Saved : : Serial Number: JAD2042014S : Hardware: ASA5506, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores) : ASA Version 9.6(1) ! hostname ASA5506 enable password 8Ry2YjIyt7RRXU24 encrypted xlate per-session deny tcp any4 any4 xlate per-session deny tcp any4 any6 xlate per-session deny tcp any6 any4 xlate per-session deny tcp any6 any6 xlate per-session deny udp any4 any4 eq domain xlate per-session deny udp any4 any6 eq domain xlate per-session deny udp any6 any4 eq domain xlate per-session deny udp any6 any6 eq domain passwd hVxRMGvjmxCeVxgf encrypted names ip local pool SSLClientPool 192.168.100.1-192.168.100.50 mask 255.255.255.0 ! interface GigabitEthernet1/1 description *** Ziggo2 *** mac-address aaaa.bbbb.cccc nameif VLAN999 security-level 0 ip address dhcp setroute ipv6 enable ! interface GigabitEthernet1/2 description *** Ziggo1 *** nameif VLAN998 security-level 75 ip address dhcp setroute ! interface GigabitEthernet1/3 no nameif no security-level no ip address ! interface GigabitEthernet1/3.1 description *** Management *** vlan 1 nameif VLAN1 security-level 25 ip address 10.10.50.2 255.255.255.0 ! interface GigabitEthernet1/3.20 description *** Office *** vlan 20 nameif VLAN20 security-level 0 ip address 10.10.20.2 255.255.255.0 policy-route route-map PBR-ZIGGO2 ipv6 enable ! interface GigabitEthernet1/3.30 description *** Wi-Fi *** vlan 30 nameif VLAN30 security-level 75 ip address 10.10.30.2 255.255.255.0 policy-route route-map PBR-ZIGGO1 ipv6 enable ! interface GigabitEthernet1/3.40 description *** Printer *** vlan 40 nameif VLAN40 security-level 50 ip address 10.10.40.2 255.255.255.0 policy-route route-map PBR-VLAN40 ! interface GigabitEthernet1/3.45 description *** Server *** vlan 45 nameif VLAN45 security-level 75 ip address 10.10.45.2 255.255.255.0 policy-route route-map PBR-VLAN45 ! interface GigabitEthernet1/4 shutdown no nameif no security-level no ip address ! interface GigabitEthernet1/5 shutdown no nameif no security-level no ip address ! interface GigabitEthernet1/6 shutdown no nameif no security-level no ip address ! interface GigabitEthernet1/7 shutdown no nameif no security-level no ip address ! interface GigabitEthernet1/8 description ***Telfort*** nameif VlAN997 security-level 50 ip address dhcp setroute policy-route route-map PBR-TELFORT ! interface Management1/1 description *** ASA Management *** management-only nameif MNGT security-level 100 ip address 10.10.100.2 255.255.255.0 ! banner motd ************************************************************************ banner motd * Unauthorized access is prohibited * banner motd ************************************************************************ banner motd * This system is to be used only by specifically authorized personnel. * banner motd * Any unauthorized use of the system is unlawful, and may be subject * banner motd * to civil and/or criminal penalties. * banner motd * * banner motd * Any use of the system may be logged or monitored without further * banner motd * notice and resulting logs may be used as evidence in court. * banner motd ************************************************************************ ftp mode passive clock timezone CEST 1 clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00 same-security-traffic permit inter-interface same-security-traffic permit intra-interface object network OBJ-NET-VLAN1 subnet 10.10.50.0 255.255.255.0 object network OBJ-NET-VLAN20 subnet 10.10.20.0 255.255.255.0 object network OBJ-NET-VLAN30 subnet 10.10.30.0 255.255.255.0 object network OBJ-NET-VLAN40 subnet 10.10.40.0 255.255.255.0 object network OBJ-NET-VLAN45 subnet 10.10.45.0 255.255.255.0 object network NETWORK_OBJ_192.168.100.0_26 subnet 192.168.100.0 255.255.255.192 object network OBJ-NET-HOST-10.10.20.105 host 10.10.20.105 object service OBJ-SRV-TCP-3389 service tcp source eq 3389 object service OBJ-SRV-TCP-5000_6000 service tcp source range 5000 6000 object network OBJ-NET-HOST-82.94.75.162 host 82.94.75.162 object network OBJ-NET-HOST-82.94.75.163 host 82.94.75.163 object network OBJ-NET-HOST-82.94.75.164 host 82.94.75.164 object network OBJ-NET-HOST-82.94.75.165 host 82.94.75.165 object network OBJ-NET-HOST-82.94.75.166 host 82.94.75.166 object network OBJ-NET-HOST-10.10.45.10 host 10.10.45.10 object network OBJ-NET-HOST-10.10.20.10 host 10.10.20.10 object network VLAN997 host 192.168.2.2 description VLAN997 object network VLAN45 host 10.10.45.2 description VLAN45 object network VLAN40 host 10.10.40.2 description VLAN40 object network OBJ-NET-HOST-10.10.40.30 host 10.10.40.30 description PbX object-group network OBJ-GRP-NET-RFC1918 network-object 10.0.0.0 255.0.0.0 network-object 172.16.0.0 255.240.0.0 network-object 192.168.0.0 255.255.0.0 object-group protocol TCPUDP protocol-object udp protocol-object tcp object-group service DM_INLINE_TCPUDP_2 tcp-udp port-object eq sip port-object eq talk object-group service DM_INLINE_TCP_1 tcp port-object eq sip port-object eq talk access-list ACL-VLAN999-INBOUND extended permit icmp any any unreachable access-list ACL-VLAN999-INBOUND extended permit icmp any any time-exceeded access-list ACL-VLAN999-INBOUND extended permit icmp any any source-quench access-list ACL-VLAN999-INBOUND extended permit tcp any any range 5000 6000 access-list ACL-VLAN998-INBOUND remark *** Ziggo - Internetverkeer *** access-list ACL-VLAN998-INBOUND extended permit icmp any any echo-reply access-list ACL-VLAN998-INBOUND extended permit icmp any any unreachable access-list ACL-VLAN998-INBOUND extended permit icmp any any time-exceeded access-list ACL-VLAN998-INBOUND extended permit icmp any any source-quench access-list ACL-VLAN998-INBOUND remark Trans_ip Rdp access-list ACL-VLAN998-INBOUND extended permit tcp host 37.97.201.18 object OBJ-NET-HOST-10.10.45.10 eq 3389 access-list ACL-VLAN998-INBOUND extended permit ip any any access-list ACL-VLAN998-INBOUND extended permit tcp any host 10.10.20.10 eq 3389 access-list ACL-VLAN45-INBOUND remark *** RFC1918 *** access-list ACL-VLAN45-INBOUND extended deny ip object OBJ-NET-VLAN45 object-group OBJ-GRP-NET-RFC1918 access-list ACL-VLAN45-INBOUND remark *** Internetverkeer *** access-list ACL-VLAN45-INBOUND extended permit ip any any access-list ACL-RMAP-VLAN45 extended deny ip object OBJ-NET-VLAN45 object-group OBJ-GRP-NET-RFC1918 access-list ACL-RMAP-VLAN45 extended permit ip object OBJ-NET-VLAN45 any access-list ACL-VPN-SPLIT standard permit 10.10.0.0 255.255.0.0 access-list ACL-PBR-ZIGGO2 extended permit ip 10.10.20.0 255.255.255.0 any access-list ACL-PBR-TELFORT extended permit ip 10.10.40.0 255.255.255.0 any access-list ACL-PBR-ZIGGO1 extended permit ip 10.10.45.0 255.255.255.0 any access-list VlAN997_access_in extended permit ip any any access-list VlAN997_access_in extended permit tcp 195.35.114.0 255.255.254.0 object VLAN40 object-group DM_INLINE_TCP_1 access-list VLAN40_access_in extended permit ip any any access-list VLAN40_access_in extended permit object-group TCPUDP object VLAN40 195.35.114.0 255.255.254.0 object-group DM_INLINE_TCPUDP_2 access-list VLAN30_access_in extended permit ip any any pager lines 24 logging enable logging asdm informational mtu VLAN999 1500 mtu VLAN998 1500 mtu VLAN1 1500 mtu VLAN20 1500 mtu VLAN30 1500 mtu VLAN40 1500 mtu VLAN45 1500 mtu VlAN997 1500 mtu MNGT 1500 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-761.bin no asdm history enable arp timeout 14400 no arp permit-nonconnected nat (VLAN1,any) source static OBJ-GRP-NET-RFC1918 OBJ-GRP-NET-RFC1918 destination static OBJ-GRP-NET-RFC1918 OBJ-GRP-NET-RFC1918 no-proxy-arp route-lookup nat (VLAN20,any) source static OBJ-GRP-NET-RFC1918 OBJ-GRP-NET-RFC1918 destination static OBJ-GRP-NET-RFC1918 OBJ-GRP-NET-RFC1918 no-proxy-arp route-lookup nat (VLAN30,any) source static OBJ-GRP-NET-RFC1918 OBJ-GRP-NET-RFC1918 destination static OBJ-GRP-NET-RFC1918 OBJ-GRP-NET-RFC1918 no-proxy-arp route-lookup nat (VLAN40,VlAN997) source static OBJ-GRP-NET-RFC1918 OBJ-GRP-NET-RFC1918 destination static OBJ-GRP-NET-RFC1918 OBJ-GRP-NET-RFC1918 no-proxy-arp route-lookup nat (VLAN45,VLAN998) source static OBJ-GRP-NET-RFC1918 OBJ-GRP-NET-RFC1918 destination static OBJ-GRP-NET-RFC1918 OBJ-GRP-NET-RFC1918 no-proxy-arp route-lookup nat (VLAN20,VLAN998) source static OBJ-NET-HOST-10.10.20.10 interface service OBJ-SRV-TCP-3389 OBJ-SRV-TCP-3389 nat (VLAN45,VLAN998) source static OBJ-NET-HOST-10.10.45.10 OBJ-NET-HOST-82.94.75.165 nat (VLAN1,VLAN999) source dynamic any interface nat (VLAN20,VLAN999) source dynamic any interface nat (VLAN30,VLAN999) source dynamic any interface nat (VLAN40,VlAN997) source dynamic any interface nat (VLAN1,VLAN998) source dynamic any interface nat (VLAN20,VLAN998) source dynamic any interface nat (VLAN30,VLAN998) source dynamic any interface nat (VLAN45,VLAN999) source dynamic any interface nat (VLAN45,VLAN998) source dynamic any interface nat (VLAN40,VlAN997) source static any interface ! object network VLAN45 nat (any,VLAN998) static interface object network VLAN40 nat (any,VlAN997) static interface access-group ACL-VLAN999-INBOUND in interface VLAN999 access-group ACL-VLAN998-INBOUND in interface VLAN998 access-group VLAN30_access_in in interface VLAN30 access-group VLAN40_access_in in interface VLAN40 access-group ACL-VLAN45-INBOUND in interface VLAN45 access-group VlAN997_access_in in interface VlAN997 ! route-map PBR-ZIGGO1 permit 10 match ip address ACL-PBR-ZIGGO1 match interface VLAN998 set ip next-hop 212.187.37.1 ! route-map PBR-ZIGGO2 permit 10 match ip address ACL-PBR-ZIGGO2 set ip next-hop 212.187.37.1 ! route-map PBR-TELFORT permit 10 match ip address ACL-PBR-TELFORT match interface VlAN997 set ip next-hop verify-availability 10.10.60.1 10 track 1 set ip next-hop 10.10.60.1 ! route-map PBR-VLAN45 permit 10 match interface VLAN998 set ip next-hop 212.187.37.1 ! route-map PBR-VLAN30 permit 10 match interface VLAN998 set ip next-hop 212.187.37.1 ! route-map PBR-VLAN40 permit 10 match ip address ACL-PBR-TELFORT match interface VlAN997 set ip next-hop 10.10.60.1 ! route VLAN999 8.8.4.4 255.255.255.255 192.168.200.1 1 route VLAN998 8.8.8.8 255.255.255.255 192.168.199.1 1 route VlAN997 192.168.2.2 255.255.255.255 192.168.200.1 1 route VLAN998 193.173.85.0 255.255.255.192 192.168.200.1 1 route VLAN999 193.173.85.5 255.255.255.255 192.168.200.1 1 timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 user-identity default-domain LOCAL aaa authentication telnet console LOCAL aaa authentication ssh console LOCAL aaa authentication http console LOCAL aaa authentication serial console LOCAL aaa authentication enable console LOCAL aaa authorization exec LOCAL auto-enable http server enable http 0.0.0.0 0.0.0.0 MNGT http 0.0.0.0 0.0.0.0 VLAN20 http 0.0.0.0 0.0.0.0 VLAN999 http 0.0.0.0 0.0.0.0 VLAN45 http 0.0.0.0 0.0.0.0 VLAN30 no snmp-server location no snmp-server contact sla monitor 1 type echo protocol ipIcmpEcho 8.8.8.8 interface VLAN998 timeout 300 threshold 15000 frequency 5 sla monitor schedule 1 life forever start-time now sla monitor 2 type echo protocol ipIcmpEcho 8.8.4.4 interface VLAN999 timeout 300 threshold 15000 frequency 5 sla monitor schedule 2 life forever start-time now sla monitor 3 type echo protocol ipIcmpEcho 8.8.8.8 interface VLAN999 sla monitor schedule 3 life forever start-time now service sw-reset-button crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec ikev2 ipsec-proposal AES256 protocol esp encryption aes-256 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES192 protocol esp encryption aes-192 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES protocol esp encryption aes protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal 3DES protocol esp encryption 3des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal DES protocol esp encryption des protocol esp integrity sha-1 md5 crypto ipsec security-association pmtu-aging infinite crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5 crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES crypto map VLAN20_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map VLAN20_map interface VLAN20 crypto map VLAN30_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map VLAN30_map interface VLAN30 crypto map VLAN40_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map VLAN40_map interface VLAN40 crypto map VLAN998_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map VLAN998_map interface VLAN998 crypto map VLAN45_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto ca trustpoint localtrust enrollment self fqdn sslvpn.4udomein.com subject-name CN=sslvpn.4udomein.com keypair sslvpnkey crl configure crypto ca trustpool policy crypto ca certificate chain localtrust certificate 6bd0bf58 30820300 308201e8 a0030201 0202046b d0bf5830 0d06092a 864886f7 0d010105 05003042 311c301a 06035504 03131373 736c7670 6e2e3475 646f6d65 696e2e63 6f6d3122 30200609 2a864886 f70d0109 02161373 736c7670 6e2e3475 646f6d65 696e2e63 6f6d301e 170d3137 30333130 30373431 32305a17 0d323730 33303830 37343132 305a3042 311c301a 06035504 03131373 736c7670 6e2e3475 646f6d65 696e2e63 6f6d3122 30200609 2a864886 f70d0109 02161373 736c7670 6e2e3475 646f6d65 696e2e63 6f6d3082 0122300d 06092a86 4886f70d 01010105 00038201 0f003082 010a0282 010100a1 b2fe7671 f610a388 6d51851c 502093f5 cb5a944b 6285bb0d 37a01743 532f1914 11494c9e fbdaae6e 2e08cdb0 328cb667 5942d4e6 cc5e61a5 fb692d38 f4d46f75 2f8227f8 245bc7df a467dc68 7621b0c2 13a36762 b7bfb486 14272c49 1eb14f1a a307c724 532cfa3d 50c8a646 9cc06d06 3f2efab4 e10d491b 54fc42cb bee423d0 4e8df04b 6154146e f095ee82 8f41364e c94c7533 913cc866 79c6a32a 11b13718 895e23cb bc7b3502 ad7e1013 78b34526 cee075c1 ffd74c4c 9f41299d 9f40207a dfe083b4 717c9853 96090207 6135d21d f0d55558 c952eda0 15a61b45 f13789d6 47c82828 4cdb6b03 806415d6 8c14157d f85f09c4 02ebe725 fe9bf345 f407c102 03010001 300d0609 2a864886 f70d0101 05050003 82010100 03b31914 58eeb2c6 3c23e006 8bd5a4f5 563503d2 03fcd341 8bcf451d 722a6d78 a57a9808 ad1a282c 77530dd5 24eca366 8455f14d 86e51ed9 426d9790 a1a274ec 2116ec1b 97506c2f 73fe491c b3706142 b5cba46f 890efa41 dc26053d 320204e4 2b21b7fc a6a2f521 1fffa05b c37de564 13cc4289 c8043907 b6b9f21c 0566c173 496a0a1d 5f9fa630 d51d76db 7e88a9d8 8c6aa3b0 29109dc6 d13dd6a5 01e17d31 5209671e ea139e42 40637c43 dbee0608 670fe6c1 72e73a85 e710bc1a 9d2f1d6b dded7d12 ffafe1d2 cc097a20 0595a446 a508f613 047250e7 1091bf87 68c813da 8cdd30d8 96598a1c 1a615f84 a21871a8 f8be0459 5dcfe69f 72a9fcf2 aadc283f quit crypto ikev2 policy 1 encryption aes-256 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 10 encryption aes-192 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 20 encryption aes integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 30 encryption 3des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 enable VLAN998 client-services port 443 crypto ikev2 enable VLAN20 client-services port 443 crypto ikev2 remote-access trustpoint localtrust crypto ikev1 enable VLAN20 crypto ikev1 enable VLAN30 crypto ikev1 enable VLAN40 crypto ikev1 policy 20 authentication rsa-sig encryption aes-256 hash sha group 2 lifetime 86400 crypto ikev1 policy 30 authentication pre-share encryption aes-256 hash sha group 2 lifetime 86400 crypto ikev1 policy 50 authentication rsa-sig encryption aes-192 hash sha group 2 lifetime 86400 crypto ikev1 policy 60 authentication pre-share encryption aes-192 hash sha group 2 lifetime 86400 crypto ikev1 policy 80 authentication rsa-sig encryption aes hash sha group 2 lifetime 86400 crypto ikev1 policy 90 authentication pre-share encryption aes hash sha group 2 lifetime 86400 crypto ikev1 policy 110 authentication rsa-sig encryption 3des hash sha group 2 lifetime 86400 crypto ikev1 policy 120 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 crypto ikev1 policy 140 authentication rsa-sig encryption des hash sha group 2 lifetime 86400 crypto ikev1 policy 150 authentication pre-share encryption des hash sha group 2 lifetime 86400 ! track 10 rtr 1 reachability ! track 11 rtr 3 reachability ! track 20 rtr 2 reachability telnet 0.0.0.0 0.0.0.0 VLAN30 telnet 0.0.0.0 0.0.0.0 VlAN997 telnet timeout 5 ssh stricthostkeycheck ssh 193.173.85.0 255.255.255.192 VLAN999 ssh 193.173.85.0 255.255.255.192 VLAN998 ssh 0.0.0.0 0.0.0.0 VLAN20 ssh 0.0.0.0 0.0.0.0 MNGT ssh timeout 15 ssh key-exchange group dh-group1-sha1 console timeout 15 dhcp-client client-id interface VLAN999 dhcp-client client-id interface VLAN998 dhcp-client client-id interface VlAN997 dhcpd address 10.10.50.150-10.10.50.250 VLAN1 dhcpd dns 208.67.222.222 208.67.220.220 interface VLAN1 dhcpd enable VLAN1 ! dhcpd address 10.10.20.200-10.10.20.250 VLAN20 dhcpd dns 208.67.222.222 208.67.220.220 interface VLAN20 dhcpd enable VLAN20 ! dhcpd address 10.10.30.200-10.10.30.250 VLAN30 dhcpd dns 208.67.222.222 208.67.220.220 interface VLAN30 dhcpd enable VLAN30 ! dhcpd address 10.10.40.200-10.10.40.250 VLAN40 dhcpd dns 208.67.222.222 208.67.220.220 interface VLAN40 dhcpd enable VLAN40 ! dhcpd address 10.10.45.200-10.10.45.250 VLAN45 dhcpd dns 208.67.222.222 208.67.220.220 interface VLAN45 dhcpd enable VLAN45 ! dhcpd address 10.10.100.200-10.10.100.250 MNGT dhcpd dns 208.67.222.222 208.67.220.220 interface MNGT dhcpd enable MNGT ! ntp server 85.255.214.66 source VLAN999 ssl trust-point localtrust VLAN999 ssl trust-point localtrust VLAN998 ssl trust-point localtrust VLAN20 webvpn enable VLAN999 enable VLAN998 enable VLAN20 anyconnect image disk0:/anyconnect-linux64-4.4.01054-webdeploy-k9.pkg 1 anyconnect image disk0:/anyconnect-win-4.4.01054-webdeploy-k9.pkg 2 anyconnect profiles 4uDomein_client_profile disk0:/4uDomein_client_profile.xml anyconnect enable tunnel-group-list enable cache disable error-recovery disable group-policy SSLCLient internal group-policy SSLCLient attributes dns-server value 192.168.200.5 vpn-tunnel-protocol ssl-client default-domain value mysite.com address-pools value SSLClientPool group-policy GroupPolicy_4uDomein internal group-policy GroupPolicy_4uDomein attributes wins-server none dns-server value 10.10.20.100 10.10.20.101 vpn-tunnel-protocol ikev1 ikev2 ssl-client password-storage disable split-tunnel-policy tunnelspecified split-tunnel-network-list value ACL-VPN-SPLIT default-domain none webvpn anyconnect profiles value 4uDomein_client_profile type user dynamic-access-policy-record DfltAccessPolicy username Dave password L4o29iC9zK9nTS7P encrypted privilege 15 username Dave attributes service-type admin username Davevpn password leb4YKzqGcsujPoJ encrypted privilege 15 username vlietd password Q101T2coMJVYHrL6 encrypted privilege 15 tunnel-group SSLClient type remote-access tunnel-group SSLClient general-attributes default-group-policy SSLCLient tunnel-group SSLClient webvpn-attributes group-alias MY_RA enable tunnel-group 4uDomein type remote-access tunnel-group 4uDomein general-attributes address-pool SSLClientPool default-group-policy GroupPolicy_4uDomein tunnel-group 4uDomein webvpn-attributes group-alias 4uDomein enable tunnel-group 4uDomein ipsec-attributes ikev1 trust-point localtrust ! class-map inspection_default match default-inspection-traffic class-map CMAP-DEFAULT match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options policy-map PMAP-GLOBAL class CMAP-DEFAULT inspect http inspect ftp inspect icmp class class-default user-statistics accounting ! service-policy global_policy global prompt hostname context ! jumbo-frame reservation ! no call-home reporting anonymous Cryptochecksum:430a3f572ed6be66e163aae825db4cff : end asdm image disk0:/asdm-761.bin no asdm history enable