Hello Tim,

Here is the output

show run

: Saved

:

ASA Version 8.3(1)

!

hostname ASA-C5505

domain-name Addy.com

interface Vlan1

description LAN_INTERFACE

nameif inside

security-level 100

ip address 10.10.10.1 255.255.255.0

!

interface Vlan2

description WAN_INTERFACE

nameif outside

security-level 0

ip address_PUBLIC_IP 255.255.255.252

!

interface Vlan999

no forward interface Vlan1

no nameif

no security-level

no ip address

!

interface Ethernet0/0

description CONNECTION TO WAN (ISP)

switchport access vlan 2

!

interface Ethernet0/1

description LAN Inetface

!

interface Ethernet0/2

description LAN Inetface

!

interface Ethernet0/3

!

interface Ethernet0/4

switchport access vlan 999

shutdown

!

interface Ethernet0/5

switchport access vlan 999

shutdown

!

interface Ethernet0/6

switchport access vlan 999

shutdown

!

interface Ethernet0/7

switchport access vlan 999

shutdown

!

banner login ^C

#####

#####

###

banner login ^C

boot system disk0:/asa831-k8.bin

ftp mode passive

clock timezone MSD 3

clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 3:00

dns domain-lookup outside

dns server-group DNS_IP-ADDRESSS

dns server-group DefaultDNS

name-server 210.xx.xx.xx

name-server 192.xx.xx.x

domain-name ADDY.com

dns server-group ISP-DNS_IP-ADDRESSS

name-server 192.xx.xx.x

name-server 210.xx.xx.xx

same-security-traffic permit inter-interface

same-security-traffic permit intra-interface

object network obj_any

subnet 0.0.0.0 0.0.0.0

object network NAT_POOL_OUTSIDE

host 210.xx.xx.xx

object network ADDY_LAN

subnet 10.10.10.0 255.255.255.0

object network ADDYLAN

subnet 10.10.10.0 255.255.255.0

object network A

subnet 10.10.2.0 255.255.255.0

object-group network B

network-object 10.20.0.0 255.254.0.0

network-object 10.29.0.0 255.255.0.0

object-group protocol TCP_UDP

protocol-object tcp

protocol-object udp

access-list VPN-TO-A extended permit ip object ADDYLAN object A log

access-list VPN-TO-B extended permit ip object ADDYLAN object-group B

access-list NONAT extended permit ip 10.10.10.0 255.255.255.0 object A

access-list NONAT extended permit ip 10.10.10.0 255.255.255.0 object-group B

access-list OUTSIDE_IN extended permit ip 10.10.10.0 255.255.255.0 object A

access-list OUTSIDE_IN extended permit ip 10.10.10.0 255.255.255.0 object-group B

access-list OUTSIDE_IN extended permit udp any any

access-list OUTSIDE_IN extended permit tcp any any

access-list OUTSIDE_IN extended permit icmp any any echo

access-list OUTSIDE_IN extended permit icmp any any time-exceeded

access-list OUTSIDE_IN extended permit tcp any interface outside eq www

access-list OUTSIDE_IN extended permit tcp any interface outside eq https

access-list OUTSIDE_IN extended permit icmp any any echo-reply

access-list OUTSIDE_IN extended deny ip any any log

pager lines 24

logging enable

logging asdm informational

logging device-id hostname

logging flash-bufferwrap

logging flash-maximum-allocation 10000

mtu inside 1500

mtu outside 1500

ip local pool Remote-Pool 192.168.92.100-192.168.92.200 mask 255.255.255.0

icmp unreachable rate-limit 1 burst-size 1

icmp permit any inside

icmp permit any outside

asdm image disk0:/asdm-631.bin

no asdm history enable

arp timeout 14400

nat (inside,outside) source static ADDYLAN ADDYLAN destination static B B

nat (inside,outside) source static ADDYLAN ADDYLAN destination static A A

!

object network obj_any

nat (inside,outside) dynamic interface

object network ADDY_LAN

nat (inside,outside) dynamic interface

access-group OUTSIDE_IN in interface outside

route outside 0.0.0.0 0.0.0.0 195.xx.xx.xx 1

1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

dynamic-access-policy-record DfltAccessPolicy

aaa authentication ssh console LOCAL

aaa authentication enable console LOCAL

aaa authentication http console LOCAL

aaa authentication serial console LOCAL

aaa authentication telnet console LOCAL

http server enable

http ADDY_LAN 255.255.255.0 inside

http A_PUBLIC_IP 255.255.255.255 outside

http 0.0.0.0 0.0.0.0 outside

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

crypto ipsec transform-set ADDY_TRANSFORMSET_4 esp-des esp-sha-hmac

crypto ipsec transform-set ADDY_TRANSFORMSET_5 esp-des esp-md5-hmac

crypto ipsec security-association lifetime seconds 28800

crypto ipsec security-association lifetime kilobytes 4608000

crypto ipsec df-bit clear-df outside

crypto map VPN_OUTSIDE_MAP 1 match address VPN-TO-A

crypto map VPN_OUTSIDE_MAP 1 set pfs

crypto map VPN_OUTSIDE_MAP 1 set peer A_PUBLIC_IP

crypto map VPN_OUTSIDE_MAP 1 set transform-set ADDY_TRANSFORMSET_4

crypto map VPN_OUTSIDE_MAP 1 set security-association lifetime seconds 86400

crypto map VPN_OUTSIDE_MAP 1 set nat-t-disable

crypto map VPN_OUTSIDE_MAP 1 set reverse-route

crypto map VPN_OUTSIDE_MAP 2 match address VPN-TO-B

crypto map VPN_OUTSIDE_MAP 2 set pfs

crypto map VPN_OUTSIDE_MAP 2 set peer B_PUBLIC_IP

crypto map VPN_OUTSIDE_MAP 2 set transform-set ADDY_TRANSFORMSET_4

crypto map VPN_OUTSIDE_MAP 2 set security-association lifetime seconds 86400

crypto map VPN_OUTSIDE_MAP 2 set nat-t-disable

crypto map VPN_OUTSIDE_MAP 2 set reverse-route

crypto isakmp policy 10

authentication pre-share

encryption des

hash sha

group 2

lifetime 86400

crypto isakmp policy 40

authentication pre-share

encryption des

hash sha

group 1

lifetime 86400

crypto isakmp policy 60

authentication pre-share

encryption des

hash md5

group 5

lifetime 86400

telnet ADDY_LAN 255.255.255.0 inside

telnet timeout 5

ssh ADDY_LAN 255.255.255.0 inside

ssh timeout 20

console timeout 0

dhcpd domain Addy.com

dhcpd auto_config outside

!

dhcpd address 10.10.10.10-10.10.10.30 inside

dhcpd dns 8.8.8.8 212.xx.xx.xx. interface inside

dhcpd enable inside

!

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

ssl encryption des-sha1

webvpn

username Addy password D6xlUA8LqZTAMZPD encrypted

tunnel-group PUBLIC_IP _A type ipsec-l2l

tunnel-group PUBLIC_IP _A ipsec-attributes

pre-shared-key *****

tunnel-group PUBLIC_IP _B type ipsec-l2l

tunnel-group PUBLIC_IP _B ipsec-attributes

pre-shared-key *****

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

  message-length maximum client auto

  message-length maximum 512

policy-map global_policy

class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect rsh

  inspect rtsp

  inspect esmtp

  inspect sqlnet

  inspect skinny 

  inspect sunrpc

  inspect xdmcp

  inspect sip 

  inspect netbios

  inspect tftp

  inspect ip-options

  inspect icmp

!

service-policy global_policy global

privilege cmd level 3 mode exec command perfmon

prompt hostname context

call-home

profile CiscoTAC-1

  no active

  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService

  destination address email callhome@cisco.com

  destination transport-method http

  subscribe-to-alert-group diagnostic

  subscribe-to-alert-group environment

  subscribe-to-alert-group inventory periodic monthly

  subscribe-to-alert-group configuration periodic monthly

  subscribe-to-alert-group telemetry periodic daily

Cryptochecksum:7a4c6b079c3568066aeb21a44ca012c7

: end

Hello All,

Here is the solution to this Problem;

These three command will resolve it and enable ASDM as well

management-access inside

crypto key zeroize rsa default

crypto key generate rsa general-keys

HTH

DaK