03-21-2019 09:14 PM
Hello, i hope you can help me,
i have 26 remote sites connect to an ASA in Guatemala Downtown, in Guatemala DownTown live 2 subnets (10.150.86.64/27 and 10.150.71.160/24) i have ready the VPN from Remote Site and Guatemala DownTown, this connection its working, In Guatemala DownTown i have a MPLS Router connected to the cloud, i have another 2 Remotes sites and im trying to reach two subnets i learn through this MPLS ( 10.150.35.0/24 and 10.150.32.0/24) The problem is:
From the remote Site i can reach Guatemala Downtown, but i cant reach the subnets ( 10.150.35.0/24 and 10.150.32.0/24), i hope you can help me, i attached a Diagram and the config of ASA(5506X) and Remote Site(SmallBusiness 860)
_______________________________________________
ASA_Config
_______________________________________________________
ASA-GUATEMALA# sh run
: Saved
:
: Serial Number: JAD230304B1
: Hardware: ASA5506, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)
:
ASA Version 9.8(2)
!
hostname ASA-GUATEMALA
domain-name default.domain.invalid
passwd mDbJ0UUTmLMsVKM8 encrypted
names
name 10.152.238.192 Microtik
name 10.150.101.0 Filiales_CA description Tiendas Filiales
name 10.150.71.161 Host_10.150.71.161
name 10.150.86.72 Host_10.150.86.72
name 10.150.86.91 Host_10.150.86.91
name 10.152.232.248 Host_10.152.232.248
name 10.150.86.65 Host_10.150.86.65
!
interface GigabitEthernet1/1
description outside
duplex full
nameif outside
security-level 0
ip address 181.209.173.202 255.255.255.248
!
interface GigabitEthernet1/2
description inside
speed 100
duplex full
nameif inside
security-level 100
ip address Host_10.150.86.65 255.255.255.224
!
interface GigabitEthernet1/3
description inside2
speed 100
duplex full
no nameif
security-level 100
ip address Host_10.150.71.161 255.255.255.224
!
interface GigabitEthernet1/4
bridge-group 1
nameif inside_3
security-level 100
!
interface GigabitEthernet1/5
bridge-group 1
nameif inside_4
security-level 100
!
interface GigabitEthernet1/6
bridge-group 1
nameif inside_5
security-level 100
!
interface GigabitEthernet1/7
bridge-group 1
nameif inside_6
security-level 100
!
interface GigabitEthernet1/8
bridge-group 1
nameif inside_7
security-level 100
!
interface Management1/1
management-only
no nameif
no security-level
no ip address
!
interface BVI1
no nameif
security-level 100
ip address 192.168.1.1 255.255.255.0
!
boot system disk0:/asa805-31-k8.bin
ftp mode passive
dns server-group DefaultDNS
domain-name default.domain.invalid
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj_any1
subnet 0.0.0.0 0.0.0.0
object network obj_any2
subnet 0.0.0.0 0.0.0.0
object network obj_any3
subnet 0.0.0.0 0.0.0.0
object network obj_any4
subnet 0.0.0.0 0.0.0.0
object network obj_any5
subnet 0.0.0.0 0.0.0.0
object network obj_any6
subnet 0.0.0.0 0.0.0.0
object network obj_any7
subnet 0.0.0.0 0.0.0.0
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network GuatemalaLocalPrincipal
subnet 10.150.86.64 255.255.255.224
object network Tienda8714
subnet 10.150.95.0 255.255.255.224
object-group network GuatemalaLocal
network-object 10.150.71.160 255.255.255.224
network-object 10.150.86.64 255.255.255.224
object-group network GuatemalaRemoto
network-object 10.150.32.0 255.255.255.0
network-object 10.150.35.0 255.255.255.0
network-object 10.150.252.0 255.255.255.0
network-object 10.150.253.192 255.255.255.252
network-object 10.150.253.224 255.255.255.224
network-object 10.150.94.224 255.255.255.224
network-object 10.150.96.0 255.255.255.224
network-object 10.150.16.0 255.255.252.0
network-object 10.150.47.0 255.255.255.0
network-object 10.150.100.32 255.255.255.224
network-object 10.150.96.32 255.255.255.224
network-object 10.150.98.64 255.255.255.224
object-group service TCP_1273
service-object tcp destination eq 1273
object-group service TCP_1723
service-object tcp destination eq pptp
object-group service TCP_4370
service-object tcp destination eq 4370
object-group service TCP_47
service-object tcp destination eq 47
object-group service TCP_81
service-object tcp destination eq 81
object-group service TCP_8291
service-object tcp destination eq 8291
object-group service DM_INLINE_SERVICE_1
group-object TCP_1273
group-object TCP_4370
group-object TCP_47
group-object TCP_81
group-object TCP_8291
service-object tcp destination eq www
service-object tcp destination eq pptp
object-group protocol DM_INLINE_PROTOCOL_1
protocol-object ip
protocol-object icmp
object-group protocol DM_INLINE_PROTOCOL_2
protocol-object ip
protocol-object icmp
object-group network Tiendas_Remotas
network-object 10.150.86.96 255.255.255.224
object-group network TeleperformanceRemoto
description Conexin Microtik
network-object 10.152.231.0 255.255.255.128
network-object Microtik 255.255.255.240
network-object 10.152.232.240 255.255.255.240
network-object host Host_10.152.232.248
object-group network PrdTeleperformance
network-object 10.152.231.0 255.255.255.128
object-group network Filiales_CA
description Tiendas Filiales
network-object Filiales_CA 255.255.255.224
object-group network GuatemalaRemot
access-list acl_outside extended permit icmp any any
access-list acl_outside extended permit object-group DM_INLINE_SERVICE_1 any interface outside log
access-list acl_inside extended permit icmp any any
access-list acl_inside extended permit object-group DM_INLINE_PROTOCOL_2 10.150.86.64 255.255.255.224 10.150.71.160 255.255.255.224
access-list acl_inside extended permit ip host 10.150.86.66 any
access-list acl_inside extended permit ip host 10.150.86.67 any
access-list acl_inside extended permit ip host 10.150.86.68 any
access-list acl_inside extended permit ip host 10.150.86.69 any
access-list acl_inside extended permit ip host 10.150.86.70 any
access-list acl_inside extended permit ip host 10.150.86.71 any
access-list acl_inside extended permit ip host 10.150.86.73 any
access-list acl_inside extended permit ip host 10.150.86.74 any
access-list acl_inside extended permit ip host 10.150.86.75 any
access-list acl_inside extended permit ip host 10.150.86.77 any
access-list acl_inside extended permit ip host 10.150.86.79 any
access-list acl_inside extended permit ip host 10.150.86.81 any
access-list acl_inside extended permit ip host 10.150.86.82 any
access-list acl_inside extended permit ip host 10.150.86.83 any
access-list acl_inside extended permit ip host 10.150.86.84 any
access-list acl_inside extended permit ip host 10.150.86.85 any
access-list acl_inside extended permit ip host 10.150.86.86 any
access-list acl_inside extended permit ip host 10.150.86.87 any
access-list acl_inside extended permit ip host 10.150.86.89 any
access-list acl_inside extended permit ip host 10.150.86.90 any
access-list acl_inside extended permit ip host 10.150.86.92 any
access-list acl_inside extended permit ip host 10.150.71.164 any
access-list acl_inside extended permit ip host 10.150.86.93 any
access-list acl_inside extended permit tcp host 10.150.86.74 any
access-list acl_inside extended permit ip host 10.150.86.80 any
access-list acl_inside extended permit ip host 10.150.86.78 any
access-list acl_inside extended permit ip host 10.150.71.170 any
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.32.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.35.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.49.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.86.64 255.255.255.224 10.150.98.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.86.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.47.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.92.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.86.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.96.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.100.160 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list acl_inside extended permit ip 10.150.36.0 255.255.255.0 10.150.86.224 255.255.255.224
access-list acl_inside extended permit ip host 10.150.71.165 any
access-list acl_inside extended permit ip host 10.150.86.72 any
access-list inside_nat0_outbound extended permit ip object-group GuatemalaLocal object-group GuatemalaRemoto
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.71.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip object-group GuatemalaLocal object-group TeleperformanceRemoto
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.47.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.100.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.86.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.68.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.68.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.94.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.96.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.97.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.97.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.98.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.99.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.74.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.35.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.98.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.49.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.100.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.32.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.49.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.47.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.100.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.86.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.68.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.68.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.95.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.94.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.96.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.97.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.97.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.98.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.99.128 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.74.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.98.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.49.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.100.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.95.0 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.36.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.92.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.86.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.96.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.98.64 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.96.192 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.100.160 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.86.64 255.255.255.224 10.150.86.224 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.150.36.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list outside_20_cryptomap extended permit ip object-group GuatemalaLocal object-group GuatemalaRemoto
access-list Secundaria_nat0_outbound extended permit ip object-group GuatemalaLocal object-group TeleperformanceRemoto
access-list Secundaria_nat0_outbound extended permit ip 10.150.71.160 255.255.255.224 10.150.86.64 255.255.255.224
access-list Secundaria_access_in extended permit object-group DM_INLINE_PROTOCOL_1 10.150.71.160 255.255.255.224 10.150.86.64 255.255.255.224
access-list Secundaria_access_in extended permit ip host 10.150.71.165 any
access-list outside_cryptomap extended permit ip 10.150.86.64 255.255.255.224 object-group TeleperformanceRemoto
access-list outside_cryptomap extended permit ip 10.150.71.160 255.255.255.224 object-group TeleperformanceRemoto
access-list outside_1_cryptomap extended permit ip object-group GuatemalaLocal object-group TeleperformanceRemoto
access-list outside_cryptomap_1 extended permit ip object-group GuatemalaLocal object-group Filiales_CA
access-list VPN-8741 extended permit ip 10.150.16.0 255.255.252.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.32.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.33.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.35.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.41.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.47.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.48.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.49.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.58.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.68.224 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.84.0 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.86.64 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.89.0 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.90.192 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.92.64 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.94.32 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.253.192 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.253.224 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.63.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.71.160 255.255.255.224 10.150.100.192 255.255.255.224
access-list VPN-8741 extended permit ip 10.150.36.0 255.255.255.0 10.150.100.192 255.255.255.224
access-list outside_cryptomap_65535.1 extended permit ip any object-group GuatemalaLocal
access-list VPN-8704 extended permit ip 10.150.16.0 255.255.252.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.32.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.33.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.35.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.41.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.47.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.48.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.49.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.86.64 255.255.255.224 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.58.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.71.160 255.255.255.224 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8704 extended permit ip 10.150.36.0 255.255.255.0 10.150.92.64 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.16.0 255.255.252.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.32.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.33.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.35.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.41.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.47.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.48.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.49.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.58.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.86.64 255.255.255.224 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.71.160 255.255.255.224 10.150.86.128 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.64 255.255.255.224
access-list VPN-8705 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.16.0 255.255.252.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.32.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.33.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.35.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.41.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.47.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.48.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.49.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.58.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.86.64 255.255.255.224 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.71.160 255.255.255.224 10.150.68.160 255.255.255.224
access-list VPN-8712 extended permit ip 10.150.36.0 255.255.255.0 10.150.68.160 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.16.0 255.255.252.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.32.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.33.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.35.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.41.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.47.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.48.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.49.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.58.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.86.64 255.255.255.224 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.71.160 255.255.255.224 10.150.68.224 255.255.255.224
access-list VPN-8713 extended permit ip 10.150.36.0 255.255.255.0 10.150.68.224 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.16.0 255.255.252.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.32.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.33.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.35.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.41.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.47.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.48.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.49.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.58.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.86.64 255.255.255.224 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.71.160 255.255.255.224 10.150.95.0 255.255.255.224
access-list VPN-8714 extended permit ip 10.150.36.0 255.255.255.0 10.150.95.0 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.32.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.33.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.35.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.41.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.47.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.48.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.49.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.58.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.86.64 255.255.255.224 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.16.0 255.255.252.0 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.71.160 255.255.255.224 10.150.94.224 255.255.255.224
access-list VPN-8715 extended permit ip 10.150.36.0 255.255.255.0 10.150.94.224 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.16.0 255.255.252.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.32.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.33.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.35.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.41.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.47.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.48.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.49.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.58.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.86.64 255.255.255.224 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.71.160 255.255.255.224 10.150.96.0 255.255.255.224
access-list VPN-8717 extended permit ip 10.150.36.0 255.255.255.0 10.150.96.0 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.16.0 255.255.252.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.32.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.33.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.35.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.41.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.47.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.48.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.49.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.58.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.86.64 255.255.255.224 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.71.160 255.255.255.224 10.150.96.32 255.255.255.224
access-list VPN-8718 extended permit ip 10.150.36.0 255.255.255.0 10.150.96.32 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.16.0 255.255.252.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.32.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.33.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.35.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.41.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.47.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.48.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.49.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.58.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.86.64 255.255.255.224 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.71.160 255.255.255.224 10.150.97.160 255.255.255.224
access-list VPN-8720 extended permit ip 10.150.36.0 255.255.255.0 10.150.97.160 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.16.0 255.255.252.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.32.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.33.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.35.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.41.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.47.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.48.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.49.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.58.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.86.64 255.255.255.224 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.71.160 255.255.255.224 10.150.97.192 255.255.255.224
access-list VPN-8721 extended permit ip 10.150.36.0 255.255.255.0 10.150.97.192 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.16.0 255.255.252.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.32.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.33.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.35.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.41.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.47.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.48.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.49.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.58.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.86.64 255.255.255.224 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.71.160 255.255.255.224 10.150.98.0 255.255.255.224
access-list VPN-8723 extended permit ip 10.150.36.0 255.255.255.0 10.150.98.0 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.16.0 255.255.252.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.32.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.33.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.35.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.41.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.47.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.48.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.49.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.58.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.86.64 255.255.255.224 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.71.160 255.255.255.224 10.150.98.64 255.255.255.224
access-list VPN-8724 extended permit ip 10.150.36.0 255.255.255.0 10.150.98.64 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.16.0 255.255.252.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.32.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.33.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.35.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.41.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.47.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.48.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.49.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.58.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.86.64 255.255.255.224 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.71.160 255.255.255.224 10.150.98.160 255.255.255.224
access-list VPN-8729 extended permit ip 10.150.36.0 255.255.255.0 10.150.96.192 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.16.0 255.255.252.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.32.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.33.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.35.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.41.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.47.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.48.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.49.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.58.0 255.255.255.0 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.86.64 255.255.255.224 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.71.160 255.255.255.224 10.150.99.128 255.255.255.224
access-list VPN-8735 extended permit ip 10.150.36.0 255.255.255.0 10.150.98.160 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.16.0 255.255.252.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.32.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.33.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.35.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.41.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.47.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.48.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.49.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.58.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.86.64 255.255.255.224 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.71.160 255.255.255.224 10.150.100.32 255.255.255.224
access-list VPN-8739 extended permit ip 10.150.36.0 255.255.255.0 10.150.100.32 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.16.0 255.255.252.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.32.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.33.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.35.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.41.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.47.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.48.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.49.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.58.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.86.64 255.255.255.224 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.71.160 255.255.255.224 10.150.74.192 255.255.255.224
access-list VPN-8754 extended permit ip 10.150.36.0 255.255.255.0 10.150.74.192 255.255.255.224
access-list VPN-8707 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.96 255.255.255.224
access-list VPN-8709 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.128 255.255.255.224
access-list VPN-8742 extended permit ip 10.150.36.0 255.255.255.0 10.150.100.160 255.255.255.224
access-list VPN-8755 extended permit ip 10.150.36.0 255.255.255.0 10.150.86.224 255.255.255.224
access-list acl_inside2 extended permit icmp any any
access-list acl_inside2 extended permit ip host 10.150.71.169 any
access-list acl_inside2 extended permit ip host 10.150.71.165 any
access-list acl-inside extended permit ip host 10.150.86.65 any
access-list 100 extended permit ip object GuatemalaLocalPrincipal object Tienda8714
pager lines 24
logging enable
logging timestamp
logging console warnings
logging buffered debugging
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu inside_3 1500
mtu inside_4 1500
mtu inside_5 1500
mtu inside_6 1500
mtu inside_7 1500
no failover
no monitor-interface service-module
icmp unreachable rate-limit 1 burst-size 1
icmp permit any outside
asdm image disk0:/asdm-743.bin
asdm history enable
arp timeout 14400
no arp permit-nonconnected
arp rate-limit 16384
nat (inside,outside) source static GuatemalaLocalPrincipal GuatemalaLocalPrincipal destination static Tienda8714 Tienda8714 no-proxy-arp route-lookup
!
object network obj_any3
nat (inside_3,outside) dynamic interface
object network obj_any4
nat (inside_4,outside) dynamic interface
object network obj_any5
nat (inside_5,outside) dynamic interface
object network obj_any6
nat (inside_6,outside) dynamic interface
object network obj_any7
nat (inside_7,outside) dynamic interface
object network obj_any
nat (inside,outside) dynamic interface
access-group acl_outside in interface outside
route outside 0.0.0.0 0.0.0.0 181.209.173.201 1
route inside 10.150.32.0 255.255.255.0 Host_10.150.86.72 1
route inside 10.150.35.0 255.255.255.0 Host_10.150.86.72 1
route inside 10.150.36.0 255.255.255.0 Host_10.150.86.72 1
route inside 10.150.47.0 255.255.255.0 Host_10.150.86.72 1
route inside 10.150.49.0 255.255.255.0 Host_10.150.86.72 1
route inside 10.150.86.64 255.255.255.224 Host_10.150.71.161 1
timeout xlate 1:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
timeout conn-holddown 0:00:15
timeout igp stale-route 0:01:10
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
aaa authentication login-history
http server enable
http 192.168.1.0 255.255.255.0 inside_3
http 192.168.1.0 255.255.255.0 inside_4
http 192.168.1.0 255.255.255.0 inside_5
http 192.168.1.0 255.255.255.0 inside_6
http 192.168.1.0 255.255.255.0 inside_7
http 201.144.254.80 255.255.255.240 outside
http 201.144.8.128 255.255.255.224 outside
http 201.116.50.64 255.255.255.240 outside
http 187.210.23.33 255.255.255.255 outside
http 201.116.117.160 255.255.255.240 outside
http 10.150.35.45 255.255.255.255 inside
http 10.150.35.46 255.255.255.255 inside
snmp-server host inside 10.150.32.25 community ***** version 2c
snmp-server host inside 10.150.32.43 poll community ***** version 2c
snmp-server host outside 201.144.8.142 poll community ***** version 2c
snmp-server location ASA Guatemala
snmp-server contact SOC SCITUM
snmp-server community *****
service sw-reset-button
crypto ipsec ikev1 transform-set Guatemala-ipsec-proposal-set esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set Teleperformance esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set myset esp-aes esp-sha-hmac
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map outside_dyn_map 1 match address outside_cryptomap_65535.1
crypto dynamic-map outside_dyn_map 1 set ikev1 transform-set myset
crypto dynamic-map outside_dyn_map 65535 set ikev1 transform-set ESP-AES-256-SHA
crypto map mymap 1 match address outside_1_cryptomap
crypto map mymap 1 set pfs
crypto map mymap 1 set peer 189.211.83.76
crypto map mymap 1 set ikev1 transform-set myset
crypto map mymap 20 match address outside_20_cryptomap
crypto map mymap 20 set peer 201.116.117.162
crypto map mymap 20 set ikev1 transform-set myset
crypto map mymap 100 match address VPN-8741
crypto map mymap 100 set pfs
crypto map mymap 100 set peer 190.56.250.174 190.56.250.173
crypto map mymap 100 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 100 set security-association lifetime seconds 86400
crypto map mymap 120 match address VPN-8704
crypto map mymap 120 set pfs
crypto map mymap 120 set peer 190.56.141.162 190.56.141.161
crypto map mymap 120 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 120 set security-association lifetime seconds 86400
crypto map mymap 130 match address VPN-8705
crypto map mymap 130 set pfs
crypto map mymap 130 set peer 190.56.156.54 190.56.156.53
crypto map mymap 130 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 130 set security-association lifetime seconds 86400
crypto map mymap 140 match address VPN-8712
crypto map mymap 140 set pfs
crypto map mymap 140 set peer 190.56.166.26 190.56.166.25
crypto map mymap 140 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 140 set security-association lifetime seconds 86400
crypto map mymap 150 match address VPN-8713
crypto map mymap 150 set pfs
crypto map mymap 150 set peer 190.56.242.22 190.56.242.21
crypto map mymap 150 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 150 set security-association lifetime seconds 86400
crypto map mymap 160 match address 100
crypto map mymap 160 set pfs
crypto map mymap 160 set peer 190.56.38.50 190.56.38.49
crypto map mymap 160 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 160 set security-association lifetime seconds 86400
crypto map mymap 170 match address VPN-8715
crypto map mymap 170 set pfs
crypto map mymap 170 set peer 186.151.162.58
crypto map mymap 170 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 170 set security-association lifetime seconds 28800
crypto map mymap 180 match address VPN-8717
crypto map mymap 180 set pfs
crypto map mymap 180 set peer 190.56.152.234 190.56.152.233
crypto map mymap 180 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 180 set security-association lifetime seconds 86400
crypto map mymap 190 match address VPN-8718
crypto map mymap 190 set pfs
crypto map mymap 190 set peer 190.149.255.210 190.149.255.209
crypto map mymap 190 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 190 set security-association lifetime seconds 86400
crypto map mymap 200 match address VPN-8720
crypto map mymap 200 set pfs
crypto map mymap 200 set peer 186.151.219.2 186.151.219.1
crypto map mymap 200 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 200 set security-association lifetime seconds 86400
crypto map mymap 210 match address VPN-8721
crypto map mymap 210 set pfs
crypto map mymap 210 set peer 186.151.218.2 186.151.218.1
crypto map mymap 210 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 210 set security-association lifetime seconds 86400
crypto map mymap 220 match address VPN-8723
crypto map mymap 220 set pfs
crypto map mymap 220 set peer 216.230.148.230 216.230.148.229
crypto map mymap 220 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 220 set security-association lifetime seconds 86400
crypto map mymap 230 match address VPN-8724
crypto map mymap 230 set pfs
crypto map mymap 230 set peer 190.149.247.105 190.149.247.104
crypto map mymap 230 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 230 set security-association lifetime seconds 86400
crypto map mymap 240 match address VPN-8729
crypto map mymap 240 set pfs
crypto map mymap 240 set peer 190.56.153.150 190.56.153.149
crypto map mymap 240 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 240 set security-association lifetime seconds 86400
crypto map mymap 250 match address VPN-8735
crypto map mymap 250 set pfs
crypto map mymap 250 set peer 186.151.211.54 186.151.211.53
crypto map mymap 250 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 250 set security-association lifetime seconds 86400
crypto map mymap 260 match address VPN-8739
crypto map mymap 260 set pfs
crypto map mymap 260 set peer 186.151.120.38 186.151.120.37
crypto map mymap 260 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 260 set security-association lifetime seconds 86400
crypto map mymap 270 match address VPN-8754
crypto map mymap 270 set pfs
crypto map mymap 270 set peer 190.149.236.2 190.149.236.1
crypto map mymap 270 set ikev1 transform-set ESP-3DES-MD5
crypto map mymap 270 set security-association lifetime seconds 86400
crypto map mymap 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map mymap interface outside
crypto ca trustpool policy
crypto isakmp identity address
no crypto isakmp nat-traversal
crypto ikev1 enable outside
crypto ikev1 policy 1
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
telnet 10.150.35.47 255.255.255.255 inside
telnet 10.150.86.93 255.255.255.255 inside
telnet 10.150.35.48 255.255.255.255 inside
telnet 10.150.35.46 255.255.255.255 inside
telnet timeout 5
ssh stricthostkeycheck
ssh 201.144.254.80 255.255.255.240 outside
ssh 201.116.50.64 255.255.255.240 outside
ssh 201.144.8.128 255.255.255.224 outside
ssh 187.210.23.33 255.255.255.255 outside
ssh 201.116.117.160 255.255.255.240 outside
ssh 10.150.86.93 255.255.255.255 inside
ssh 10.150.35.45 255.255.255.255 inside
ssh 10.150.17.3 255.255.255.255 inside
ssh 10.150.35.46 255.255.255.255 inside
ssh 10.150.35.47 255.255.255.255 inside
ssh timeout 60
ssh version 2
ssh key-exchange group dh-group1-sha1
console timeout 0
management-access inside
dhcpd auto_config outside
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
group-policy DfltGrpPolicy attributes
vpn-idle-timeout none
group-policy mygroup internal
group-policy mygroup attributes
vpn-tunnel-protocol ikev1
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
vpn-tunnel-protocol ikev1
dynamic-access-policy-record DfltAccessPolicy
tunnel-group DefaultL2LGroup ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 user-authentication none
tunnel-group 201.1136.117.162 type ipsec-l2l
tunnel-group 201.1136.117.162 ipsec-attributes
ikev1 pre-shared-key *****
isakmp keepalive disable
tunnel-group mygroup type ipsec-l2l
tunnel-group mygroup ipsec-attributes
ikev1 pre-shared-key *****
isakmp keepalive disable
tunnel-group 201.136.117.162 type ipsec-l2l
tunnel-group 201.116.117.162 type ipsec-l2l
tunnel-group 201.116.117.162 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group TeleperformanceRemoto type ipsec-l2l
tunnel-group TeleperformanceRemoto ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 189.211.83.76 type ipsec-l2l
tunnel-group 189.211.83.76 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group "Tunel Tiendas Filiales" type ipsec-l2l
tunnel-group "Tunel Tiendas Filiales" general-attributes
default-group-policy GroupPolicy1
tunnel-group "Tunel Tiendas Filiales" ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.250.174 type ipsec-l2l
tunnel-group 190.56.250.174 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.141.162 type ipsec-l2l
tunnel-group 190.56.141.162 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.156.54 type ipsec-l2l
tunnel-group 190.56.156.54 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.166.26 type ipsec-l2l
tunnel-group 190.56.166.26 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.242.22 type ipsec-l2l
tunnel-group 190.56.242.22 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.38.50 type ipsec-l2l
tunnel-group 190.56.38.50 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 186.151.162.58 type ipsec-l2l
tunnel-group 186.151.162.58 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.152.234 type ipsec-l2l
tunnel-group 190.56.152.234 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.149.255.210 type ipsec-l2l
tunnel-group 190.149.255.210 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 186.151.219.2 type ipsec-l2l
tunnel-group 186.151.219.2 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 186.151.218.2 type ipsec-l2l
tunnel-group 186.151.218.2 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 216.230.148.230 type ipsec-l2l
tunnel-group 216.230.148.230 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.149.247.105 type ipsec-l2l
tunnel-group 190.149.247.105 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.56.153.150 type ipsec-l2l
tunnel-group 190.56.153.150 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 186.151.211.54 type ipsec-l2l
tunnel-group 186.151.211.54 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 186.151.120.38 type ipsec-l2l
tunnel-group 186.151.120.38 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.149.236.2 type ipsec-l2l
tunnel-group 190.149.236.2 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.150.68.225 type ipsec-l2l
tunnel-group 190.150.68.225 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 190.149.247.106 type ipsec-l2l
tunnel-group 190.149.247.106 ipsec-attributes
ikev1 pre-shared-key *****
!
class-map netflow-export-class
class-map inspection_default
match default-inspection-traffic
class-map flow_export_class
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
inspect icmp error
policy-map flow_export_policy
class flow_export_class
!
service-policy global_policy global
privilege cmd level 10 mode exec command show
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:795d74f385c0c27ea76823933485efaf
: end
ASA-GUATEMALA# $
_________________________________________________________
Remote site Config
___________________________________________________________
VPN-8714#sh run
Building configuration...
Current configuration : 9426 bytes
!
version 15.6
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
no service timestamps debug uptime
service timestamps log datetime
service password-encryption
service sequence-numbers
!
hostname VPN-8714
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret 5 $1$o5eO$st4Tdma0ktNF5C0ftr1QX/
!
no aaa new-model
wan mode ethernet
!
!
!
!
!
!
no ip domain lookup
ip domain name yourdomain.com
ip cef
no ipv6 cef
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-3488398958
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3488398958
revocation-check none
rsakeypair TP-self-signed-3488398958
!
!
crypto pki certificate chain TP-self-signed-3488398958
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33343838 33393839 3538301E 170D3138 31323236 31383231
31315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 34383833
39383935 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100CAA6 130F5C53 3F998D91 6E8520A7 B539C6DB 82B1190B 9777BD57 14FA6528
0472B6D9 A1BB6255 884A913B 7D5D832E C67E266B 9CF16CDB BD8B0A97 746DBC48
1AACC579 C169945E 9C489351 C0A7C597 38110FD2 F83683A7 0BFB44E7 A1822DD0
CE7A2A33 539B4F9D DC0D400C 9D79303D 016BDF63 B1AD23B7 9095859E 8DEAE4FE
17D30203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14983F67 D681A54F 044769E8 D5F21D66 E6EC0BA9 15301D06
03551D0E 04160414 983F67D6 81A54F04 4769E8D5 F21D66E6 EC0BA915 300D0609
2A864886 F70D0101 05050003 8181000D EC51836B 89B2C8F1 326789EB 32F635C2
9677896C 539BBF7A 36775C6D F4BB03EF 24BC73CD 06B7A501 C61660DC 8B7E047F
4BA1B7F0 609F6481 F862D7C0 4D2453FA 16DF7AFE 90F09F91 ECC4B018 5FC1F999
E38A83F6 759EAF01 7941E9DF 5F0F8812 09ED0D7D 19F8F2FD 2FF874C9 9D904F72
8370EFFE 3381CFA6 90F96188 BDF74D
quit
!
!
!
!
controller VDSL 0
shutdown
no cdp run
!
!
!
!
!
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key L182ii364N address 181.209.173.202
crypto isakmp keepalive 300
!
!
crypto ipsec transform-set myset esp-3des esp-md5-hmac
mode tunnel
crypto ipsec nat-transparency spi-matching
!
!
!
crypto map ASA-G 10 ipsec-isakmp
set peer 181.209.173.202
set security-association lifetime seconds 28800
set transform-set myset
set pfs group2
match address 120
!
!
!
!
!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
pvc 0/881
encapsulation aal5snap
pppoe-client dial-pool-number 1
!
!
interface Ethernet0
no ip address
shutdown
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface GigabitEthernet0
no ip address
!
interface GigabitEthernet1
no ip address
!
interface GigabitEthernet2
description $ES_WAN$
ip address 190.56.38.50 255.255.255.252
no ip redirects
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
crypto map ASA-G
!
interface Vlan1
description LAN 8714 Mazatenango
ip address 10.150.95.1 255.255.255.224
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting output-packets
ip flow ingress
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1200
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list 110 interface GigabitEthernet2 overload
ip nat inside source static tcp 10.150.95.28 80 interface GigabitEthernet2 80
ip route 0.0.0.0 0.0.0.0 190.56.38.49
ip ssh time-out 10
ip ssh version 2
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
ip sla auto discovery
ip sla 2
icmp-echo 10.150.33.1 source-interface Vlan1
frequency 61
ip sla schedule 2 life forever start-time now
ip sla 3
icmp-echo 10.150.35.1 source-interface Vlan1
frequency 61
ip sla schedule 3 life forever start-time now
ip sla 4
icmp-echo 10.150.41.1 source-interface Vlan1
frequency 61
ip sla schedule 4 life forever start-time now
ip sla 5
icmp-echo 10.150.48.1 source-interface Vlan1
frequency 61
ip sla schedule 5 life forever start-time now
ip sla 6
icmp-echo 10.150.49.1 source-interface Vlan1
frequency 61
ip sla schedule 6 life forever start-time now
ip sla 7
icmp-echo 10.150.58.1 source-interface Vlan1
frequency 61
ip sla schedule 7 life forever start-time now
ip sla 8
icmp-echo 10.150.63.1 source-interface Vlan1
frequency 61
ip sla schedule 8 life forever start-time now
ip sla 9
icmp-echo 130.1.103.1 source-interface Vlan1
frequency 61
ip sla schedule 9 life forever start-time now
ip sla 10
icmp-echo 130.1.104.1 source-interface Vlan1
frequency 61
ip sla schedule 10 life forever start-time now
ip sla 11
icmp-echo 10.150.253.225 source-interface Vlan1
frequency 61
ip sla schedule 11 life forever start-time now
ip sla 12
icmp-echo 10.150.253.193 source-interface Vlan1
frequency 61
ip sla schedule 12 life forever start-time now
ip sla 13
icmp-echo 10.150.47.1 source-interface Vlan1
frequency 61
ip sla schedule 13 life forever start-time now
ip sla 14
icmp-echo 10.150.86.129 source-interface Vlan1
frequency 61
ip sla schedule 14 life forever start-time now
ip sla 15
icmp-echo 10.150.86.65 source-interface Vlan1
frequency 61
ip sla schedule 15 life forever start-time now
ip sla 16
icmp-echo 10.150.36.1 source-interface Vlan1
frequency 61
ip sla schedule 16 life forever start-time now
mac-address-table aging-time 10
!
snmp-server community vpnilusion RO
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.16.0 0.0.3.255
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.32.0 0.0.0.255
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.33.0 0.0.0.255
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.35.0 0.0.0.255
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.36.0 0.0.0.255
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.41.0 0.0.0.255
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.47.0 0.0.0.255
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.48.0 0.0.0.255
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.49.0 0.0.0.255
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.58.0 0.0.0.255
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.63.0 0.0.0.255
access-list 110 deny ip 10.150.95.0 0.0.0.31 10.150.86.64 0.0.0.31
access-list 110 permit ip 10.150.95.0 0.0.0.31 any
access-list 112 permit tcp host 10.150.17.3 any eq telnet
access-list 112 permit tcp host 10.150.35.42 any eq telnet
access-list 112 permit tcp host 10.150.35.43 any eq telnet
access-list 112 permit tcp host 10.150.95.27 any eq 22
access-list 112 permit tcp host 10.150.17.3 any eq 22
access-list 112 permit tcp host 10.150.35.42 any eq 22
access-list 112 permit tcp host 10.150.35.43 any eq 22
access-list 112 permit tcp host 10.150.35.45 any eq 22
access-list 112 permit tcp host 10.150.35.46 any eq 22
access-list 112 permit tcp host 10.150.35.47 any eq 22
access-list 112 permit tcp host 187.174.224.177 any eq 22
access-list 112 permit tcp host 201.116.117.162 any eq 22
access-list 112 permit tcp host 10.150.32.42 any eq 22
access-list 112 permit tcp host 10.150.32.43 any eq 22
access-list 112 permit tcp host 189.204.219.33 any eq 22
access-list 112 permit tcp host 10.150.35.48 any eq 22
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.16.0 0.0.3.255
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.32.0 0.0.0.255
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.33.0 0.0.0.255
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.35.0 0.0.0.255
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.41.0 0.0.0.255
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.47.0 0.0.0.255
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.48.0 0.0.0.255
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.49.0 0.0.0.255
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.58.0 0.0.0.255
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.63.0 0.0.0.255
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.86.64 0.0.0.31
access-list 120 permit ip 10.150.95.0 0.0.0.31 10.150.36.0 0.0.0.255
!
privilege exec level 7 ping
privilege exec level 7 show crypto isakmp sa
privilege exec level 7 show crypto isakmp
privilege exec level 7 show crypto
privilege exec level 7 show ip
privilege exec level 7 show
!
line con 0
login local
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line vty 0 4
access-class 112 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 60000 1000
!
end
03-23-2019 08:47 AM
You don't have 10.150.32.0/24 and 10.150.35.0/24 defined in the identity NAT on the ASA in the GuatemalaLocalPrincipal object. You will need to either create a new object defining the 10.150.32.0/24 and 10.150.35.0/24 subnet and then create a new identity NAT for those source and destination, or create a new object-group and define all required subnets in that new object-group then remove the existing identity NAT and add a new NAT statement with the new object. Unless there is an issue within the MPLS routing then you should get connectivity once this is in place.
nat (inside,outside) source static GuatemalaLocalPrincipal GuatemalaLocalPrincipal destination static Tienda8714 Tienda8714 no-proxy-arp route-lookup
object network GuatemalaLocalPrincipal
subnet 10.150.86.64 255.255.255.224
object network Tienda8714
subnet 10.150.95.0 255.255.255.224
03-24-2019 05:31 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide