: Saved : : Serial Number: JAD2223057K : Hardware: ASA5506, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores) : ASA Version 9.8(2) ! hostname ciscoasa enable password XXXX names ! interface GigabitEthernet1/1 nameif outside security-level 0 ip address dhcp setroute ! interface GigabitEthernet1/2 nameif INSIDE security-level 100 ip address 10.0.1.254 255.255.255.0 ! interface GigabitEthernet1/3 nameif XS4ALL security-level 0 ip address 10.0.2.1 255.255.255.0 ! interface GigabitEthernet1/4 nameif DMZ security-level 50 ip address 10.0.4.254 255.255.255.0 ! interface GigabitEthernet1/5 nameif TEST security-level 40 ip address 10.0.3.254 255.255.255.0 ! interface GigabitEthernet1/6 bridge-group 1 nameif inside_5 security-level 100 ! interface GigabitEthernet1/7 bridge-group 1 nameif inside_6 security-level 100 ! interface GigabitEthernet1/8 bridge-group 1 nameif inside_7 security-level 100 ! interface Management1/1 management-only no nameif no security-level no ip address ! interface BVI1 nameif LAN security-level 100 ip address 192.168.1.1 255.255.255.0 ! ftp mode passive same-security-traffic permit inter-interface same-security-traffic permit intra-interface object network obj_any1 subnet 0.0.0.0 0.0.0.0 object network obj_any2 subnet 0.0.0.0 0.0.0.0 object network obj_any3 subnet 0.0.0.0 0.0.0.0 object network obj_any4 subnet 0.0.0.0 0.0.0.0 object network obj_any5 subnet 0.0.0.0 0.0.0.0 object network obj_any6 subnet 0.0.0.0 0.0.0.0 object network obj_any7 subnet 0.0.0.0 0.0.0.0 object network RDP-SERVER host 10.0.1.209 access-list inbound extended permit tcp any object RDP-SERVER eq 3389 pager lines 24 logging asdm informational mtu outside 1500 mtu INSIDE 1500 mtu XS4ALL 1500 mtu DMZ 1500 mtu TEST 1500 mtu inside_5 1500 mtu inside_6 1500 mtu inside_7 1500 icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 no arp permit-nonconnected arp rate-limit 16384 nat (TEST,outside) source dynamic any interface nat (INSIDE,outside) source dynamic any interface ! object network RDP-SERVER nat (INSIDE,outside) static interface service tcp 3389 3389 access-group inbound in interface outside timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 timeout conn-holddown 0:00:15 timeout igp stale-route 0:01:10 user-identity default-domain LOCAL aaa authentication ssh console LOCAL aaa authentication login-history http server enable http 10.0.1.0 255.255.255.0 INSIDE http 192.168.1.0 255.255.255.0 inside_6 http 192.168.1.0 255.255.255.0 inside_5 http 192.168.1.0 255.255.255.0 inside_7 no snmp-server location no snmp-server contact service sw-reset-button crypto ipsec security-association pmtu-aging infinite crypto ca trustpool policy telnet 10.0.1.0 255.255.255.0 INSIDE telnet 0.0.0.0 0.0.0.0 INSIDE telnet timeout 480 ssh stricthostkeycheck ssh 10.0.1.0 255.255.255.0 INSIDE ssh timeout 60 ssh key-exchange group dh-group1-sha1 console timeout 0 dhcpd auto_config outside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept dynamic-access-policy-record DfltAccessPolicy username XXXX password XXXX ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 no tcp-inspection policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options inspect icmp inspect icmp error ! service-policy global_policy global prompt hostname context no call-home reporting anonymous Cryptochecksum:XXXX : end