Created
September 15, 2015 02:40
-
-
Save mosesrenegade/d139f15a17fb47b9e664 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
firewall transparent | |
enable password cisco | |
hostname ciscoasa | |
domain-name domain.local | |
names | |
! | |
interface GigabitEthernet1/1 | |
nameif outside | |
bridge-group 1 | |
security-level 100 | |
! | |
interface GigabitEthernet1/2 | |
nameif inside | |
bridge-group 1 | |
security-level 100 | |
! | |
interface Management1/1 | |
management-only | |
no nameif | |
no security-level | |
! | |
interface BVI1 | |
ip address 192.168.1.2 255.255.255.0 | |
! | |
boot system disk0:/asa941-lfbff-k8.SPA | |
ftp mode passive | |
dns domain-lookup outside | |
dns domain-lookup inside | |
dns server-group DefaultDNS | |
same-security-traffic permit inter-interface | |
access-list inside_access_in extended permit ip any any | |
access-list outside_access_in extended permit ip any any | |
access-list global_mpc_1 extended permit ip any any | |
pager lines 24 | |
logging enable | |
logging asdm informational | |
mtu outside 1500 | |
mtu inside 1500 | |
icmp unreachable rate-limit 1 burst-size 1 | |
icmp permit any outside | |
icmp permit any inside | |
asdm history enable | |
arp timeout 14400 | |
no arp permit-nonconnected | |
access-group outside_access_in in interface outside | |
access-group inside_access_in in interface inside | |
route outside 0.0.0.0 0.0.0.0 192.168.1.1 1 | |
user-identity default-domain LOCAL | |
aaa authentication http console LOCAL | |
aaa authentication ssh console LOCAL | |
http server enable | |
http 0.0.0.0 0.0.0.0 inside | |
no snmp-server location | |
no snmp-server contact | |
service sw-reset-button | |
crypto ipsec security-association pmtu-aging infinite | |
no ssh stricthostkeycheck | |
ssh 192.168.1.0 255.255.255.0 inside | |
ssh timeout 5 | |
ssh key-exchange group dh-group1-sha1 | |
console timeout 0 | |
threat-detection basic-threat | |
threat-detection statistics | |
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200 | |
ssl server-version tlsv1.2 | |
ssl client-version tlsv1.2 | |
dynamic-access-policy-record DfltAccessPolicy | |
username cisco priv 15 password cisco | |
class-map global-class | |
match access-list global_mpc | |
class-map inspection_default | |
match default-inspection-traffic | |
! | |
policy-map type inspect dns preset_dns_map | |
parameters | |
message-length maximum client auto | |
message-length maximum 512 | |
policy-map global_policy | |
class inspection_default | |
inspect dns preset_dns_map | |
inspect esmtp | |
inspect ftp | |
inspect h323 h225 | |
inspect h323 ras | |
inspect ip-options | |
inspect netbios | |
inspect rsh | |
inspect rtsp | |
inspect sip | |
inspect skinny | |
inspect sqlnet | |
inspect sunrpc | |
inspect tftp | |
inspect xdmcp | |
class global-class | |
sfr fail-open | |
class class-default | |
user-statistics accounting | |
! | |
service-policy global_policy global | |
prompt hostname context | |
service call-home | |
call-home reporting anonymous | |
call-home | |
contact-email-addr mosherna@cisco.com | |
profile CiscoTAC-1 | |
no active | |
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService | |
destination address email callhome@cisco.com | |
destination transport-method http | |
subscribe-to-alert-group diagnostic | |
subscribe-to-alert-group environment | |
subscribe-to-alert-group inventory periodic monthly 28 | |
subscribe-to-alert-group configuration periodic monthly 28 | |
subscribe-to-alert-group telemetry periodic daily | |
hpm topN enable |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment