pixfirewall# sh run
: Saved
:
PIX Version 7.1(2) 
!
hostname pixfirewall
enable password 2KFQnbNIdI.2KYOU encrypted
names
!
interface Ethernet0
 nameif outside
 security-level 0
 ip address 192.168.254.171 255.255.255.0 
!
interface Ethernet1
 nameif inside
 security-level 100
 ip address 10.10.10.1 255.255.255.0 
!
passwd 2KFQnbNIdI.2KYOU encrypted
boot system flash:/pix712.bin
ftp mode passive
access-list nat0 extended permit ip 10.10.10.0 255.255.255.0 10.9.0.0 255.255.255.0 
access-list nat-out extended permit ip 10.9.0.0 255.255.255.0 any 
access-list nat0-out extended permit ip 10.9.0.0 255.255.255.0 192.168.254.0 255.255.255.0 
pager lines 24
logging enable
logging timestamp
logging buffered informational
mtu outside 1500
mtu inside 1500
ip local pool ROBERT-POOL 10.9.0.150-10.9.0.160 mask 255.255.255.0
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (outside) 0 access-list nat0-out
nat (outside) 1 access-list nat-out outside
nat (inside) 0 access-list nat0
route outside 0.0.0.0 0.0.0.0 192.168.254.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
group-policy Robert-GP internal
group-policy Robert-GP attributes
 dns-server value 8.8.8.8
 vpn-tunnel-protocol IPSec 
username cisco password 3USUcOPFUiMCO4Jk encrypted privilege 15
username robert password yXUoa8oHzS0Ncp2O encrypted
username robert attributes
 vpn-group-policy Robert-GP
aaa authentication ssh console LOCAL 
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set MYSET esp-3des esp-md5-hmac 
crypto dynamic-map DYN1 1 set transform-set MYSET
crypto map MYMAP 1 ipsec-isakmp dynamic DYN1
crypto map MYMAP interface outside
isakmp enable outside
isakmp policy 1 authentication pre-share
isakmp policy 1 encryption 3des
isakmp policy 1 hash sha
isakmp policy 1 group 2
isakmp policy 1 lifetime 43200
isakmp nat-traversal  30
tunnel-group ROBERT-GROUP type ipsec-ra
tunnel-group ROBERT-GROUP general-attributes
 address-pool ROBERT-POOL
 default-group-policy Robert-GP
tunnel-group ROBERT-GROUP ipsec-attributes
 pre-shared-key *
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 60
ssh version 2
console timeout 0
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map global_policy
 class inspection_default
  inspect dns maximum-length 512 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect netbios 
  inspect rsh 
  inspect rtsp 
  inspect skinny 
  inspect esmtp 
  inspect sqlnet 
  inspect sunrpc 
  inspect tftp 
  inspect sip 
  inspect xdmcp 
  inspect http 
  inspect icmp 
!
service-policy global_policy global
ssl encryption rc4-md5
Cryptochecksum:7351e447f85b5948361b649183a9c53d
: end
pixfirewall#