Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2147
Views
5
Helpful
6
Replies

ASA 5506-X with 2 subnets outside internet

MikeGodoy12
Level 1
Level 1

‎03-26-2019 10:52 PM - edited ‎02-21-2020 08:59 AM

Hello, i have a problem and i hope you can help me, i have an ASA 5506-X and i have configured 2 subnets:

 

Interface GigabitEthernet1/2
description inside
speed 100
duplex full
nameif inside
security-level 100
ip address Host_10.150.86.65 255.255.255.224
!
interface GigabitEthernet1/3
description inside2
speed 100
duplex full
nameif inside2
security-level 100
ip address Host_10.150.71.161 255.255.255.224

 

 

The problem is when users of subnet 10.150.71.160/27 try to  visit internet the ping doesnt response, i have an static route to send all the trafic to internet router 

 

route outside 0.0.0.0 0.0.0.0 181.209.173.201 1

 

when i try to visit internet from subnet 10.150.71.160/27 the traceroute send me for a router of MPLS (10.150.86.72) and i dont know why, can you help me please?

 

Traceroute

C:\Users\Tienda8703>ipconfig

Configuración IP de Windows


Adaptador de Ethernet Ethernet:

Sufijo DNS específico para la conexión. . :
Dirección IPv4. . . . . . . . . . . . . . : 10.150.71.169
Máscara de subred . . . . . . . . . . . . : 255.255.255.224
Puerta de enlace predeterminada . . . . . : 10.150.71.161

Adaptador de túnel isatap.{E4D8EB7A-082B-417D-92EE-5828958DFB79}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :

C:\Users\Tienda8703>tracert -d 8.8.8.8

Traza a 8.8.8.8 sobre caminos de 30 saltos como máximo.

1 <1 ms <1 ms <1 ms 10.150.86.72
2 * * * * * * * * ** * 

_______________________________________________

 

 

ASA-GUATEMALA# sh run
: Saved

:
: Serial Number: JAD230304B1
: Hardware: ASA5506, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)
:
ASA Version 9.8(2)
!
hostname ASA-GUATEMALA
domain-name default.domain.invalid
names
name 10.152.238.192 Microtik
name 10.150.101.0 Filiales_CA description Tiendas Filiales
name 10.150.71.161 Host_10.150.71.161
name 10.150.86.72 Host_10.150.86.72
name 10.150.86.91 Host_10.150.86.91
name 10.152.232.248 Host_10.152.232.248
name 10.150.86.65 Host_10.150.86.65

!
interface GigabitEthernet1/1
description outside
duplex full
nameif outside
security-level 0
ip address 181.209.173.202 255.255.255.248
!
interface GigabitEthernet1/2
description inside
speed 100
duplex full
nameif inside
security-level 100
ip address Host_10.150.86.65 255.255.255.224
!
interface GigabitEthernet1/3
description inside2
speed 100
duplex full
nameif inside2
security-level 100
ip address Host_10.150.71.161 255.255.255.224
!
interface GigabitEthernet1/4
bridge-group 1
nameif inside_3
security-level 100
!
interface GigabitEthernet1/5
bridge-group 1
nameif inside_4
security-level 100
!
interface GigabitEthernet1/6
bridge-group 1
nameif inside_5
security-level 100
!
interface GigabitEthernet1/7
bridge-group 1
nameif inside_6
security-level 100
!
interface GigabitEthernet1/8
bridge-group 1
nameif inside_7
security-level 100
!
interface Management1/1
management-only
no nameif
no security-level
no ip address
!
interface BVI1
no nameif
security-level 100
ip address 192.168.1.1 255.255.255.0
!
boot system disk0:/asa805-31-k8.bin
ftp mode passive
dns server-group DefaultDNS
domain-name default.domain.invalid
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj_any1
subnet 0.0.0.0 0.0.0.0
object network obj_any2
subnet 0.0.0.0 0.0.0.0
object network obj_any3
subnet 0.0.0.0 0.0.0.0
object network obj_any4
subnet 0.0.0.0 0.0.0.0
object network obj_any5
subnet 0.0.0.0 0.0.0.0
object network obj_any6
subnet 0.0.0.0 0.0.0.0
object network obj_any7
subnet 0.0.0.0 0.0.0.0
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network GuatemalaLocalPrincipal
subnet 10.150.86.64 255.255.255.224
object network Tienda8714
subnet 10.150.95.0 255.255.255.224
object network RouterMPLSGuatemala
host 10.150.86.72
object network Tienda8705
subnet 10.150.86.128 255.255.255.224
object network Tienda8712
subnet 10.150.68.160 255.255.255.224
object network Tienda8713
subnet 10.150.68.224 255.255.255.224
object network Tienda8721
subnet 10.150.97.192 255.255.255.224
object network Tienda8723
subnet 10.150.98.0 255.255.255.224
object network Tienda8735
subnet 10.150.99.128 255.255.255.224
object network Tienda8741
subnet 10.150.100.192 255.255.255.224
object network Tienda8754
subnet 10.150.74.192 255.255.255.224
object network Tienda8720
subnet 10.150.97.160 255.255.255.224
object-group network GuatemalaLocal
network-object 10.150.71.160 255.255.255.224
network-object 10.150.86.64 255.255.255.224
object-group network GuatemalaRemoto
network-object 10.150.32.0 255.255.255.0
network-object 10.150.35.0 255.255.255.0
network-object 10.150.252.0 255.255.255.0
network-object 10.150.253.192 255.255.255.252
network-object 10.150.253.224 255.255.255.224
network-object 10.150.94.224 255.255.255.224
network-object 10.150.96.0 255.255.255.224
network-object 10.150.16.0 255.255.252.0
network-object 10.150.47.0 255.255.255.0
network-object 10.150.100.32 255.255.255.224
network-object 10.150.96.32 255.255.255.224
network-object 10.150.98.64 255.255.255.224
object-group service TCP_1273
service-object tcp destination eq 1273
object-group service TCP_1723
service-object tcp destination eq pptp
object-group service TCP_4370
service-object tcp destination eq 4370
object-group service TCP_47
service-object tcp destination eq 47
object-group service TCP_81
service-object tcp destination eq 81
object-group service TCP_8291
service-object tcp destination eq 8291
object-group service DM_INLINE_SERVICE_1
group-object TCP_1273
group-object TCP_4370
group-object TCP_47
group-object TCP_81
group-object TCP_8291
service-object tcp destination eq www
service-object tcp destination eq pptp
object-group protocol DM_INLINE_PROTOCOL_1
protocol-object ip
protocol-object icmp
object-group protocol DM_INLINE_PROTOCOL_2
protocol-object ip
protocol-object icmp
object-group network Tiendas_Remotas
network-object 10.150.86.96 255.255.255.224
object-group network TeleperformanceRemoto
description Conexin Microtik
network-object 10.152.231.0 255.255.255.128
network-object Microtik 255.255.255.240
network-object 10.152.232.240 255.255.255.240
network-object host Host_10.152.232.248
object-group network PrdTeleperformance
network-object 10.152.231.0 255.255.255.128
object-group network Filiales_CA
description Tiendas Filiales
network-object Filiales_CA 255.255.255.224
object-group network GuatemalaRemot
object-group network DM_INLINE_NETWORK_1
group-object GuatemalaRemoto
network-object object RouterMPLSGuatemala
network-object object GuatemalaLocalPrincipal
object-group network DM_INLINE_NETWORK_2
network-object object GuatemalaLocalPrincipal
group-object GuatemalaRemoto
object-group network DM_INLINE_NETWORK_4
network-object object Tienda8705
network-object object Tienda8714
network-object object Tienda8713
network-object object Tienda8720
network-object object Tienda8721
network-object object Tienda8723
network-object object Tienda8735
network-object object Tienda8741
network-object object Tienda8754
network-object object Tienda8712
access-list acl_outside extended permit icmp any any
access-list acl_outside extended permit object-group DM_INLINE_SERVICE_1 any interface outside log
access-list acl_inside extended permit icmp any any
access-list acl_inside extended permit object-group DM_INLINE_PROTOCOL_2 10.150.86.64 255.255.255.224 10.150.71.160 255.255.255.224
access-list acl_inside extended permit ip host 10.150.86.66 any
access-list acl_inside extended permit ip host 10.150.86.67 any
access-list acl_inside extended permit ip host 10.150.86.68 any
access-list acl_inside extended permit ip host 10.150.86.69 any
access-list acl_inside extended permit ip host 10.150.86.70 any
access-list acl_inside extended permit ip host 10.150.86.71 any
access-list acl_inside extended permit ip host 10.150.86.73 any
access-list acl_inside extended permit ip host 10.150.86.74 any
access-list acl_inside extended permit ip host 10.150.86.75 any
access-list acl_inside extended permit ip host 10.150.86.77 any
access-list acl_inside extended permit ip host 10.150.86.79 any
access-list acl_inside extended permit ip host 10.150.86.81 any
access-list acl_inside extended permit ip host 10.150.86.82 any
access-list acl_inside extended permit ip host 10.150.86.83 any
access-list acl_inside extended permit ip host 10.150.86.84 any
access-list acl_inside extended permit ip host 10.150.86.85 any
access-list acl_inside extended permit ip host 10.150.86.86 any
access-list acl_inside extended permit ip host 10.150.86.87 any
access-list acl_inside extended permit ip host 10.150.86.89 any
access-list acl_inside extended permit ip host 10.150.86.90 any
access-list acl_inside extended permit ip host 10.150.86.92 any
access-list acl_inside extended permit ip host 10.150.71.164 any
access-list acl_inside extended permit ip host 10.150.86.93 any
access-list acl_inside extended permit tcp host 10.150.86.74 any
access-list acl_inside extended permit ip host 10.150.86.80 any
access-list acl_inside extended permit ip host 10.150.86.78 any
access-list acl_inside extended permit ip host 10.150.71.170 any
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.98.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.86.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.92.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.86.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.96.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.100.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.86.224 255.255.255.224
access-list acl_inside extended permit ip host 10.150.71.165 any
access-list acl_inside extended permit ip host 10.150.86.72 any
access-list inside_nat0_outbound extended permit ip object-group GuatemalaLocal object-group GuatemalaRemoto
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.71.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip object-group GuatemalaLocal object-group TeleperformanceRemoto
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.47.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.100.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.86.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.68.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.68.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.94.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.96.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.97.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.97.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.98.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.99.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.74.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.98.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.49.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.100.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.47.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.100.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.86.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.68.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.68.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.95.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.94.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.96.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.97.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.97.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.98.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.99.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.74.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.98.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.49.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.100.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.95.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.36.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.92.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.86.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.96.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.98.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.96.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.100.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.86.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.36.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list outside_20_cryptomap extended permit ip object-group GuatemalaLocal object-group GuatemalaRemoto
access-list Secundaria_nat0_outbound extended permit ip object-group GuatemalaLocal object-group TeleperformanceRemoto
access-list Secundaria_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.86.64 255.255.255.224
access-list Secundaria_access_in extended permit object-group DM_INLINE_PROTOCOL_1 10.150.71.160 255.255.255.224 10.150.86.64 255.255.255.224
access-list Secundaria_access_in extended permit ip host 10.150.71.165 any
access-list outside_cryptomap extended permit ip 10.150.86.64 255.255.255.224 object-group TeleperformanceRemoto
access-list outside_cryptomap extended permit ip 10.150.71.160 255.255.255.224 object-group TeleperformanceRemoto
access-list outside_1_cryptomap extended permit ip object-group GuatemalaLocal object-group TeleperformanceRemoto
access-list outside_cryptomap_1 extended permit ip object-group GuatemalaLocal object-group Filiales_CA
access-list VPN-8741 extended permit ip 10.150.16.0 255.255.252.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.32.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.33.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.35.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.41.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.47.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.48.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.49.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.58.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.68.224 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.84.0 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.86.64 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.89.0 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.90.192 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.92.64 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.94.32 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.253.192 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.253.224 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.63.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.71.160 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.36.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list outside_cryptomap_65535.1 extended permit ip any object-group GuatemalaLocal
access-list VPN-8704 extended permit ip 10.150.16.0 255.255.252.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.32.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.33.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.35.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.41.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.47.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.48.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.49.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.86.64 255.255.255.224 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.58.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.71.160 255.255.255.224 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.36.0 255.255.255.0 10.150.92.64 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.16.0 255.255.252.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.32.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.33.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.35.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.41.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.47.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.48.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.49.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.58.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.86.64 255.255.255.224 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.71.160 255.255.255.224 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.64 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.16.0 255.255.252.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.32.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.33.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.35.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.41.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.47.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.48.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.49.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.58.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.86.64 255.255.255.224 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.71.160 255.255.255.224 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.36.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.16.0 255.255.252.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.32.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.33.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.35.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.41.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.47.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.48.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.49.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.58.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.86.64 255.255.255.224 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.71.160 255.255.255.224 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.36.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.16.0 255.255.252.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.32.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.33.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.35.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.41.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.47.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.48.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.49.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.58.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.86.64 255.255.255.224 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.71.160 255.255.255.224 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.36.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.32.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.33.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.35.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.41.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.47.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.48.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.49.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.58.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.86.64 255.255.255.224 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.16.0 255.255.252.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.71.160 255.255.255.224 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.36.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.16.0 255.255.252.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.32.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.33.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.35.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.41.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.47.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.48.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.49.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.58.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.86.64 255.255.255.224 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.71.160 255.255.255.224 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.36.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.16.0 255.255.252.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.32.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.33.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.35.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.41.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.47.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.48.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.49.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.58.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.86.64 255.255.255.224 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.71.160 255.255.255.224 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.36.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.16.0 255.255.252.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.32.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.33.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.35.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.41.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.47.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.48.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.49.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.58.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.86.64 255.255.255.224 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.71.160 255.255.255.224 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.36.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.16.0 255.255.252.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.32.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.33.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.35.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.41.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.47.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.48.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.49.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.58.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.86.64 255.255.255.224 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.71.160 255.255.255.224 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.36.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.16.0 255.255.252.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.32.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.33.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.35.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.41.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.47.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.48.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.49.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.58.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.86.64 255.255.255.224 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.71.160 255.255.255.224 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.36.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.16.0 255.255.252.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.32.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.33.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.35.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.41.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.47.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.48.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.49.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.58.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.86.64 255.255.255.224 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.71.160 255.255.255.224 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.36.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.16.0 255.255.252.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.32.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.33.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.35.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.41.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.47.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.48.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.49.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.58.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.86.64 255.255.255.224 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.71.160 255.255.255.224 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.36.0 255.255.255.0 10.150.96.192 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.16.0 255.255.252.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.32.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.33.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.35.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.41.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.47.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.48.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.49.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.58.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.86.64 255.255.255.224 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.71.160 255.255.255.224 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.36.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.16.0 255.255.252.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.32.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.33.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.35.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.41.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.47.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.48.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.49.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.58.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.86.64 255.255.255.224 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.71.160 255.255.255.224 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.36.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.16.0 255.255.252.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.32.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.33.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.35.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.41.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.47.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.48.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.49.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.58.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.86.64 255.255.255.224 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.71.160 255.255.255.224 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.36.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8707 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8709 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8742 extended permit ip 10.150.36.0 255.255.255.0 10.150.100.160 255.255.255.224
access-list VPN-8755 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.224 255.255.255.224
access-list acl_inside2 extended permit icmp any any
access-list acl_inside2 extended permit ip host 10.150.71.169 any
access-list acl_inside2 extended permit ip host 10.150.71.165 any
access-list acl-inside extended permit ip host 10.150.86.65 any
access-list 100 extended permit ip object-group DM_INLINE_NETWORK_2 object Tienda8714
pager lines 24
logging enable
logging timestamp
logging console warnings
logging buffered debugging
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu inside_3 1500
mtu inside_4 1500
mtu inside_5 1500
mtu inside_6 1500
mtu inside_7 1500
mtu inside2 1500
no failover
no monitor-interface service-module
icmp unreachable rate-limit 1 burst-size 1
icmp permit any outside
asdm image disk0:/asdm-782.bin
asdm history enable
arp timeout 14400
no arp permit-nonconnected
arp rate-limit 16384
nat (inside,outside) source static DM_INLINE_NETWORK_1 DM_INLINE_NETWORK_1 destination static DM_INLINE_NETWORK_4 DM_INLINE_NETWORK_4 no-proxy-arp route-lookup
!
object network obj_any3
nat (inside_3,outside) dynamic interface
object network obj_any4
nat (inside_4,outside) dynamic interface
object network obj_any5
nat (inside_5,outside) dynamic interface
object network obj_any6
nat (inside_6,outside) dynamic interface
object network obj_any7
nat (inside_7,outside) dynamic interface
object network obj_any
nat (inside,outside) dynamic interface
access-group acl_outside in interface outside
route outside 0.0.0.0 0.0.0.0 181.209.173.201 1
route inside 10.150.32.0 255.255.255.0 Host_10.150.86.72 1
route inside 10.150.35.0 255.255.255.0 Host_10.150.86.72 1
route inside 10.150.36.0 255.255.255.0 Host_10.150.86.72 1
route inside 10.150.47.0 255.255.255.0 Host_10.150.86.72 1
route inside 10.150.49.0 255.255.255.0 Host_10.150.86.72 1
timeout xlate 1:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
timeout conn-holddown 0:00:15
timeout igp stale-route 0:01:10
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
aaa authentication login-history
http server enable
http 192.168.1.0 255.255.255.0 inside_3
http 192.168.1.0 255.255.255.0 inside_4
http 192.168.1.0 255.255.255.0 inside_5
http 192.168.1.0 255.255.255.0 inside_6
http 192.168.1.0 255.255.255.0 inside_7
http 201.144.254.80 255.255.255.240 outside
http 201.144.8.128 255.255.255.224 outside
http 201.116.50.64 255.255.255.240 outside
http 187.210.23.33 255.255.255.255 outside
http 201.116.117.160 255.255.255.240 outside
http 10.150.35.45 255.255.255.255 inside
http 10.150.35.46 255.255.255.255 inside
http 10.150.35.48 255.255.255.255 inside
http 10.150.35.47 255.255.255.255 inside
snmp-server host inside 10.150.32.25 community ***** version 2c
snmp-server host inside 10.150.32.43 poll community ***** version 2c
snmp-server host outside 201.144.8.142 poll community ***** version 2c
snmp-server location ASA Guatemala
snmp-server contact SOC SCITUM
snmp-server community *****
service sw-reset-button
crypto ipsec ikev1 transform-set Guatemala-ipsec-proposal-set esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set Teleperformance esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set myset esp-aes esp-sha-hmac
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map outside_dyn_map 1 match address outside_cryptomap_65535.1
crypto dynamic-map outside_dyn_map 1 set ikev1 transform-set myset
crypto dynamic-map outside_dyn_map 65535 set ikev1 transform-set ESP-AES-256-SHA
crypto map mymap 1 match address outside_1_cryptomap
crypto map mymap 1 set pfs
crypto map mymap 1 set peer 189.211.83.76
crypto map mymap 1 set ikev1 transform-set myset
crypto map mymap 20 match address outside_20_cryptomap
crypto map mymap 20 set peer 201.116.117.162
crypto map mymap 20 set ikev1 transform-set myset
crypto map mymap 100 match address VPN-8741
crypto map mymap 100 set pfs
crypto map mymap 100 set peer 190.56.250.174 190.56.250.173
crypto map mymap 100 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 100 set security-association lifetime seconds 86400
crypto map mymap 120 match address VPN-8704
crypto map mymap 120 set pfs
crypto map mymap 120 set peer 190.56.141.162 190.56.141.161
crypto map mymap 120 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 120 set security-association lifetime seconds 86400
crypto map mymap 130 match address VPN-8705
crypto map mymap 130 set pfs
crypto map mymap 130 set peer 190.56.156.54 190.56.156.53
crypto map mymap 130 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 130 set security-association lifetime seconds 86400
crypto map mymap 140 match address VPN-8712
crypto map mymap 140 set pfs
crypto map mymap 140 set peer 190.56.166.26 190.56.166.25
crypto map mymap 140 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 140 set security-association lifetime seconds 86400
crypto map mymap 150 match address VPN-8713
crypto map mymap 150 set pfs
crypto map mymap 150 set peer 190.56.242.22 190.56.242.21
crypto map mymap 150 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 150 set security-association lifetime seconds 86400
crypto map mymap 160 match address 100
crypto map mymap 160 set pfs
crypto map mymap 160 set peer 190.56.38.50 190.56.38.49
crypto map mymap 160 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 160 set security-association lifetime seconds 86400
crypto map mymap 170 match address VPN-8715
crypto map mymap 170 set pfs
crypto map mymap 170 set peer 186.151.162.58
crypto map mymap 170 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 170 set security-association lifetime seconds 28800
crypto map mymap 180 match address VPN-8717
crypto map mymap 180 set pfs
crypto map mymap 180 set peer 190.56.152.234 190.56.152.233
crypto map mymap 180 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 180 set security-association lifetime seconds 86400
crypto map mymap 190 match address VPN-8718
crypto map mymap 190 set pfs
crypto map mymap 190 set peer 190.149.255.210 190.149.255.209
crypto map mymap 190 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 190 set security-association lifetime seconds 86400
crypto map mymap 200 match address VPN-8720
crypto map mymap 200 set pfs
crypto map mymap 200 set peer 186.151.219.2 186.151.219.1
crypto map mymap 200 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 200 set security-association lifetime seconds 86400
crypto map mymap 210 match address VPN-8721
crypto map mymap 210 set pfs
crypto map mymap 210 set peer 186.151.218.2 186.151.218.1
crypto map mymap 210 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 210 set security-association lifetime seconds 86400
crypto map mymap 220 match address VPN-8723
crypto map mymap 220 set pfs
crypto map mymap 220 set peer 216.230.148.230 216.230.148.229
crypto map mymap 220 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 220 set security-association lifetime seconds 86400
crypto map mymap 230 match address VPN-8724
crypto map mymap 230 set pfs
crypto map mymap 230 set peer 190.149.247.105 190.149.247.104
crypto map mymap 230 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 230 set security-association lifetime seconds 86400
crypto map mymap 240 match address VPN-8729
crypto map mymap 240 set pfs
crypto map mymap 240 set peer 190.56.153.150 190.56.153.149
crypto map mymap 240 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 240 set security-association lifetime seconds 86400
crypto map mymap 250 match address VPN-8735
crypto map mymap 250 set pfs
crypto map mymap 250 set peer 186.151.211.54 186.151.211.53
crypto map mymap 250 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 250 set security-association lifetime seconds 86400
crypto map mymap 260 match address VPN-8739
crypto map mymap 260 set pfs
crypto map mymap 260 set peer 186.151.120.38 186.151.120.37
crypto map mymap 260 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 260 set security-association lifetime seconds 86400
crypto map mymap 270 match address VPN-8754
crypto map mymap 270 set pfs
crypto map mymap 270 set peer 190.149.236.2 190.149.236.1
crypto map mymap 270 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 270 set security-association lifetime seconds 86400
crypto map mymap 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map mymap interface outside
crypto ca trustpool policy
crypto isakmp identity address
no crypto isakmp nat-traversal
crypto ikev1 enable outside
crypto ikev1 policy 1
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
telnet 10.150.35.47 255.255.255.255 inside
telnet 10.150.86.93 255.255.255.255 inside
telnet 10.150.35.48 255.255.255.255 inside
telnet 10.150.35.46 255.255.255.255 inside
telnet timeout 5
ssh stricthostkeycheck
ssh 201.144.254.80 255.255.255.240 outside
ssh 201.116.50.64 255.255.255.240 outside
ssh 201.144.8.128 255.255.255.224 outside
ssh 187.210.23.33 255.255.255.255 outside
ssh 201.116.117.160 255.255.255.240 outside
ssh 10.150.86.93 255.255.255.255 inside
ssh 10.150.35.45 255.255.255.255 inside
ssh 10.150.17.3 255.255.255.255 inside
ssh 10.150.35.46 255.255.255.255 inside
ssh 10.150.35.47 255.255.255.255 inside
ssh 10.150.35.48 255.255.255.255 inside
ssh timeout 60
ssh version 2
ssh key-exchange group dh-group1-sha1
console timeout 0
management-access inside

dhcpd auto_config outside
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
group-policy DfltGrpPolicy attributes
vpn-idle-timeout none
group-policy mygroup internal
group-policy mygroup attributes
vpn-tunnel-protocol ikev1
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
vpn-tunnel-protocol ikev1
dynamic-access-policy-record DfltAccessPolicy

tunnel-group DefaultL2LGroup ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 user-authentication none
tunnel-group 201.1136.117.162 type ipsec-l2l
tunnel-group 201.1136.117.162 ipsec-attributes
ikev1 pre-shared-key *****
isakmp keepalive disable
tunnel-group mygroup type ipsec-l2l
tunnel-group mygroup ipsec-attributes
ikev1 pre-shared-key *****
isakmp keepalive disable
tunnel-group 201.136.117.162 type ipsec-l2l
tunnel-group 201.116.117.162 type ipsec-l2l
tunnel-group 201.116.117.162 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group TeleperformanceRemoto type ipsec-l2l
tunnel-group TeleperformanceRemoto ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 189.211.83.76 type ipsec-l2l
tunnel-group 189.211.83.76 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group "Tunel Tiendas Filiales" type ipsec-l2l
tunnel-group "Tunel Tiendas Filiales" general-attributes
default-group-policy GroupPolicy1
tunnel-group "Tunel Tiendas Filiales" ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.250.174 type ipsec-l2l
tunnel-group 190.56.250.174 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.141.162 type ipsec-l2l
tunnel-group 190.56.141.162 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.156.54 type ipsec-l2l
tunnel-group 190.56.156.54 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.166.26 type ipsec-l2l
tunnel-group 190.56.166.26 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.242.22 type ipsec-l2l
tunnel-group 190.56.242.22 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.38.50 type ipsec-l2l
tunnel-group 190.56.38.50 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 186.151.162.58 type ipsec-l2l
tunnel-group 186.151.162.58 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.152.234 type ipsec-l2l
tunnel-group 190.56.152.234 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.149.255.210 type ipsec-l2l
tunnel-group 190.149.255.210 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 186.151.219.2 type ipsec-l2l
tunnel-group 186.151.219.2 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 186.151.218.2 type ipsec-l2l
tunnel-group 186.151.218.2 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 216.230.148.230 type ipsec-l2l
tunnel-group 216.230.148.230 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.149.247.105 type ipsec-l2l
tunnel-group 190.149.247.105 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.153.150 type ipsec-l2l
tunnel-group 190.56.153.150 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 186.151.211.54 type ipsec-l2l
tunnel-group 186.151.211.54 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 186.151.120.38 type ipsec-l2l
tunnel-group 186.151.120.38 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.149.236.2 type ipsec-l2l
tunnel-group 190.149.236.2 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.150.68.225 type ipsec-l2l
tunnel-group 190.150.68.225 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.149.247.106 type ipsec-l2l
tunnel-group 190.149.247.106 ipsec-attributes
ikev1 pre-shared-key *****
!
class-map netflow-export-class
class-map inspection_default
match default-inspection-traffic
class-map flow_export_class
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
inspect icmp error
policy-map flow_export_policy
class flow_export_class
!
service-policy global_policy global
privilege cmd level 10 mode exec command show
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:4bf995824a6dce1885eb034a69f93330
: end

0 Helpful
6 Replies 6

Julio E. Moisa
VIP
VIP

‎03-27-2019 05:10 AM - edited ‎03-27-2019 05:17 AM

Hi

Verifying the configuration I can see the following lines in blue are missed:

 

access-list acl_outside extended permit icmp any any echo
access-list acl_outside extended permit icmp any any echo-reply


access-list inside extended permit icmp any any echo
access-list inside extended permit icmp any any echo-reply
access-list inside extended permit icmp any any unreach
access-list inside extended permit icmp any any time-exceeded
access-list inside extended permit icmp any any traceroute


access-list acl_inside2 extended permit icmp any any echo
access-list acl_inside2 extended permit icmp any any echo-reply
access-list acl_inside2 extended permit icmp any any unreach
access-list acl_inside2 extended permit icmp any any time-exceeded
access-list acl_inside2 extended permit icmp any any traceroute

 

access-group acl_outside in interface outside
access-group inside in interface inside
access-group acl_inside2 in interface inside2

 

You could put the ACL entry at the top using the parameter "line", example:

 

access-list inside line 2 extended permit icmp any any echo-reply

 

I hope it solves the inconviences.

 

Best regards. 




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

MikeGodoy12
Level 1
Level 1
In response to Julio E. Moisa

‎03-27-2019 06:38 AM

thanks but when i apply:
access-group inside in interface inside
access-group acl_inside2 in interface inside2

i lost the outside to internet in the subnet 10.150.86.64/27 and all the VPN's site to site connected to ASA :(, do you have other idea? thanks for your quickly reply
0 Helpful

Julio E. Moisa
VIP
VIP
In response to MikeGodoy12

‎03-27-2019 07:03 AM - edited ‎03-27-2019 07:20 AM

What is the version of your IOS?

show version

Additional i dont see the NAT for the inside2, just for inside 1 and others.




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

MikeGodoy12
Level 1
Level 1
In response to Julio E. Moisa

‎03-27-2019 08:31 AM

Thanks Julio, i attached the IOS Version is 9.8

ASA-GUATEMALA#
ASA-GUATEMALA# sh ver

Cisco Adaptive Security Appliance Software Version 9.8(2)
Firepower Extensible Operating System Version 2.2(2.52)
Device Manager Version 7.8(2)

Compiled on Sun 27-Aug-17 13:06 PDT by builders
System image file is "disk0:/asa982-lfbff-k8.SPA"
Config file at boot was "startup-config"

ASA-GUATEMALA up 5 days 11 hours

Hardware: ASA5506, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)
Internal ATA Compact Flash, 8000MB
BIOS Flash M25P64 @ 0xfed01000, 16384KB

Encryption hardware device : Cisco ASA Crypto on-board accelerator (revision 0x1)
Number of accelerators: 1

1: Ext: GigabitEthernet1/1 : address is 7488.bb88.4c91, irq 255
2: Ext: GigabitEthernet1/2 : address is 7488.bb88.4c92, irq 255
3: Ext: GigabitEthernet1/3 : address is 7488.bb88.4c93, irq 255
4: Ext: GigabitEthernet1/4 : address is 7488.bb88.4c94, irq 255
5: Ext: GigabitEthernet1/5 : address is 7488.bb88.4c95, irq 255
6: Ext: GigabitEthernet1/6 : address is 7488.bb88.4c96, irq 255
7: Ext: GigabitEthernet1/7 : address is 7488.bb88.4c97, irq 255
8: Ext: GigabitEthernet1/8 : address is 7488.bb88.4c98, irq 255
9: Int: Internal-Data1/1 : address is 7488.bb88.4c90, irq 255
10: Int: Internal-Data1/2 : address is 0000.0001.0002, irq 0
11: Int: Internal-Control1/1 : address is 0000.0001.0001, irq 0
12: Int: Internal-Data1/3 : address is 0000.0001.0003, irq 0
13: Ext: Management1/1 : address is 7488.bb88.4c90, irq 0
14: Int: Internal-Data1/4 : address is 0000.0100.0001, irq 0

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 30 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Standby perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 4 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 50 perpetual
Total VPN Peers : 50 perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
Shared License : Disabled perpetual
Total TLS Proxy Sessions : 160 perpetual
Botnet Traffic Filter : Disabled perpetual
Cluster : Disabled perpetual

This platform has an ASA 5506 Security Plus license.
0 Helpful

Julio E. Moisa
VIP
VIP
In response to MikeGodoy12

‎03-27-2019 04:42 PM

Thank you so much, the image is recent, the access-group is required to enable the ACLs, now I assume the ACLs related to inside2 are the following, please correct me if Im wrong:

 

access-list acl_inside2 extended permit icmp any any
access-list acl_inside2 extended permit ip host 10.150.71.169 any
access-list acl_inside2 extended permit ip host 10.150.71.165 any

 

Could you please execute the following command:

 

show access-list acl_inside2

 

Also verify the NAT for the inside2 interface.

 

Regards. 

 

 




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

MikeGodoy12
Level 1
Level 1
In response to Julio E. Moisa

‎03-27-2019 08:51 PM

Hello Julio, yes you are correct i have these ACL's

 

ASA-GUATEMALA# show access-list acl_inside2
access-list acl_inside2; 4 elements; name hash: 0x8182f42b
access-list acl_inside2 line 1 extended permit icmp any any (hitcnt=0) 0x999b678a
access-list acl_inside2 line 2 extended permit ip host 10.150.71.169 any (hitcnt=8) 0x9ff6e684
access-list acl_inside2 line 3 extended permit ip host 10.150.71.165 any (hitcnt=0) 0xfe52fa14
access-list acl_inside2 line 4 extended permit ip host 10.150.71.161 any (hitcnt=0) 0x074430a6

 

Captura.JPG

 

 

i added a new object because i dont had it.

 

object network GuatemalaLocalSecundario
subnet 10.150.71.160 255.255.255.224

 

i hope you can help me thanks

 

 

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card