sh run

: Saved

:

ASA Version 7.2(3) 

!

hostname ciscoasa

enable password 8Ry2YjIyt7RRXU24 encrypted

names

!

interface GigabitEthernet0/0

 nameif outside

 security-level 0

 ip address 192.168.10.1 255.255.255.252 

!

interface GigabitEthernet0/1

 nameif inside

 security-level 100

 ip address 10.20.10.21 255.255.0.0 

!

interface GigabitEthernet0/2

 shutdown

 no nameif

 no security-level

 no ip address

!

interface GigabitEthernet0/3

<--- More --->
              
 shutdown

 no nameif

 no security-level

 no ip address

!

interface Management0/0

 shutdown

 no nameif

 no security-level

 no ip address

!

passwd 2KFQnbNIdI.2KYOU encrypted

ftp mode passive

same-security-traffic permit intra-interface

access-list 110 extended permit icmp any any 

access-list 110 extended permit ip any any 

access-list 110 extended permit tcp any any 

pager lines 24

mtu outside 1500

mtu inside 1500

no failover

icmp unreachable rate-limit 1 burst-size 1

icmp permit any outside

icmp permit any echo-reply outside

<--- More --->
              
icmp permit any echo outside

icmp permit any inside

icmp permit any echo inside

icmp permit any echo-reply inside

no asdm history enable

arp timeout 14400

access-group 110 in interface inside

route outside 0.0.0.0 0.0.0.0 192.168.10.2 1

route inside 10.0.0.0 255.0.0.0 10.20.2.10 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout uauth 0:05:00 absolute

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet 10.0.0.0 255.0.0.0 inside

telnet timeout 5

ssh timeout 5

console timeout 0

!

<--- More --->
              
class-map inspection_default

 match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

 parameters

  message-length maximum 512

policy-map global_policy

 class inspection_default

  inspect dns preset_dns_map 

  inspect ftp 

  inspect h323 h225 

  inspect h323 ras 

  inspect netbios 

  inspect rsh 

  inspect rtsp 

  inspect skinny 

  inspect esmtp 

  inspect sqlnet 

  inspect sunrpc 

  inspect tftp 

  inspect sip 

  inspect xdmcp 

  inspect http 

<--- More --->
              
!

service-policy global_policy global

prompt hostname context 

Cryptochecksum:cd16fb097723ed738b83bf2ae99541d2

: end


ciscoasa#    sh xlate

0 in use, 0 most used


ciscoasa# sh nat


NAT policies on Interface inside:

  match ip inside 10.0.0.0 255.0.0.0 outside any

    dynamic translation to pool 1 (116.214.31.119)

    translate_hits = 0, untranslate_hits = 0

  match ip inside 10.0.0.0 255.0.0.0 inside any

    dynamic translation to pool 1 (No matching global)

    translate_hits = 0, untranslate_hits = 0


ciscoasa#