: Saved : Written by jmickens at 06:09:25.783 EDT Thu Aug 28 2014 ! ASA Version 9.1(4) ! hostname FWANVPN01 domain-name buckeyehq.com xlate per-session deny tcp any4 any4 xlate per-session deny tcp any4 any6 xlate per-session deny tcp any6 any4 xlate per-session deny tcp any6 any6 xlate per-session deny udp any4 any4 eq domain xlate per-session deny udp any4 any6 eq domain xlate per-session deny udp any6 any4 eq domain xlate per-session deny udp any6 any6 eq domain names dns-guard ip local pool StandardVPN 10.99.99.10-10.99.99.250 mask 255.255.255.0 ! interface GigabitEthernet0/0 nameif Outside security-level 0 ip address xxx.yyy.36.39 255.255.255.224 ! interface GigabitEthernet0/1 nameif Inside security-level 100 ip address 10.255.255.251 255.255.255.0 ! interface GigabitEthernet0/2 shutdown no nameif no security-level no ip address ! interface GigabitEthernet0/3 description Dedicated Client Access nameif ClientDA security-level 75 ip address 10.99.97.1 255.255.255.248 ! interface Management0/0 management-only nameif management security-level 100 ip address 192.168.1.1 255.255.255.0 ! boot system disk0:/asa914-k8.bin ftp mode passive clock timezone EST -5 clock summer-time EDT recurring dns domain-lookup Inside dns server-group DefaultDNS domain-name buckeyehq.com same-security-traffic permit intra-interface object network Corporate1 subnet 172.16.0.0 255.255.0.0 object network Corporate2 subnet 10.96.0.0 255.240.0.0 object network Corprate_DMZ subnet 10.255.225.0 255.255.255.0 object network StandardVPN_Subnet subnet 10.99.99.0 255.255.255.0 object network 097_Metro subnet 10.97.0.0 255.255.0.0 object network 100_Navarre subnet 10.100.0.0 255.255.0.0 object network 102_BCI subnet 10.102.0.0 255.255.0.0 object network 103_Deveaux subnet 10.103.0.0 255.255.0.0 object network 105_5552_Southwyck subnet 10.105.0.0 255.255.0.0 object network 106_5555_Airport subnet 10.106.0.0 255.255.0.0 object network 107_BCSN subnet 10.107.0.0 255.255.0.0 object network 108_ErieStrub subnet 10.108.0.0 255.255.0.0 object network 109_ErieMarket subnet 10.109.0.0 255.255.0.0 object network VOIP subnet 192.168.40.0 255.255.254.0 object network Routing subnet 10.99.0.0 255.255.255.0 object network Bucomterm01_Public host xxx.yyy.36.40 object network bucomterm01 host 10.101.1.116 object service RDP service tcp destination eq 3389 object network CHR subnet 208.88.136.0 255.255.255.0 description CHR source public subnet object network 10.101 subnet 10.101.0.0 255.255.0.0 object network ITCableModem host 24.53.141.12 object network 115_Reynolds subnet 10.107.0.0 255.255.0.0 object network NavarreLobby subnet 10.100.0.0 255.255.0.0 description Navarre Lobby object network Gateway subnet 10.255.255.0 255.255.255.0 description Gateway Network object network Corp subnet 172.16.0.0 255.255.0.0 object network Navarre subnet 10.100.10.0 255.255.255.0 object network OmniaServers subnet 10.101.0.0 255.255.252.0 object network AIM_PrintAll host 10.8.1.100 description AIM VPN host object network Foxy_FTP host 172.16.173.34 description Foxy - FTP server object network VPN_Airport host xxx.yyy.117.125 object network VPN_BCI host xxx.yyy.21.199 object network VPN_Deveaux host xxx.yyy.119.197 object network VPN_ErieMkt host xxx.yyy.14.165 object network VPN_ErieStrub host xxx.yyy.14.167 object network VPN_Reynolds host xxx.yyy.117.124 object network VPN_Southwyck2 host xxx.yyy.117.126 object network BCI subnet 10.102.0.0 255.255.0.0 object network Deveaux subnet 10.103.0.0 255.255.0.0 object network 5552_Southwyck subnet 10.105.0.0 255.255.0.0 object network 5555_Airport subnet 10.106.0.0 255.255.0.0 object network DMZ subnet 10.255.225.0 255.255.255.0 object network Erie_Market subnet 10.109.0.0 255.255.0.0 object network Erie_Strub subnet 10.108.0.0 255.255.0.0 object network VPN_MetroWarehouse host xxx.yyy.126.12 object network 7300_Airport subnet 10.97.0.0 255.255.0.0 object network Corp_Imaging subnet 10.0.13.0 255.255.255.192 description Imaging and Encryption object network Omnia_DEV subnet 10.101.3.0 255.255.255.0 object network HomeAgent_Kit_01 subnet 10.99.4.0 255.255.255.248 object network HomeAgent_Kit_02 subnet 10.99.4.8 255.255.255.248 object network HomeAgent_Kit_03 subnet 10.99.4.16 255.255.255.248 object network HomeAgent_Kit_04 subnet 10.99.4.24 255.255.255.248 object network HomeAgent_Kit_Test subnet 10.99.4.248 255.255.255.248 object network OmniaProd subnet 10.101.1.0 255.255.255.0 object network CorpServers subnet 172.16.173.0 255.255.255.0 description Server subset only object network AvayaVOIP subnet 192.168.40.0 255.255.254.0 description Avaya VOIP servers object network CableSystemVOD subnet 192.168.220.0 255.255.255.0 object network CMS host 172.16.171.15 object network HomeAgent_Kit_05 subnet 10.99.4.32 255.255.255.248 object network HomeAgent_Kit_06 subnet 10.99.4.40 255.255.255.248 object network HomeAgent_Kit_07 subnet 10.99.4.48 255.255.255.248 object network HomeAgent_Kit_08 subnet 10.99.4.56 255.255.255.248 object network HomeAgent_Kit_09 subnet 10.99.4.64 255.255.255.248 object network HomeAgent_Kit_10 subnet 10.99.4.72 255.255.255.248 object network HomeAgent_Kit_11 subnet 10.99.4.80 255.255.255.248 object network HomeAgent_Kit_12 subnet 10.99.4.88 255.255.255.248 object network HomeAgent_Kit_13 subnet 10.99.4.96 255.255.255.248 object network HomeAgent_Kit_14 subnet 10.99.4.104 255.255.255.248 object network HomeAgent_Kit_15 subnet 10.99.4.112 255.255.255.248 object network PNI_Avaya_Agent_Phones subnet 10.10.150.0 255.255.255.224 object network HomeAgent_Kit_16 subnet 10.99.4.120 255.255.255.248 object network HomeAgent_Kit_17 subnet 10.99.4.128 255.255.255.248 object network HomeAgent_Kit_18 subnet 10.99.4.136 255.255.255.248 object network HomeAgent_Kit_19 subnet 10.99.4.144 255.255.255.248 object network HomeAgent_Kit_20 subnet 10.99.4.152 255.255.255.248 object network HomeAgent_Kit_21 subnet 10.99.4.160 255.255.255.248 object network HomeAgent_Kit_22 subnet 10.99.4.168 255.255.255.248 object network HomeAgent_Kit_23 subnet 10.99.4.176 255.255.255.248 object network HomeAgent_Kit_24 subnet 10.99.4.184 255.255.255.248 object network HomeAgent_Kit_25 subnet 10.99.4.192 255.255.255.248 object network HomeAgent_Kit_26 subnet 10.99.4.200 255.255.255.248 object network HomeAgent_Kit_27 subnet 10.99.4.208 255.255.255.248 object network HomeAgent_Kit_28 subnet 10.99.4.216 255.255.255.248 object network HomeAgent_Kit_29 subnet 10.99.4.224 255.255.255.248 object network HomeAgent_Kit_30 subnet 10.99.4.232 255.255.255.248 object network Avaya_VOIP subnet 192.168.40.0 255.255.254.0 object network ClientDA-subnet subnet 10.99.97.0 255.255.255.248 object-group network Corporate_All_Inside description All subnets interior to the corporate network network-object 10.255.255.0 255.255.255.0 network-object object Corporate1 network-object object Corporate2 network-object object Corprate_DMZ object-group network Allowed_Backup_Subnets network-object object Avaya_VOIP network-object object Corp network-object object Corp_Imaging network-object object DMZ network-object object Gateway network-object object OmniaServers object-group service DM_INLINE_TCP_2 tcp port-object eq www port-object eq https object-group service DM_INLINE_TCP_1 tcp port-object eq ftp port-object eq ssh object-group network Deployed_Home_Agents description All deployed home agent kits network-object object HomeAgent_Kit_01 network-object object HomeAgent_Kit_02 network-object object HomeAgent_Kit_03 network-object object HomeAgent_Kit_04 network-object object HomeAgent_Kit_05 network-object object HomeAgent_Kit_06 network-object object HomeAgent_Kit_07 network-object object HomeAgent_Kit_08 network-object object HomeAgent_Kit_09 network-object object HomeAgent_Kit_10 network-object object HomeAgent_Kit_11 network-object object HomeAgent_Kit_12 network-object object HomeAgent_Kit_13 network-object object HomeAgent_Kit_14 network-object object HomeAgent_Kit_15 network-object object HomeAgent_Kit_16 network-object object HomeAgent_Kit_17 network-object object HomeAgent_Kit_18 network-object object HomeAgent_Kit_19 network-object object HomeAgent_Kit_20 network-object object HomeAgent_Kit_21 network-object object HomeAgent_Kit_22 network-object object HomeAgent_Kit_23 object-group network Home_Agent_allowed_access description Corporate subnets that home agent kits are allowed access to network-object object AvayaVOIP network-object object CableSystemVOD network-object object Corp_Imaging network-object object DMZ network-object object OmniaProd network-object object Corp access-list Outside_access_in extended permit ip object NavarreLobby any4 access-list Outside_access_in extended permit tcp host 10.8.1.100 host 172.16.173.34 object-group DM_INLINE_TCP_1 access-list Outside_access_in remark Access to Buckeye's NTP server access-list Outside_access_in extended permit udp object-group Deployed_Home_Agents host xxx.yyy.1.140 eq ntp access-list Outside_access_in remark HomeAgent access to CMS via telnet access-list Outside_access_in extended permit tcp object-group Deployed_Home_Agents object CMS eq telnet access-list Outside_access_in remark Internet access for Home Agents access-list Outside_access_in extended permit tcp object-group Deployed_Home_Agents any4 object-group DM_INLINE_TCP_2 access-list Outside_access_in extended permit ip object-group Deployed_Home_Agents object-group Home_Agent_allowed_access access-list Outside_access_in extended permit ip object Erie_Market object-group Allowed_Backup_Subnets access-list Outside_access_in extended permit ip object Erie_Strub object-group Allowed_Backup_Subnets access-list Outside_access_in extended permit ip object PNI_Avaya_Agent_Phones object AvayaVOIP access-list Outside_access_in extended permit ip object Deveaux object Corp access-list Outside_access_in extended permit ip object Deveaux object AvayaVOIP access-list Outside_access_in extended permit ip object Deveaux object OmniaServers access-list Outside_access_in extended permit ip object StandardVPN_Subnet object-group Corporate_All_Inside access-list Outside_access_in extended deny ip any6 any6 access-list Inside_access_in extended permit ip object 10.101 object 115_Reynolds access-list Inside_access_in extended permit ip 192.168.0.0 255.255.0.0 object 115_Reynolds access-list Inside_access_in extended permit ip object Corp object 115_Reynolds access-list Inside_access_in remark Navarre Lobby access-list Inside_access_in extended permit ip object-group Allowed_Backup_Subnets object NavarreLobby access-list Inside_access_in extended permit ip 192.168.0.0 255.255.0.0 object NavarreLobby access-list Inside_access_in extended permit ip object Corp_Imaging object NavarreLobby access-list Inside_access_in extended permit ip object DMZ object NavarreLobby access-list Inside_access_in extended permit ip object-group Allowed_Backup_Subnets object 5552_Southwyck access-list Inside_access_in extended permit ip object-group Allowed_Backup_Subnets object 7300_Airport access-list Inside_access_in extended permit ip object-group Allowed_Backup_Subnets object 5555_Airport access-list Inside_access_in extended permit ip object-group Home_Agent_allowed_access object-group Deployed_Home_Agents access-list Inside_access_in extended permit udp object Corp object NavarreLobby eq snmp access-list Inside_access_in extended permit ip object-group Allowed_Backup_Subnets object Erie_Market access-list Inside_access_in extended permit ip object-group Allowed_Backup_Subnets object Erie_Strub access-list Inside_access_in extended permit ip object AvayaVOIP object PNI_Avaya_Agent_Phones access-list Inside_access_in extended permit ip object Corp object Deveaux access-list Inside_access_in extended permit ip object AvayaVOIP object Deveaux access-list Inside_access_in extended permit ip object Gateway object Deveaux access-list Inside_access_in extended permit ip object OmniaServers object Deveaux access-list Inside_access_in extended permit ip object-group Corporate_All_Inside object StandardVPN_Subnet access-list Inside_access_in extended permit ip object-group Corporate_All_Inside 10.99.97.0 255.255.255.248 access-list Inside_access_in extended deny ip any6 any6 access-list Outside_2_cryptomap extended permit ip object-group Allowed_Backup_Subnets object Erie_Strub access-list Outside_3_cryptomap extended permit ip object-group Allowed_Backup_Subnets object NavarreLobby access-list Outside_cryptomap_2 extended permit ip object-group Allowed_Backup_Subnets object 115_Reynolds access-list Outside_5_cryptomap extended permit ip object-group Allowed_Backup_Subnets 10.102.0.0 255.255.0.0 access-list Outside_6_cryptomap extended permit ip host 172.16.173.34 host 10.8.1.100 access-list Outside_7_cryptomap extended permit ip object-group Allowed_Backup_Subnets object Deveaux access-list Outside_8_cryptomap extended permit ip object-group Allowed_Backup_Subnets object 5552_Southwyck access-list Outside_9_cryptomap extended permit ip object-group Allowed_Backup_Subnets object 5555_Airport access-list Outside_10_cryptomap extended permit ip object-group Allowed_Backup_Subnets object Erie_Market access-list Outside_11_cryptomap extended permit ip object-group Allowed_Backup_Subnets object 115_Reynolds access-list Outside_12_cryptomap extended permit ip object-group Allowed_Backup_Subnets object 7300_Airport access-list Outside_16_cryptomap extended permit ip any4 object HomeAgent_Kit_04 access-list Outside_13_cryptomap extended permit ip any4 object HomeAgent_Kit_01 access-list Outside_14_cryptomap extended permit ip any4 object HomeAgent_Kit_02 access-list Outside_15_cryptomap extended permit ip any4 object HomeAgent_Kit_03 access-list Outside_25_cryptomap extended permit ip any4 object HomeAgent_Kit_13 access-list Outside_17_cryptomap extended permit ip any4 object HomeAgent_Kit_05 access-list Outside_18_cryptomap extended permit ip any4 object HomeAgent_Kit_06 access-list Outside_19_cryptomap extended permit ip any4 object HomeAgent_Kit_07 access-list Outside_20_cryptomap extended permit ip any4 object HomeAgent_Kit_08 access-list Outside_21_cryptomap extended permit ip any4 object HomeAgent_Kit_09 access-list Outside_22_cryptomap extended permit ip any4 object HomeAgent_Kit_10 access-list Outside_23_cryptomap extended permit ip any4 object HomeAgent_Kit_11 access-list Outside_24_cryptomap extended permit ip any4 object HomeAgent_Kit_12 access-list Outside_26_cryptomap extended permit ip any4 object HomeAgent_Kit_14 access-list Outside_28_cryptomap extended permit ip any4 object HomeAgent_Kit_15 access-list Outside_cryptomap_1 extended permit ip object AvayaVOIP object PNI_Avaya_Agent_Phones access-list Outside_cryptomap_3 extended permit ip any4 object HomeAgent_Kit_16 access-list Outside_cryptomap_4 extended permit ip any4 object HomeAgent_Kit_17 access-list Outside_cryptomap_5 extended permit ip any4 object HomeAgent_Kit_18 access-list Outside_cryptomap_6 extended permit ip any4 object HomeAgent_Kit_19 access-list Outside_cryptomap_7 extended permit ip any4 object HomeAgent_Kit_20 access-list Outside_cryptomap extended permit ip any4 object HomeAgent_Kit_21 access-list Outside_cryptomap_8 extended permit ip any4 object HomeAgent_Kit_22 access-list Outside_cryptomap_9 extended permit ip any4 object HomeAgent_Kit_23 access-list ClientDA_access_in extended permit ip 10.99.97.0 255.255.255.248 object Corp access-list ClientDA_access_in extended permit ip 10.99.97.0 255.255.255.248 host xxx.yyy.1.140 pager lines 24 logging enable logging trap notifications logging asdm notifications logging host Inside 10.255.255.11 mtu Outside 1500 mtu Inside 1500 mtu management 1500 mtu ClientDA 1500 no failover icmp unreachable rate-limit 1 burst-size 1 icmp permit any Inside asdm image disk0:/asdm-715.bin no asdm history enable arp timeout 14400 no arp permit-nonconnected nat (ClientDA,Outside) source dynamic ClientDA-subnet interface nat (Outside,Outside) source dynamic Deployed_Home_Agents interface nat (Outside,Outside) source dynamic StandardVPN_Subnet interface nat (Inside,Outside) source static Corporate_All_Inside Corporate_All_Inside destination static StandardVPN_Subnet StandardVPN_Subnet no-proxy-arp route-lookup nat (Outside,Inside) source static StandardVPN_Subnet StandardVPN_Subnet destination static Corporate_All_Inside Corporate_All_Inside no-proxy-arp route-lookup nat (Inside,Outside) source static Foxy_FTP Foxy_FTP destination static AIM_PrintAll AIM_PrintAll no-proxy-arp route-lookup nat (Inside,Outside) source static Allowed_Backup_Subnets Allowed_Backup_Subnets destination static NavarreLobby NavarreLobby no-proxy-arp route-lookup nat (Inside,Outside) source static Allowed_Backup_Subnets Allowed_Backup_Subnets destination static BCI BCI no-proxy-arp route-lookup nat (Inside,Outside) source static Allowed_Backup_Subnets Allowed_Backup_Subnets destination static Deveaux Deveaux no-proxy-arp route-lookup nat (Inside,Outside) source static Allowed_Backup_Subnets Allowed_Backup_Subnets destination static 5552_Southwyck 5552_Southwyck no-proxy-arp route-lookup nat (Inside,Outside) source static Allowed_Backup_Subnets Allowed_Backup_Subnets destination static 5555_Airport 5555_Airport no-proxy-arp route-lookup nat (Inside,Outside) source static Allowed_Backup_Subnets Allowed_Backup_Subnets destination static Erie_Market Erie_Market no-proxy-arp route-lookup nat (Inside,Outside) source static Allowed_Backup_Subnets Allowed_Backup_Subnets destination static Erie_Strub Erie_Strub no-proxy-arp route-lookup nat (Inside,Outside) source static Allowed_Backup_Subnets Allowed_Backup_Subnets destination static 115_Reynolds 115_Reynolds no-proxy-arp route-lookup nat (Inside,Outside) source static Allowed_Backup_Subnets Allowed_Backup_Subnets destination static 7300_Airport 7300_Airport no-proxy-arp route-lookup nat (Inside,Outside) source static OmniaServers OmniaServers no-proxy-arp route-lookup nat (Inside,Outside) source static NavarreLobby NavarreLobby no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static NavarreLobby NavarreLobby no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_01 HomeAgent_Kit_01 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_02 HomeAgent_Kit_02 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_03 HomeAgent_Kit_03 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_04 HomeAgent_Kit_04 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_05 HomeAgent_Kit_05 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_06 HomeAgent_Kit_06 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_07 HomeAgent_Kit_07 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_08 HomeAgent_Kit_08 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_09 HomeAgent_Kit_09 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_10 HomeAgent_Kit_10 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_11 HomeAgent_Kit_11 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_12 HomeAgent_Kit_12 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_13 HomeAgent_Kit_13 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_14 HomeAgent_Kit_14 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_15 HomeAgent_Kit_15 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_16 HomeAgent_Kit_16 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_17 HomeAgent_Kit_17 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_18 HomeAgent_Kit_18 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_19 HomeAgent_Kit_19 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_20 HomeAgent_Kit_20 no-proxy-arp route-lookup nat (Inside,management) source static any any destination static NavarreLobby NavarreLobby no-proxy-arp route-lookup nat (Inside,Outside) source static AvayaVOIP AvayaVOIP destination static PNI_Avaya_Agent_Phones PNI_Avaya_Agent_Phones no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_21 HomeAgent_Kit_21 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_22 HomeAgent_Kit_22 no-proxy-arp route-lookup nat (Inside,Outside) source static any any destination static HomeAgent_Kit_23 HomeAgent_Kit_23 no-proxy-arp route-lookup ! object network ClientDA-subnet nat (any,Outside) dynamic interface access-group Outside_access_in in interface Outside access-group Inside_access_in in interface Inside access-group ClientDA_access_in in interface ClientDA route Inside 10.97.0.0 255.255.0.0 10.255.255.1 1 track 97 route Inside 10.100.0.0 255.255.0.0 10.255.255.1 1 track 100 route Inside 10.102.0.0 255.255.0.0 10.255.255.1 1 track 102 route Inside 10.103.0.0 255.255.0.0 10.255.255.1 1 track 103 route Inside 10.105.0.0 255.255.0.0 10.255.255.1 1 track 105 route Inside 10.106.0.0 255.255.0.0 10.255.255.1 1 track 106 route Inside 10.107.0.0 255.255.0.0 10.255.255.1 1 track 107 route Inside 10.108.0.0 255.255.0.0 10.255.255.1 1 track 108 route Inside 10.109.0.0 255.255.0.0 10.255.255.1 1 track 109 route Outside 0.0.0.0 0.0.0.0 xxx.yyy.36.33 1 route Inside 10.0.13.0 255.255.255.192 10.255.255.1 1 route Inside 10.99.0.0 255.255.255.0 10.255.255.1 1 route Inside 10.99.3.0 255.255.255.0 10.255.255.1 1 route Inside 10.101.0.0 255.255.0.0 10.255.255.1 1 route Inside 10.255.225.0 255.255.255.0 10.255.255.254 1 route Inside 172.16.0.0 255.255.0.0 10.255.255.1 1 route Inside 192.168.0.0 255.255.0.0 10.255.255.1 1 route Inside 192.168.40.0 255.255.254.0 10.255.255.1 1 route Inside 192.168.220.0 255.255.255.0 10.255.255.254 1 timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy aaa-server Safeword_Keyfob protocol radius reactivation-mode depletion deadtime 1 max-failed-attempts 5 aaa-server Safeword_Keyfob (Outside) host xxx.yyy.1.91 key @Th3w0Rld! authentication-port 1812 accounting-port 1813 user-identity default-domain LOCAL aaa authentication ssh console LOCAL aaa authentication enable console LOCAL aaa authentication http console LOCAL aaa authorization command LOCAL http server enable http 192.168.1.0 255.255.255.0 management http 172.16.0.0 255.255.0.0 Inside http 10.255.255.0 255.255.255.0 Inside snmp-server host Inside 172.16.173.49 poll community buckeye version 2c snmp-server location 4818 Angola Road snmp-server contact ipengineering2@cablesystem.com snmp-server community buckeye snmp-server enable traps snmp authentication linkup linkdown coldstart sla monitor 97 type echo protocol ipIcmpEcho 10.99.0.97 interface Inside sla monitor schedule 97 life forever start-time now sla monitor 100 type echo protocol ipIcmpEcho 10.99.0.100 interface Inside sla monitor schedule 100 life forever start-time now sla monitor 102 type echo protocol ipIcmpEcho 10.99.0.102 interface Inside sla monitor schedule 102 life forever start-time now sla monitor 103 type echo protocol ipIcmpEcho 10.99.0.103 interface Inside sla monitor schedule 103 life forever start-time now sla monitor 105 type echo protocol ipIcmpEcho 10.99.0.105 interface Inside sla monitor schedule 105 life forever start-time now sla monitor 106 type echo protocol ipIcmpEcho 10.99.0.106 interface Inside sla monitor schedule 106 life forever start-time now sla monitor 107 type echo protocol ipIcmpEcho 10.99.0.107 interface Inside sla monitor schedule 107 life forever start-time now sla monitor 108 type echo protocol ipIcmpEcho 10.99.0.108 interface Inside sla monitor schedule 108 life forever start-time now sla monitor 109 type echo protocol ipIcmpEcho 10.99.0.109 interface Inside sla monitor schedule 109 life forever start-time now crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS esp-aes esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS esp-des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transport crypto ipsec security-association pmtu-aging infinite crypto map Outside_map 1 match address Outside_cryptomap crypto map Outside_map 1 set peer xxx.yyy.11.172 crypto map Outside_map 1 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 1 set security-association lifetime kilobytes unlimited crypto map Outside_map 2 match address Outside_2_cryptomap crypto map Outside_map 2 set peer xxx.yyy.14.167 crypto map Outside_map 2 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 2 set security-association lifetime kilobytes unlimited crypto map Outside_map 3 match address Outside_3_cryptomap crypto map Outside_map 3 set peer xxx.yyy.29.3 crypto map Outside_map 3 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 3 set security-association lifetime kilobytes unlimited crypto map Outside_map 4 match address Outside_cryptomap_2 crypto map Outside_map 4 set peer 24.53.150.107 crypto map Outside_map 4 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 4 set security-association lifetime kilobytes unlimited crypto map Outside_map 5 match address Outside_5_cryptomap crypto map Outside_map 5 set peer xxx.yyy.21.199 crypto map Outside_map 5 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 5 set security-association lifetime kilobytes unlimited crypto map Outside_map 6 match address Outside_6_cryptomap crypto map Outside_map 6 set peer xxx.yyy.29.145 crypto map Outside_map 6 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 6 set security-association lifetime kilobytes unlimited crypto map Outside_map 7 match address Outside_7_cryptomap crypto map Outside_map 7 set peer xxx.yyy.119.197 crypto map Outside_map 7 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 7 set security-association lifetime kilobytes unlimited crypto map Outside_map 8 match address Outside_8_cryptomap crypto map Outside_map 8 set peer xxx.yyy.117.126 crypto map Outside_map 8 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 8 set security-association lifetime kilobytes unlimited crypto map Outside_map 9 match address Outside_9_cryptomap crypto map Outside_map 9 set peer xxx.yyy.117.125 crypto map Outside_map 9 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 9 set security-association lifetime kilobytes unlimited crypto map Outside_map 10 match address Outside_10_cryptomap crypto map Outside_map 10 set peer xxx.yyy.14.165 crypto map Outside_map 10 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 10 set security-association lifetime kilobytes unlimited crypto map Outside_map 11 match address Outside_11_cryptomap crypto map Outside_map 11 set peer xxx.yyy.117.124 crypto map Outside_map 11 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 11 set security-association lifetime kilobytes unlimited crypto map Outside_map 12 match address Outside_12_cryptomap crypto map Outside_map 12 set peer xxx.yyy.126.12 crypto map Outside_map 12 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 12 set security-association lifetime kilobytes unlimited crypto map Outside_map 13 match address Outside_13_cryptomap crypto map Outside_map 13 set peer xxx.yyy.117.237 crypto map Outside_map 13 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 13 set security-association lifetime kilobytes unlimited crypto map Outside_map 14 match address Outside_14_cryptomap crypto map Outside_map 14 set peer xxx.yyy.119.252 crypto map Outside_map 14 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 14 set security-association lifetime kilobytes unlimited crypto map Outside_map 15 match address Outside_15_cryptomap crypto map Outside_map 15 set peer xxx.yyy.117.233 crypto map Outside_map 15 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 15 set security-association lifetime kilobytes unlimited crypto map Outside_map 16 match address Outside_16_cryptomap crypto map Outside_map 16 set peer xxx.yyy.9.28 crypto map Outside_map 16 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 16 set security-association lifetime kilobytes unlimited crypto map Outside_map 17 match address Outside_17_cryptomap crypto map Outside_map 17 set peer xxx.yyy.117.212 crypto map Outside_map 17 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 17 set security-association lifetime kilobytes unlimited crypto map Outside_map 18 match address Outside_18_cryptomap crypto map Outside_map 18 set peer xxx.yyy.21.26 crypto map Outside_map 18 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 18 set security-association lifetime kilobytes unlimited crypto map Outside_map 19 match address Outside_19_cryptomap crypto map Outside_map 19 set peer xxx.yyy.121.168 crypto map Outside_map 19 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 19 set security-association lifetime kilobytes unlimited crypto map Outside_map 20 match address Outside_20_cryptomap crypto map Outside_map 20 set peer xxx.yyy.118.69 crypto map Outside_map 20 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 20 set security-association lifetime kilobytes unlimited crypto map Outside_map 21 match address Outside_21_cryptomap crypto map Outside_map 21 set peer xxx.yyy.10.17 crypto map Outside_map 21 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 21 set security-association lifetime kilobytes unlimited crypto map Outside_map 22 match address Outside_22_cryptomap crypto map Outside_map 22 set peer xxx.yyy.10.34 crypto map Outside_map 22 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 22 set security-association lifetime kilobytes unlimited crypto map Outside_map 23 match address Outside_23_cryptomap crypto map Outside_map 23 set peer xxx.yyy.127.212 crypto map Outside_map 23 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 23 set security-association lifetime kilobytes unlimited crypto map Outside_map 24 match address Outside_24_cryptomap crypto map Outside_map 24 set peer xxx.yyy.20.63 crypto map Outside_map 24 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 24 set security-association lifetime kilobytes unlimited crypto map Outside_map 25 match address Outside_25_cryptomap crypto map Outside_map 25 set peer xxx.yyy.125.179 crypto map Outside_map 25 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 25 set security-association lifetime kilobytes unlimited crypto map Outside_map 26 match address Outside_26_cryptomap crypto map Outside_map 26 set peer xxx.yyy.10.162 crypto map Outside_map 26 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 26 set security-association lifetime kilobytes unlimited crypto map Outside_map 27 match address Outside_cryptomap_8 crypto map Outside_map 27 set peer xxx.yyy.9.56 crypto map Outside_map 27 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 27 set security-association lifetime kilobytes unlimited crypto map Outside_map 28 match address Outside_28_cryptomap crypto map Outside_map 28 set peer xxx.yyy.28.97 crypto map Outside_map 28 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 28 set security-association lifetime kilobytes unlimited crypto map Outside_map 29 match address Outside_cryptomap_1 crypto map Outside_map 29 set peer 12.22.203.226 crypto map Outside_map 29 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 29 set security-association lifetime kilobytes unlimited crypto map Outside_map 30 match address Outside_cryptomap_3 crypto map Outside_map 30 set peer xxx.yyy.29.161 crypto map Outside_map 30 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 30 set security-association lifetime kilobytes unlimited crypto map Outside_map 31 match address Outside_cryptomap_4 crypto map Outside_map 31 set peer xxx.yyy.9.49 crypto map Outside_map 31 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 31 set security-association lifetime kilobytes unlimited crypto map Outside_map 32 match address Outside_cryptomap_5 crypto map Outside_map 32 set peer xxx.yyy.10.5 crypto map Outside_map 32 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 32 set security-association lifetime kilobytes unlimited crypto map Outside_map 33 match address Outside_cryptomap_6 crypto map Outside_map 33 set peer xxx.yyy.10.35 crypto map Outside_map 33 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 33 set security-association lifetime kilobytes unlimited crypto map Outside_map 34 match address Outside_cryptomap_7 crypto map Outside_map 34 set peer xxx.yyy.125.238 crypto map Outside_map 34 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 34 set security-association lifetime kilobytes unlimited crypto map Outside_map 35 match address Outside_cryptomap_9 crypto map Outside_map 35 set peer xxx.yyy.9.59 crypto map Outside_map 35 set ikev1 transform-set ESP-3DES-SHA crypto map Outside_map 35 set security-association lifetime kilobytes unlimited crypto map Outside_map interface Outside crypto ca trustpool policy quit crypto ikev2 policy 1 encryption aes-256 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 10 encryption aes-192 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 20 encryption aes integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 30 encryption 3des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 enable Outside crypto ikev2 remote-access trustpoint connect.cablesystem.com crypto ikev1 enable Outside crypto ikev1 am-disable crypto ikev1 policy 5 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 crypto ikev1 policy 10 authentication pre-share encryption des hash sha group 2 lifetime 86400 crypto ikev1 policy 15 authentication pre-share encryption 3des hash sha group 2 lifetime none crypto ikev1 policy 30 authentication pre-share encryption aes hash sha group 5 lifetime 86400 crypto ikev1 policy 50 authentication pre-share encryption aes-256 hash sha group 2 lifetime 86400 ! track 97 rtr 97 reachability ! track 100 rtr 100 reachability ! track 102 rtr 102 reachability ! track 103 rtr 103 reachability ! track 105 rtr 105 reachability ! track 106 rtr 106 reachability ! track 107 rtr 107 reachability ! track 108 rtr 108 reachability ! track 109 rtr 109 reachability telnet timeout 5 ssh 172.16.0.0 255.255.0.0 Inside ssh 10.255.255.0 255.255.255.0 Inside ssh timeout 5 ssh key-exchange group dh-group1-sha1 console timeout 0 no vpn-addr-assign aaa no vpn-addr-assign dhcp vpn-addr-assign local reuse-delay 5 no ipv6-vpn-addr-assign aaa no ipv6-vpn-addr-assign local dhcpd address 192.168.1.2-192.168.1.254 management dhcpd enable management ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ntp server xxx.yyy.1.140 source Outside prefer ssl encryption aes256-sha1 aes128-sha1 3des-sha1 ssl trust-point connect.cablesystem.com Outside webvpn enable Outside anyconnect-essentials anyconnect image disk0:/anyconnect-linux-3.1.05160-k9.pkg 2 regex "Linux" anyconnect image disk0:/anyconnect-linux-64-3.1.05160-k9.pkg 3 regex "Linux64" anyconnect image disk0:/anyconnect-win-3.1.05160-k9.pkg 4 regex "Windows" anyconnect image disk0:/anyconnect-macosx-i386-3.1.05160-k9.pkg 5 regex "Mac OS X" anyconnect image disk0:/anyconnect-wince-ARMv4I-2.4.1012-k9.pkg 6 regex "Windows CE" anyconnect enable tunnel-group-list enable group-policy GroupPolicy_StandardVPN internal group-policy GroupPolicy_StandardVPN attributes wins-server none dns-server value 172.16.173.75 172.16.173.15 vpn-tunnel-protocol ssl-client default-domain value buckeyehq.com group-policy GroupPolicy_12.22.203.226 internal group-policy GroupPolicy_12.22.203.226 attributes vpn-tunnel-protocol ikev1 group-policy GroupPolicy_xxx.yyy.29.161 internal group-policy GroupPolicy_xxx.yyy.29.161 attributes vpn-tunnel-protocol ikev1 ikev2 group-policy Home_Agent internal group-policy Home_Agent attributes dns-server value 172.16.173.75 172.16.173.15 vpn-idle-timeout 60 ipv6-vpn-filter none vpn-tunnel-protocol ikev1 nac-settings none tunnel-group StandardVPN type remote-access tunnel-group StandardVPN general-attributes address-pool StandardVPN authentication-server-group Safeword_Keyfob LOCAL default-group-policy GroupPolicy_StandardVPN tunnel-group StandardVPN webvpn-attributes group-alias StandardVPN enable tunnel-group 24.53.129.250 type ipsec-l2l tunnel-group 24.53.129.250 ipsec-attributes ikev1 pre-shared-key **************** tunnel-group 72.241.233.72 type ipsec-l2l tunnel-group 72.241.233.72 ipsec-attributes ikev1 pre-shared-key **************** tunnel-group xxx.yyy.14.167 type ipsec-l2l tunnel-group xxx.yyy.14.167 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.29.145 type ipsec-l2l tunnel-group xxx.yyy.29.145 ipsec-attributes ikev1 pre-shared-key **************** tunnel-group xxx.yyy.21.199 type ipsec-l2l tunnel-group xxx.yyy.21.199 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.119.197 type ipsec-l2l tunnel-group xxx.yyy.119.197 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.117.126 type ipsec-l2l tunnel-group xxx.yyy.117.126 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.117.125 type ipsec-l2l tunnel-group xxx.yyy.117.125 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.14.165 type ipsec-l2l tunnel-group xxx.yyy.14.165 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.117.124 type ipsec-l2l tunnel-group xxx.yyy.117.124 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.126.12 type ipsec-l2l tunnel-group xxx.yyy.126.12 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.117.237 type ipsec-l2l tunnel-group xxx.yyy.117.237 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.117.237 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.29.3 type ipsec-l2l tunnel-group xxx.yyy.29.3 ipsec-attributes ikev1 pre-shared-key *************** tunnel-group 24.53.137.13 type ipsec-l2l tunnel-group 24.53.137.13 general-attributes default-group-policy Home_Agent tunnel-group 24.53.137.13 ipsec-attributes ikev1 pre-shared-key **************** tunnel-group xxx.yyy.119.252 type ipsec-l2l tunnel-group xxx.yyy.119.252 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.119.252 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.117.233 type ipsec-l2l tunnel-group xxx.yyy.117.233 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.117.233 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.9.28 type ipsec-l2l tunnel-group xxx.yyy.9.28 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.9.28 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.117.212 type ipsec-l2l tunnel-group xxx.yyy.117.212 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.117.212 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.21.26 type ipsec-l2l tunnel-group xxx.yyy.21.26 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.21.26 ipsec-attributes ikev1 pre-shared-key ******** isakmp keepalive disable tunnel-group xxx.yyy.121.168 type ipsec-l2l tunnel-group xxx.yyy.121.168 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.121.168 ipsec-attributes ikev1 pre-shared-key ******** isakmp keepalive disable tunnel-group xxx.yyy.118.69 type ipsec-l2l tunnel-group xxx.yyy.118.69 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.118.69 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.10.17 type ipsec-l2l tunnel-group xxx.yyy.10.17 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.10.17 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.10.34 type ipsec-l2l tunnel-group xxx.yyy.10.34 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.10.34 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.127.212 type ipsec-l2l tunnel-group xxx.yyy.127.212 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.127.212 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.20.63 type ipsec-l2l tunnel-group xxx.yyy.20.63 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.20.63 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.125.179 type ipsec-l2l tunnel-group xxx.yyy.125.179 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.125.179 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.10.162 type ipsec-l2l tunnel-group xxx.yyy.10.162 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.10.162 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.28.97 type ipsec-l2l tunnel-group xxx.yyy.28.97 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.28.97 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group 12.22.203.226 type ipsec-l2l tunnel-group 12.22.203.226 general-attributes default-group-policy GroupPolicy_12.22.203.226 tunnel-group 12.22.203.226 ipsec-attributes ikev1 pre-shared-key ******** isakmp keepalive disable ikev2 remote-authentication pre-shared-key ******** ikev2 local-authentication pre-shared-key ******** tunnel-group xxx.yyy.29.161 type ipsec-l2l tunnel-group xxx.yyy.29.161 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.29.161 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.9.49 type ipsec-l2l tunnel-group xxx.yyy.9.49 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.9.49 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.10.5 type ipsec-l2l tunnel-group xxx.yyy.10.5 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.10.5 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.10.35 type ipsec-l2l tunnel-group xxx.yyy.10.35 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.10.35 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.125.238 type ipsec-l2l tunnel-group xxx.yyy.125.238 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.125.238 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.11.172 type ipsec-l2l tunnel-group xxx.yyy.11.172 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.11.172 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.9.56 type ipsec-l2l tunnel-group xxx.yyy.9.56 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.9.56 ipsec-attributes ikev1 pre-shared-key ******** tunnel-group xxx.yyy.9.59 type ipsec-l2l tunnel-group xxx.yyy.9.59 general-attributes default-group-policy Home_Agent tunnel-group xxx.yyy.9.59 ipsec-attributes ikev1 pre-shared-key ******** ! class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class inspection_default inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options ! service-policy global_policy global prompt hostname context no call-home reporting anonymous call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email callhome@cisco.com destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily Cryptochecksum:c2ce53fee81d07506c2f14178402d5af : end