: Saved : : Serial Number: JAD242301T9 : Hardware: ASA5506, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores) : Written by Backup at 19:25:26.482 CET Sat Nov 28 2020 ! ASA Version 9.8(2) ! terminal width 200 hostname ASA33 enable password [XXXXX] xlate per-session deny tcp any4 any4 xlate per-session deny tcp any4 any6 xlate per-session deny tcp any6 any4 xlate per-session deny tcp any6 any6 xlate per-session deny udp any4 any4 eq domain xlate per-session deny udp any4 any6 eq domain xlate per-session deny udp any6 any4 eq domain xlate per-session deny udp any6 any6 eq domain names ! interface GigabitEthernet1/1 nameif outside security-level 0 ip address 172.16.33.2 255.255.255.0 ! interface GigabitEthernet1/2 nameif inside security-level 100 ip address 172.16.34.2 255.255.255.0 ! interface GigabitEthernet1/3 shutdown no nameif no security-level no ip address ! interface GigabitEthernet1/4 shutdown no nameif no security-level no ip address ! interface GigabitEthernet1/5 shutdown no nameif no security-level no ip address ! interface GigabitEthernet1/6 shutdown no nameif no security-level no ip address ! interface GigabitEthernet1/7 shutdown no nameif no security-level no ip address ! interface GigabitEthernet1/8 shutdown no nameif no security-level no ip address ! interface Management1/1 management-only no nameif no security-level no ip address ! ftp mode passive clock timezone CET 1 clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 2:00 object network IN-NET subnet 172.16.34.0 255.255.255.0 object service DhcpDiscovery service tcp destination range 0 65535 object network DATA subnet 172.16.31.0 255.255.255.0 object network MGT subnet 172.16.32.0 255.255.255.0 object network DC host 172.16.93.33 object-group network DM_INLINE_NETWORK_1 network-object object DATA network-object object MGT object-group network DM_INLINE_NETWORK_2 network-object object DATA network-object object MGT object-group network DM_INLINE_NETWORK_3 network-object object DATA network-object object MGT access-list outside_access_in extended permit icmp 172.16.33.0 255.255.255.0 172.16.34.0 255.255.255.0 access-list outside_access_in extended permit udp host 172.16.33.1 object DATA eq bootps access-list outside_access_in extended permit icmp object DC object-group DM_INLINE_NETWORK_1 access-list outside_access_in extended permit tcp object DC object-group DM_INLINE_NETWORK_2 eq ssh access-list outside_access_in extended permit udp object DC object-group DM_INLINE_NETWORK_3 eq snmp pager lines 24 logging enable logging timestamp logging trap warnings logging asdm informational logging device-id string ASA33 logging host outside 172.16.93.33 logging debug-trace mtu inside 1500 mtu outside 1500 icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 no arp permit-nonconnected arp rate-limit 16384 ! object network IN-NET nat (inside,outside) dynamic interface ! nat (inside,outside) after-auto source dynamic any interface service any DhcpDiscovery access-group outside_access_in in interface outside route outside 0.0.0.0 0.0.0.0 172.16.33.1 1 route inside 172.16.31.0 255.255.255.0 172.16.34.1 1 route inside 172.16.32.0 255.255.255.0 172.16.34.1 1 timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 timeout conn-holddown 0:00:15 timeout igp stale-route 0:01:10 aaa-server ServerRadius protocol radius aaa-server ServerRadius (outside) host 172.16.93.33 key WinRadius user-identity default-domain LOCAL aaa authentication serial console ServerRadius LOCAL aaa authentication ssh console ServerRadius LOCAL aaa authentication login-history http server enable http 172.16.34.1 255.255.255.255 inside snmp-server host outside 172.16.93.33 community [XXXXX] version 2c no snmp-server location no snmp-server contact service sw-reset-button crypto ipsec security-association pmtu-aging infinite crypto ca trustpool policy telnet timeout 5 ssh stricthostkeycheck ssh 172.16.93.33 255.255.255.255 outside ssh timeout 5 ssh key-exchange group dh-group1-sha1 console timeout 0 dhcprelay server 172.16.33.1 outside dhcprelay enable inside dhcprelay setroute inside dhcprelay timeout 60 threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ntp authentication-key 99 md5 [XXXXX] ntp authenticate ntp trusted-key [XXXXX] ntp server 172.16.33.1 key [XXXXX]source outside dynamic-access-policy-record DfltAccessPolicy username Backup password [XXXXX] privilege 15 ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 no tcp-inspection policy-map global_policy class inspection_default inspect ftp inspect h323 h225 inspect h323 ras inspect ip-options inspect netbios inspect rsh inspect rtsp inspect skinny inspect esmtp inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp inspect dns preset_dns_map inspect icmp inspect http policy-map type inspect dns migrated_dns_map_2 parameters message-length maximum client auto message-length maximum 512 no tcp-inspection policy-map type inspect dns migrated_dns_map_1 parameters message-length maximum client auto message-length maximum 512 no tcp-inspection ! service-policy global_policy global prompt hostname context no call-home reporting anonymous call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email callhome@cisco.com destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily Cryptochecksum:2c63925a01afee192316601881b180ef : end