOSRV-ZBX02 object SONICWALL-FW inactive access-list INSIDE_access_in extended permit ip object SONICWALL-FW object CONNECT-LAN inactive access-list INSIDE_access_in extended permit ip host 172.16.102.10 object CONNECT-LAN inactive access-list INSIDE_access_in extended permit object-group DM_INLINE_PROTOCOL_1 object SONICWALL-FW object-group DM_INLINE_NETWORK_12 inactive access-list INSIDE_access_in extended permit ip object-group DM_INLINE_NETWORK_11 any inactive access-list INSIDE_access_in extended permit object-group GRUP_PORTS-OPENVPN object SONICWALL-FW object BPOSRV_OPNVPN inactive access-list INSIDE_access_in extended permit object-group DM_INLINE_SERVICE_47 any object BPOSRV_OPNVPN inactive access-list DMZ_access_in extended permit ip object DNS_EXTERNO_PRIMARIO any access-list DMZ_access_in extended permit ip object DNS_EXTERNO_SECUNDARIO any access-list capture extended permit udp any any eq domain access-list MPLS_INTELIG_access_in extended permit ip object-group REDES-INTERNAS object FALCON-BO access-list MPLS_INTELIG_access_in extended permit object-group DM_INLINE_SERVICE_5 object PABX_DATAMETRICA object-group AVAYA_EBT access-list MPLS_INTELIG_access_in extended permit ip object DUMAS-NAT-INT any access-list MPLS_INTELIG_access_in extended permit ip object CONNECT_LAN_INT object CONNECT_NAT_INT access-list MPLS_INTELIG_access_in extended permit ip object ACTIVE_DIRECTORY_INT object SIPCS_NAT_INT access-list MPLS_INTELIG_access_in extended permit object-group DM_INLINE_SERVICE_61 object FALCON object EXCHANGE access-list MPLS_INTELIG_access_in extended permit object-group DM_INLINE_SERVICE_41 object EXCHANGE object FALCON access-list MPLS_INTELIG_access_in extended permit object-group DM_INLINE_SERVICE_6 object INDRA-DUMAS object-group AVAYA_EBT access-list MPLS_INTELIG_access_in extended permit object-group DM_INLINE_SERVICE_30 any object-group DM_INLINE_NETWORK_19 access-list MPLS_INTELIG_access_in extended permit object-group DM_INLINE_SERVICE_29 object-group DM_INLINE_NETWORK_6 any access-list MPLS_INTELIG_access_in extended permit object-group DM_INLINE_SERVICE_24 object-group REDES-EXTERNAS object-group REDES-INTERNAS access-list MPLS_INTELIG_access_in extended permit ip object DUMAS-LAN-INT any access-list MPLS_INTELIG_access_in extended permit ip object ALGAR-TESTE object CLAN_AVAYA inactive access-list MPLS_INTELIG_access_in extended permit object-group DM_INLINE_SERVICE_26 object RIONEGRO_NETWORK_NAT any access-list MPLS_INTELIG_access_in extended permit object-group DM_INLINE_SERVICE_25 object RIONEGRO_NETWORK_TESTE any access-list TESA_access_in extended permit object HTTP2 any object SERVER-BATIMENTO access-list TESA_access_in extended permit tcp any object SERVIDOR_VPN eq pptp access-list TESA_access_in extended permit object HTTP1 any object Redmine access-list TESA_access_in extended permit tcp any object EXCHANGE object-group DM_INLINE_TCP_1 access-list TESA_access_in extended permit object-group DM_INLINE_SERVICE_1 any object DNS_EXTERNO_PRIMARIO access-list TESA_access_in remark REGRA DE ACESSO PARA SERVIDOR NTP INTERNO CONSULTAR SERVIODRES NTP EXTERNOS access-list TESA_access_in extended permit udp object-group SERVIDORES_NTP_EXTERNOS object SERVIDOR-NTP-INTERNO eq ntp inactive access-list TESA_access_in extended permit object HTTP4 any object SERVIDOR_PRTG access-list TESA_access_in extended permit tcp any object SERVIDOR-NTP-INTERNO object-group DM_INLINE_TCP_4 access-list TESA_access_in extended permit ip object DUMAS_NAT_EBT any access-list TESA_access_in extended permit ip object DUMAS-NAT-INT any access-list TESA_access_in extended permit object HTTP3 any object Redmine_Prev access-list TESA_access_in remark REGRA DE ACESSO PARA SERVIDOR NTP INTERNO CONSULTAR SERVIODRES NTP EXTERNOS access-list EBT_access_in extended permit object ALGAR_FRONTEND any object ALGAR2_FRONTEND inactive access-list EBT_access_in extended permit object ALGAR_FRONTEND any object ALGAR1_FRONTEND inactive access-list EBT_access_in extended permit object-group DM_INLINE_SERVICE_72 any host 10.209.8.33 access-list EBT_access_in extended permit object HTTP2 any object SERVER-BATIMENTO access-list EBT_access_in extended permit object-group DM_INLINE_SERVICE_11 any object SERVIDOR_VPN access-list EBT_access_in extended permit tcp any object SERVIDOR-NTP-INTERNO object-group DM_INLINE_TCP_3 access-list EBT_access_in extended permit object HTTP5 any object SERVIDOR-CACTI access-list EBT_access_in extended permit object HTTP4 any object SERVIDOR_PRTG access-list EBT_access_in extended permit object HTTP3 any object Redmine_Prev access-list EBT_access_in extended permit object HTTP1 any object Redmine access-list EBT_access_in extended permit object-group DM_INLINE_SERVICE_48 any object EXCHANGE access-list EBT_access_in extended permit object-group DM_INLINE_SERVICE_2 any object DNS_EXTERNO_PRIMARIO access-list EBT_access_in remark REGRA DE ACESSO PARA SERVIDOR NTP INTERNO CONSULTAR SERVIODRES NTP EXTERNOS access-list EBT_access_in extended permit udp object-group SERVIDORES_NTP_EXTERNOS object SERVIDOR-NTP-INTERNO eq ntp access-list EBT_access_in extended permit ip object DUMAS_NAT_EBT any access-list EBT_access_in extended permit ip object DUMAS-NAT-INT any access-list EBT_access_in extended permit object-group DM_INLINE_SERVICE_9 any object DNS_EXTERNO_SECUNDARIO access-list EBT_access_in remark REGRA DE ACESSO PARA SERVIDOR NTP INTERNO CONSULTAR SERVIODRES NTP EXTERNOS access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_15 object-group REDES-EXTERNAS-EBT object-group REDES-INTERNAS access-list MPLS_EBT_access_in extended permit ip object-group REDES-INTERNAS object FALCON-BO access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_3 object PABX_DATAMETRICA object-group AVAYA_EBT access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_21 object-group DM_INLINE_NETWORK_5 any access-list MPLS_EBT_access_in extended permit ip object CONNECT_LAN_EBT object CONNECT_NAT_EBT access-list MPLS_EBT_access_in extended permit ip object ACTIVE_DIRECTORY_EBT object AD_MPLS_DC access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_4 object INDRA-DUMAS object-group AVAYA_EBT access-list MPLS_EBT_access_in extended permit ip object ALGAR-TESTE object CLAN_AVAYA access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_14 host 10.209.35.25 any access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_38 object Right_Fax object VOIP_EXTERNO2 access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_35 host 172.19.240.241 any access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_23 object LAN-MPLS-EMBRATEL any access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_22 object RIONEGRO_NETWORK_NAT any access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_40 object VOIP_EXTERNO2 object Right_Fax access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_74 10.209.8.0 255.255.255.128 object-group DM_INLINE_NETWORK_13 access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_53 object SONICWALL-FW any access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_54 object-group DM_INLINE_NETWORK_10 any access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_55 any object-group DM_INLINE_NETWORK_17 access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_75 any any access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_33 object FALCON object EXCHANGE access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_39 object EXCHANGE object FALCON access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_66 object-group DM_INLINE_NETWORK_1 object EXCHANGE access-list MPLS_EBT_access_in extended permit object-group DM_INLINE_SERVICE_67 object EXCHANGE object-group DM_INLINE_NETWORK_20 access-list VPN_ACCCESS extended permit ip object DESKTOP-LEVEL3 any access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_27 object SONICWALL-FW object SERVIDORES-LEVEL3 access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_34 object SONICWALL-FW object DESKTOP-LEVEL3 access-list SONICWALL_access_in extended permit object HTTP1 any object Redmine access-list SONICWALL_access_in extended permit object HTTP2 any object SERVER-BATIMENTO access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_10 any object SERVIDOR_VPN access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_18 any object EXCHANGE access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_57 object EXCHANGE any access-list SONICWALL_access_in extended permit object HTTP3 any object Redmine_Prev access-list SONICWALL_access_in extended permit object HTTP4 any object SERVIDOR_PRTG access-list SONICWALL_access_in extended permit tcp any object SERVIDOR-NTP-INTERNO object-group DM_INLINE_TCP_6 access-list SONICWALL_access_in extended permit ip any object DUMAS_NAT_EBT access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_36 any object Servidor_GIS access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_37 any object BPOSRV-GIS_ALPHAVILLE_NAT access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_42 object BPOSRV-ZBX02 any access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_44 any object BPOSRV-ZBX02 access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_46 object SONICWALL-FW object-group DM_INLINE_NETWORK_8 access-list SONICWALL_access_in extended permit ip any object CONNECT-LAN access-list SONICWALL_access_in extended permit ip host 172.16.102.10 any access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_50 any object BPOSRV_OPNVPN access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_56 object EXCHANGE object SONICWALL-FW access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_58 object EXCHANGE object SONICWALL-FW access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_60 any interface SONICWALL access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_59 any object KASEYA_B access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_63 object KASEYA any inactive access-list SONICWALL_access_in extended permit ip any any access-list SONICWALL_access_in extended permit object-group DM_INLINE_SERVICE_76 any any access-list SONICWALL_access_in extended permit udp any 10.209.8.0 255.255.255.128 eq isakmp access-list INDRAVPN_splitTunnelAcl standard permit any4 access-list DESENVOLVEDORES extended permit tcp any object-group DM_INLINE_NETWORK_4 eq www access-list DESENVOLVEDORES extended permit object DNS_SERVICE_UDP any object ACTIVE-DIRECTORY-INSIDE access-list DESENVOLVEDORES extended permit object-group DM_INLINE_SERVICE_20 any object SERVER-BATIMENTO access-list DESENVOLVEDORES extended permit object-group DM_INLINE_SERVICE_77 any 10.209.8.0 255.255.255.128 access-list VPNCOC extended permit object-group DM_INLINE_SERVICE_16 any object FILE-SERVER access-list VPNCOC extended permit object-group DM_INLINE_SERVICE_17 any object CONNECT-LAN access-list VPNCOC extended permit object DNS_SERVICE_UDP any object ACTIVE-DIRECTORY-INSIDE access-list Desenv_Batimento extended permit object-group DM_INLINE_SERVICE_19 any object SERVER-BATIMENTO access-list MPLS_EBT_cryptomap extended permit object-group DM_INLINE_SERVICE_70 object-group DM_INLINE_NETWORK_9 object-group DM_INLINE_NETWORK_15 access-list MPLS_EBT_cryptomap extended permit object-group DM_INLINE_SERVICE_71 object-group DM_INLINE_NETWORK_22 10.209.8.0 255.255.255.128 access-list MPLS_INTELIG_cryptomap extended permit ip 10.209.8.0 255.255.255.128 object-group DM_INLINE_NETWORK_16 access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_52 any object SONICWALL-FW access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_51 object SONICWALL-FW any access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_49 any any access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_60 object SERVIDORES-LEVEL3 object-group REDES-INTERNAS-EBT access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_64 object SERVIDORES-LEVEL3 object-group REDES-EXTERNAS-EBT access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_65 object DESKTOP-LEVEL3 any access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_31 object SERVIDORES-LEVEL3 any access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_62 object LAN-MPLS-EMBRATEL any access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_32 object-group REDES-INTERNAS object-group DM_INLINE_NETWORK_18 access-list inside_access_in extended permit ip object-group REDES-INTERNAS object 10.192.195.132 access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_7 object DESKTOP-LEVEL3 object SONICWALL-FW access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_8 object ACTIVE-DIRECTORY-INSIDE object SONICWALL-FW access-list inside_access_in extended permit ip 10.209.14.0 255.255.255.128 any access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_73 10.209.14.0 255.255.255.128 10.209.42.0 255.255.255.192 access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_12 object VOIP_EXTERNO2 object Right_Fax_NAT access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_28 object Right_Fax object VOIP_EXTERNO2 access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_68 object EXCHANGE object-group DM_INLINE_NETWORK_2 nat (MPLS_EBT,LEVEL3) source dynamic DUMAS_NAT_EBT interface nat (MPLS_EBT,TESA) source dynamic DUMAS_NAT_EBT interface nat (MPLS_INTELIG,LEVEL3) source dynamic LAN-ROUTER-MPLS-INTELIG interface nat (MPLS_INTELIG,LEVEL3) source dynamic DUMAS-NAT-INT interface nat (TESA,inside) source static any any destination static interface Redmine_Prev service HTTP3 HTTP3 nat (MPLS_EBT,LEVEL3) source static any any destination static NETWORK_OBJ_10.209.12.0_25 NETWORK_OBJ_10.209.12.0_25 no-proxy-arp route-lookup nat (maneger,SONICWALL) source static any any destination static NETWORK_OBJ_10.209.14.0_28 NETWORK_OBJ_10.209.14.0_28 no-proxy-arp route-lookup nat (MPLS_EBT,SONICWALL) source static WIFI-DUMAS WIFI-DUMAS nat (inside,SONICWALL) source static any any destination static NETWORK_OBJ_10.209.14.16_28 NETWORK_OBJ_10.209.14.16_28 no-proxy-arp route-lookup nat (inside,SONICWALL) source static any any destination static NETWORK_OBJ_10.209.14.128_29 NETWORK_OBJ_10.209.14.128_29 no-proxy-arp route-lookup nat (inside,SONICWALL) source static any any destination static NETWORK_OBJ_10.209.14.136_29 NETWORK_OBJ_10.209.14.136_29 no-proxy-arp route-lookup nat (SONICWALL,SONICWALL) source static any any destination static NETWORK_OBJ_10.209.14.128_29 NETWORK_OBJ_10.209.14.128_29 no-proxy-arp route-lookup nat (SONICWALL,SONICWALL) source static any any destination static INTERNET_EBT INTERNET_EBT no-proxy-arp route-lookup nat (inside,SONICWALL) source static EXCHANGE EXCHANGE destination static DESKTOP-LEVEL3 DESKTOP-LEVEL3 no-proxy-arp route-lookup nat (MPLS_EBT,SONICWALL) source static RIONEGRO_NETWORK_NAT RIONEGRO_NETWORK_NAT nat (inside,MPLS_EBT) source static ACTIVE-DIRECTORY-INSIDE ACTIVE-DIRECTORY-INSIDE destination static NETWORK_OBJ_10.209.42.14 NETWORK_OBJ_10.209.42.14 no-proxy-arp route-lookup nat (MPLS_EBT,SONICWALL) source static RIONEGRO_NAT_EBT_TEMP RIONEGRO_NAT_EBT_TEMP nat (MPLS_INTELIG,SONICWALL) source static RIONEGRO_NAT_INT_TEMP RIONEGRO_NAT_INT_TEMP nat (MPLS_INTELIG,SONICWALL) source static RIONEGRO_NETWORK_NAT RIONEGRO_NETWORK_NAT nat (SONICWALL,inside) source static any any destination static interface Servidor_GIS service HTTP6 HTTP6 nat (inside,MPLS_EBT) source static SERVIDORES-LEVEL3 SERVIDORES-LEVEL3 destination static NETWORK_OBJ_10.209.42.0 NETWORK_OBJ_10.209.42.0 no-proxy-arp route-lookup nat (inside,MPLS_INTELIG) source static SERVIDORES-LEVEL3 SERVIDORES-LEVEL3 destination static NETWORK_OBJ_10.209.42.0 NETWORK_OBJ_10.209.42.0 no-proxy-arp route-lookup nat (inside,MPLS_INTELIG) source static NETWORK_OBJ_10.209.8.0_25 NETWORK_OBJ_10.209.8.0_25 no-proxy-arp route-lookup nat (inside,MPLS_INTELIG) source static NETWORK_OBJ_10.209.8.0_25 NETWORK_OBJ_10.209.8.0_25 destination static NETWORK_OBJ_10.209.42.0_26 NETWORK_OBJ_10.209.42.0_26 no-proxy-arp route-lookup nat (maneger,MPLS_EBT) source static NETWORK_OBJ_10.209.8.0_25 NETWORK_OBJ_10.209.8.0_25 destination static DM_INLINE_NETWORK_7 DM_INLINE_NETWORK_7 no-proxy-arp route-lookup nat (SONICWALL,MPLS_EBT) source static SONICWALL-FW SONICWALL-FW destination static HOST_BPOSRV_AD05_RN HOST_BPOSRV_AD05_RN nat (SONICWALL,maneger) source static SONICWALL-FW interface destination static HOST_BPOSRV_AD05_RN HOST_BPOSRV_AD05_RN nat (inside,MPLS_EBT) source static BPOSRV-ZBX02 BPOSRV-ZBX02 destination static NETWORK_OBJ_10.209.42.14 NETWORK_OBJ_10.209.42.14 no-proxy-arp nat (SONICWALL,maneger) source static SONICWALL-FW interface destination static HOST_RN_TEMP HOST_RN_TEMP nat (inside,SONICWALL) source static any any destination static NETWORK_OBJ_10.209.14.8_29 NETWORK_OBJ_10.209.14.8_29 no-proxy-arp route-lookup nat (inside,SONICWALL) source static SERVIDORES-LEVEL3 SERVIDORES-LEVEL3 destination static NETWORK_OBJ_10.209.14.8_29 NETWORK_OBJ_10.209.14.8_29 no-proxy-arp route-lookup nat (inside,SONICWALL) source static DM_INLINE_NETWORK_21 DM_INLINE_NETWORK_21 destination static NETWORK_OBJ_10.209.14.8_29 NETWORK_OBJ_10.209.14.8_29 no-proxy-arp route-lookup nat (inside,SONICWALL) source static DM_INLINE_NETWORK_23 DM_INLINE_NETWORK_23 destination static NETWORK_OBJ_10.209.14.8_29 NETWORK_OBJ_10.209.14.8_29 no-proxy-arp route-lookup nat (inside,SONICWALL) source static NETWORK_OBJ_10.209.8.0_25 NETWORK_OBJ_10.209.8.0_25 destination static NETWORK_OBJ_10.209.14.8_29 NETWORK_OBJ_10.209.14.8_29 no-proxy-arp route-lookup ! object network SERVIDOR-SNMP nat (MPLS_EBT,any) static SERVIDOR-SNMP-NAT-EBT object network SERVIDOR-SNMP-INT nat (MPLS_INTELIG,any) static SERVIDOR-SNMP-NAT-INT object network VPN-CISCO nat (any,any) static VPN-CISCO-NAT access-group MPLS_INTELIG_access_in in interface MPLS_INTELIG access-group MPLS_EBT_access_in in interface MPLS_EBT access-group DMZ_access_in in interface DMZ access-group SONICWALL_access_in in interface SONICWALL access-group TESA_access_in in interface TESA access-group EBT_access_in in interface LEVEL3 access-group inside_access_in in interface inside ! router rip ! router ospf 100 router-id 2.2.2.2 network 172.19.235.112 255.255.255.248 area 2 area 2 default-cost 20 log-adj-changes ! router ospf 90 router-id 1.1.1.1 network 172.19.235.96 255.255.255.248 area 2 area 2 default-cost 10 log-adj-changes ! route SONICWALL 0.0.0.0 0.0.0.0 10.209.8.254 10 route inside 10.209.8.0 255.255.255.128 10.209.14.3 1 route inside 10.209.8.14 255.255.255.255 10.209.14.3 1 route inside 10.209.8.128 255.255.255.192 10.209.14.3 1 route inside 10.209.8.192 255.255.255.192 10.209.14.3 1 route inside 10.209.9.0 255.255.255.0 10.209.14.3 1 route inside 10.209.10.0 255.255.255.0 10.209.14.3 1 route inside 10.209.12.0 255.255.255.128 10.209.14.3 1 route inside 10.209.13.0 255.255.255.0 10.209.14.3 1 route MPLS_EBT 10.209.40.0 255.255.255.0 172.19.235.102 1 route MPLS_EBT 10.209.41.0 255.255.255.0 172.19.235.102 1 route MPLS_EBT 10.209.42.0 255.255.255.192 172.19.235.102 1 route SONICWALL 192.168.80.0 255.255.255.0 10.209.8.254 1 timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy webvpn file-browsing enable file-entry enable http-proxy enable url-entry enable no user-identity enable user-identity default-domain LOCAL aaa authentication http console LOCAL aaa authentication serial console LOCAL aaa authentication ssh console LOCAL aaa authentication telnet console LOCAL aaa authorization command LOCAL http server enable http 192.168.1.0 255.255.255.0 maneger http 10.209.14.0 255.255.255.128 inside http 172.19.232.0 255.255.248.0 MPLS_EBT http 172.19.232.0 255.255.248.0 MPLS_INTELIG http 172.19.240.0 255.255.248.0 MPLS_INTELIG http 172.19.240.0 255.255.248.0 MPLS_EBT http 10.209.8.0 255.255.255.128 inside snmp-server group snmpindra v3 priv snmp-server user snmpindra snmpindra v3 encrypted auth md5 01:c3:19:d0:c0:76:d8:ca:0a:40:72:37:57:91:6e:4c priv aes 128 87:e0:41:e6:57:21:26:ea:35:5b:b3:2c:df:41:e9:bc snmp-server host maneger 10.209.8.11 community ***** version 2c no snmp-server location no snmp-server contact snmp-server community ***** snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart snmp-server enable traps syslog snmp-server enable traps ipsec start stop snmp-server enable traps entity config-change fru-insert fru-remove snmp-server enable traps memory-threshold snmp-server enable traps interface-threshold snmp-server enable traps remote-access session-threshold-exceeded snmp-server enable traps connection-limit-reached snmp-server enable traps cpu threshold rising snmp-server enable traps ikev2 start stop snmp-server enable traps nat packet-discard crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS esp-aes esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS esp-des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transport crypto ipsec ikev2 ipsec-proposal AES256 protocol esp encryption aes-256 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES192 protocol esp encryption aes-192 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES protocol esp encryption aes protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal 3DES protocol esp encryption 3des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal DES protocol esp encryption des protocol esp integrity sha-1 md5 crypto ipsec security-association pmtu-aging infinite crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-192-SHA ESP-AES-256-SHA ESP-3DES-SHA ESP-DES-SHA ESP-AES-128-SHA-TRANS ESP-AES-192-SHA-TRANS ESP-AES-256-SHA-TRANS ESP-3DES-SHA-TRANS ESP-DES-SHA-TRANS crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES crypto map EBT_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map EBT_map interface LEVEL3 crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map inside_map interface maneger crypto map SONICWALL_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map SONICWALL_map interface SONICWALL crypto map MPLS_EBT_map 1 match address MPLS_EBT_cryptomap crypto map MPLS_EBT_map 1 set peer 172.19.235.225 crypto map MPLS_EBT_map 1 set ikev1 transform-set ESP-DES-SHA ESP-DES-MD5 crypto map MPLS_EBT_map 1 set ikev2 ipsec-proposal DES 3DES AES AES192 AES256 crypto map MPLS_EBT_map interface MPLS_EBT crypto map MPLS_INTELIG_map 1 match address MPLS_INTELIG_cryptomap crypto map MPLS_INTELIG_map 1 set pfs crypto map MPLS_INTELIG_map 1 set peer 172.19.235.225 crypto map MPLS_INTELIG_map 1 set ikev1 transform-set ESP-DES-SHA ESP-DES-MD5 crypto map MPLS_INTELIG_map 1 set ikev2 ipsec-proposal DES 3DES AES AES192 AES256 crypto map MPLS_INTELIG_map interface MPLS_INTELIG crypto map inside_map0 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map inside_map0 interface inside crypto ca trustpoint ASDM_TrustPoint0 enrollment terminal subject-name CN=vpn.indrabrasilbpo.com crl configure crypto ca trustpoint Desenvolvimento_Contabil enrollment self subject-name CN=ASA-INDRA crl configure crypto ca trustpool policy crypto ikev2 policy 1 encryption des integrity sha group 2 prf sha lifetime seconds 86400 crypto ikev2 policy 2 encryption des integrity sha group 2 prf sha lifetime seconds 86400 crypto ikev2 policy 3 encryption des integrity sha group 2 prf sha lifetime seconds 86400 crypto ikev2 policy 4 encryption des integrity sha group 2 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 enable MPLS_INTELIG crypto ikev2 enable MPLS_EBT crypto ikev2 enable SONICWALL crypto ikev2 enable maneger crypto ikev1 enable MPLS_INTELIG crypto ikev1 enable MPLS_EBT crypto ikev1 enable SONICWALL crypto ikev1 enable maneger crypto ikev1 enable inside crypto ikev1 policy 1 authentication pre-share encryption des hash sha group 2 lifetime 86400 crypto ikev1 policy 2 authentication crack encryption des hash sha group 2 lifetime 86400 telnet timeout 5 ssh 172.19.240.0 255.255.248.0 MPLS_INTELIG ssh 172.19.232.0 255.255.248.0 MPLS_EBT ssh 10.209.8.0 255.255.255.128 inside ssh timeout 5 console timeout 0 threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ntp server 10.209.8.23 tftp-server inside 10.209.8.60 asa911-k8.bin webvpn enable MPLS_INTELIG enable MPLS_EBT enable SONICWALL enable inside tunnel-group-list enable group-policy Desenv_Contabil internal group-policy Desenv_Contabil attributes dns-server value 10.209.8.14 vpn-filter value INDRAVPN_splitTunnelAcl vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless split-tunnel-network-list value Desenv_Batimento default-domain none group-policy DfltGrpPolicy attributes group-policy GroupPolicy_172.19.235.225 internal group-policy GroupPolicy_172.19.235.225 attributes vpn-tunnel-protocol ikev1 ikev2 group-policy VPN_RN internal group-policy VPN_RN attributes dns-server value 10.209.8.14 vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless split-tunnel-policy tunnelspecified split-tunnel-network-list value VPN_RN_splitTunnelAcl default-domain value INDRA group-policy VPN_TESTE internal group-policy VPN_TESTE attributes dns-server value 10.209.8.14 vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-client ssl-clientless default-domain value INDRABRASILBPO group-policy VPNTESTE internal group-policy VPNTESTE attributes dns-server value 10.209.8.14 8.8.8.8 vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless group-policy VPN_DC_TESTE internal group-policy VPN_DC_TESTE attributes dns-server value 10.209.8.14 10.209.42.20 vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless default-domain value indrabrasilbpo.local group-policy INDRABPOPROD internal group-policy INDRABPOPROD attributes dns-server value 10.209.8.14 vpn-filter value inside_access_in vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless split-tunnel-policy tunnelall default-domain value INDRABRASILBPO webvpn url-list none group-policy INDRABPODES internal group-policy INDRABPODES attributes dns-server value 10.209.8.14 vpn-filter value DESENVOLVEDORES vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless split-tunnel-network-list value DESENVOLVEDORES default-domain value INDRABRASILBPO group-policy INDRABPOCOC internal group-policy INDRABPOCOC attributes dns-server value 10.209.8.14 vpn-filter value VPNCOC vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless split-tunnel-network-list value VPNCOC default-domain value INDRABRASILBPO group-policy INDRABPOBI internal group-policy INDRABPOBI attributes dns-server value 10.209.8.14 vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless default-domain value indrabrasilbpo group-policy cisco internal group-policy cisco attributes vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless address-pools value DESENVOLVEDORES username aramosd password privilege 15 username aramosd attributes service-type admin username pdabsb password username pdabsb attributes group-lock value INDRABPODES service-type remote-access username eqpdesbat password username eqpdesbat attributes group-lock value Desenv_Contabil service-type remote-access username minutrade password username minutrade attributes service-type remote-access username admin password username fswindra password username fswindra attributes group-lock value INDRABPODES service-type remote-access username dbbueno password privilege 15 username wamatos password username jpvieira password username mantonios password username mantonios attributes group-lock value INDRABPODES service-type admin username alfferreira password username jgomesg password privilege 0 username jgomesg attributes vpn-group-policy INDRABPOBI service-type remote-access username alaham password username alaham attributes service-type admin username rloliveirai password username rloliveirai attributes service-type remote-access tunnel-group DefaultRAGroup general-attributes address-pool INSIDE_INDRA tunnel-group DefaultRAGroup ipsec-attributes ikev1 pre-shared-key ***** tunnel-group DefaultRAGroup ppp-attributes authentication pap authentication ms-chap-v2 authentication eap-proxy tunnel-group INDRABPOPROD type remote-access tunnel-group INDRABPOPROD general-attributes address-pool INSIDE_INDRA default-group-policy INDRABPOPROD nat-assigned-to-public-ip inside tunnel-group INDRABPOPROD ipsec-attributes ikev1 pre-shared-key ***** tunnel-group INDRABPOPROD ppp-attributes authentication pap authentication ms-chap-v2 authentication eap-proxy tunnel-group INDRABPODES type remote-access tunnel-group INDRABPODES general-attributes address-pool DESENVOLVEDORES default-group-policy INDRABPODES tunnel-group INDRABPODES ipsec-attributes ikev1 pre-shared-key ***** tunnel-group INDRABPOCOC type remote-access tunnel-group INDRABPOCOC general-attributes address-pool VPNCOC default-group-policy INDRABPOCOC tunnel-group INDRABPOCOC ipsec-attributes ikev1 pre-shared-key ***** tunnel-group INDRABPOBI type remote-access tunnel-group INDRABPOBI general-attributes address-pool VPNCOC default-group-policy INDRABPOBI tunnel-group INDRABPOBI ipsec-attributes ikev1 pre-shared-key ***** tunnel-group 172.19.235.225 type ipsec-l2l tunnel-group 172.19.235.225 general-attributes default-group-policy GroupPolicy_172.19.235.225 tunnel-group 172.19.235.225 ipsec-attributes ikev1 pre-shared-key ***** ikev2 remote-authentication pre-shared-key ***** ikev2 local-authentication pre-shared-key ***** tunnel-group Desenv_Contabil type remote-access tunnel-group Desenv_Contabil general-attributes address-pool VPNCOC default-group-policy Desenv_Contabil tunnel-group Desenv_Contabil ipsec-attributes ikev1 pre-shared-key ***** tunnel-group VPN_TESTE type remote-access tunnel-group VPN_TESTE general-attributes address-pool INSIDE_INDRA default-group-policy VPN_TESTE tunnel-group VPN_TESTE ipsec-attributes ikev1 pre-shared-key ***** tunnel-group VPNTESTE type remote-access tunnel-group VPNTESTE general-attributes address-pool INSIDE_INDRA default-group-policy VPNTESTE tunnel-group VPNTESTE ipsec-attributes ikev1 pre-shared-key ***** tunnel-group VPN_DC_TESTE type remote-access tunnel-group VPN_DC_TESTE general-attributes address-pool INSIDE_INDRA default-group-policy VPN_DC_TESTE tunnel-group VPN_DC_TESTE ipsec-attributes ikev1 pre-shared-key ***** tunnel-group VPN_RN type remote-access tunnel-group VPN_RN general-attributes address-pool INSIDE_INDRA default-group-policy VPN_RN tunnel-group VPN_RN ipsec-attributes ikev1 pre-shared-key ***** tunnel-group cisco type remote-access tunnel-group cisco general-attributes address-pool INSIDE_INDRA tunnel-group cisco ipsec-attributes ikev1 pre-shared-key ***** tunnel-group ciscoteste type remote-access tunnel-group ciscoteste general-attributes address-pool INSIDE_INDRA tunnel-group ciscoteste ipsec-attributes ikev1 pre-shared-key ***** tunnel-group cisco1 type remote-access tunnel-group cisco1 general-attributes address-pool INSIDE_INDRA default-group-policy INDRABPOPROD tunnel-group cisco1 ipsec-attributes ikev1 pre-shared-key ***** ! class-map inspection_default match default-inspection-traffic class-map inspeciton_default ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options inspect icmp inspect pptp inspect icmp error inspect snmp ! service-policy global_policy global privilege cmd level 3 mode exec command perfmon privilege cmd level 5 mode exec command dir privilege cmd level 3 mode exec command ping privilege cmd level 3 mode exec command who privilege cmd level 3 mode exec command logging privilege cmd level 3 mode exec command failover privilege cmd level 3 mode exec command vpn-sessiondb privilege cmd level 3 mode exec command packet-tracer privilege cmd level 5 mode exec command export privilege show level 5 mode exec command import privilege show level 5 mode exec command running-config privilege show level 3 mode exec command reload privilege show level 3 mode exec command mode privilege show level 3 mode exec command firewall privilege show level 3 mode exec command asp privilege show level 3 mode exec command cpu privilege show level 3 mode exec command interface privilege show level 3 mode exec command clock privilege show level 3 mode exec command dns-hosts privilege show level 3 mode exec command access-list privilege show level 3 mode exec command logging privilege show level 3 mode exec command vlan privilege show level 3 mode exec command ip privilege show level 3 mode exec command failover privilege show level 3 mode exec command asdm privilege show level 3 mode exec command arp privilege show level 3 mode exec command ipv6 privilege show level 3 mode exec command route privilege show level 3 mode exec command ospf privilege show level 3 mode exec command aaa-server privilege show level 3 mode exec command aaa privilege show level 3 mode exec command eigrp privilege show level 3 mode exec command crypto privilege show level 3 mode exec command ssh privilege show level 3 mode exec command vpn-sessiondb privilege show level 3 mode exec command vpn privilege show level 3 mode exec command dhcpd privilege show level 3 mode exec command blocks privilege show level 3 mode exec command wccp privilege show level 3 mode exec command dynamic-filter privilege show level 3 mode exec command webvpn privilege show level 3 mode exec command service-policy privilege show level 3 mode exec command module privilege show level 3 mode exec command uauth privilege show level 3 mode exec command compression privilege show level 3 mode configure command interface privilege show level 3 mode configure command clock privilege show level 3 mode configure command access-list privilege show level 3 mode configure command logging privilege show level 3 mode configure command ip privilege show level 3 mode configure command failover privilege show level 5 mode configure command asdm privilege show level 3 mode configure command arp privilege show level 3 mode configure command route privilege show level 3 mode configure command aaa-server privilege show level 3 mode configure command aaa privilege show level 3 mode configure command crypto privilege show level 3 mode configure command ssh privilege show level 3 mode configure command dhcpd privilege show level 5 mode configure command privilege privilege clear level 3 mode exec command dns-hosts privilege clear level 3 mode exec command logging privilege clear level 3 mode exec command arp privilege clear level 3 mode exec command aaa-server privilege clear level 3 mode exec command crypto privilege clear level 3 mode exec command dynamic-filter privilege cmd level 3 mode configure command failover privilege clear level 3 mode configure command logging privilege clear level 3 mode configure command arp privilege clear level 3 mode configure command crypto privilege clear level 3 mode configure command aaa-server prompt hostname context no call-home reporting anonymous call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email callhome@cisco.com destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily Cryptochecksum:d3b6c1c25f8f481a4a9ebd97c4a3d00e : end Cannot open disk0:/csco_config/97/bookmarks/index.ini ------------------ more disk0:/sdesktop/data.xml ------------------ ------------------ more disk0:/dap.xml ------------------ ------------------ show startup-config errors ------------------ Reading from flash... !!!!!!!!!!!!!!WARNING: BOOT variable added, but unable to find disk0:/asdm-645.bin *** Output from config line 90, "boot system disk0:/asdm-..." WARNING: All traffic destined to the IP address of the inside interface is being redirected. WARNING: Users may not be able to access any service enabled on the inside interface. *** Output from config line 1311, "nat (SONICWALL,inside) s..." WARNING: All traffic destined to the IP address of the inside interface is being redirected. WARNING: Users may not be able to access any service enabled on the inside interface. *** Output from config line 1313, "nat (SONICWALL,inside) s..." ERROR: Configuration request for SNMP group snmpindra failed. User snmpindra references group intended for removal. ERROR: Configuration request for SNMP group snmpindra failed. User snmpindra references group intended for removal. ERROR: Configuration request for SNMP group snmpindra failed. User snmpindra references group intended for removal. ERROR: Configuration request for SNMP group snmpindra failed. User snmpindra references group intended for removal. *** Output from config line 1385, "snmp-server community sn..." ------------------ console logs ------------------ Message #1 : Message #2 : Total SSMs found: 0 Message #3 : Total NICs found: 7 Message #4 : mcwa Message #5 : i82557 Ethernet at irq 11Message #6 : MAC: 5475.d026.e0e8 Message #7 : mcwa Message #8 : i82557 Ethernet at irq 5Message #9 : MAC: 0000.0001.0001 Message #10 : i82547GI rev00 Gigabit Ethernet @ irq11 dev 1 index 05Message #11 : MAC: 0000.0001.0002 Message #12 : i82546GB rev03 Gigabit Ethernet @ irq09 dev 2 index 03Message #13 : MAC: 5475.d026.e0e7 Message #14 : i82546GB rev03 Gigabit Ethernet @ irq09 dev 2 index 02Message #15 : MAC: 5475.d026.e0e6 Message #16 : i82546GB rev03 Gigabit Ethernet @ irq09 dev 3 index 01Message #17 : MAC: 5475.d026.e0e5 Message #18 : i82546GB rev03 Gigabit Ethernet @ irq09 dev 3 index 00Message #19 : MAC: 5475.d026.e0e4 Message #20 : Verify the activation-key, it might take a while... Message #21 : Running Permanent Message #22 : Activation Key: Message #23 : 0xf8204668 Message #24 : 0xe81efec9 Message #25 : 0x08e16dc4 Message #26 : 0xbe58fc04 Message #27 : 0xcd24d191 Message #28 : Message #29 : Licensed Message #30 : features for this platform: Message #31 : Maximum Physical Interfaces : Unlimited perpetual Message #32 : Maximum VLANs : 200 perpetual Message #33 : Inside Hosts : Unlimited perpetual Message #34 : Failover : Active/Active perpetual Message #35 : Encryption-DES : Enabled perpetual Message #36 : Encryption-3DES-AES : Enabled perpetual Message #37 : Security Contexts : 2 perpetual Message #38 : GTP/GPRS : Disabled perpetual Message #39 : AnyConnect Premium Peers : 2 perpetual Message #40 : AnyConnect Essentials : Disabled perpetual Message #41 : Other VPN Peers : 5000 perpetual Message #42 : Total VPN Peers : 5000 perpetual Message #43 : Shared License : Disabled perpetual Message #44 : AnyConnect for Mobile : Disabled perpetual Message #45 : AnyConnect for Cisco VPN Phone : Disabled perpetual Message #46 : Advanced Endpoint Assessment : Disabled perpetual Message #47 : UC Phone Proxy Sessions : 2 perpetual Message #48 : Total UC Proxy Sessions : 2 perpetual Message #49 : Botnet Traffic Filter : Disabled perpetual Message #50 : Intercompany Media Engine : Disabled perpetual Message #51 : Cluster : Enabled perpetual Message #52 : This platform has an ASA 5540 VPN Premium license. Message #53 : Message #54 : Encryption hardware device : Cisco ASA-55xx on-board accelerator (revision 0x0) Message #55 : Boot microcode : CN1000-MC-BOOT-2.00 Message #56 : SSL/IKE microcode : CNLite-MC-SSLm-PLUS-2.03 Message #57 : IPSec microcode : CNlite-MC-IPSECm-MAIN-2.08 Message #58 : Cisco Adaptive Security Appliance Software Version 9.1(1) Message #59 : Message #60 : ****************************** Warning ******************************* Message #61 : This product contains cryptographic features and is Message #62 : subject to United States and local country laws Message #63 : governing, import, export, transfer, and use. Message #64 : Delivery of Cisco cryptographic products does not Message #65 : imply third-party authority to import, export, Message #66 : distribute, or use encryption. Importers, exporters, Message #67 : distributors and users are responsible for compliance Message #68 : with U.S. and local country laws. By using this Message #69 : product you agree to comply with applicable laws and Message #70 : regulations. If you are unable to comply with U.S. Message #71 : and local laws, return the enclosed items immediately. Message #72 : Message #73 : A summary of U.S. laws governing Cisco cryptographic Message #74 : products may be found at: Message #75 : http://www.cisco.com/wwl/export/crypto/tool/stqrg.html Message #76 : Message #77 : If you require further assistance please contact us by Message #78 : sending email to export@cisco.com. Message #79 : ******************************* Warning ******************************* Message #80 : Message #81 : This product includes software developed by the OpenSSL Project Message #82 : for use in the OpenSSL Toolkit (http://www.openssl.org/) Message #83 : Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) Message #84 : All rights reserved. Message #85 : Copyright (c) 1998-2011 The OpenSSL Project. Message #86 : All rights reserved. Message #87 : This product includes software developed at the University of Message #88 : California, Irvine for use in the DAV Explorer project Message #89 : (http://www.ics.uci.edu/~webdav/) Message #90 : Copyright (c) 1999-2005 Regents of the University of California. Message #91 : All rights reserved. Message #92 : Busybox, version 1.16.1, Copyright (C) 1989, 1991 Free Software Foundation, Inc. Message #93 : 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Message #94 : Busybox comes with ABSOLUTELY NO WARRANTY. Message #95 : This is free software, and you are welcome to redistribute it under the General Message #96 : Public License v.2 (http://www.gnu.org/licenses/gpl-2.0.html) Message #97 : See User Manual (''Licensing'') for details. Message #98 : DOSFSTOOLS, version 2.11, Copyright (C) 1989, 1991 Free Software Foundation, Inc. Message #99 : 59 Temple Place, Suite 330, Boston, MA 02111-1307 Message #100 : 675 Mass Ave, Cambridge, MA 02139 Message #101 : DOSFSTOOLS comes with ABSOLUTELY NO WARRANTY. Message #102 : This is free software, and you are welcome to redistribute it under the General Message #103 : Public License v.2 (http://www.gnu.org/licenses/gpl-2.0.html) Message #104 : See User Manual (''Licensing'') for details. Message #105 : grub, version 0.94, Copyright (C) 1989, 1991 Free Software Foundation, Inc. Message #106 : 59 Temple Place, Suite 330, Boston, MA 02111-1307 Message #107 : grub comes with ABSOLUTELY NO WARRANTY. Message #108 : This is free software, and you are welcome to redistribute it under the General Message #109 : Public License v.2 (http://www.gnu.org/licenses/gpl-2.0.html) Message #110 : See User Manual (''Licensing'') for details. Message #111 : libgcc, version 4.3, Copyright (C) 2007 Free Software Foundation, Inc. Message #112 : libgcc comes with ABSOLUTELY NO WARRANTY. Message #113 : This is free software, and you are welcome to redistribute it under the General Message #114 : Public License v.2 (http://www.gnu.org/licenses/gpl-2.0.html) Message #115 : See User Manual (''Licensing'') for details. Message #116 : libstdc++, version 4.3, Copyright (C) 2007 Free Software Foundation, Inc. Message #117 : libstdc++ comes with ABSOLUTELY NO WARRANTY. Message #118 : This is free software, and you are welcome to redistribute it under the General Message #119 : Public License v.2 (http://www.gnu.org/licenses/gpl-2.0.html) Message #120 : See User Manual (''Licensing'') for details. Message #121 : Linux kernel, version 2.6.29.6, Copyright (C) 1989, 1991 Free Software Message #122 : Foundation, Inc. Message #123 : 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Message #124 : Linux kernel comes with ABSOLUTELY NO WARRANTY. Message #125 : This is free software, and you are welcome to redistribute it under the General Message #126 : Public License v.2 (http://www.gnu.org/licenses/gpl-2.0.html) Message #127 : See User Manual (''Licensing'') for details. Message #128 : module-init-tools, version 3.10, Copyright (C) 1989, 1991 Free Software Message #129 : Foundation, Inc. Message #130 : 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Message #131 : module-init-tools comes with ABSOLUTELY NO WARRANTY. Message #132 : This is free software, and you are welcome to redistribute it under the General Message #133 : Public License v.2 (http://www.gnu.org/licenses/gpl-2.0.html) Message #134 : See User Manual (''Licensing'') for details. Message #135 : numactl, version 2.0.3, Copyright (C) 2008 SGI. Message #136 : Author: Andi Kleen, SUSE Labs Message #137 : Version 2.0.0 by Cliff Wickman, Chritopher Lameter and Lee Schermerhorn Message #138 : numactl comes with ABSOLUTELY NO WARRANTY. Message #139 : This is free software, and you are welcome to redistribute it under the General Message #140 : Public License v.2 (http://www.gnu.org/licenses/gpl-2.0.html) Message #141 : See User Manual (''Licensing'') for details. Message #142 : pciutils, version 3.1.4, Copyright (C) 1989, 1991 Free Software Foundation, Inc. Message #143 : 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Message #144 : pciutils comes with ABSOLUTELY NO WARRANTY. Message #145 : This is free software, and you are welcome to redistribute it under the General Message #146 : Public License v.2 (http://www.gnu.org/licenses/gpl-2.0.html) Message #147 : See User Manual (''Licensing'') for details. Message #148 : readline, version 5.2, Copyright (C) 1989, 1991 Free Software Foundation, Inc. Message #149 : 59 Temple Place, Suite 330, Boston, MA 02111 USA Message #150 : readline comes with ABSOLUTELY NO WARRANTY. Message #151 : This is free software, and you are welcome to redistribute it under the General Message #152 : Public License v.2 (http://www.gnu.org/licenses/gpl-2.0.html) Message #153 : See User Manual (''Licensing'') for details. Message #154 : udev, version 146, Copyright (C) 1989, 1991 Free Software Foundation, Inc. Message #155 : 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Message #156 : udev comes with ABSOLUTELY NO WARRANTY. Message #157 : This is free software, and you are welcome to redistribute it under the General Message #158 : Public License v.2 (http://www.gnu.org/licenses/gpl-2.0.html) Message #159 : See User Manual (''Licensing'') for details. Message #160 : Cisco Adapative Security Appliance Software, version 9.1, Message #161 : Copyright (c) 1996-2012 by Cisco Systems, Inc. Message #162 : Certain components of Cisco ASA Software, Version 9.1 are licensed under the GNU Message #163 : Lesser Public License (LGPL) Version 2.1. The software code licensed under LGPL Message #164 : Version 2.1 is free software that comes with ABSOLUTELY NO WARRANTY. You can Message #165 : redistribute and/or modify such LGPL code under the terms of LGPL Version 2.1 Message #166 : (http://www.gnu.org/licenses/lgpl-2.1.html). See User Manual for licensing Message #167 : details. Message #168 : Restricted Rights Legend Message #169 : Use, duplication, or disclosure by the Government is Message #170 : subject to restrictions as set forth in subparagraph Message #171 : (c) of the Commercial Computer Software - Restricted Message #172 : Rights clause at FAR sec. 52.227-19 and subparagraph Message #173 : (c) (1) (ii) of the Rights in Technical Data and Computer Message #174 : Software clause at DFARS sec. 252.227-7013. Message #175 : Cisco Systems, Inc. Message #176 : 170 West Tasman Drive Message #177 : San Jose, California 95134-1706 Message #178 : snmp_write(): error generating IPSec Flow Start trap