: Saved : : Serial Number: JAD22030GSC : Hardware: ASA5506W, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores) : Written by enable_15 at 14:28:44.009 CEST Thu Mar 4 2021 ! ASA Version 9.8(2) ! hostname ciscoasa enable password XXXXX names ! interface GigabitEthernet1/1 nameif outside security-level 0 ip address dhcp setroute ! interface GigabitEthernet1/2 shutdown bridge-group 1 nameif inside_1 security-level 100 ! interface GigabitEthernet1/3 shutdown bridge-group 1 nameif inside_2 security-level 100 ! interface GigabitEthernet1/4 shutdown bridge-group 1 nameif inside_3 security-level 100 ! interface GigabitEthernet1/5 shutdown bridge-group 1 nameif inside_4 security-level 100 ! interface GigabitEthernet1/6 shutdown bridge-group 1 nameif inside_5 security-level 100 ! interface GigabitEthernet1/7 nameif INT-NAS security-level 100 ip address 10.10.30.1 255.255.255.0 ! interface GigabitEthernet1/8 nameif INT-SERVER security-level 100 ip address 10.10.20.1 255.255.255.0 ! interface GigabitEthernet1/9 nameif wifi security-level 100 ip address 192.168.10.1 255.255.255.0 ! interface GigabitEthernet1/9.50 vlan 50 nameif INT-WIFI-PERSONNEL security-level 100 ip address 10.10.50.1 255.255.255.0 ! interface GigabitEthernet1/9.60 vlan 60 nameif INT-WIFI-ITINIRANT security-level 100 ip address 10.10.60.1 255.255.255.0 ! interface Management1/1 management-only no nameif no security-level no ip address ! interface BVI1 nameif inside security-level 100 ip address 192.168.100.1 255.255.255.0 ! ftp mode passive clock timezone CEST 1 clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00 object network obj_any1 subnet 0.0.0.0 0.0.0.0 object network obj_any2 subnet 0.0.0.0 0.0.0.0 object network obj_any3 subnet 0.0.0.0 0.0.0.0 object network obj_any4 subnet 0.0.0.0 0.0.0.0 object network obj_any5 subnet 0.0.0.0 0.0.0.0 object network obj_any6 subnet 0.0.0.0 0.0.0.0 object network obj_any7 subnet 0.0.0.0 0.0.0.0 object network obj_any_wifi subnet 0.0.0.0 0.0.0.0 object network obj_any_personnel subnet 0.0.0.0 0.0.0.0 object service IMAPS service tcp destination eq 993 object service SMTPS service tcp destination eq 465 object network TORRENT_SERVER host 10.10.50.2 object network NAS-SYNOLOGY host 10.10.30.2 object network DMZ-NAS host 10.10.30.2 object network LIVEBOX host 192.168.1.1 object network LIVEBOX-network subnet 192.168.1.0 255.255.255.0 object service WEBSERV service tcp destination eq 4480 object network NAS-ROUTER host 10.10.30.1 object network DMZ-GUIL host 10.10.50.2 object network NAS-network subnet 10.10.30.0 255.255.255.0 object network NAS-TEST host 10.10.30.2 object-group service PARTAGE_FICHIER tcp-udp port-object eq 137 port-object eq 138 port-object eq 139 port-object eq 445 object-group protocol TCPUDP protocol-object udp protocol-object tcp object-group service ADMIN-NAS tcp port-object eq 5000 port-object eq www port-object eq https port-object eq 5001 object-group service HTTP(S) tcp port-object eq www port-object eq https object-group service VPN-ISAKMP udp port-object eq 4500 port-object eq isakmp object-group service MAIL tcp port-object eq 465 port-object eq 993 access-list INT-WIFI-ITINIRANT_access_in_1 extended permit ip any any log critical access-list INT-NAS_access_in_2 extended permit ip any any log debugging access-list INT-WIFI-PERSONNEL_access_in_1 extended permit ip any any access-list inside_1_access_in extended permit ip any any access-list inside_5_access_in extended permit ip any any access-list inside_2_access_in extended permit ip any any access-list inside_3_access_in extended permit ip any any access-list inside_7_access_in extended deny ip any any access-list inside_4_access_in extended permit ip any any access-list inside_access_in extended permit ip any any access-list wifi_access_in extended permit ip any any access-list INT-SERVER_access_in extended permit ip any any access-list outside_access_in extended permit ip any any pager lines 24 logging enable logging asdm informational mtu outside 1500 mtu inside_1 1500 mtu inside_2 1500 mtu inside_3 1500 mtu inside_4 1500 mtu inside_5 1500 mtu INT-NAS 1500 mtu INT-SERVER 1500 mtu wifi 1500 mtu INT-WIFI-PERSONNEL 1500 mtu INT-WIFI-ITINIRANT 1500 icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 no arp permit-nonconnected arp rate-limit 16384 nat (INT-WIFI-PERSONNEL,outside) source dynamic any interface nat (INT-WIFI-ITINIRANT,outside) source dynamic any interface nat (INT-SERVER,outside) source dynamic any interface nat (INT-NAS,outside) source dynamic any interface ! object network obj_any1 nat (inside_1,outside) dynamic interface object network obj_any2 nat (inside_2,outside) dynamic interface object network obj_any3 nat (inside_3,outside) dynamic interface object network obj_any4 nat (inside_4,outside) dynamic interface object network obj_any5 nat (inside_5,outside) dynamic interface object network obj_any_wifi nat (wifi,outside) dynamic interface object network NAS-TEST nat (INT-NAS,outside) static interface service tcp 4480 4480 access-group outside_access_in in interface outside access-group inside_1_access_in in interface inside_1 access-group inside_2_access_in in interface inside_2 access-group inside_3_access_in in interface inside_3 access-group inside_4_access_in in interface inside_4 access-group inside_5_access_in in interface inside_5 access-group INT-NAS_access_in_2 in interface INT-NAS access-group INT-SERVER_access_in in interface INT-SERVER access-group wifi_access_in in interface wifi access-group INT-WIFI-PERSONNEL_access_in_1 in interface INT-WIFI-PERSONNEL access-group INT-WIFI-ITINIRANT_access_in_1 in interface INT-WIFI-ITINIRANT access-group inside_access_in in interface inside timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 timeout conn-holddown 0:00:15 timeout igp stale-route 0:01:10 user-identity default-domain LOCAL aaa authentication login-history http server enable http 192.168.1.0 255.255.255.0 inside_1 http 192.168.1.0 255.255.255.0 inside_2 http 192.168.1.0 255.255.255.0 inside_3 http 192.168.1.0 255.255.255.0 inside_4 http 192.168.1.0 255.255.255.0 inside_5 http 192.168.10.0 255.255.255.0 wifi http 10.10.50.0 255.255.255.0 INT-WIFI-PERSONNEL http 10.10.30.0 255.255.255.0 INT-NAS no snmp-server location no snmp-server contact service sw-reset-button crypto ipsec security-association pmtu-aging infinite crypto ca trustpool policy telnet timeout 5 ssh stricthostkeycheck ssh timeout 5 ssh key-exchange group dh-group1-sha1 console timeout 0 dhcp-client client-id interface outside dhcpd dns 8.8.8.8 8.8.4.4 dhcpd auto_config outside ! dhcpd address 10.10.30.2-10.10.30.254 INT-NAS dhcpd dns 8.8.8.8 8.8.4.4 interface INT-NAS dhcpd enable INT-NAS ! dhcpd address 192.168.10.2-192.168.10.254 wifi dhcpd enable wifi ! dhcpd address 10.10.50.2-10.10.50.254 INT-WIFI-PERSONNEL dhcpd dns 37.235.1.174 172.104.237.57 interface INT-WIFI-PERSONNEL dhcpd enable INT-WIFI-PERSONNEL ! dhcpd address 10.10.60.2-10.10.60.254 INT-WIFI-ITINIRANT dhcpd dns 208.67.220.220 208.67.220.222 interface INT-WIFI-ITINIRANT dhcpd enable INT-WIFI-ITINIRANT ! threat-detection basic-threat threat-detection statistics host number-of-rate 3 threat-detection statistics port number-of-rate 3 threat-detection statistics protocol number-of-rate 3 threat-detection statistics access-list no threat-detection statistics tcp-intercept dynamic-access-policy-record DfltAccessPolicy ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 no tcp-inspection policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options ! service-policy global_policy global prompt hostname context no call-home reporting anonymous Cryptochecksum:7a8a9a1d25d06e7b9ce72a51ffc3fc93 : end