Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1148
Views
0
Helpful
2
Replies

Unable to ping website address

Muthukumar P
Level 1
Level 1

‎04-19-2017 08:58 PM - edited ‎03-12-2019 02:14 AM

Hi team,

                suddenly we unable to ping website address but can able to access the website . I couldn't able to find the root cause..

For ex..  can't able to ping google.com but can able to access google.com website.. Please find the following ASA configuration for your reference and do the neeful..

------------------ show running-config ------------------

: Saved

:
: Serial Number: FCH19327YUH
: Hardware:   ASA5525, 8192 MB RAM, CPU Lynnfield 2394 MHz, 1 CPU (4 cores)
:
ASA Version 9.4(3)12
!
hostname WVI-ASA-PRIMARY
domain-name wvindia.org
enable password <removed>
passwd <removed>
names
ip local pool Remote_VPN 192.168.200.1-192.168.200.30 mask 255.255.255.0
!
interface GigabitEthernet0/0
<--- More --->
              
 nameif outside
 security-level 0
 ip address 10.91.1.2 255.255.255.0 standby 10.91.1.3
!
interface GigabitEthernet0/1
 nameif inside
 security-level 100
 ip address 192.168.2.1 255.255.255.0 standby 192.168.2.2
!
interface GigabitEthernet0/2
 nameif DMZ
 security-level 20
 ip address 192.168.100.3 255.255.255.0 standby 192.168.100.4
!
interface GigabitEthernet0/3
 description LAN Failover Interface
!
interface GigabitEthernet0/4
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/5
<--- More --->
              
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/6
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/7
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 management-only
 nameif ASASFR
 security-level 100
 ip address 192.168.3.7 255.255.255.0 standby 192.168.3.8
!
!
<--- More --->
              
time-range mahiba
 absolute start 15:25 07 October 2016 end 15:36 07 October 2016
 periodic daily 0:00 to 23:59
!
boot system disk0:/asa943-12-smp-k8.bin
ftp mode passive
clock timezone IST 5 30
dns domain-lookup outside
dns domain-lookup inside
dns domain-lookup DMZ
dns server-group DefaultDNS
 name-server 192.168.100.33
 domain-name wvindia.org
dns server-group Secondary
 name-server 192.168.100.135
 domain-name wvindia.org
dns server-group defaultDNS
same-security-traffic permit intra-interface
object network obj-192.168.10.0
 subnet 192.168.10.0 255.255.255.0
object network obj-192.168.11.0
 subnet 192.168.11.0 255.255.255.0
object network obj-192.168.12.0
 subnet 192.168.12.0 255.255.255.0
<--- More --->
              
object network obj-192.168.13.0
 subnet 192.168.13.0 255.255.255.0
object network obj-192.168.14.0
 subnet 192.168.14.0 255.255.255.0
object network obj-192.168.15.0
 subnet 192.168.15.0 255.255.255.0
object network obj-192.168.16.0
 subnet 192.168.16.0 255.255.255.0
object network obj-192.168.17.0
 subnet 192.168.17.0 255.255.255.0
object network obj-192.168.18.0
 subnet 192.168.18.0 255.255.255.0
object network obj-192.168.100.21
 host 192.168.100.21
object network obj-192.168.100.155
 host 192.168.100.155
object network obj-192.168.100.60
 host 192.168.100.60
object network obj-192.168.100.103
 host 192.168.100.103
object network obj-192.168.100.30
 host 192.168.100.30
object network obj-192.168.100.50
 host 192.168.100.50
<--- More --->
              
object network obj-192.168.100.33
 host 192.168.100.33
object network obj-192.168.100.10
 host 192.168.100.10
object network obj-192.168.100.35
 host 192.168.100.35
object network obj-192.168.100.11
 host 192.168.100.11
object network obj-192.168.100.12
 host 192.168.100.12
object network obj-192.168.100.20
 host 192.168.100.20
object network obj-192.168.100.13
 host 192.168.100.13
object network obj-192.168.100.34
 host 192.168.100.34
object network obj-192.168.100.101
 host 192.168.100.101
object network obj-192.168.100.102
 host 192.168.100.102
object network obj-192.168.100.104
 host 192.168.100.104
object network obj-192.168.100.105
 host 192.168.100.105
<--- More --->
              
object network obj-192.168.100.135
 host 192.168.100.135
object network obj-192.168.100.133
 host 192.168.100.133
object network obj-192.168.100.44
 host 192.168.100.44
object network obj-192.168.100.5
 host 192.168.100.5
object network obj-192.168.100.15
 host 192.168.100.15
object network obj-192.168.100.108
 host 192.168.100.108
object network obj-192.168.30.5
 host 192.168.30.5
object network obj-192.168.44.0
 subnet 192.168.44.0 255.255.254.0
object network object-192.168.20.0
object network object-192.168.20.10
object network obj-192.168.20.10
 host 192.168.20.10
object network obj-192.168.100.0
 subnet 192.168.100.0 255.255.255.0
object network obj-192.168.0.0
 subnet 192.168.0.0 255.255.0.0
<--- More --->
              
object network obj-172.20.1.10
 host 172.20.1.10
object network obj-10.91.0.0
 subnet 10.91.0.0 255.255.0.0
object network obj-192.168.2.0
 subnet 192.168.2.0 255.255.255.0
object network NETWORK_OBJ_192.168.200.0_27
 subnet 192.168.200.0 255.255.255.224
object network NETWORK_OBJ_192.168.100.0_24
 subnet 192.168.100.0 255.255.255.0
object network NETWORK_OBJ_10.91.1.0_24
 subnet 10.91.1.0 255.255.255.0
object network obj-10.91.100.0
 subnet 10.91.100.0 255.255.255.0
object network obj-192.168.100.14
 host 192.168.100.14
object network NETWORK_OBJ_192.168.100.108
 host 192.168.100.108
object network obj-amzn
 subnet 10.0.0.0 255.255.0.0
object network obj-192.168.3.0
 subnet 192.168.3.0 255.255.255.0
object network obj-192.168.3.6
 host 192.168.3.6
<--- More --->
              
object network NETWORK_OBJ_192.168.100.35
 host 192.168.100.35
object network NETWORK_OBJ_192.168.100.50
 host 192.168.100.50
object network NETWORK_OBJ_192.168.100.12
 host 192.168.100.12
object network NETWORK_OBJ_192.168.30.5
 host 192.168.30.5
object network obj-10.91.1.0
 subnet 10.91.1.0 255.255.255.0
object network obj-10.10.1.0
 subnet 10.10.1.0 255.255.255.0
object network NETWORK_OBJ_192.168.100.11
 host 192.168.100.11
object network NETWORK_OBJ_192.168.100.20
 host 192.168.100.20
object network NETWORK_OBJ_192.168.100.60
 host 192.168.100.60
object network NETWORK_OBJ_192.168.100.103
 host 192.168.100.103
object network obj-192.168.100.22
 host 192.168.100.22
object network obj-InternetDeny
object network obj-192.168.100.23
<--- More --->
              
 host 192.168.100.23
object network obj-192.168.100.24
 host 192.168.100.24
object network obj-192.168.100.25
 host 192.168.100.25
object network obj-192.168.100.74
 host 192.168.100.74
object network obj-192.168.100.75
 host 192.168.100.75
object network obj-192.168.100.76
 host 192.168.100.76
object network obj-192.168.100.177
 host 192.168.100.177
object network obj-192.168.100.71
 host 192.168.100.71
object network obj-192.168.100.72
 host 192.168.100.72
object network NETWORK_OBJ_192.168.100.155
 host 192.168.100.155
object network 192.168.100.73
 host 192.168.100.73
object network obj-192.168.100.73
 host 192.168.100.73
object-group network DM_INLINE_NETWORK_1
<--- More --->
              
 network-object host 192.168.100.14
 network-object host 192.168.100.15
object-group network DM_INLINE_NETWORK_2
 network-object 10.91.1.0 255.255.255.0
 network-object object obj-10.91.0.0
object-group service DM_INLINE_TCP_1 tcp
 port-object eq www
 port-object eq https
 port-object eq smtp
 port-object eq lotusnotes
object-group service DM_INLINE_TCP_2 tcp
 port-object eq www
 port-object eq https
object-group network SOC_VPN
object-group service DM_INLINE_TCP_4 tcp
 port-object eq www
 port-object eq https
object-group service DM_INLINE_TCP_5 tcp
 port-object eq www
 port-object eq https
object-group service DM_INLINE_TCP_6 tcp
 port-object eq www
 port-object eq https
 port-object eq smtp
<--- More --->
              
object-group service DM_INLINE_TCP_22 tcp
 port-object eq www
 port-object eq https
 port-object eq smtp
object-group service DM_INLINE_TCP_8 tcp
 port-object eq www
 port-object eq https
 port-object eq smtp
object-group service DM_INLINE_TCP_9 tcp
 port-object eq www
 port-object eq https
object-group service DM_INLINE_TCP_10 tcp
 port-object eq 8030
 port-object eq 8031
 port-object eq 8090
 port-object eq www
 port-object eq https
object-group service DM_INLINE_TCP_11 tcp
 port-object eq www
 port-object eq https
object-group service DM_INLINE_TCP_12 tcp
 port-object eq www
 port-object eq https
object-group service DM_INLINE_TCP_13 tcp
<--- More --->
              
 port-object eq www
 port-object eq https
object-group service DM_INLINE_TCP_14 tcp
 port-object eq 81
 port-object eq 82
 port-object eq www
 port-object eq 88
 port-object eq https
object-group service DM_INLINE_TCP_15 tcp
 port-object eq 81
 port-object eq 82
 port-object eq www
 port-object eq https
object-group service DM_INLINE_TCP_16 tcp
 port-object eq www
 port-object eq https
object-group network DM_INLINE_NETWORK_3
 network-object host 199.168.149.17
 network-object host 199.168.149.20
 network-object host 199.168.150.17
 network-object host 199.168.150.20
 network-object host 199.168.151.17
 network-object host 199.168.151.20
object-group service DM_INLINE_TCP_17 tcp
<--- More --->
              
 port-object eq domain
 port-object eq www
 port-object eq https
object-group service DM_INLINE_TCP_18 tcp
 port-object eq 1433
 port-object eq 50001
 port-object eq www
 port-object eq https
object-group service DM_INLINE_TCP_19 tcp
 port-object eq www
 port-object eq https
 port-object eq smtp
object-group service DM_INLINE_TCP_20 tcp
 port-object eq www
 port-object eq https
object-group service DM_INLINE_SERVICE_1
 service-object tcp destination eq 161
 service-object tcp destination eq 162
 service-object tcp destination eq 2055
 service-object tcp destination eq www
 service-object udp destination eq 2055
 service-object udp destination eq snmp
 service-object udp destination eq snmptrap
 service-object tcp destination eq https
<--- More --->
              
 service-object udp destination eq syslog
object-group service DM_INLINE_UDP_1 udp
 port-object eq ntp
 port-object eq snmp
 port-object eq snmptrap
object-group service DM_INLINE_TCP_3 tcp
 port-object eq www
 port-object eq https
object-group service DM_INLINE_SERVICE_2
 service-object tcp-udp destination eq 92
 service-object tcp destination eq 81
 service-object tcp destination eq 82
 service-object tcp destination eq 88
 service-object tcp destination eq www
 service-object tcp destination eq https
object-group network DM_INLINE_NETWORK_6
 network-object 13.107.4.0 255.255.255.0
 network-object 191.234.4.0 255.255.255.0
 network-object 23.2.16.0 255.255.255.0
 network-object 23.212.50.0 255.255.255.0
 network-object 23.57.69.0 255.255.255.0
 network-object host 96.17.180.120
 network-object 115.112.2.0 255.255.255.0
object-group network DM_INLINE_NETWORK_8
<--- More --->
              
 network-object host 202.54.154.50
 network-object host 202.71.146.235
object-group network NO2KL
 network-object object obj-10.91.1.0
 network-object object obj-10.91.100.0
object-group service DM_INLINE_SERVICE_3
 service-object tcp-udp destination eq 88
 service-object tcp destination eq www
 service-object tcp destination eq https
object-group network test
object-group network DM_INLINE_NETWORK_4
 network-object host 192.168.100.14
 network-object host 192.168.100.15
object-group network DM_INLINE_NETWORK_10
 network-object 182.72.239.64 255.255.255.248
 network-object 182.73.185.144 255.255.255.252
object-group network DM_INLINE_NETWORK_11
 network-object 182.72.239.64 255.255.255.248
 network-object 182.73.185.144 255.255.255.252
object-group network DM_INLINE_NETWORK_5
 network-object host 192.168.100.14
 network-object host 192.168.100.15
object-group network ZSC_LDAP_IP
 network-object host 104.129.193.85
<--- More --->
              
 network-object host 104.129.195.85
 network-object host 104.129.197.85
 network-object host 104.129.197.102
 network-object host 104.129.195.102
 network-object host 104.129.193.102
 network-object host 104.129.193.65
 network-object host 104.129.195.65
 network-object host 104.129.197.65
 network-object host 104.129.193.103
 network-object host 104.129.195.103
 network-object host 104.129.197.103
object-group service DM_INLINE_TCP_7 tcp
 port-object eq 25001
 port-object eq www
object-group network DM_INLINE_NETWORK_12
 network-object host 192.168.100.14
 network-object host 192.168.100.15
object-group network DM_INLINE_NETWORK_13
 network-object host 192.168.100.14
 network-object host 192.168.100.15
object-group network DM_INLINE_NETWORK_14
 network-object host 163.172.32.234
 network-object host 95.213.192.71
 network-object host 95.213.186.51
<--- More --->
              
 network-object host 176.9.174.220
 network-object host 193.9.28.75
 network-object host 185.169.229.24
object-group service DM_INLINE_TCP_21 tcp
 port-object eq www
 port-object eq https
object-group network InternetDeny
 network-object host 192.168.13.223
object-group service DM_INLINE_SERVICE_4
 service-object ip
 service-object udp
 service-object tcp destination eq www
 service-object tcp destination eq https
object-group service DM_INLINE_TCP_23 tcp
 port-object eq www
 port-object eq https
 port-object eq smtp
object-group network DM_INLINE_NETWORK_17
 network-object host 192.168.100.14
 network-object host 192.168.100.15
object-group network DM_INLINE_NETWORK_18
 network-object host 192.168.100.21
 network-object host 192.168.100.22
object-group network NTT_DC
<--- More --->
              
 network-object host 180.179.168.193
 network-object host 180.179.168.194
 network-object host 180.179.168.195
 network-object host 180.179.168.196
 network-object host 180.179.58.248
 network-object host 182.73.185.146
 network-object host 202.71.149.1
 network-object host 202.71.149.6
object-group network DM_INLINE_NETWORK_19
 network-object host 199.168.149.17
 network-object host 199.168.149.20
 network-object host 199.168.150.17
 network-object host 199.168.150.20
 network-object host 199.168.151.17
 network-object host 199.168.151.20
object-group network DM_INLINE_NETWORK_20
 network-object host 192.168.100.21
 network-object host 192.168.100.22
object-group service block80 tcp
 port-object eq www
 port-object eq https
object-group network obj_IDM
 network-object host 192.168.100.71
 network-object host 192.168.100.72
<--- More --->
              
 network-object host 192.168.100.74
 network-object host 192.168.100.75
 network-object host 192.168.100.76
 network-object object 192.168.100.73
object-group service DM_INLINE_TCP_24 tcp
 port-object eq www
 port-object eq https
 port-object eq smtp
object-group service DM_INLINE_TCP_25 tcp
 port-object eq 81
 port-object eq 82
 port-object eq www
 port-object eq 88
 port-object eq https
access-list inside remark Malware ip as per secure works
access-list inside extended deny object-group DM_INLINE_SERVICE_4 any4 object-group DM_INLINE_NETWORK_14 log disable
access-list inside extended permit udp host 192.168.44.9 host 192.168.100.133 object-group DM_INLINE_UDP_1
access-list inside remark windows update- c-msedge.net
access-list inside extended deny ip any object-group DM_INLINE_NETWORK_6
access-list inside remark lotus mail
access-list inside extended deny ip any4 object-group DM_INLINE_NETWORK_8
access-list inside extended permit ip any4 any4
access-list DMZ extended permit ip any4 any4
access-list outside extended deny ip host 78.188.169.77 any
<--- More --->
              
access-list outside extended deny ip host 111.67.36.251 host 192.168.100.20
access-list outside extended deny ip host 52.71.62.77 any4
access-list outside extended permit tcp object-group ZSC_LDAP_IP host 192.168.100.33 eq ldap inactive
access-list outside extended permit tcp object-group ZSC_LDAP_IP host 192.168.100.135 eq ldap
access-list outside extended permit object-group DM_INLINE_SERVICE_1 any host 192.168.100.5
access-list outside extended permit tcp any4 host 192.168.100.11 object-group DM_INLINE_TCP_2
access-list outside extended permit object-group DM_INLINE_SERVICE_2 any host 192.168.100.12
access-list outside extended permit tcp any host 192.168.100.14 object-group DM_INLINE_TCP_4
access-list outside extended permit tcp any host 192.168.100.15 object-group DM_INLINE_TCP_5 inactive
access-list outside extended permit tcp any4 host 192.168.100.20 object-group DM_INLINE_TCP_1
access-list outside extended permit tcp any4 host 192.168.100.21 object-group DM_INLINE_TCP_6
access-list outside extended permit tcp any4 host 192.168.100.22 object-group DM_INLINE_TCP_6
access-list outside extended permit tcp any host 192.168.100.25 object-group DM_INLINE_TCP_8
access-list outside extended permit tcp object-group DM_INLINE_NETWORK_11 host 192.168.100.33 eq ldap
access-list outside extended permit tcp any host 192.168.100.33 object-group DM_INLINE_TCP_9
access-list outside extended permit tcp any host 192.168.100.35 object-group DM_INLINE_TCP_10
access-list outside extended permit tcp any host 192.168.100.44 object-group DM_INLINE_TCP_11
access-list outside extended permit tcp any host 192.168.100.50 object-group DM_INLINE_TCP_12
access-list outside extended permit tcp any4 host 192.168.100.60 object-group DM_INLINE_TCP_13
access-list outside extended permit tcp any4 host 192.168.100.30 object-group DM_INLINE_TCP_14
access-list outside extended permit tcp any4 host 192.168.100.103 object-group DM_INLINE_TCP_15
access-list outside extended permit object-group DM_INLINE_SERVICE_3 any4 host 192.168.100.108
access-list outside extended permit tcp any4 host 192.168.100.133 object-group DM_INLINE_TCP_16
access-list outside extended permit tcp object-group DM_INLINE_NETWORK_19 host 192.168.100.33 eq ldap inactive
<--- More --->
              
access-list outside extended permit tcp object-group DM_INLINE_NETWORK_3 host 192.168.100.135 eq ldap
access-list outside extended permit tcp object-group DM_INLINE_NETWORK_10 host 192.168.100.135 eq ldap
access-list outside extended permit tcp host 72.52.96.4 host 192.168.100.135 eq ldap
access-list outside extended permit tcp any4 host 192.168.100.135 object-group DM_INLINE_TCP_17
access-list outside extended permit icmp any4 any4
access-list outside extended permit tcp any4 host 192.168.100.155 object-group DM_INLINE_TCP_18
access-list outside extended permit tcp any host 192.168.100.176 object-group DM_INLINE_TCP_20
access-list outside extended permit ip host 111.67.36.10 any4
access-list outside extended permit tcp any4 host 192.168.20.10 object-group DM_INLINE_TCP_7
access-list outside extended permit tcp any host 192.168.30.5 object-group DM_INLINE_TCP_19
access-list outside extended permit udp 10.91.1.0 255.255.255.0 host 172.20.1.10 eq syslog
access-list outside extended permit tcp 10.91.1.0 255.255.255.0 host 172.20.1.10 eq rsh
access-list outside extended permit ip host 172.29.1.16 any4 inactive
access-list outside extended permit tcp any4 host 192.168.100.23 object-group DM_INLINE_TCP_22
access-list outside extended permit tcp any4 host 192.168.100.24 object-group DM_INLINE_TCP_23
access-list outside extended permit tcp any4 host 192.168.100.102 object-group DM_INLINE_TCP_24
access-list outside extended permit tcp any4 host 192.168.100.73 object-group DM_INLINE_TCP_25
access-list outside extended permit tcp host 180.179.25.229 host 61.8.146.97
access-list outside extended permit tcp host 180.179.25.229 host 121.242.139.161
access-list SFR extended permit ip any any
access-list netflow-export extended permit ip any4 any4
access-list acl_NTT extended permit ip object obj-192.168.0.0 object obj-10.10.1.0
access-list KL extended permit ip object obj-10.91.0.0 object obj-172.20.1.10
access-list Hcms-Server_splitTunnelAcl standard permit host 192.168.100.14
<--- More --->
              
access-list Hcms-Server_splitTunnelAcl standard permit host 192.168.100.15
access-list idms-Server_splitTunnelAcl standard permit host 192.168.30.5
access-list acl-POC standard permit host 192.168.100.11
access-list A3u?r3Q+)kB/G#f6_splitTunnelAcl standard permit host 192.168.30.5
access-list idms-Server_splitTunnelAcl_1 standard permit host 192.168.30.5
access-list Akshaya-Server_splitTunnelAcl standard permit host 192.168.100.35
access-list idms-Server_splitTunnelAcl_2 standard permit host 192.168.30.5
access-list Hcms-Server_splitTunnelAcl_1 standard permit host 192.168.100.14
access-list Hcms-Server_splitTunnelAcl_1 standard permit host 192.168.100.15
access-list SharePoint_splitTunnelAcl standard permit host 192.168.100.105
access-list SharePoint_splitTunnelAcl standard permit host 192.168.100.103
access-list SharePoint_splitTunnelAcl standard permit host 192.168.100.102
access-list SharePoint_splitTunnelAcl standard permit host 192.168.100.25
access-list SharePoint_splitTunnelAcl standard permit host 192.168.100.24
access-list SharePoint_splitTunnelAcl standard permit host 192.168.100.23
access-list SharePoint_splitTunnelAcl standard permit host 192.168.100.21
access-list SharePoint_splitTunnelAcl standard permit host 192.168.100.22
access-list SharePoint_splitTunnelAcl standard permit host 192.168.100.101
access-list Kendra-Server_splitTunnelAcl standard permit host 192.168.100.103
access-list nw-admin_splitTunnelAcl standard permit 192.168.100.0 255.255.255.0
access-list split-tunnel standard permit 192.168.0.0 255.255.0.0
access-list POC-Server_splitTunnelAcl standard permit host 192.168.100.71
access-list POC-Server_splitTunnelAcl standard permit host 192.168.100.72
access-list POC-Server_splitTunnelAcl standard permit host 192.168.100.73
<--- More --->
              
access-list POC-Server_splitTunnelAcl standard permit host 192.168.100.74
access-list POC-Server_splitTunnelAcl standard permit host 192.168.100.75
access-list POC-Server_splitTunnelAcl standard permit host 192.168.100.76
access-list karthik_splitTunnelAcl standard permit host 192.168.100.12
access-list wvkendraservers_splitTunnelAcl standard permit 192.168.100.0 255.255.255.0
access-list PF_splitTunnelAcl standard permit host 192.168.100.108
access-list F30!Okm5$nR655ki_splitTunnelAcl standard permit host 192.168.100.35
access-list Axshya_splitTunnelAcl standard permit host 192.168.100.35
pager lines 24
logging enable
logging buffered informational
logging trap informational
logging history emergencies
logging asdm informational
logging host DMZ 192.168.100.133
logging host outside 172.20.1.10
flow-export destination DMZ 192.168.100.5 2055
flow-export template timeout-rate 1
flow-export delay flow-create 60
mtu outside 1500
mtu inside 1500
mtu DMZ 1500
mtu ASASFR 1500
failover
<--- More --->
              
failover lan unit primary
failover lan interface folink GigabitEthernet0/3
failover interface ip folink 172.16.1.1 255.255.255.0 standby 172.16.1.2
icmp unreachable rate-limit 10 burst-size 5
icmp permit any outside
asdm image disk0:/asdm-762-150.bin
asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,outside) source static obj-192.168.0.0 obj-192.168.0.0 destination static obj-amzn obj-amzn
nat (inside,any) source static obj-192.168.44.0 obj-192.168.44.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup
nat (inside,any) source static obj-192.168.10.0 obj-192.168.10.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup
nat (inside,any) source static obj-192.168.11.0 obj-192.168.11.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup
nat (inside,any) source static obj-192.168.12.0 obj-192.168.12.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup
nat (inside,any) source static obj-192.168.13.0 obj-192.168.13.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup
nat (inside,any) source static obj-192.168.14.0 obj-192.168.14.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup
nat (inside,any) source static obj-192.168.15.0 obj-192.168.15.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup
nat (inside,any) source static obj-192.168.16.0 obj-192.168.16.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup
nat (inside,any) source static obj-192.168.17.0 obj-192.168.17.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup
nat (inside,any) source static obj-192.168.18.0 obj-192.168.18.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup
nat (DMZ,outside) source static DM_INLINE_NETWORK_1 DM_INLINE_NETWORK_1 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static NETWORK_OBJ_192.168.100.0_24 NETWORK_OBJ_192.168.100.0_24 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (inside,outside) source static obj-192.168.30.5 obj-192.168.30.5 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (inside,DMZ) source static obj-192.168.2.0 obj-192.168.2.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup inactive
<--- More --->
              
nat (DMZ,inside) source static any any unidirectional
nat (DMZ,outside) source static NETWORK_OBJ_192.168.100.108 NETWORK_OBJ_192.168.100.108 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static NETWORK_OBJ_192.168.100.35 NETWORK_OBJ_192.168.100.35 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static NETWORK_OBJ_192.168.100.50 NETWORK_OBJ_192.168.100.50 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static NETWORK_OBJ_192.168.100.12 NETWORK_OBJ_192.168.100.12 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (inside,outside) source static NETWORK_OBJ_192.168.30.5 NETWORK_OBJ_192.168.30.5 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static obj-192.168.100.0 obj-10.91.100.0 destination static obj-172.20.1.10 obj-172.20.1.10
nat (outside,outside) source static NETWORK_OBJ_10.91.1.0_24 NETWORK_OBJ_10.91.1.0_24 destination static obj-172.20.1.10 obj-172.20.1.10 no-proxy-arp route-lookup
nat (DMZ,outside) source static DM_INLINE_NETWORK_4 DM_INLINE_NETWORK_4 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static DM_INLINE_NETWORK_5 DM_INLINE_NETWORK_5 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static NETWORK_OBJ_192.168.100.11 NETWORK_OBJ_192.168.100.11 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static NETWORK_OBJ_192.168.100.20 NETWORK_OBJ_192.168.100.20 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static DM_INLINE_NETWORK_12 DM_INLINE_NETWORK_12 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static DM_INLINE_NETWORK_13 DM_INLINE_NETWORK_13 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static NETWORK_OBJ_192.168.100.60 NETWORK_OBJ_192.168.100.60 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static NETWORK_OBJ_192.168.100.103 NETWORK_OBJ_192.168.100.103 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static DM_INLINE_NETWORK_18 DM_INLINE_NETWORK_18 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static obj-192.168.100.0 obj-192.168.100.0 destination static obj-10.10.1.0 obj-10.10.1.0 no-proxy-arp route-lookup
nat (DMZ,outside) source static DM_INLINE_NETWORK_17 DM_INLINE_NETWORK_17 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static DM_INLINE_NETWORK_20 DM_INLINE_NETWORK_20 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (inside,outside) source static obj-192.168.0.0 obj-192.168.0.0 destination static obj-10.10.1.0 obj-10.10.1.0 no-proxy-arp route-lookup
nat (DMZ,outside) source static obj_IDM obj_IDM destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (ASASFR,outside) source static NETWORK_OBJ_192.168.100.12 NETWORK_OBJ_192.168.100.12 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
nat (DMZ,outside) source static NETWORK_OBJ_192.168.100.155 NETWORK_OBJ_192.168.100.155 destination static NETWORK_OBJ_192.168.200.0_27 NETWORK_OBJ_192.168.200.0_27 no-proxy-arp route-lookup
<--- More --->
              
!
object network obj-192.168.10.0
 nat (inside,outside) dynamic 61.8.146.97
object network obj-192.168.11.0
 nat (inside,outside) dynamic 61.8.146.97
object network obj-192.168.12.0
 nat (inside,outside) dynamic 61.8.146.97
object network obj-192.168.13.0
 nat (inside,outside) dynamic 61.8.146.97
object network obj-192.168.14.0
 nat (inside,outside) dynamic 61.8.146.97
object network obj-192.168.15.0
 nat (inside,outside) dynamic 61.8.146.97
object network obj-192.168.16.0
 nat (inside,outside) dynamic 61.8.146.97
object network obj-192.168.17.0
 nat (inside,outside) dynamic 61.8.146.97
object network obj-192.168.18.0
 nat (inside,outside) dynamic 61.8.146.97
object network obj-192.168.100.21
 nat (DMZ,outside) static 202.71.146.234
object network obj-192.168.100.155
 nat (DMZ,outside) static 61.8.146.103
object network obj-192.168.100.60
<--- More --->
              
 nat (DMZ,outside) static 61.8.146.110
object network obj-192.168.100.103
 nat (DMZ,outside) static 61.8.146.106
object network obj-192.168.100.30
 nat (DMZ,outside) static 61.8.146.108
object network obj-192.168.100.50
 nat (DMZ,outside) static 202.71.146.227
object network obj-192.168.100.33
 nat (DMZ,outside) static 202.71.146.228
object network obj-192.168.100.10
 nat (DMZ,outside) static 202.71.146.254
object network obj-192.168.100.35
 nat (DMZ,outside) static 202.71.146.231
object network obj-192.168.100.11
 nat (DMZ,outside) static 202.71.146.236
object network obj-192.168.100.12
 nat (DMZ,outside) static 202.71.146.237
object network obj-192.168.100.20
 nat (DMZ,outside) static 202.71.146.235
object network obj-192.168.100.13
 nat (DMZ,outside) static 202.71.146.243
object network obj-192.168.100.34
 nat (DMZ,outside) static 202.71.146.229
object network obj-192.168.100.101
<--- More --->
              
 nat (DMZ,outside) dynamic 61.8.146.98
object network obj-192.168.100.102
 nat (DMZ,outside) dynamic 61.8.146.98
object network obj-192.168.100.104
 nat (DMZ,outside) dynamic 61.8.146.98
object network obj-192.168.100.105
 nat (DMZ,outside) dynamic 61.8.146.98
object network obj-192.168.100.135
 nat (DMZ,outside) static 61.8.146.104
object network obj-192.168.100.133
 nat (DMZ,outside) static 202.71.146.252
object network obj-192.168.100.44
 nat (DMZ,outside) static 61.8.146.105
object network obj-192.168.100.5
 nat (DMZ,outside) static 202.71.146.251
object network obj-192.168.100.15
 nat (DMZ,outside) static 202.71.146.232
object network obj-192.168.100.108
 nat (DMZ,outside) static 202.71.146.233
object network obj-192.168.30.5
 nat (inside,outside) static 202.71.146.240
object network obj-192.168.44.0
 nat (inside,outside) dynamic 61.8.146.97
object network obj-192.168.20.10
<--- More --->
              
 nat (inside,outside) static 61.8.146.107
object network obj-192.168.100.14
 nat (any,any) static 202.71.146.250
object network obj-192.168.3.0
 nat (inside,outside) dynamic 61.8.146.97
object network obj-192.168.100.22
 nat (DMZ,outside) static 202.71.146.253
object network obj-192.168.100.23
 nat (DMZ,outside) static 202.71.146.244
object network obj-192.168.100.24
 nat (DMZ,outside) static 202.71.146.245
object network obj-192.168.100.25
 nat (DMZ,outside) static 202.71.146.246
object network obj-192.168.100.74
 nat (DMZ,outside) static 202.71.146.247
object network obj-192.168.100.75
 nat (DMZ,outside) static 202.71.146.248
object network obj-192.168.100.76
 nat (DMZ,outside) static 202.71.146.249
object network obj-192.168.100.177
 nat (DMZ,outside) static 202.71.146.225
object network obj-192.168.100.71
 nat (DMZ,outside) static 202.71.146.226
object network obj-192.168.100.72
<--- More --->
              
 nat (DMZ,outside) static 202.71.146.230
object network obj-192.168.100.73
 nat (DMZ,outside) static 202.71.146.239
access-group outside in interface outside
access-group inside in interface inside
access-group DMZ in interface DMZ
route outside 0.0.0.0 0.0.0.0 10.91.1.4 1
route outside 61.8.146.0 255.255.255.0 10.91.1.6 1
route outside 121.242.139.169 255.255.255.255 10.91.1.4 1
route inside 192.168.3.6 255.255.255.255 192.168.2.3 1
route inside 192.168.3.9 255.255.255.255 192.168.3.1 1
route inside 192.168.3.10 255.255.255.255 192.168.3.1 1
route inside 192.168.8.0 255.255.255.224 192.168.2.3 1
route inside 192.168.10.0 255.255.255.0 192.168.2.3 1
route inside 192.168.11.0 255.255.255.0 192.168.2.3 1
route inside 192.168.12.0 255.255.255.0 192.168.2.3 1
route inside 192.168.13.0 255.255.255.0 192.168.2.3 1
route inside 192.168.14.0 255.255.255.0 192.168.2.3 1
route inside 192.168.15.0 255.255.255.0 192.168.2.3 1
route inside 192.168.16.0 255.255.255.0 192.168.2.3 1
route inside 192.168.17.0 255.255.255.0 192.168.2.3 1
route inside 192.168.18.0 255.255.255.0 192.168.2.3 1
route inside 192.168.20.0 255.255.255.0 192.168.2.3 1
route inside 192.168.30.0 255.255.255.0 192.168.2.3 1
<--- More --->
              
route inside 192.168.44.0 255.255.254.0 192.168.2.3 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
http server enable
http 192.168.44.0 255.255.254.0 inside
http 61.12.94.130 255.255.255.255 outside
snmp-server host DMZ 192.168.100.5 community ***** version 2c udp-port 161
snmp-server location National office
snmp-server contact IT
snmp-server enable traps syslog
snmp-server enable traps ipsec start stop
snmp-server enable traps entity config-change fru-insert fru-remove
snmp-server enable traps memory-threshold
snmp-server enable traps interface-threshold
snmp-server enable traps remote-access session-threshold-exceeded
snmp-server enable traps connection-limit-reached
<--- More --->
              
snmp-server enable traps cpu threshold rising
snmp-server enable traps ikev2 start stop
snmp-server enable traps nat packet-discard
sla monitor 1
 type echo protocol ipIcmpEcho 52.16.61.243 interface outside
 frequency 5
sla monitor schedule 1 life forever start-time now
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac
<--- More --->
              
crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set transform-NTT esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set TS_KL esp-3des esp-sha-hmac
crypto ipsec ikev2 ipsec-proposal DES
 protocol esp encryption des
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
 protocol esp encryption 3des
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
 protocol esp encryption aes
 protocol esp integrity sha-1 md5
<--- More --->
              
crypto ipsec ikev2 ipsec-proposal AES192
 protocol esp encryption aes-192
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
 protocol esp encryption aes-256
 protocol esp integrity sha-1 md5
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 1 match address acl_NTT
crypto map outside_map 1 set pfs
crypto map outside_map 1 set peer 180.179.27.92
crypto map outside_map 1 set ikev1 transform-set transform-NTT
crypto map outside_map 2 match address KL
crypto map outside_map 2 set pfs
crypto map outside_map 2 set peer 111.67.34.253
crypto map outside_map 2 set ikev1 transform-set TS_KL
crypto map outside_map 2 set ikev2 ipsec-proposal DES 3DES AES AES192 AES256
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ca trustpool policy
crypto ikev2 policy 5
 encryption 3des
 integrity sha
<--- More --->
              
 group 2
 prf sha
 lifetime seconds 3600
crypto ikev2 policy 30
 encryption 3des
 integrity sha
 group 2
 prf sha
 lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev1 enable outside
crypto ikev1 policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 28800
telnet 192.168.44.0 255.255.254.0 inside
telnet 192.168.2.0 255.255.255.0 inside
telnet timeout 15
no ssh stricthostkeycheck
ssh 157.50.59.139 255.255.255.255 outside
ssh 192.168.44.0 255.255.254.0 inside
ssh 192.168.2.0 255.255.255.0 inside
<--- More --->
              
ssh 192.168.100.133 255.255.255.255 DMZ
ssh timeout 30
ssh version 2
ssh key-exchange group dh-group1-sha1
console timeout 0
management-access inside
threat-detection basic-threat
threat-detection statistics
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
ntp server 139.59.19.184
ssl cipher default custom "RC4-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA"
ssl cipher tlsv1 custom "RC4-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA"
ssl cipher dtlsv1 custom "RC4-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA"
webvpn
 cache
  disable
 no error-recovery disable
group-policy wvkendraservers internal
group-policy wvkendraservers attributes
 dns-server value 192.168.100.33 192.168.100.135
 vpn-tunnel-protocol ikev1
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value wvkendraservers_splitTunnelAcl
 default-domain value wvindia.org
<--- More --->
              
group-policy DfltGrpPolicy attributes
 vpn-idle-timeout none
group-policy F30!Okm5$nR655ki internal
group-policy F30!Okm5$nR655ki attributes
 dns-server value 192.168.100.33 192.168.100.135
 vpn-tunnel-protocol ikev1
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value F30!Okm5$nR655ki_splitTunnelAcl
 default-domain value wvindia.org
group-policy GroupPolicy2 internal
group-policy GroupPolicy2 attributes
 vpn-tunnel-protocol ssl-client
group-policy GroupPolicy_180.179.27.92 internal
group-policy GroupPolicy_180.179.27.92 attributes
 vpn-tunnel-protocol ikev1
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
 vpn-tunnel-protocol ikev1 ikev2
group-policy KL_111.67.34.253 internal
group-policy KL_111.67.34.253 attributes
 vpn-tunnel-protocol ikev1 ikev2
group-policy Axshya internal
group-policy Axshya attributes
 dns-server value 192.168.100.33 192.168.100.135
<--- More --->
              
 vpn-tunnel-protocol ikev1
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value Axshya_splitTunnelAcl
 default-domain value wvindia.org
group-policy nw-admin internal
group-policy nw-admin attributes
 dns-server value 192.168.100.33 8.8.8.8
 vpn-tunnel-protocol l2tp-ipsec
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value nw-admin_splitTunnelAcl
 default-domain value wvindia.org
group-policy PF internal
group-policy PF attributes
 dns-server value 192.168.100.33 192.168.100.135
 vpn-tunnel-protocol l2tp-ipsec
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value PF_splitTunnelAcl
 default-domain value wvindia.org
group-policy Akshaya-Server internal
group-policy Akshaya-Server attributes
 dns-server value 192.168.100.33 8.8.8.8
 vpn-tunnel-protocol l2tp-ipsec
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value Akshaya-Server_splitTunnelAcl
<--- More --->
              
 default-domain value wvindia.org
group-policy SharePoint internal
group-policy SharePoint attributes
 dns-server value 192.168.100.33 8.8.8.8
 vpn-tunnel-protocol ikev1
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value SharePoint_splitTunnelAcl
 default-domain value wvindia.org
group-policy Hcms-Server internal
group-policy Hcms-Server attributes
 dns-server value 192.168.100.33 8.8.8.8
 vpn-tunnel-protocol ikev1
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value Hcms-Server_splitTunnelAcl_1
 default-domain value wvindia.org
group-policy idms-Server internal
group-policy idms-Server attributes
 dns-server value 192.168.100.33 8.8.8.8
 vpn-tunnel-protocol ssl-client
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value idms-Server_splitTunnelAcl_2
 default-domain value wvindia.org
group-policy Kendra-Server internal
group-policy Kendra-Server attributes
<--- More --->
              
 dns-server value 192.168.100.33 8.8.8.8
 vpn-tunnel-protocol l2tp-ipsec
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value wvkendraservers_splitTunnelAcl
 default-domain value wvindia.org
group-policy POC-Server internal
group-policy POC-Server attributes
 dns-server value 192.168.100.33 115.112.18.21
 vpn-tunnel-protocol l2tp-ipsec
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value POC-Server_splitTunnelAcl
 default-domain value wvindia.org
group-policy Finsrv internal
group-policy Finsrv attributes
 dns-server value 192.168.100.33 192.168.100.135
 vpn-tunnel-protocol ikev1
 default-domain value wvindia.org
dynamic-access-policy-record DfltAccessPolicy
username Aaron password <removed> privilege 0
username Aaron attributes
 vpn-group-policy PF
username ssaravanan password <removed> privilege 0
username ssaravanan attributes
 vpn-group-policy wvkendraservers
<--- More --->
              
username TechnoBrain2 password <removed>
username TechnoBrain2 attributes
 vpn-simultaneous-logins 1
 vpn-idle-timeout 15
 vpn-idle-timeout alert-interval none
 password-storage disable
 service-type remote-access
username TechnoBrain1 password <removed> privilege 0
username TechnoBrain1 attributes
 vpn-group-policy idms-Server
 vpn-simultaneous-logins 1
 vpn-idle-timeout 15
 vpn-idle-timeout alert-interval none
 password-storage disable
 service-type remote-access
username wvindia password <removed> privilege 15
username admin password <removed> privilege 15
username Avis password <removed> privilege 0
username Avis attributes
 vpn-group-policy wvkendraservers
username Vasanthi password <removed> privilege 0
username Vasanthi attributes
 vpn-group-policy Finsrv
username Bhawna password <removed> privilege 0
<--- More --->
              
username Bhawna attributes
 vpn-group-policy F30!Okm5$nR655ki
username Bhawna1 password <removed> privilege 0
username Bhawna1 attributes
 vpn-group-policy Axshya
username BHAWNA password <removed> privilege 0
username BHAWNA attributes
 vpn-group-policy Axshya
username Akshaya-User password <removed> privilege 0
username Akshaya-User attributes
 vpn-group-policy Akshaya-Server
 vpn-simultaneous-logins 1
 vpn-idle-timeout 15
 password-storage disable
 service-type remote-access
username Jayam-User1 password <removed> privilege 0
username Jayam-User1 attributes
 vpn-group-policy Impact-Server
username Hcms-User1 password <removed> privilege 0
username Hcms-User1 attributes
 vpn-group-policy Hcms-Server
 vpn-simultaneous-logins 1
 vpn-idle-timeout 15
 vpn-idle-timeout alert-interval none
<--- More --->
              
 password-storage disable
 service-type remote-access
username Mahibah password <removed> privilege 0
username Mahibah attributes
 vpn-group-policy Kendra-Server
 vpn-simultaneous-logins 1
 vpn-idle-timeout 15
 vpn-idle-timeout alert-interval none
 vpn-session-timeout alert-interval none
 password-storage disable
 service-type remote-access
username IDM-User1 password <removed> privilege 0
username IDM-User1 attributes
 vpn-group-policy POC-Server
username IDM-User2 password <removed> privilege 0
username IDM-User2 attributes
 vpn-group-policy POC-Server
username iGrid2 password <removed> privilege 0
username iGrid2 attributes
 vpn-group-policy SharePoint
username iGrid3 password <removed> privilege 0
username iGrid3 attributes
 vpn-group-policy SharePoint
username iGrid1 password <removed> privilege 0
<--- More --->
              
username iGrid1 attributes
 vpn-group-policy SharePoint
username Narasimha_rao password <removed> privilege 0
username Narasimha_rao attributes
 vpn-group-policy wvkendraservers
tunnel-group 180.179.27.92 type ipsec-l2l
tunnel-group 180.179.27.92 general-attributes
 default-group-policy GroupPolicy_180.179.27.92
tunnel-group 180.179.27.92 ipsec-attributes
 ikev1 pre-shared-key *****
 ikev2 remote-authentication pre-shared-key *****
 ikev2 local-authentication pre-shared-key *****
tunnel-group 111.67.34.253 type ipsec-l2l
tunnel-group 111.67.34.253 general-attributes
 default-group-policy KL_111.67.34.253
tunnel-group 111.67.34.253 ipsec-attributes
 ikev1 pre-shared-key *****
 ikev2 remote-authentication pre-shared-key *****
 ikev2 local-authentication pre-shared-key *****
tunnel-group idms-Server type remote-access
tunnel-group idms-Server general-attributes
 address-pool Remote_VPN
 default-group-policy idms-Server
tunnel-group idms-Server ipsec-attributes
<--- More --->
              
 ikev1 pre-shared-key *****
tunnel-group Hcms-Server type remote-access
tunnel-group Hcms-Server general-attributes
 address-pool Remote_VPN
 default-group-policy Hcms-Server
tunnel-group Hcms-Server ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group SharePoint type remote-access
tunnel-group SharePoint general-attributes
 address-pool Remote_VPN
 default-group-policy SharePoint
tunnel-group SharePoint ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group TunnelGroup1 type remote-access
tunnel-group TunnelGroup1 general-attributes
 default-group-policy GroupPolicy2
tunnel-group Akshaya-Server type remote-access
tunnel-group Akshaya-Server general-attributes
 address-pool Remote_VPN
 default-group-policy Akshaya-Server
tunnel-group Akshaya-Server ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group Kendra-Server type remote-access
tunnel-group Kendra-Server general-attributes
<--- More --->
              
 address-pool Remote_VPN
 default-group-policy Kendra-Server
tunnel-group Kendra-Server ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group nw-admin type remote-access
tunnel-group nw-admin general-attributes
 address-pool Remote_VPN
 default-group-policy nw-admin
tunnel-group nw-admin ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group POC-Server type remote-access
tunnel-group POC-Server general-attributes
 address-pool Remote_VPN
 default-group-policy POC-Server
tunnel-group POC-Server ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group wvkendraservers type remote-access
tunnel-group wvkendraservers general-attributes
 address-pool Remote_VPN
 default-group-policy wvkendraservers
tunnel-group wvkendraservers ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group PF type remote-access
tunnel-group PF general-attributes
<--- More --->
              
 address-pool Remote_VPN
 default-group-policy PF
tunnel-group PF ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group Axshya type remote-access
tunnel-group Axshya general-attributes
 address-pool Remote_VPN
 default-group-policy Axshya
tunnel-group Axshya ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group Finsrv type remote-access
tunnel-group Finsrv general-attributes
 address-pool Remote_VPN
 default-group-policy Finsrv
tunnel-group Finsrv ipsec-attributes
 ikev1 pre-shared-key *****
!
class-map SFR
 match access-list SFR
class-map netflow-export-class
 match access-list netflow-export
class-map inspection_default
 match default-inspection-traffic
!
<--- More --->
              
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum client auto
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
  inspect ip-options
  inspect icmp
 class netflow-export-class
  flow-export event-type all destination 192.168.100.5
 class SFR
<--- More --->
              
  sfr fail-open
 class class-default
  set connection decrement-ttl
  user-statistics accounting
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
hpm topN enable
Cryptochecksum:f63100dea617f3c8f3a1d0c22935a294
: end

Labels:
0 Helpful
2 Replies 2

Philip D'Ath
VIP Alumni
VIP Alumni

‎04-19-2017 09:21 PM

Try adding:

policy-map global_policy
 class inspection_default
   inspect icmp error
0 Helpful

Muthukumar P
Level 1
Level 1
In response to Philip D'Ath

‎04-19-2017 11:06 PM

Hi Philip,

               Thanks for your response.. Is suitable  for our setup which is shared by you ..

Earlier it was working fine .. without changes suddenly happened .

Thanks

Muthukumar..

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card