10-08-2014 07:01 PM - edited 03-11-2019 09:53 PM
Hi
We have a Cisco ASA 5520 that we've just connected up to a 100 Meg internet connection. Speedtests can only get to 10 Meg, but if I bypass the ASA I can confirm I get up to 99 Meg up and down.
The service was previously connected to a 15 Meg internet connection. Does anyone know where I can check to get this ASA to allow the 450 Meg throughput that it says in the datasheets?
Thanks
Chris
10-08-2014 07:58 PM
Hi,
Is there a IPS module on the ASA device ?
Please share the ASA device configuration.
Thanks and Regards,
Vibhor Amrodia
10-08-2014 09:18 PM
Hi Vibhor
No, there is no IPS module on the device. Here's the config:
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.10.02 15:05:40 =~=~=~=~=~=~=~=~=~=~=~=
User Access Verification
Password:
Type help or '?' for a list of available commands.
macmillan> En
Password: ********
macmillan# sho run
: Saved
:
ASA Version 7.2(3)
!
hostname macmillan
domain-name mpl.root-domain.org
enable password xxxxx encrypted
names
dns-guard
!
interface GigabitEthernet0/0
nameif outside
security-level 0
ip address xxx.xx.xx.x 255.255.255.0
!
interface GigabitEthernet0/1
nameif inside
security-level 100
ip address xxx.xx.x.xx 255.255.252.0
!
interface GigabitEthernet0/2
nameif TPGOutside
security-level 0
ip address xx.xx.xx.xxx 255.255.255.252
!
interface GigabitEthernet0/3
nameif internet
security-level 5
ip address xx.xx.xxx.xxx 255.255.255.0
!
interface Management0/0
shutdown
no nameif
no security-level
no ip address
!
passwd xxxxxx encrypted
boot system disk0:/asa723-k8.bin
ftp mode passive
clock timezone AEST 10
clock summer-time AEDT date Oct 7 2012 2:00 Apr 7 2013 3:00
dns domain-lookup inside
dns server-group DefaultDNS
name-server 172.18.0.86
domain-name mpl.root-domain.org
same-security-traffic permit intra-interface
object-group network og_ip_nat_dmz
network-object host 172.18.181.22
network-object host 172.18.181.156
network-object host 172.18.181.23
network-object host 172.18.181.25
access-list 10 standard permit 172.20.0.0 255.255.0.0
access-list 10 standard permit 172.18.0.0 255.255.252.0
access-list 10 standard permit 172.18.128.0 255.255.252.0
access-list 10 standard permit 172.18.9.0 255.255.255.0
access-list 10 standard permit 172.18.160.0 255.255.255.0
access-list 10 standard permit 172.18.134.0 255.255.255.0
access-list 10 standard permit 172.18.144.0 255.255.255.0
access-list 10 standard permit 172.18.148.0 255.255.255.0
access-list 10 standard permit 172.18.178.0 255.255.255.0
access-list 10 standard permit 172.18.181.0 255.255.255.0
access-list 10 standard permit 172.18.177.0 255.255.255.0
access-list 10 standard permit 172.18.179.0 255.255.255.0
access-list 10 standard permit 172.18.176.0 255.255.255.0
access-list 10 standard permit 10.0.0.0 255.0.0.0
access-list 10 standard permit 172.16.0.0 255.254.0.0
access-list 10 standard permit 172.19.0.0 255.255.0.0
access-list 10 standard permit 172.20.0.0 255.252.0.0
access-list 10 standard permit 172.24.0.0 255.252.0.0
access-list 10 standard permit 172.28.0.0 255.252.0.0
access-list 10 standard permit 192.168.0.0 255.255.0.0
access-list 10 standard permit 172.18.191.0 255.255.255.0
access-list 10 standard permit 172.16.8.0 255.255.255.0
access-list 10 standard permit 172.18.180.0 255.255.255.0
access-list 10 standard permit host 172.16.8.5
access-list 10 standard permit 172.17.0.0 255.255.0.0
access-list 101 extended permit ip 193.1.1.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list 101 extended permit ip 172.20.0.0 255.255.0.0 10.10.10.0 255.255.255.0
access-list 101 extended permit ip 202.6.93.0 255.255.255.0 172.20.0.0 255.255.0.0
access-list 101 extended permit ip 172.20.0.0 255.255.0.0 202.6.93.0 255.255.255.0
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 10.10.10.0 255.255.255.0
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 10.10.10.0 255.255.255.0
access-list 101 extended permit ip 172.18.9.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list 101 extended permit ip 172.18.154.0 255.255.255.0 172.18.9.0 255.255.255.0
access-list 101 extended permit ip 172.18.154.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list 101 extended permit ip 172.18.132.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list 101 extended permit ip 172.18.160.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list 101 extended permit ip 172.18.161.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list 101 extended permit ip 10.10.10.0 255.255.255.0 host 172.18.132.10
access-list 101 extended permit ip 172.20.0.0 255.255.0.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.9.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.154.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.132.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.160.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.161.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.144.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.148.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip host 172.18.148.11 host 59.154.24.162
access-list 101 extended permit ip host 172.18.148.11 host 59.154.24.163
access-list 101 extended permit ip host 172.18.148.9 host 59.154.24.162
access-list 101 extended permit ip host 172.18.148.9 host 59.154.24.163
access-list 101 extended permit ip host 172.18.148.16 host 59.154.24.162
access-list 101 extended permit ip host 172.18.148.16 host 59.154.24.163
access-list 101 extended permit ip 193.1.1.0 255.255.255.0 172.18.178.0 255.255.255.0
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 172.18.178.0 255.255.255.0
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 172.18.178.0 255.255.255.0
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 172.18.177.0 255.255.255.0
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 172.18.179.0 255.255.255.0
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 172.18.179.0 255.255.255.0
access-list 101 extended permit ip 172.18.181.0 255.255.255.0 172.18.179.0 255.255.255.0
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 172.18.176.0 255.255.255.0
access-list 101 extended permit ip 172.18.176.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.24.0.0 255.252.0.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip host 172.18.0.63 host 172.16.8.235
access-list 101 extended permit ip host 172.18.0.63 host 172.16.8.5
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.235
access-list 101 extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.5
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.235
access-list 101 extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.5
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.235
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.5
access-list 101 extended permit ip 172.18.144.0 255.255.252.0 host 172.16.8.235
access-list 101 extended permit ip 172.18.144.0 255.255.252.0 host 172.16.8.5
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 192.168.0.0 255.255.0.0
access-list 101 extended permit ip 192.168.0.0 255.255.0.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 172.18.191.0 255.255.255.0
access-list 101 extended permit ip 172.18.191.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.160.0 255.255.252.0 host 172.16.8.235
access-list 101 extended permit ip 172.18.160.0 255.255.252.0 host 172.16.8.5
access-list 101 extended permit ip host 172.16.8.5 172.18.180.0 255.255.255.0
access-list 101 extended permit ip host 172.16.8.235 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 host 172.18.191.5
access-list 101 extended permit ip 172.18.180.0 255.255.255.0 host 172.18.191.235
access-list 101 extended permit ip 172.17.0.0 255.255.0.0 172.18.180.0 255.255.255.0
access-list 101 extended permit ip 172.18.181.0 255.255.255.0 172.18.177.0 255.255.255.0
access-list 101 extended permit ip 172.24.0.0 255.252.0.0 172.18.176.0 255.255.255.0
access-list 101 extended permit ip 172.18.9.0 255.255.255.0 172.18.177.0 255.255.255.0
access-list 101 extended permit udp 172.18.9.0 255.255.255.0 172.18.177.0 255.255.255.0
access-list 101 extended permit ip 172.18.178.0 255.255.255.0 172.25.32.0 255.255.255.0
access-list 101 extended permit ip 172.24.0.0 255.252.0.0 172.18.178.0 255.255.255.0
access-list 101 extended permit ip 172.24.0.0 255.252.0.0 172.18.179.0 255.255.255.0
access-list 101 extended permit ip 172.24.0.0 255.252.0.0 172.18.177.0 255.255.255.0
access-list 130 extended permit ip 172.20.0.0 255.255.0.0 202.6.93.0 255.255.255.0
access-list 140 extended permit ip 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0
access-list 140 extended permit ip 172.18.128.0 255.255.252.0 172.18.176.0 255.255.255.0
access-list 150 extended permit ip host 172.18.0.11 172.18.180.0 255.255.255.0
access-list outside_acl extended permit icmp any any echo-reply
access-list outside_acl extended permit icmp any any unreachable
access-list outside_acl extended permit icmp any any time-exceeded
access-list outside_acl extended permit tcp any host 203.26.59.2 eq www
access-list outside_acl extended permit udp any host 203.26.59.2 eq domain
access-list outside_acl extended permit tcp any host 203.26.59.9 eq www
access-list outside_acl extended permit tcp host 203.41.44.102 host 203.26.59.9 eq lotusnotes
access-list outside_acl extended permit tcp 203.41.45.0 255.255.255.248 host 203.26.59.9 eq lotusnotes
access-list outside_acl extended permit tcp any host 203.26.59.2 eq domain
access-list outside_acl extended permit tcp host 203.41.44.101 host 203.26.59.9 eq pcanywhere-data
access-list outside_acl extended permit tcp host 203.41.44.101 host 203.26.59.9 eq 65301
access-list outside_acl extended permit udp host 203.41.44.101 host 203.26.59.9 eq 22
access-list outside_acl extended permit udp host 203.41.44.101 host 203.26.59.9 eq pcanywhere-status
access-list outside_acl extended permit tcp host 203.41.44.102 host 203.26.59.9 eq pcanywhere-data
access-list outside_acl extended permit tcp host 203.41.44.102 host 203.26.59.9 eq 65301
access-list outside_acl extended permit udp host 203.41.44.102 host 203.26.59.9 eq 22
access-list outside_acl extended permit udp host 203.41.44.102 host 203.26.59.9 eq pcanywhere-status
access-list outside_acl extended permit tcp 203.41.45.0 255.255.255.248 host 203.26.59.9 eq pcanywhere-data
access-list outside_acl extended permit tcp 203.41.45.0 255.255.255.248 host 203.26.59.9 eq 65301
access-list outside_acl extended permit udp 203.41.45.0 255.255.255.248 host 203.26.59.9 eq 22
access-list outside_acl extended permit udp 203.41.45.0 255.255.255.248 host 203.26.59.9 eq pcanywhere-status
access-list outside_acl extended permit tcp any host 203.26.59.7 eq www
access-list outside_acl extended permit tcp 203.166.119.128 255.255.255.192 host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp 216.82.240.0 255.255.240.0 host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp any host 203.26.59.2 eq ftp
access-list outside_acl extended permit tcp 203.129.72.240 255.255.255.240 host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp 203.129.74.224 255.255.255.224 host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp 203.129.72.208 255.255.255.240 host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp 193.109.254.0 255.255.254.0 host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp 194.106.220.0 255.255.254.0 host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp 195.245.230.0 255.255.254.0 host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp 203.94.175.236 255.255.255.252 host 203.26.59.9 eq pcanywhere-data
access-list outside_acl extended permit tcp 203.94.175.236 255.255.255.252 host 203.26.59.9 eq 65301
access-list outside_acl extended permit udp 203.94.175.236 255.255.255.252 host 203.26.59.9 eq 22
access-list outside_acl extended permit udp 203.94.175.236 255.255.255.252 host 203.26.59.9 eq pcanywhere-status
access-list outside_acl extended permit tcp 203.94.175.236 255.255.255.252 host 203.26.59.9 eq lotusnotes
access-list outside_acl extended permit tcp 203.94.175.128 255.255.255.224 host 203.26.59.9 eq pcanywhere-data
access-list outside_acl extended permit tcp 203.94.175.128 255.255.255.224 host 203.26.59.9 eq 65301
access-list outside_acl extended permit udp 203.94.175.128 255.255.255.224 host 203.26.59.9 eq 22
access-list outside_acl extended permit udp 203.94.175.128 255.255.255.224 host 203.26.59.9 eq pcanywhere-status
access-list outside_acl extended permit tcp 203.94.175.128 255.255.255.224 host 203.26.59.9 eq lotusnotes
access-list outside_acl extended permit tcp 85.158.136.0 255.255.248.0 host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp 117.120.16.0 255.255.248.0 host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp 62.231.131.0 255.255.255.0 host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp 134.159.150.64 255.255.255.192 host 203.26.59.2 eq smtp
access-list outside_acl extended deny tcp any host 203.26.59.2 eq smtp
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq ssh
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq ssh
access-list outside_acl extended permit tcp host 129.78.249.54 host 203.26.59.50 eq ssh
access-list outside_acl extended permit tcp host 203.108.76.90 host 203.26.59.50 eq ssh
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.50 eq ssh
access-list outside_acl extended permit tcp host 61.9.136.235 host 203.26.59.50 eq ssh
access-list outside_acl extended permit tcp any host 203.26.59.50 eq www
access-list outside_acl extended permit tcp any host 203.26.59.50 eq 7084
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq 7088
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq 7088
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.50 eq 7088
access-list outside_acl extended permit tcp any host 203.26.59.50 eq 7207
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq 7208
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq 7208
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.50 eq 7208
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq 7800
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq 7800
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.50 eq 7800
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq 7802
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq 7802
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.50 eq 7802
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.50 eq 7804
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.50 eq 7804
access-list outside_acl extended permit tcp any host 203.26.59.50 eq 8001
access-list outside_acl extended permit tcp any host 203.26.59.50 eq 8080
access-list outside_acl extended permit tcp any host 203.26.59.51 eq www
access-list outside_acl extended permit tcp any host 203.26.59.51 eq https
access-list outside_acl extended permit tcp any host 203.26.59.51 eq 8008
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.51 eq 7089
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.51 eq 7089
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.51 eq 7089
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.51 eq 7090
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.51 eq 7090
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.51 eq 7090
access-list outside_acl extended permit tcp any host 203.26.59.52 eq www
access-list outside_acl extended permit tcp any host 203.26.59.53 eq www
access-list outside_acl extended permit tcp any host 203.26.59.56 eq www
access-list outside_acl extended permit tcp any host 203.26.59.42 eq www
access-list outside_acl extended permit tcp any host 203.26.59.56 eq 8180
access-list outside_acl extended permit tcp host 203.26.59.4 host 203.26.59.56 eq ssh
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.56 eq ssh
access-list outside_acl extended permit tcp host 213.80.128.18 host 203.26.59.56 eq ssh
access-list outside_acl extended permit tcp host 213.80.128.18 host 203.26.59.56 eq 3306
access-list outside_acl extended permit tcp 129.78.138.64 255.255.255.192 host 203.26.59.56 eq ssh
access-list outside_acl extended permit tcp 129.78.138.64 255.255.255.192 host 203.26.59.56 eq 3306
access-list outside_acl extended permit tcp host 211.30.205.158 host 203.26.59.50 eq ssh
access-list outside_acl extended permit tcp host 122.108.75.112 host 203.26.59.50 eq ssh
access-list outside_acl extended permit tcp host 122.108.75.112 host 203.26.59.50 eq 7088
access-list outside_acl extended permit tcp host 122.108.75.112 host 203.26.59.50 eq 7208
access-list outside_acl extended permit tcp host 122.108.75.112 host 203.26.59.51 eq 7089
access-list outside_acl extended permit tcp host 122.108.75.112 host 203.26.59.51 eq 7090
access-list outside_acl extended permit tcp any host 203.26.59.57 eq 8180
access-list outside_acl extended permit tcp any host 203.26.59.57 eq www
access-list outside_acl extended permit ip any host 203.26.59.8
access-list outside_acl extended permit udp host 203.174.20.80 host 203.26.59.4
access-list outside_acl extended permit udp host 195.138.194.55 host 203.26.59.4
access-list outside_acl extended permit udp host 195.138.194.84 host 203.26.59.4
access-list outside_acl extended permit tcp any host 203.26.59.71 eq www
access-list outside_acl extended permit tcp any host 203.26.59.71 eq https
access-list outside_acl extended permit tcp any host 203.26.59.71 eq 8008
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.71 eq 7089
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.71 eq 7089
access-list outside_acl extended permit tcp host 129.78.249.52 host 203.26.59.71 eq 7090
access-list outside_acl extended permit tcp host 124.254.74.140 host 203.26.59.71 eq 7090
access-list outside_acl extended permit tcp any host 203.26.59.72 eq www
access-list outside_acl extended permit tcp any host 203.26.59.73 eq www
access-list outside_acl extended permit tcp any host 203.26.59.70 eq www
access-list outside_acl extended permit tcp any host 203.26.59.70 eq 7207
access-list outside_acl extended permit tcp any host 203.26.59.70 eq 8001
access-list outside_acl extended permit tcp any host 203.26.59.70 eq 8080
access-list outside_acl extended permit tcp host 129.78.138.65 host 203.26.59.70 eq ssh
access-list outside_acl extended permit tcp host 129.78.138.66 host 203.26.59.70 eq ssh
access-list outside_acl extended permit tcp host 129.78.138.80 host 203.26.59.70 eq ssh
access-list outside_acl extended permit tcp any host 203.26.59.11 eq www
access-list outside_acl extended permit udp host 75.101.164.127 host 203.26.59.9 eq pcanywhere-status
access-list outside_acl extended permit tcp host 75.101.164.127 host 203.26.59.9 eq lotusnotes
access-list outside_acl extended permit tcp host 75.101.164.127 host 203.26.59.9 eq pcanywhere-data
access-list outside_acl extended permit udp host 174.143.147.150 host 203.26.59.9 eq pcanywhere-status
access-list outside_acl extended permit tcp host 174.143.147.150 host 203.26.59.9 eq lotusnotes
access-list outside_acl extended permit tcp host 174.143.147.150 host 203.26.59.9 eq pcanywhere-data
access-list outside_acl extended permit udp host 174.129.219.49 host 203.26.59.9 eq pcanywhere-status
access-list outside_acl extended permit tcp host 174.129.219.49 host 203.26.59.9 eq lotusnotes
access-list outside_acl extended permit tcp host 174.129.219.49 host 203.26.59.9 eq pcanywhere-data
access-list outside_acl extended permit tcp any host 203.26.59.161 eq www
access-list outside_acl extended permit tcp any host 203.26.59.161 eq https
access-list outside_acl extended permit tcp host 173.203.193.10 host 203.26.59.9 eq lotusnotes
access-list outside_acl extended permit tcp host 150.101.116.241 host 203.26.59.9 eq lotusnotes
access-list outside_acl extended permit tcp host 150.101.116.241 host 203.26.59.9 eq pcanywhere-data
access-list outside_acl extended permit tcp host 173.203.224.182 host 203.26.59.9 eq lotusnotes
access-list outside_acl extended permit tcp host 173.203.224.182 host 203.26.59.9 eq pcanywhere-data
access-list outside_acl extended permit tcp host 150.101.116.241 host 203.26.59.161 eq lotusnotes
access-list outside_acl extended permit tcp host 150.101.116.241 host 203.26.59.161 eq pcanywhere-data
access-list outside_acl extended permit tcp host 173.203.193.10 host 203.26.59.161 eq lotusnotes
access-list outside_acl extended permit tcp host 174.143.147.150 host 203.26.59.161 eq lotusnotes
access-list outside_acl extended permit tcp host 174.129.219.49 host 203.26.59.161 eq lotusnotes
access-list outside_acl extended permit tcp host 173.203.224.182 host 203.26.59.161 eq lotusnotes
access-list outside_acl extended permit tcp host 173.203.224.182 host 203.26.59.161 eq pcanywhere-data
access-list outside_acl extended permit udp host 150.101.116.241 host 203.26.59.9 eq pcanywhere-status
access-list outside_acl extended permit udp host 173.203.224.182 host 203.26.59.9 eq pcanywhere-status
access-list outside_acl extended permit udp host 150.101.116.241 host 203.26.59.161 eq pcanywhere-status
access-list outside_acl extended permit udp host 173.203.224.182 host 203.26.59.161 eq pcanywhere-status
access-list outside_acl extended permit tcp any host 203.26.59.17 eq https
access-list outside_acl extended permit tcp any host 203.26.59.17 eq 4172
access-list outside_acl extended permit tcp any host 203.26.59.17 eq www
access-list outside_acl extended permit udp any host 203.26.59.17 eq 4172
access-list outside_acl extended permit tcp any host 203.26.59.10 eq www
access-list outside_acl extended permit tcp any host 203.26.59.10 eq 5447
access-list outside_acl extended permit tcp any host 203.26.59.10 eq 5449
access-list outside_acl extended permit tcp any host 203.26.59.20 eq ftp
access-list outside_acl extended permit tcp any host 203.26.59.16 eq https
access-list outside_acl extended permit tcp any host 203.26.59.16 eq www
access-list outside_acl extended permit tcp host 150.101.166.6 host 203.26.59.70 eq 6868
access-list outside_acl extended permit tcp host 122.248.239.86 host 203.26.59.70 eq 6868
access-list outside_acl extended permit tcp host 150.101.166.6 host 203.26.59.70 eq 1112
access-list outside_acl extended permit tcp host 122.248.239.86 host 203.26.59.70 eq 1112
access-list outside_acl extended permit tcp host 124.148.187.227 host 203.26.59.70 eq 6868
access-list outside_acl extended permit tcp host 124.148.187.227 host 203.26.59.70 eq 1112
access-list outside_acl extended permit tcp any host 203.26.59.71 eq klogin
access-list outside_acl extended permit tcp host 150.101.163.25 host 203.26.59.80 eq ssh
access-list outside_acl extended permit tcp host 54.253.114.243 host 203.26.59.70 eq 6868
access-list outside_acl extended permit tcp any host 203.26.59.161 eq ssh
access-list outside_acl extended permit tcp host 124.168.103.119 host 203.26.59.70 eq 6868
access-list outside_acl extended permit tcp host 220.245.37.174 host 203.26.59.70 eq 6868
access-list outside_acl extended permit tcp host 54.206.104.19 host 203.26.59.70 eq 6868
access-list outside_acl extended permit tcp host 54.206.104.19 host 203.26.59.70 eq 6869
access-list outside_acl extended permit tcp host 54.206.104.19 host 203.26.59.80 eq 6869
access-list dmz_acl extended permit icmp any object-group og_ip_nat_dmz echo-reply
access-list dmz_acl extended permit icmp any object-group og_ip_nat_dmz unreachable
access-list dmz_acl extended permit icmp any object-group og_ip_nat_dmz time-exceeded
access-list dmz_acl extended permit icmp any object-group og_ip_nat_dmz echo
access-list dmz_acl extended deny ip any object-group og_ip_nat_dmz
access-list dmz_acl extended permit ip any any
access-list inside_acl extended deny tcp any host 207.21.232.104
access-list inside_acl extended deny tcp any host 216.73.86.13 eq www
access-list inside_acl extended deny tcp any host 64.127.186.78
access-list inside_acl extended deny tcp any host 64.177.216.163
access-list inside_acl extended deny tcp any host 64.191.7.5
access-list inside_acl extended deny tcp any host 65.89.168.6
access-list inside_acl extended deny tcp any host 65.89.168.14
access-list inside_acl extended deny tcp any host 65.240.226.201
access-list inside_acl extended deny tcp any host 65.240.226.240
access-list inside_acl extended deny tcp any host 65.240.226.241
access-list inside_acl extended deny tcp any host 207.6.32.140
access-list inside_acl extended deny udp any host 207.6.32.140
access-list inside_acl extended deny tcp any 69.28.210.0 255.255.255.0 eq www
access-list inside_acl extended permit tcp host 172.18.128.13 any eq smtp
access-list inside_acl extended permit tcp host 172.18.0.18 any eq smtp
access-list inside_acl extended permit icmp any any echo
access-list inside_acl extended permit icmp any any echo-reply
access-list inside_acl extended permit tcp host 172.18.0.22 any eq smtp
access-list inside_acl extended permit tcp 172.18.154.0 255.255.255.0 172.18.9.0 255.255.255.0
access-list inside_acl extended deny tcp 172.18.144.224 255.255.255.240 any
access-list inside_acl extended permit tcp host 172.18.144.19 any eq smtp
access-list inside_acl extended deny tcp any any eq smtp
access-list inside_acl extended deny tcp 172.18.144.128 255.255.255.192 any
access-list inside_acl extended permit ip any any
access-list 50 standard permit host 172.18.9.10
access-list 50 standard permit host 172.18.154.10
access-list 50 standard permit host 172.18.154.11
access-list 50 standard permit host 172.18.132.10
access-list 50 standard permit host 172.18.0.30
access-list 50 standard permit host 172.18.0.21
access-list 50 standard permit host 172.18.161.10
access-list 50 standard permit host 172.18.161.2
access-list 50 standard permit host 172.18.161.3
access-list 50 standard permit host 172.18.161.4
access-list 50 standard permit host 172.18.132.2
access-list 50 standard permit host 172.18.132.3
access-list 50 standard permit host 172.18.132.4
access-list 50 standard permit host 172.18.154.2
access-list 50 standard permit host 172.18.154.3
access-list 50 standard permit host 172.18.154.4
access-list 50 standard permit host 172.18.132.5
access-list 50 standard permit host 172.18.0.86
access-list 50 standard permit host 172.18.191.5
access-list 180 extended permit ip 172.18.0.0 255.255.252.0 172.18.178.0 255.255.255.0
access-list 180 extended permit ip 172.18.128.0 255.255.252.0 172.18.178.0 255.255.255.0
access-list 180 extended permit ip 172.18.180.0 255.255.255.0 172.18.178.0 255.255.255.0
access-list 180 extended permit ip 172.18.181.0 255.255.255.0 172.18.178.0 255.255.255.0
access-list 180 extended permit ip 172.25.32.0 255.255.255.0 172.18.178.0 255.255.255.0
access-list 190 extended permit ip 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0
access-list 190 extended permit ip 172.18.128.0 255.255.252.0 172.18.177.0 255.255.255.0
access-list 190 extended permit ip 172.18.181.0 255.255.255.0 172.18.177.0 255.255.255.0
access-list 190 extended permit udp 172.18.9.0 255.255.255.0 172.18.177.0 255.255.255.0 eq 5004
access-list 190 extended permit ip 172.25.32.0 255.255.255.0 172.18.177.0 255.255.255.0
access-list 125 extended permit ip host 172.18.0.30 host 203.48.99.12
access-list 125 extended permit ip host 172.18.0.30 host 203.48.99.10
access-list 125 extended permit ip host 192.168.160.89 host 203.48.99.10
access-list 125 extended permit ip host 192.168.160.89 host 203.48.99.12
access-list Ade_VPN extended permit ip 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0
access-list Ade_VPN extended permit ip 172.18.177.0 255.255.255.0 172.18.0.0 255.255.252.0
access-list Ade_VPN extended permit ip 172.18.177.0 255.255.255.0 172.18.181.0 255.255.255.0
access-list to_bris extended permit ip 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0
access-list to_bris extended permit ip 172.18.128.0 255.255.252.0 172.18.176.0 255.255.255.0
access-list to_bris extended permit ip 172.18.180.0 255.255.255.0 172.18.176.0 255.255.255.0
access-list to_bris extended permit ip 172.24.0.0 255.252.0.0 172.18.176.0 255.255.255.0
access-list to_bris extended permit ip 172.25.0.0 255.255.0.0 172.18.176.0 255.255.255.0
access-list 165 extended permit ip 172.18.0.0 255.255.252.0 172.18.179.0 255.255.255.0
access-list 165 extended permit ip 172.18.128.0 255.255.252.0 172.18.179.0 255.255.255.0
access-list 165 extended permit ip 172.18.181.0 255.255.255.0 172.18.179.0 255.255.255.0
access-list 165 extended permit ip 172.25.32.0 255.255.255.0 172.18.179.0 255.255.255.0
access-list Dematic extended permit ip host 59.154.24.162 host 172.18.148.11
access-list Dematic extended permit ip host 59.154.24.163 host 172.18.148.11
access-list Dematic extended permit ip host 59.154.24.162 host 172.18.148.16
access-list Dematic extended permit ip host 59.154.24.163 host 172.18.148.16
access-list Dematic extended permit ip host 59.154.24.162 host 172.18.148.9
access-list Dematic extended permit ip host 59.154.24.163 host 172.18.148.9
access-list maqdict standard permit host 172.18.0.56
access-list maqdict standard permit host 172.18.0.21
access-list maqdict standard permit host 172.18.181.252
access-list maqdict standard permit host 172.18.181.70
access-list maqdict standard permit host 172.18.181.71
access-list maqdict standard permit host 172.18.181.72
access-list maqdict standard permit host 172.18.181.73
access-list maqdict standard permit host 172.18.0.23
access-list maqdict standard permit host 172.18.0.86
access-list maqdict standard permit host 172.18.181.80
access-list maqdict standard permit host 172.18.181.81
access-list maqdict standard permit host 172.18.181.82
access-list maqdict standard permit host 172.18.181.83
access-list vdiext extended permit tcp host 172.18.0.37 eq https any
access-list vdiext extended permit tcp any any
access-list vdiext extended permit tcp host 172.18.0.21 eq domain any
access-list vdiext extended permit tcp host 172.18.0.86 eq domain any
access-list 250 standard permit host 172.18.0.25
access-list 250 standard permit host 172.18.0.21
access-list 250 standard permit host 172.18.0.34
access-list 250 standard permit host 172.18.0.24
access-list 250 standard permit host 172.18.181.70
access-list 250 standard permit host 172.18.0.86
access-list 250 standard permit host 172.18.0.44
access-list IBS_ACL extended permit ip host 172.18.0.30 host 203.48.99.12
access-list 260 standard permit host 172.18.0.21
access-list 260 standard permit host 172.18.0.25
access-list 260 standard permit host 172.18.160.11
access-list 260 standard permit host 172.18.160.16
access-list 260 standard permit host 172.18.0.86
access-list dmz_NEW_acl extended permit ip any any
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.22 eq smtp
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq 4001
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq 8009
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq www
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq https
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq 3389
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.58 eq 4172
access-list dmz_NEW_acl extended permit udp host 172.18.181.17 host 172.18.181.58 eq 4172
access-list dmz_NEW_acl extended permit tcp host 172.18.181.252 host 172.18.0.22 eq smtp
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.181.22 eq lotusnotes
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.181.22 eq smtp
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.181.13 eq lotusnotes
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.181.14 eq lotusnotes
access-list dmz_NEW_acl extended permit tcp host 172.18.181.70 host 172.18.181.156
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.181.15 eq lotusnotes
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.0.79
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.79
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq 4001
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq 8009
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq www
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq https
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq 3389
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92 eq 4172
access-list dmz_NEW_acl extended permit udp host 172.18.181.17 host 172.18.181.92 eq 4172
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.100 eq 4172
access-list dmz_NEW_acl extended permit udp host 172.18.181.17 host 172.18.181.100 eq 4172
access-list dmz_NEW_acl extended permit tcp host 172.18.181.161 host 172.18.0.92
access-list dmz_NEW_acl extended permit tcp host 172.18.181.17 host 172.18.181.92
access-list dmz_NEW_acl extended permit tcp host 172.18.181.16 host 172.18.181.22 eq lotusnotes
access-list dmz_NEW_acl extended permit tcp host 172.18.181.16 host 172.18.181.22 eq smtp
access-list dmz_NEW_acl extended permit tcp host 172.18.181.16 host 172.18.181.13 eq lotusnotes
access-list dmz_NEW_acl extended permit tcp host 172.18.181.16 host 172.18.181.14 eq lotusnotes
access-list dmz_NEW_acl extended permit tcp host 172.18.181.16 host 172.18.181.15 eq lotusnotes
access-list dmz_NEW_acl extended permit tcp host 172.18.181.70 host 172.18.181.23
access-list dmz_NEW_acl extended permit tcp host 172.18.181.80 host 172.18.181.156
access-list dmz_NEW_acl extended permit tcp host 172.18.181.80 host 172.18.181.23
access-list 103 extended permit ip 172.18.181.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 103 extended permit ip 172.18.181.0 255.255.255.0 172.18.178.0 255.255.255.0
access-list 103 extended permit ip 172.18.181.0 255.255.255.0 172.18.179.0 255.255.255.0
access-list 103 extended permit ip 172.18.181.0 255.255.255.0 172.18.176.0 255.255.255.0
access-list 103 extended permit ip 172.18.181.0 255.255.255.0 172.18.177.0 255.255.255.0
access-list 103 extended permit ip 172.25.32.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 103 extended permit ip 172.25.32.0 255.255.255.0 172.18.178.0 255.255.255.0
access-list 103 extended permit ip 172.25.32.0 255.255.255.0 172.18.179.0 255.255.255.0
access-list 103 extended permit ip 172.25.32.0 255.255.255.0 172.18.176.0 255.255.255.0
access-list 103 extended permit ip 172.25.32.0 255.255.255.0 172.18.177.0 255.255.255.0
access-list maqdictext standard permit host 172.18.0.21
access-list maqdictext standard permit host 172.18.181.70
access-list maqdictext standard permit host 172.18.181.71
access-list maqdictext standard permit host 172.18.181.72
access-list maqdictext standard permit host 172.18.181.73
access-list maqdictext standard permit host 172.18.0.86
access-list maqdictext standard permit host 172.18.181.80
access-list maqdictext standard permit host 172.18.181.81
access-list maqdictext standard permit host 172.18.181.82
access-list maqdictext standard permit host 172.18.181.83
access-list AllianceDist extended permit ip host 172.18.0.63 host 172.16.8.235
access-list AllianceDist extended permit ip host 172.18.0.63 host 172.16.8.5
access-list AllianceDist extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.235
access-list AllianceDist extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.5
access-list AllianceDist extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.235
access-list AllianceDist extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.5
access-list AllianceDist extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.235
access-list AllianceDist extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.5
access-list AllianceDist extended permit ip 172.18.144.0 255.255.255.0 host 172.16.8.235
access-list AllianceDist extended permit ip 172.18.144.0 255.255.255.0 host 172.16.8.5
access-list AllianceDist extended permit ip 172.18.160.0 255.255.255.0 host 172.16.8.235
access-list AllianceDist extended permit ip 172.18.160.0 255.255.255.0 host 172.16.8.5
access-list TPG_outside_acl extended permit udp any host 203.87.59.210 eq domain
access-list TPG_outside_acl extended permit tcp any host 203.87.59.210 eq www
access-list TPG_outside_acl extended permit tcp any host 203.87.59.210 eq domain
access-list TPG_outside_acl extended permit tcp any host 203.26.59.7 eq www
access-list TPG_outside_acl extended permit tcp 203.166.119.128 255.255.255.192 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit tcp 216.82.240.0 255.255.240.0 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit tcp any host 203.87.59.210 eq ftp
access-list TPG_outside_acl extended permit tcp 203.129.72.240 255.255.255.240 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit tcp 203.129.74.224 255.255.255.224 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit tcp 203.129.72.208 255.255.255.240 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit tcp 193.109.254.0 255.255.254.0 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit tcp 194.106.220.0 255.255.254.0 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit tcp 195.245.230.0 255.255.254.0 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit tcp 85.158.136.0 255.255.248.0 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit tcp 117.120.16.0 255.255.248.0 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit tcp 62.231.131.0 255.255.255.0 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit tcp 134.159.150.64 255.255.255.192 host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended deny tcp any host 203.87.59.210 eq smtp
access-list TPG_outside_acl extended permit udp host 203.174.20.80 host 203.87.59.212
access-list TPG_outside_acl extended permit udp host 195.138.194.55 host 203.87.59.212
access-list TPG_outside_acl extended permit udp host 195.138.194.84 host 203.87.59.212
access-list TPG_outside_acl extended permit tcp any host 203.87.59.218 eq www
access-list TPG_outside_acl extended permit tcp any host 203.87.59.218 eq https
access-list TPG_outside_acl extended permit tcp any host 203.87.59.218 eq 8008
access-list TPG_outside_acl extended permit tcp host 129.78.249.52 host 203.87.59.218 eq 7089
access-list TPG_outside_acl extended permit tcp host 124.254.74.140 host 203.87.59.218 eq 7089
access-list TPG_outside_acl extended permit tcp host 129.78.249.52 host 203.87.59.218 eq 7090
access-list TPG_outside_acl extended permit tcp host 124.254.74.140 host 203.87.59.218 eq 7090
access-list TPG_outside_acl extended permit tcp any host 203.87.59.219 eq www
access-list TPG_outside_acl extended permit tcp any host 203.87.59.220 eq www
access-list TPG_outside_acl extended permit tcp any host 203.87.59.217 eq www
access-list TPG_outside_acl extended permit tcp any host 203.87.59.217 eq 7207
access-list TPG_outside_acl extended permit tcp any host 203.87.59.217 eq 8001
access-list TPG_outside_acl extended permit tcp any host 203.87.59.217 eq 8080
access-list TPG_outside_acl extended permit tcp host 129.78.138.65 host 203.87.59.217 eq ssh
access-list TPG_outside_acl extended permit tcp host 129.78.138.66 host 203.87.59.217 eq ssh
access-list TPG_outside_acl extended permit tcp host 129.78.138.80 host 203.87.59.217 eq ssh
access-list TPG_outside_acl extended permit tcp any host 203.87.59.215 eq www
access-list TPG_outside_acl extended permit tcp any host 203.87.59.216 eq www
access-list TPG_outside_acl extended permit tcp any host 203.87.59.216 eq https
access-list TPG_outside_acl extended permit tcp host 150.101.116.241 host 203.87.59.216 eq lotusnotes
access-list TPG_outside_acl extended permit tcp host 150.101.116.241 host 203.87.59.216 eq pcanywhere-data
access-list TPG_outside_acl extended permit tcp host 173.203.193.10 host 203.87.59.216 eq lotusnotes
access-list TPG_outside_acl extended permit tcp host 174.143.147.150 host 203.87.59.216 eq lotusnotes
access-list TPG_outside_acl extended permit tcp host 174.129.219.49 host 203.87.59.216 eq lotusnotes
access-list TPG_outside_acl extended permit tcp host 173.203.224.182 host 203.87.59.216 eq lotusnotes
access-list TPG_outside_acl extended permit tcp host 173.203.224.182 host 203.87.59.216 eq pcanywhere-data
access-list TPG_outside_acl extended permit udp host 150.101.116.241 host 203.87.59.216 eq pcanywhere-status
access-list TPG_outside_acl extended permit udp host 173.203.224.182 host 203.87.59.216 eq pcanywhere-status
access-list TPG_outside_acl extended permit tcp any host 203.87.59.213 eq www
access-list TPG_outside_acl extended permit tcp any host 203.87.59.213 eq 5447
access-list TPG_outside_acl extended permit tcp any host 203.87.59.213 eq 5449
access-list TPG_outside_acl extended permit tcp any host 203.87.59.214 eq ftp
access-list TPG_outside_acl extended permit tcp host 150.101.166.6 host 203.87.59.217 eq 6868
access-list TPG_outside_acl extended permit tcp host 122.248.239.86 host 203.87.59.217 eq 6868
access-list TPG_outside_acl extended permit tcp host 150.101.166.6 host 203.87.59.217 eq 1112
access-list TPG_outside_acl extended permit tcp host 122.248.239.86 host 203.87.59.217 eq 1112
access-list TPG_outside_acl extended permit tcp host 124.148.187.227 host 203.87.59.217 eq 6868
access-list TPG_outside_acl extended permit tcp host 124.148.187.227 host 203.87.59.217 eq 1112
access-list TPG_outside_acl extended permit tcp any host 203.87.59.218 eq klogin
access-list TPG_outside_acl extended permit tcp host 150.101.163.25 host 203.26.59.80 eq ssh
access-list TPG_outside_acl extended permit tcp host 54.253.114.243 host 203.87.59.217 eq 6868
access-list TPG_outside_acl extended permit tcp any host 203.87.59.216 eq ssh
access-list TPG_outside_acl extended permit tcp host 124.168.103.119 host 203.87.59.217 eq 6868
access-list TPG_outside_acl extended permit tcp host 220.245.37.174 host 203.87.59.217 eq 6868
access-list TPG_outside_acl extended permit tcp host 54.206.104.19 host 203.87.59.217 eq 6868
access-list TPG_outside_acl extended permit tcp host 54.206.104.19 host 203.87.59.217 eq 6869
access-list TPG_outside_acl extended permit tcp host 54.206.104.19 host 203.26.59.80 eq 6869
access-list TPG_outside_acl extended permit icmp any any echo-reply
access-list TPG_outside_acl extended permit icmp any any unreachable
access-list TPG_outside_acl extended permit icmp any any time-exceeded
access-list 98 extended permit ip 172.20.0.0 255.255.0.0 10.10.10.0 255.255.255.0
access-list 98 extended permit ip 202.6.93.0 255.255.255.0 172.20.0.0 255.255.0.0
access-list 98 extended permit ip 172.20.0.0 255.255.0.0 202.6.93.0 255.255.255.0
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 10.10.10.0 255.255.255.0
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 10.10.10.0 255.255.255.0
access-list 98 extended permit ip 172.18.9.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list 98 extended permit ip 172.18.154.0 255.255.255.0 172.18.9.0 255.255.255.0
access-list 98 extended permit ip 172.18.154.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list 98 extended permit ip 172.18.132.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list 98 extended permit ip 172.18.160.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list 98 extended permit ip 172.18.161.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list 98 extended permit ip 10.10.10.0 255.255.255.0 host 172.18.132.10
access-list 98 extended permit ip 172.20.0.0 255.255.0.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.9.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.154.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.132.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.160.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.161.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.144.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.148.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip host 172.18.148.11 host 59.154.24.162
access-list 98 extended permit ip host 172.18.148.11 host 59.154.24.163
access-list 98 extended permit ip host 172.18.148.9 host 59.154.24.162
access-list 98 extended permit ip host 172.18.148.9 host 59.154.24.163
access-list 98 extended permit ip host 172.18.148.16 host 59.154.24.162
access-list 98 extended permit ip host 172.18.148.16 host 59.154.24.163
access-list 98 extended permit ip 193.1.1.0 255.255.255.0 172.18.178.0 255.255.255.0
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 172.18.178.0 255.255.255.0
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 172.18.178.0 255.255.255.0
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 172.18.177.0 255.255.255.0
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 172.18.179.0 255.255.255.0
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 172.18.179.0 255.255.255.0
access-list 98 extended permit ip 172.18.181.0 255.255.255.0 172.18.179.0 255.255.255.0
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 172.18.176.0 255.255.255.0
access-list 98 extended permit ip 172.18.176.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.24.0.0 255.252.0.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip host 172.18.0.63 host 172.16.8.235
access-list 98 extended permit ip host 172.18.0.63 host 172.16.8.5
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.235
access-list 98 extended permit ip 172.18.0.0 255.255.252.0 host 172.16.8.5
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.235
access-list 98 extended permit ip 172.18.128.0 255.255.252.0 host 172.16.8.5
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.235
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 host 172.16.8.5
access-list 98 extended permit ip 172.18.144.0 255.255.252.0 host 172.16.8.235
access-list 98 extended permit ip 172.18.144.0 255.255.252.0 host 172.16.8.5
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 192.168.0.0 255.255.0.0
access-list 98 extended permit ip 192.168.0.0 255.255.0.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 172.18.191.0 255.255.255.0
access-list 98 extended permit ip 172.18.191.0 255.255.255.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.160.0 255.255.252.0 host 172.16.8.235
access-list 98 extended permit ip 172.18.160.0 255.255.252.0 host 172.16.8.5
access-list 98 extended permit ip host 172.16.8.5 172.18.180.0 255.255.255.0
access-list 98 extended permit ip host 172.16.8.235 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 host 172.18.191.5
access-list 98 extended permit ip 172.18.180.0 255.255.255.0 host 172.18.191.235
access-list 98 extended permit ip 172.17.0.0 255.255.0.0 172.18.180.0 255.255.255.0
access-list 98 extended permit ip 172.18.181.0 255.255.255.0 172.18.177.0 255.255.255.0
access-list 98 extended permit ip 172.24.0.0 255.252.0.0 172.18.176.0 255.255.255.0
access-list 98 extended permit ip 172.18.9.0 255.255.255.0 172.18.177.0 255.255.255.0
access-list 98 extended permit ip 172.18.178.0 255.255.255.0 172.25.32.0 255.255.255.0
access-list 98 extended permit ip 172.18.179.0 255.255.255.0 172.25.32.0 255.255.255.0
access-list 98 extended permit ip 172.25.32.0 255.255.255.0 172.18.178.0 255.255.255.0
access-list 98 extended permit ip 172.25.32.0 255.255.255.0 172.18.179.0 255.255.255.0
access-list 98 extended permit ip 172.25.32.0 255.255.255.0 172.18.176.0 255.255.255.0
access-list 98 extended permit ip 172.25.32.0 255.255.255.0 172.18.177.0 255.255.255.0
access-list 98 extended permit ip any 172.18.180.0 255.255.255.0
access-list webIPFX webtype permit tcp 193.1.1.14 255.255.255.255
access-list webIPFX webtype permit tcp 172.18.128.14 255.255.255.255
access-list webext webtype permit tcp 172.18.0.21 255.255.255.255
access-list webext webtype permit tcp 172.18.0.21 255.255.255.255 eq domain
access-list webext webtype permit tcp 172.18.0.86 255.255.255.255
access-list webext webtype permit tcp 172.18.0.86 255.255.255.255 eq domain
no pager
logging enable
logging monitor warnings
logging buffered informational
logging trap warnings
logging history informational
logging asdm notifications
logging host inside 172.18.0.27
mtu outside 1500
mtu inside 1500
mtu TPGOutside 1500
mtu internet 1500
ip local pool vpnclientpool 172.18.180.1-172.18.180.254 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-523.bin
no asdm history enable
arp timeout 14400
nat-control
global (outside) 1 203.26.59.4
global (TPGOutside) 1 203.87.59.212
global (internet) 1 172.18.181.253
nat (inside) 0 access-list 98
nat (inside) 1 0.0.0.0 0.0.0.0
nat (internet) 0 access-list 103
static (inside,outside) tcp interface telnet 172.18.0.1 telnet netmask 255.255.255.255
static (inside,outside) 192.168.160.89 access-list IBS_ACL
static (inside,internet) 172.18.181.22 172.18.0.22 netmask 255.255.255.255
static (internet,outside) 203.26.59.17 172.18.181.17 netmask 255.255.255.255
static (inside,internet) 172.18.181.58 172.18.0.58 netmask 255.255.255.255
static (internet,outside) 203.26.59.2 172.18.181.252 netmask 255.255.255.255
static (internet,outside) 203.26.59.161 172.18.181.161 netmask 255.255.255.255
static (inside,internet) 172.18.181.13 172.18.128.13 netmask 255.255.255.255
static (internet,outside) 203.26.59.11 172.18.181.11 netmask 255.255.255.255
static (inside,internet) 172.18.181.14 172.18.160.11 netmask 255.255.255.255
static (inside,internet) 172.18.181.156 172.18.0.56 netmask 255.255.255.255
static (inside,outside) 203.26.59.10 172.18.9.10 netmask 255.255.255.255
static (inside,internet) 172.18.181.15 172.18.144.19 netmask 255.255.255.255
static (internet,outside) 203.26.59.20 172.18.181.25 netmask 255.255.255.255
static (inside,internet) 172.18.181.79 172.18.0.79 netmask 255.255.255.255
static (inside,internet) 172.18.181.92 172.18.0.92 netmask 255.255.255.255
static (inside,internet) 172.18.181.100 172.18.1.100 netmask 255.255.255.255
static (inside,outside) 172.16.8.5 172.18.191.5 netmask 255.255.255.255
static (inside,outside) 172.16.8.235 172.18.191.235 netmask 255.255.255.255
static (outside,inside) 172.18.191.5 172.16.8.5 netmask 255.255.255.255
static (outside,inside) 172.18.191.235 172.16.8.235 netmask 255.255.255.255
static (internet,outside) 203.26.59.16 172.18.181.16 netmask 255.255.255.255
static (outside,outside) 172.18.191.5 172.16.8.5 netmask 255.255.255.255
static (outside,outside) 172.16.8.5 172.18.191.5 netmask 255.255.255.255
static (outside,outside) 172.16.8.235 172.18.191.235 netmask 255.255.255.255
static (outside,outside) 172.18.191.235 172.16.8.235 netmask 255.255.255.255
static (inside,internet) 172.18.181.23 172.18.0.23 netmask 255.255.255.255
static (internet,outside) 203.26.59.70 172.18.181.80 netmask 255.255.255.255
static (internet,outside) 203.26.59.71 172.18.181.81 netmask 255.255.255.255
static (internet,outside) 203.26.59.72 172.18.181.82 netmask 255.255.255.255
static (internet,outside) 203.26.59.73 172.18.181.83 netmask 255.255.255.255
static (internet,TPGOutside) 203.87.59.215 172.18.181.11 netmask 255.255.255.255
static (internet,TPGOutside) 203.87.59.210 172.18.181.252 netmask 255.255.255.255
static (internet,TPGOutside) 203.87.59.216 172.18.181.161 netmask 255.255.255.255
static (inside,TPGOutside) 203.87.59.213 172.18.9.10 netmask 255.255.255.255
static (internet,TPGOutside) 203.87.59.214 172.18.181.25 netmask 255.255.255.255
static (internet,TPGOutside) 203.87.59.217 172.18.181.80 netmask 255.255.255.255
static (internet,TPGOutside) 203.87.59.218 172.18.181.81 netmask 255.255.255.255
static (internet,TPGOutside) 203.87.59.219 172.18.181.82 netmask 255.255.255.255
static (internet,TPGOutside) 203.87.59.220 172.18.181.83 netmask 255.255.255.255
access-group outside_acl in interface outside
access-group inside_acl in interface inside
access-group TPG_outside_acl in interface TPGOutside
access-group dmz_NEW_acl in interface internet
route outside 0.0.0.0 0.0.0.0 203.26.59.1 1
route outside 10.61.12.235 255.255.255.255 203.26.59.1 1
route inside 172.18.9.0 255.255.255.0 172.18.0.1 1
route inside 172.18.128.0 255.255.252.0 172.18.0.1 1
route inside 172.18.144.0 255.255.255.0 172.18.0.1 1
route inside 172.18.160.0 255.255.255.0 172.18.0.1 1
route inside 172.18.134.0 255.255.255.0 172.18.0.1 1
route inside 172.18.148.0 255.255.255.0 172.18.0.1 1
route inside 172.18.152.0 255.255.255.0 172.18.0.1 1
route inside 172.18.154.0 255.255.255.0 172.18.0.1 1
route inside 172.18.161.0 255.255.255.0 172.18.0.1 1
route inside 172.18.132.0 255.255.255.0 172.18.0.1 1
route inside 10.0.0.0 255.0.0.0 172.18.0.1 1
route inside 172.19.0.0 255.255.0.0 172.18.0.1 1
route inside 172.20.0.0 255.252.0.0 172.18.0.1 1
route inside 172.28.0.0 255.252.0.0 172.18.0.1 1
route inside 192.168.0.0 255.255.0.0 172.18.0.1 1
route inside 172.24.0.0 255.252.0.0 172.18.0.1 1
route inside 172.17.0.0 255.255.0.0 172.18.0.1 1
route TPGOutside 143.252.148.217 255.255.255.255 203.87.59.233 1
route TPGOutside 120.151.152.243 255.255.255.255 203.87.59.233 1
route TPGOutside 101.172.42.140 255.255.255.255 203.87.59.233 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ host 172.18.0.29
timeout 5
key pixacs123
aaa-server RADIUS protocol radius
aaa authentication exclude tcp/0 TPGOutside 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0 TACACS+
aaa authentication exclude tcp/0 TPGOutside 172.18.0.0 255.255.252.0 172.18.179.0 255.255.255.0 TACACS+
aaa authentication exclude tcp/0 TPGOutside 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0 TACACS+
aaa authentication exclude tcp/0 TPGOutside 172.18.0.0 255.255.252.0 172.18.178.0 255.255.255.0 TACACS+
aaa authentication exclude tcp/0 outside 172.18.0.0 255.255.252.0 172.18.176.0 255.255.255.0 TACACS+
aaa authentication exclude tcp/0 outside 172.18.0.0 255.255.252.0 172.18.179.0 255.255.255.0 TACACS+
aaa authentication exclude tcp/0 outside 172.18.0.0 255.255.252.0 172.18.177.0 255.255.255.0 TACACS+
aaa authentication exclude tcp/0 outside 172.18.0.0 255.255.252.0 172.18.178.0 255.255.255.0 TACACS+
aaa accounting include tcp/0 outside 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 TACACS+
aaa accounting include tcp/0 TPGOutside 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 TACACS+
http server enable
http 172.18.2.147 255.255.255.255 inside
http 172.18.3.9 255.255.255.255 inside
http 172.18.1.2 255.255.255.255 inside
http 172.18.1.4 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps snmp authentication linkup linkdown coldstart
sysopt connection timewait
crypto ipsec transform-set raset esp-des esp-md5-hmac
crypto ipsec transform-set mcmtmsset esp-3des esp-md5-hmac
crypto ipsec transform-set nzset esp-3des esp-md5-hmac
crypto ipsec transform-set nzmeaset esp-3des esp-md5-hmac
crypto ipsec transform-set maqset esp-des esp-md5-hmac
crypto ipsec transform-set adeset esp-des esp-md5-hmac
crypto ipsec transform-set weak_bris esp-des esp-md5-hmac
crypto ipsec transform-set perthset esp-3des esp-md5-hmac
crypto ipsec transform-set dematic esp-3des esp-md5-hmac
crypto ipsec transform-set AllianceDist esp-3des esp-md5-hmac
crypto ipsec transform-set ibsaustset esp-3des esp-sha-hmac
crypto dynamic-map dynmap 10 set transform-set raset nzmeaset
crypto dynamic-map dynmap 30 set pfs
crypto dynamic-map dynmap 30 set transform-set ibsaustset
crypto map map1 20 set peer 210.8.162.79
crypto map map1 20 set transform-set mcmtmsset
crypto map map1 30 match address 130
crypto map map1 30 set peer 203.21.25.147
crypto map map1 30 set transform-set nzset nzmeaset
crypto map map1 50 match address 125
crypto map map1 50 set peer 203.48.99.10
crypto map map1 50 set transform-set ibsaustset
crypto map map1 60 match address 165
crypto map map1 60 set peer 202.72.174.51
crypto map map1 60 set transform-set perthset nzmeaset
crypto map map1 70 set peer 203.21.25.147
crypto map map1 70 set transform-set nzmeaset
crypto map map1 80 match address 180
crypto map map1 80 set peer 129.78.249.51
crypto map map1 80 set transform-set maqset
crypto map map1 90 set peer 203.171.113.137
crypto map map1 100 match address to_bris
crypto map map1 100 set peer 149.135.45.231
crypto map map1 100 set transform-set weak_bris
crypto map map1 110 match address Dematic
crypto map map1 110 set peer 59.154.24.161
crypto map map1 110 set transform-set dematic
crypto map map1 120 match address 190
crypto map map1 120 set peer 120.150.30.13
crypto map map1 120 set transform-set adeset
crypto map map1 130 match address 125
crypto map map1 130 set peer 203.48.99.10
crypto map map1 130 set transform-set ibsaustset
crypto map map1 140 match address AllianceDist
crypto map map1 140 set pfs
crypto map map1 140 set peer 203.29.67.250
crypto map map1 140 set transform-set AllianceDist
crypto map map1 140 set reverse-route
crypto map map1 150 match address 190
crypto map map1 150 set peer 120.150.30.13
crypto map map1 150 set transform-set adeset
crypto map map1 65535 ipsec-isakmp dynamic dynmap
crypto map map1 interface outside
crypto map map2 20 set peer 210.8.162.79
crypto map map2 20 set transform-set mcmtmsset
crypto map map2 30 match address 130
crypto map map2 30 set peer 203.21.25.147
crypto map map2 30 set transform-set nzset nzmeaset
crypto map map2 50 match address 125
crypto map map2 50 set peer 203.48.99.10
crypto map map2 50 set transform-set ibsaustset
crypto map map2 60 match address 165
crypto map map2 60 set peer 202.72.174.51
crypto map map2 60 set transform-set perthset nzmeaset
crypto map map2 70 set peer 203.21.25.147
crypto map map2 70 set transform-set nzmeaset
crypto map map2 80 match address 180
crypto map map2 80 set peer 129.78.249.51
crypto map map2 80 set transform-set maqset
crypto map map2 90 set peer 203.171.113.137
crypto map map2 100 match address to_bris
crypto map map2 100 set peer 149.135.45.231
crypto map map2 100 set transform-set weak_bris
crypto map map2 110 match address Dematic
crypto map map2 110 set peer 59.154.24.161
crypto map map2 110 set transform-set dematic
crypto map map2 120 match address 190
crypto map map2 120 set peer 120.150.30.13
crypto map map2 120 set transform-set adeset
crypto map map2 130 match address 125
crypto map map2 130 set peer 203.48.99.10
crypto map map2 130 set transform-set ibsaustset
crypto map map2 140 match address AllianceDist
crypto map map2 140 set pfs
crypto map map2 140 set peer 203.29.67.250
crypto map map2 140 set transform-set AllianceDist
crypto map map2 140 set reverse-route
crypto map map2 150 match address 190
crypto map map2 150 set peer 120.150.30.13
crypto map map2 150 set transform-set adeset
crypto map map2 65535 ipsec-isakmp dynamic dynmap
crypto map map2 interface TPGOutside
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp enable TPGOutside
crypto isakmp policy 10
authentication pre-share
encryption des
hash md5
group 1
lifetime 86400
crypto isakmp policy 20
authentication pre-share
encryption des
hash md5
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 40
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp nat-traversal 20
telnet 172.20.30.0 255.255.255.0 inside
telnet 172.18.1.0 255.255.255.0 inside
telnet 172.18.2.147 255.255.255.255 inside
telnet timeout 30
ssh 172.20.0.0 255.255.0.0 inside
ssh 172.18.1.0 255.255.255.0 inside
ssh 172.18.0.0 255.255.252.0 inside
ssh timeout 60
console timeout 0
management-access inside
dhcpd dns 208.67.222.222 interface TPGOutside
!
dhcpd dns 208.67.222.222 interface internet
!
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 1500
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect sqlnet
inspect sunrpc
inspect tftp
inspect xdmcp
inspect h323 h225
inspect dns preset_dns_map
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
!
service-policy global_policy global
ntp authenticate
ntp server 192.231.203.132
ntp server 172.18.0.15 source inside prefer
ntp server 202.158.218.239
ntp server 172.18.0.21 source inside prefer
webvpn
enable outside
enable TPGOutside
port-forward IPFXGrpPorts 5903 172.18.128.14 5900
group-policy normalgp internal
group-policy normalgp attributes
dns-server value 172.18.0.86
vpn-idle-timeout 1800
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 10
default-domain value mpl.root-domain.org
group-policy webextgrp internal
group-policy webextgrp attributes
dns-server value 172.18.0.86
vpn-idle-timeout 30
vpn-tunnel-protocol webvpn
webvpn
functions port-forward
filter value webext
port-forward value ExtGrpPorts
group-policy webIPFXgrp internal
group-policy webIPFXgrp attributes
dns-server value 172.18.0.86
vpn-idle-timeout 30
vpn-tunnel-protocol webvpn
webvpn
functions port-forward
filter value webIPFX
port-forward value IPFXGrpPorts
group-policy vdigrp internal
group-policy vdigrp attributes
dns-server value 172.18.0.86
vpn-idle-timeout 480
split-tunnel-policy tunnelspecified
split-tunnel-network-list value vdiext
group-policy NZgrp internal
group-policy NZgrp attributes
dns-server value 172.18.0.86
vpn-idle-timeout 30
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 260
group-policy drgrp internal
group-policy drgrp attributes
dns-server value 172.18.0.86
vpn-idle-timeout 30
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 250
group-policy vpn3000-tpg internal
group-policy vpn3000-tpg attributes
dns-server value 172.18.0.86 172.18.128.16
vpn-tunnel-protocol IPSec
default-domain value mpl.root-domain.org
group-policy sitegrp internal
group-policy sitegrp attributes
dns-server value 172.18.0.86
vpn-idle-timeout none
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 10
nem enable
group-policy maqgrp internal
group-policy maqgrp attributes
dns-server value 172.18.0.86
vpn-idle-timeout 480
split-tunnel-policy tunnelspecified
split-tunnel-network-list value maqdict
group-policy maqgrpext internal
group-policy maqgrpext attributes
dns-server value 172.18.0.86
vpn-idle-timeout 480
split-tunnel-policy tunnelspecified
split-tunnel-network-list value maqdictext
group-policy extgrp internal
group-policy extgrp attributes
dns-server value 172.18.0.86
vpn-idle-timeout 30
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 50
username test password ho29PScz1XtzgKy4 encrypted
username Adelaide password s40WC.yY1dohiTQO encrypted
username data3 password Y77umtVjgFhz.HOr encrypted privilege 15
username IPFX password velyMKYz4BwFvn2r encrypted
username IPFX attributes
vpn-group-policy webIPFXgrp
vpn-idle-timeout 30
webvpn
filter value webIPFX
username ibsaustralia password AJA1drxuhDXUk6O5 encrypted
username ibsaustralia attributes
vpn-group-policy webextgrp
vpn-idle-timeout 30
webvpn
filter value webext
username oswellr password 1ftGjqT964O.SDws encrypted
tunnel-group vpn3000-all type ipsec-ra
tunnel-group vpn3000-all general-attributes
address-pool vpnclientpool
authentication-server-group (outside) TACACS+
authentication-server-group (TPGOutside) TACACS+
default-group-policy normalgp
tunnel-group vpn3000-all ipsec-attributes
pre-shared-key *
tunnel-group vpn3000-bris type ipsec-ra
tunnel-group vpn3000-bris general-attributes
default-group-policy sitegrp
tunnel-group vpn3000-bris ipsec-attributes
pre-shared-key *
tunnel-group vpn3000-ext type ipsec-ra
tunnel-group vpn3000-ext general-attributes
address-pool vpnclientpool
authentication-server-group (outside) TACACS+
authentication-server-group (TPGOutside) TACACS+
default-group-policy extgrp
tunnel-group vpn3000-ext ipsec-attributes
pre-shared-key *
tunnel-group vpn3000-ade type ipsec-ra
tunnel-group vpn3000-ade general-attributes
default-group-policy sitegrp
tunnel-group vpn3000-ade ipsec-attributes
pre-shared-key *
tunnel-group 202.27.193.225 type ipsec-l2l
tunnel-group 202.27.193.225 ipsec-attributes
pre-shared-key *
tunnel-group 203.21.25.147 type ipsec-l2l
tunnel-group 203.21.25.147 ipsec-attributes
pre-shared-key *
tunnel-group 210.8.162.79 type ipsec-l2l
tunnel-group 210.8.162.79 ipsec-attributes
pre-shared-key *
tunnel-group 129.78.249.51 type ipsec-l2l
tunnel-group 129.78.249.51 ipsec-attributes
pre-shared-key *
tunnel-group 203.53.30.194 type ipsec-l2l
tunnel-group 203.53.30.194 ipsec-attributes
pre-shared-key *
tunnel-group 203.171.113.137 type ipsec-l2l
tunnel-group 150.101.185.208 type ipsec-l2l
tunnel-group 150.101.185.208 ipsec-attributes
pre-shared-key *
tunnel-group 202.72.174.51 type ipsec-l2l
tunnel-group 202.72.174.51 ipsec-attributes
pre-shared-key *
tunnel-group 59.154.24.161 type ipsec-l2l
tunnel-group 59.154.24.161 ipsec-attributes
pre-shared-key *
tunnel-group vpn3000-maq type ipsec-ra
tunnel-group vpn3000-maq general-attributes
address-pool vpnclientpool
authentication-server-group (outside) TACACS+
authentication-server-group (TPGOutside) TACACS+
default-group-policy maqgrp
tunnel-group vpn3000-maq ipsec-attributes
pre-shared-key *
tunnel-group vpn3000-vdi type ipsec-ra
tunnel-group vpn3000-vdi general-attributes
address-pool vpnclientpool
authentication-server-group (outside) TACACS+
default-group-policy vdigrp
tunnel-group vpn3000-vdi ipsec-attributes
pre-shared-key *
tunnel-group 202.7.242.139 type ipsec-l2l
tunnel-group 202.7.242.139 ipsec-attributes
pre-shared-key *
tunnel-group 203.48.99.10 type ipsec-l2l
tunnel-group 203.48.99.10 ipsec-attributes
pre-shared-key *
tunnel-group vpn3000-dr type ipsec-ra
tunnel-group vpn3000-dr general-attributes
address-pool vpnclientpool
authentication-server-group (outside) TACACS+
authentication-server-group (TPGOutside) TACACS+
default-group-policy drgrp
tunnel-group vpn3000-dr ipsec-attributes
pre-shared-key *
tunnel-group vpn3000-NZ type ipsec-ra
tunnel-group vpn3000-NZ general-attributes
address-pool vpnclientpool
authentication-server-group (outside) TACACS+
authentication-server-group (TPGOutside) TACACS+
default-group-policy NZgrp
tunnel-group vpn3000-NZ ipsec-attributes
pre-shared-key *
tunnel-group vpn3000-maqext type ipsec-ra
tunnel-group vpn3000-maqext general-attributes
address-pool vpnclientpool
authentication-server-group (outside) TACACS+
authentication-server-group (TPGOutside) TACACS+
default-group-policy maqgrpext
tunnel-group vpn3000-maqext ipsec-attributes
pre-shared-key *
tunnel-group 203.29.67.250 type ipsec-l2l
tunnel-group 203.29.67.250 ipsec-attributes
pre-shared-key *
tunnel-group 149.135.45.231 type ipsec-l2l
tunnel-group 149.135.45.231 ipsec-attributes
pre-shared-key *
tunnel-group 120.150.30.13 type ipsec-l2l
tunnel-group 120.150.30.13 ipsec-attributes
pre-shared-key *
tunnel-group vpn3000-test type ipsec-ra
tunnel-group vpn3000-tpg type ipsec-ra
tunnel-group vpn3000-tpg general-attributes
address-pool vpnclientpool
authentication-server-group (TPGOutside) TACACS+
default-group-policy normalgp
tunnel-group vpn3000-tpg ipsec-attributes
pre-shared-key *
prompt hostname context
Cryptochecksum:a941e7020d28eafa84ee4e39503320e1
: end
macmillan# ex
Logoff
10-09-2014 01:53 AM
Hi,
Going through the configuration , i don't see any issues that might prevent full throughput thru the ASA device.
I would although recommend that you should upgrade the ASA code to the ASA 8.2.5 code as that might help.
Also , are we seeing any performance issues (ex:- High CPU , High Memory , Interface errors etc) on the ASA device ?
Thanks and Regards,
Vibhor Amrodia
10-09-2014 08:06 AM
Can you set speed 1000 and duplex full on every interface of your ASA ?
10-09-2014 02:53 PM
Hi Walter
Done, but it still makes no difference - 10 Meg through.
Vibhor - this device runs at around 5% CPU, and 212 Meg memory. We're not seeing any interface errors.
Thanks
Chris
10-09-2014 05:23 PM
Hi,
I think it would be best now to open a TAC case now for this as I don't think that the ASA device is causing the issue. Were you able o upgrade the IOS to 8.2.5 ?
If possible , share the show tech output from the ASA device and a brief topology ?
Thanks and Regards,
Vibhor Amrodia
10-09-2014 11:32 PM
Can you set speed 1000 and duplex full on every port of the switch where the ASA is connected ?
10-12-2014 03:17 PM
Hi Walter
That has been set, but still the same.
Thanks
Chris
10-09-2014 07:33 PM
What kind of speedtest are you doing? Can you test UDP throughput as well? If there aren't any interface errors or drops it could be a TCP issue (windowing etc)..
I'd set up an iperf service on one of the segments and push both TCP and UDP traffic and see how it handles each one. If only TCP is slow, I'd do some packet captures and look at the TCP details (especially windowing info).
While the datasheets are inflated, you should easily get over 100 Mbps out the 5520. We had a few in production and easily got over 200 Mbps of Internet throughput.
10-09-2014 07:33 PM
Hi
I'm just using speedtest.net. When I direct connected it to the provider NTU I got the rates up in the high 90s, but through the ASA down at 10 Meg. I'll run up iperf and test.
Thanks
Chris
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide