Home > other >  ASA5525 -x VPN not to seek help from god
ASA5525 -x VPN not to seek help from god

Time:09-18

Ciscoasa# show running - config
: Saved
:
: Serial Number: FCH195276GV
: Hardware: ASA5525, 8192 MB RAM, CPU Lynnfield 2393 MHz, 1 CPU cores (4)
:
ASA Version 9.2 (2) 4
!
The hostname ciscoasa
The enable password, "eight ry2yjiyt7rrxu24 encrypted
Names
!
Interface GigabitEthernet0/0
Nameif outside
Security - level 0
IP address X.X.X.X 255.255.255.248
!
Interface GigabitEthernet0/1
Nameif inside
Security - level 100
IP address 192.168.100.1 255.255.255.0
!
Interface GigabitEthernet0/2
Shutdown
No nameif
No security - level
No IP address
!
Interface GigabitEthernet0/3
Shutdown
No nameif
No security - level
No IP address
!
Interface GigabitEthernet0/4
Shutdown
No nameif
No security - level
No IP address
!
Interface GigabitEthernet0/5
Shutdown
No nameif
No security - level
No IP address
!
Interface GigabitEthernet0/6
Shutdown
No nameif
No security - level
No IP address
!
Interface GigabitEthernet0/7
Shutdown
No nameif
No security - level
No IP address
!
Interface Management0/0
Management - only
Shutdown
No nameif
No security - level
No IP address
!
FTP mode passive
The object network local
Subnet configures 172.20.77.0 255.255.255.0
IP access - the list djs_list extended permit 172.20.0.0 255.255.0.0 192.168.0.0 255.255.0.0
Pager lines 24
Mtu outside 1500
Mtu inside 1500
No failover
The icmp unreachable rate - limit 1 burst - size 1
No asdm history enable
Arp 14400
the timeoutNo arp permit - nonconnected
!
The object network local
NAT (inside and outside) the dynamic interface
The route outside 0.0.0.0 0.0.0.0 X.X.X.X 1
The route inside 172.20.77.0 255.255.255.0 192.168.100.2 1
The timeout xlate 3:00:00
The timeout pat - xlate 0:00:30
The timeout conn 1:00:00 half - closed 0:10:00 udp 0:02:00 icmp 0:00:02
The timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 MGCP 0:05:00 MGCP - pat 0:05:00
The timeout sip 0:30:00 sip_media 0:02:00 sip - invite 0:03:00 sip - disconnect 0:02:00
The timeout sip - provisional - media 0:02:00 uauth 0:05:00 absolute
The timeout TCP proxy - reassembly 0:01:00
The timeout floating - conn 0:00:00
Dynamic - access - policy - record DfltAccessPolicy
The user identity - the default - domain LOCAL
No SNMP - server location
No SNMP - server contact
Crypto ipsec ikev1 transform - set FirstSet esp esp - md5 - hmac - 3 des
Crypto ipsec ikev2 ipsec - proposal secure
Protocol esp encryption aes, 3 des des
Protocol esp integrity sha - 1
Crypto ipsec security association - pmtu - aging infinite
Crypto map abcmap 1 match address djs_list
Crypto map abcmap 1 set peer 111.207.124.85
Crypto map abcmap 1 set ikev1 transform - set FirstSet
Crypto map abcmap 1 set ikev2 ipsec - proposal secure
Crypto map abcmap interface outside
Crypto ca trustpool policy
Crypto ikev2 policy 1
3 des encryption
Integrity sha
Group 2
PRF sha
Lifetime seconds 43200
Crypto ikev2 enable outside
Crypto ikev1 enable outside
Crypto ikev1 policy 1
The authentication pre - share
3 des encryption
Hash sha
Group 2
Lifetime of 43200
Telnet timeout 5
No SSH stricthostkeycheck
SSH timeout 5
SSH key - exchange group dh group1 -- sha1
The console timeout 0
-- -- kyoui -- kyoui - detection, basic
-- kyoui - detection statistics access - list
No -- kyoui - detection statistics TCP - intercept
Tunnel - group X.X.X.X type ipsec - l2l
Tunnel - group X.X.X.X ipsec - attributes
Ikev1 pre - Shared - key * * * * *
!
Class - the map inspection_default
Match the default ws-inspection - traffic
!
!
The policy - the map type inspect DNS preset_dns_map
The parameters
The message - length maximum client auto
The message - length, maximum 512
The policy - map global_policy
The class inspection_default
Inspect the DNS preset_dns_map
Inspect the FTP
Inspect h323 h225
Inspect h323 ras
Inspect RSH
Inspect RTSP
Inspect esmtp
Inspect sqlnet
Inspect skinny
Inspect sunrpc
Inspect XDMCP
Inspect the sip
Inspect netbios
Inspect TFTP
Inspect the IP - options
!
Service - the policy global_policy global
Prompt the hostname context
Call - home reporting anonymous prompt 2
87976 ca5ba2efa632034610bafed657b Cryptochecksum:
: end
Ciscoasa# shi
Ciscoasa# shiis
Ciscoasa# sho
Ciscoasa# show is
Ciscoasa# show isakmp

There are no IKEv1 SAs

There are no IKEv2 SAs

CodePudding user response:

The great god?

Page link:https//www.codepudding.com/other/8579.html

Prev:Licensed in the company of the computer or mobile phone to surf the Internet
Next:TCP client program development
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding