- Cisco Community
- Technology and Support
- Security
- VPN
- Please help
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Unable to vpn when port 80 is being forwarded
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2015 07:47 PM
Hello and sorry if this has already been asked,
I have a Cisco ASA 5505 which i use in my home so that I can connect remotely. I got it up and running without any issues. I recently started working on learning web development, and wanted to open a website up to the outside world. I am able to port forward port 80 with no issues. I can access it from the outside world with no issues. however no every time i go to try and VPN I get web authentication required on Cisco AnyConnect. If i remove the port forwarding then I can VPN again. Any help for fixing this would be much appreciated.
below is my startup config with unique identifiers removed.
ASAHOST# show startup-config
: Saved
: Written by enable_15 at 22:19:42.478 EDT Fri Jul 24 2015
!
ASA Version 8.4(1)
!
hostname ASAHOST
domain-name domain.com
names
!
interface Vlan1
nameif inside
security-level 100
ip address 172.16.10.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
!
interface Vlan12
nameif CiscoRouter
security-level 100
ip address 192.168.50.1 255.255.255.252
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
switchport access vlan 12
!
interface Ethernet0/6
!
interface Ethernet0/7
!
boot system disk0:/asa841-k8.bin
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup inside
dns domain-lookup outside
dns domain-lookup CiscoRouter
dns server-group DefaultDNS
name-server 8.8.8.8
domain-name domain.com
same-security-traffic permit inter-interface
object network NETWORK_OBJ_192.168.25.0_27
subnet 192.168.25.0 255.255.255.224
object service PassiveFTP
service tcp destination range 55000 56000
object network FTPPassive
host 192.168.10.10
object network CiscoIP
subnet 192.168.0.0 255.255.0.0
object network InsideIP
subnet 172.16.10.0 255.255.255.0
object network Website
host 192.168.10.10
access-list Split_Tunnel_List standard permit 192.168.50.0 255.255.255.0
access-list Split_Tunnel_List standard permit 172.16.10.0 255.255.255.0
access-list Split_Tunnel_List standard permit 192.168.0.0 255.255.0.0
access-list OutsidetoFTP extended permit tcp any host 192.168.10.10 eq 990
access-list OutsidetoFTP extended permit tcp any host 192.168.10.10 range 55000 56000
access-list OutsidetoFTP extended permit tcp any host 192.168.10.10 eq www
access-list DefaultRAGroup_splitTunnelAcl standard permit any
pager lines 24
logging enable
logging list test level informational class vpn
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu CiscoRouter 1500
ip local pool VPN_POOL1 192.168.25.1-192.168.25.25 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
nat (CiscoRouter,outside) source static any any destination static NETWORK_OBJ_192.168.25.0_27 NETWORK_OBJ_192.168.25.0_27
nat (inside,outside) source static any any destination static NETWORK_OBJ_192.168.25.0_27 NETWORK_OBJ_192.168.25.0_27
nat (outside,CiscoRouter) source static any any destination static interface FTPPassive service PassiveFTP PassiveFTP
!
object network FTPPassive
nat (CiscoRouter,outside) static interface service tcp 990 990
object network CiscoIP
nat (CiscoRouter,outside) dynamic interface
object network InsideIP
nat (inside,outside) dynamic interface
object network Website
nat (CiscoRouter,outside) static interface service tcp www www
!
nat (inside,outside) after-auto source dynamic any interface
nat (CiscoRouter,outside) after-auto source dynamic any interface
route CiscoRouter 192.168.10.0 255.255.255.0 192.168.50.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication serial console LOCAL
aaa authentication ssh console LOCAL
aaa authorization exec authentication-server
http server enable
http 192.168.10.10 255.255.255.255 CiscoRouter
http 192.168.10.11 255.255.255.255 CiscoRouter
http 192.168.10.12 255.255.255.255 CiscoRouter
no snmp-server location
no snmp-server contact
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-192-SHA ESP-AES-256-SHA ESP-3DES-SHA ESP-DES-SHA ESP-AES-128-SHA-TRANS ESP-AES-192-SHA-TRANS ESP-AES-256-SHA-TRANS ESP-3DES-SHA-TRANS ESP-DES-SHA-TRANS
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto map CiscoRouter_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map CiscoRouter_map interface CiscoRouter
crypto map test_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto ca trustpoint ASDM_TrustPoint2
enrollment terminal
crl configure
crypto ca trustpoint ASDM_TrustPoint1
enrollment self
subject-name CN=ASAHost.domainr.com
keypair SSLCert.key
proxy-ldc-issuer
crl configure
crypto ca trustpoint ASDM_TrustPoint0
enrollment terminal
subject-name CN=ASAHost.domainr.com
keypair SSLCert.key
crl configure
crypto ca certificate chain ASDM_TrustPoint2
certificate ca 01
308207c9 308205b1 a0030201 02020101 300d0609 2a864886 f70d0101 05050030
7d310b30 09060355 04061302 494c3116 30140603 55040a13 0d537461 7274436f
6d204c74 642e312b 30290603 55040b13 22536563 75726520 44696769 74616c20
43657274 69666963 61746520 5369676e 696e6731 29302706 03550403 13205374
61727443 6f6d2043 65727469 66696361 74696f6e 20417574 686f7269 7479301e
170d3036 30393137 31393436 33365a17 0d333630 39313731 39343633 365a307d
310b3009 06035504 06130249 4c311630 14060355 040a130d 53746172 74436f6d
204c7464 2e312b30 29060355 040b1322 53656375 72652044 69676974 616c2043
65727469 66696361 74652053 69676e69 6e673129 30270603 55040313 20537461
7274436f 6d204365 72746966 69636174 696f6e20 41757468 6f726974 79308202
22300d06 092a8648 86f70d01 01010500 0382020f 00308202 0a028202 0100c188
db09bc6c 467c789f 957bb533 90f27262 d6c13620 22245ece e977f243 0aa20664
a4cc8e36 f838e623 f06e6db1 3cdd72a3 851ca1d3 3db4332b d32faffe eab04159
67b6c406 7d0a9e74 85d6794c 80377adf 39055259 f7f41b46 43a4d285 85d2c371
f3756234 ba2c8a7f 1e8feeed 34d011c7 96cd523d ba33d6dd 4dde0b3b 4a4b9fc2
262ffab5 161c7235 77ca3c5d e6cae126 8b1a3676 5c01db74 1425feed b5a0880f
dd78ca2d 1f079730 012d7279 fa46d613 2aa8b9a6 ab83491d e5f2efdd e4018e18
0a8f6353 168562a9 0e193acc b566a6c2 6b7407e4 2be1763e b46dd8f6 44e17362
1f3bc4be a0535625 6c5109f7 aaabcabf 76fd6d9b f39ddbbf 3d66bc0c 56aaaf98
48953a4b dfa75850 d93875a9 5bea430c 02ff99eb e86c4d70 5b29659c ddaa5dcc
af0131ec 0cebd28d e8ea9c7b e66ef727 660c1a48 d76e42e3 3fde213e 7be10d70
fb63aaa8 6c1a54b4 5c257ac9 a2c98b16 a6bb2c7e 175e054d 586e121d 01ee1210
0dc6327f 18fffcf4 facd6e91 e83649be 1a48698b c2964d1a 12b26917 c10a90d6
fa792248 bfba7b69 f870c7fa 7a37d8d8 0dd2764f 57ff90b7 e391d2dd efc260b7
673addfe aa9cf0d4 8b7f7222 cec69f97 b6f8af8a a010a8d9 fb18c6b6 b55c523c
89b6192a 73010a0f 03b31260 f27a2f81 dba36eff 263097f5 8bdd8957 b6ad3db3
af2bc5b7 7602f0a5 d62b9a86 142a72f6 e3338c5d 094b13df bb8c7413 524b0203
010001a3 82025230 82024e30 0c060355 1d130405 30030101 ff300b06 03551d0f
04040302 01ae301d 0603551d 0e041604 144e0bef 1aa4405b a5176987 30ca3468
43d041ae f2306406 03551d1f 045d305b 302ca02a a0288626 68747470 3a2f2f63
6572742e 73746172 74636f6d 2e6f7267 2f736673 63612d63 726c2e63 726c302b
a029a027 86256874 74703a2f 2f63726c 2e737461 7274636f 6d2e6f72 672f7366
7363612d 63726c2e 63726c30 82015d06 03551d20 04820154 30820150 3082014c
060b2b06 01040181 b5370101 01308201 3b302f06 082b0601 05050702 01162368
7474703a 2f2f6365 72742e73 74617274 636f6d2e 6f72672f 706f6c69 63792e70
64663035 06082b06 01050507 02011629 68747470 3a2f2f63 6572742e 73746172
74636f6d 2e6f7267 2f696e74 65726d65 64696174 652e7064 663081d0 06082b06
01050507 02023081 c3302716 20537461 72742043 6f6d6d65 72636961 6c202853
74617274 436f6d29 204c7464 2e300302 01011a81 974c696d 69746564 204c6961
62696c69 74792c20 72656164 20746865 20736563 74696f6e 202a4c65 67616c20
4c696d69 74617469 6f6e732a 206f6620 74686520 53746172 74436f6d 20436572
74696669 63617469 6f6e2041 7574686f 72697479 20506f6c 69637920 61766169
6c61626c 65206174 20687474 703a2f2f 63657274 2e737461 7274636f 6d2e6f72
672f706f 6c696379 2e706466 30110609 60864801 86f84201 01040403 02000730
38060960 86480186 f842010d 042b1629 53746172 74436f6d 20467265 65205353
4c204365 72746966 69636174 696f6e20 41757468 6f726974 79300d06 092a8648
86f70d01 01050500 03820201 00166c99 f4660c34 f5d0855e 7d0aecda 104e381c
5edfa625 054b9132 c1e83bf1 3ddd4409 5b07498a 29cb6602 b7b19af7 2598093c
8e1be1dd 36872b4b bb68d339 663da026 c7f23991 1d51ab82 7b7ed5ce 5ae4e203
57706997 08f95e58 a60adf8c 069a4516 16380a5e 57f662c7 7a0205e6 bc1eb5f2
9ef4a929 83f8b214 e36e2887 44c3901a de38a93c ac434d64 45cedd28 a95cf273
7b04f817 e8abb1f3 2e5c646e 73313a12 b8bcb311 e47d8f81 519a3b8d 89f44d93
667b3c03 edd39a1d 9af36550 f5a0d075 9f2faff0 ea824398 f8699c89 79c4438e
4672e364 3612aff7 251e3889 90777ec3 6b6ab9c3 cb444bac 78908be7 c72c1e4b
1144c834 5227cd0a 5d9f85c1 89d51a78 f2951053 32dd8084 6675d9b5 6828fb61
2ebe84a8 38c09912 86a51e67 64ad062e 2fa97085 c7960f7c 8965f58e 43540eab
dda58039 9460c034 c996702c a312f51f 487bbd1c 7e6bb79d 90f4223b aef8fc2a
cafa8252 a0efaf4b 5593ebc1 b5f0228b ac344e26 2204a187 2c754ab7 e57d13d7
b80c64c0 36d2c92f 86128c23 09c11b82 3b7349a3 6a578794 e5d678c5 994363e3
4de0772d e1659972 69041a47 09e60f01 5624fb1f bf0e79a9 582eb9c4 09017e95
ba6d0006 3eb2ea4a 1039d8d0 2bf5bfec 75bf9702 c5091b08 dc5537e2 81fb3784
436220ca e7564b65 eafe6cc1 249324a1 34eb05ff 9a22ae9b 7d3ff165 510aa630
6ab3f488 1c800dfc 728ae883 5e
quit
crypto ca certificate chain ASDM_TrustPoint1
certificate e2da0655
30820385 3082026d a0030201 020204e2 da065530 0d06092a 864886f7 0d010105
05003052 31243022 06035504 03131b48 656e6567 61724153 412e436c 696e7468
656e6567 61722e63 6f6d312a 30280609 2a864886 f70d0109 02161b48 656e6567
61724153 412e636c 696e7468 656e6567 61722e63 6f6d301e 170d3135 30333136
32313239 34355a17 0d323530 33313332 31323934 355a3052 31243022 06035504
03131b48 656e6567 61724153 412e436c 696e7468 656e6567 61722e63 6f6d312a
30280609 2a864886 f70d0109 02161b48 656e6567 61724153 412e636c 696e7468
656e6567 61722e63 6f6d3082 0122300d 06092a86 4886f70d 01010105 00038201
0f003082 010a0282 010100a3 a7d8f04a ac2c782e f78402e4 245431ec 18782423
ed4258e8 10933bb7 934c12e0 0fa7aab9 78b6d87c 25bc4e5e 0da2eed0 f9fe950e
99355a9f 93d35877 399a42b5 a2285d4a 11fe55e0 6ecbf6a5 c10aa618 b0a6c1eb
2637acd5 33e3948c f78aacb3 8566d7c6 34da099c c304a592 33f5c768 8f0c74fe
942824f7 3eacceac 6c176554 76a3d976 81b77f38 f640693a 545df3e2 23abe2c0
7cf00bc4 503587ec 8a481c68 6711869f 394bc75b 524a82ac a89426d9 cee8d68a
ed0e0865 fb9c2ce8 814dee9b 055a0e2f d528c46b 0b11ffae 5519239b 56161a07
65638862 2ba08d95 3e72f9fb 464c2734 431eaf10 702b45d6 41ea72a4 97740549
1ec34369 d0d5bef2 1531af02 03010001 a3633061 300f0603 551d1301 01ff0405
30030101 ff300e06 03551d0f 0101ff04 04030201 86301f06 03551d23 04183016
801476f3 3c9af1d3 d6c5976e a61a9d0b 68cdc612 426d301d 0603551d 0e041604
1476f33c 9af1d3d6 c5976ea6 1a9d0b68 cdc61242 6d300d06 092a8648 86f70d01
01050500 03820101 00412e5f a6e0861b 39f728d6 278637c3 ef0be73a 8a6a8f6b
58ac5230 346126bd a6640b1f 91744abd 14e48aea 153be0f4 1db39dbb fb7bfda7
586c96a7 8d0ae2dd efd46848 259a5afa 693c998e e8a0ff92 221081aa c751285d
c9a85a14 db5820e5 d5df8d90 007a2f78 8209fac7 dc9321d9 54706c2c 9bfe000e
425ece15 c5d8936a a39c81d0 8b7e4b13 e0c5a3e4 3adb61e9 2f792f64 58f24f89
cdc075e0 3c12f8ed 728b579f 6eba433c 62dae759 e0d77816 574d7c65 f47f7231
c2c400f7 71d0b770 285b9668 00891cea afa49cda a693123a 2de30b42 7e406d6e
956d9931 6ace1576 91bcb61f 0e8c532f ddcf34fa ea9f6c9e 3963e95e 905842cb
4e7e473f e80a6eb7 bc
quit
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside client-services port 443
crypto ikev2 enable CiscoRouter client-services port 443
crypto ikev2 remote-access trustpoint ASDM_TrustPoint1
crypto ikev1 enable outside
crypto ikev1 policy 10
authentication crack
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 120
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh 192.168.10.10 255.255.255.255 CiscoRouter
ssh 192.168.10.11 255.255.255.255 CiscoRouter
ssh 192.168.10.12 255.255.255.255 CiscoRouter
ssh 192.168.10.20 255.255.255.255 CiscoRouter
ssh 192.168.10.101 255.255.255.255 CiscoRouter
ssh timeout 5
ssh version 2
console timeout 5
dhcpd auto_config outside
!
dhcpd address 172.16.10.15-172.16.10.25 inside
dhcpd dns 8.8.8.8 8.8.4.4 interface inside
dhcpd lease 86400 interface inside
dhcpd domain domain.com interface inside
dhcpd enable inside
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ntp server 206.246.122.250 source outside prefer
ssl trust-point ASDM_TrustPoint1 CiscoRouter
ssl trust-point ASDM_TrustPoint1 outside
webvpn
enable outside
anyconnect image disk0:/anyconnect-win-3.1.02040-k9.pkg 1
anyconnect profiles ASAHOST_client_profile disk0:/ASAHOST_client_profile.xml
anyconnect enable
tunnel-group-list enable
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
dns-server value 8.8.8.8
vpn-tunnel-protocol ssl-client
split-tunnel-policy tunnelspecified
split-tunnel-network-list value DefaultRAGroup_splitTunnelAcl
default-domain value domainr.com
group-policy GroupPolicy_ASAHOST internal
group-policy GroupPolicy_ASAHOST attributes
wins-server none
dns-server value 8.8.8.8
vpn-idle-timeout 10
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
split-tunnel-policy tunnelspecified
split-tunnel-network-list value Split_Tunnel_List
default-domain value domainr.com
webvpn
anyconnect profiles value ASAHOST_client_profile type user
tunnel-group DefaultRAGroup general-attributes
address-pool VPN_POOL1
default-group-policy DefaultRAGroup
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ppp-attributes
authentication pap
authentication ms-chap-v2
authentication eap-proxy
tunnel-group ASAHOST type remote-access
tunnel-group ASAHOST general-attributes
address-pool VPN_POOL1
default-group-policy GroupPolicy_ASAHOST
tunnel-group ASAHOST webvpn-attributes
group-alias ASAHOST enable
tunnel-group ASAHOST ipsec-attributes
ikev1 pre-shared-key *****
ikev1 user-authentication none
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
inspect icmp error
inspect ipsec-pass-thru
inspect http
!
service-policy global_policy global
prompt hostname context
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email callhome@cisco.com
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
- Labels:
-
VPN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2015 04:45 PM
Please help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide