: Saved
:
ASA Version 8.0(2) 
!
hostname pppfw01
domain-name xyz.com
enable password wewewewewewewe encrypted
names
name 192.168.84.79 collab.xyz.com_int
name 192.168.84.74 lfo.xyz.biz_int
name 192.168.84.2 secure.xyz.biz_int description careers.xyz.com, secure.xyz.biz
name 192.168.84.33 www.xyz.com_dev_int
name 192.168.84.202 folioMedia_int
name 192.168.84.75 andrews_int
name 192.168.84.94 atlas.xyz.com_int
name 192.168.84.80 cata_int
name 192.168.84.71 facebook_dev_int description also life demo
name 192.168.84.35 mingle_int
name 192.168.83.35 qphone_int description asterisk VOIP server
name 192.168.84.91 rapReport_dev_int
name 192.168.83.71 wopr.xyz.com_int
name 220.5.222.103 folioMedia_ext
name 220.5.222.104 andrews_ext
name 220.5.222.105 atlas.xyz.com_ext
name 220.5.222.106 cata_ext
name 220.5.222.99 collab.xyz.com_ext
name 220.5.222.107 facebook_dev_ext
name 220.5.222.100 lfo.xyz.biz_ext
name 220.5.222.109 mingle_ext
name 220.5.222.111 rapReport_dev_ext
name 220.5.222.101 secure.xyz.biz_ext
name 220.5.222.102 www.xyz.com_dev_ext
name 192.168.84.199 backup_test
name 86.10.93.95 cata1
name 87.5.13.226 cata2
name 96.55.137.194 cata5
name 46.223.6.85 cata6
name 09.194.230.62 andrews_remote1
name 192.168.84.211 NAL_build_int
name 192.168.84.89 NAL_sharepoint_int
name 192.168.84.93 iPhone_dev_int
name 192.168.84.92 netflix_skunkworks_dev_int
name 192.168.84.78 win2k_server_IE6 description for IE6 testing
name 220.5.222.108 iPhone_dev_ext
name 192.168.83.115 atoth_macbook_pro description temporary for IE6 testing
name 192.168.83.250 Openfiler description Openfiler SAN File Access
name 192.168.87.0 vpn description VPN network
name 66.1.1.196 xo_dns_2 description XO DNS server 2
name 192.168.84.250 openfiler01_dns_dmz description openfiler01 DNS resolver on .84net DMZ
name 192.168.84.200 PM_staging_DB_server
name 192.168.86.0 vpn_network description wired IPsec VPN
name 220.5.222.115 vmdev_ext
name 192.168.83.40 vmdev_int
name 220.5.222.110 yovidportal_ext description yovid porrtal / router external
name 192.168.84.161 yovidportal_int description yovid portal / router internal
name 220.5.222.113 asterisknow_ext description AsteriskNow / FreePBX VOIP VM external
name 192.168.84.162 asterisknow_int description AsteriskNow / FreePBX VOIP VM
name 68.1.7.196 xo_dns_1
name 72.43.165.29 folioMediaOfficeFirewall1 description PM office firewall
name 192.168.83.34 switchvox1_int description VOIP server
name 220.5.222.114 lifestg1_ext description life staging VM external
name 192.168.84.70 lifestg1_int description life staging VM internal
name 192.168.84.81 vmdmz01_int description vmware host
name 192.168.88.0 Consultants_VPN_IP_Range description Offshore Consultants IP Range
name 220.5.222.116 qphone_ext description qphone external
name 220.5.222.117 FTPserver_ext description PFD FTP Server
name 192.168.84.96 FTPserver_int description PFD FTP server and Switchvox backups
name 71.40.6.4 life_White description tesat access for user
name 220.5.222.118 switchvox1_ext description switchvox voip server
name 98.226.156.222 djoya_home
name 70.183.82.162 switchvox_tech_support description Switchvox technical support
name 220.5.222.112 woprtasker_ext description WOPR and Tasker
name 192.168.84.85 woprtasker_int description WOPR & Tasker
name 216.24.42.112 life_Hawkins description life test access
name 160.79.23.2 life_Gandhi description test access for user
name 220.5.222.119 svnmail_ext description svnmail external for SMTP -temporary
name 192.168.83.234 svnmail_int description PFD subversion server and SMTP relay
name 88.111.222.150 xobot_firewall description xobot PFD firewall
name 67.106.72.171 xoman description XO management server
name 64.208.203.164 stunusa.yovid.com description yovid STUN server for VOIP
name 192.168.85.0 wlan0_network description Wireless LAN on Cisco AiroNet
name 98.100.78.97 floss_Firewall2 description floss gateway
name 220.5.222.121 flossDev_ext description floss dev web server
name 192.168.84.212 flossDev_int description floss dev web server
name 220.5.222.120 flossTest_ext description floss test server
name 192.168.84.226 flossTest_int description floss stress test server
name 76.23.60.105 life_BlakeBishop description user access to test env
name 75.150.249.160 life_TraceyStack description test access for user
name 192.168.84.88 collab3.xyz.com_int description collab3 confluence jira on vmware esxi vm
name 92.17.0.0 pfd_dsl_ext description xyzinder
name 64.61.93.0 voicepulse_SIP_network1 description voicepulse_SIP_network1
name 209.31.18.0 voicepulse_SIP_network2 description voicepulse_SIP_network2
name 67.108.9.160 voicepulse_SIP_network3 description voicepulse_SIP_network3
name 192.168.84.86 woprstaging_int description WOPR staging VM
name 99.140.205.154 djoya_test
name 220.5.222.123 yovidportalalpha_ext description yovid portal for life alpha environment external ip
name 192.168.84.163 yovidportalalpha_int description yovid portal for life alpha environment
name 67.163.14.68 alan_home
name 220.5.222.124 life_alpha_ext description life Alpha App
name 192.168.84.72 life_alpha_int description life Alpha app
name 94.140.0.0 pfd_dsl2_ext description PFA AT&T DSL range 2
name 192.168.84.165 asterisknow2_int description AsteriskNow2 / FreePBX VOIP VM
name 220.5.222.125 asterisknow2_ext description AsteriskNow2 / FreePBX VOIP VM external
!
interface Ethernet0/0
 description Internal 83 Network
 nameif Internal
 security-level 100
 ip address 192.168.83.1 255.255.255.0 
!
interface Ethernet0/1
 description DMZ Interface
 nameif DMZ0
 security-level 50
 ip address 192.168.84.1 255.255.255.0 
!
interface Ethernet0/2
 description Wireless LAN 85 network
 nameif wlan0
 security-level 75
 ip address 192.168.85.1 255.255.255.0 
!
interface Ethernet0/3
 description Internet
 duplex full
 nameif wan0
 security-level 0
 ip address 220.5.222.98 255.255.255.224 
!
interface Management0/0
 description ADSM Interface LAN 192.168.1.X
 nameif management
 security-level 100
 ip address 192.168.1.1 255.255.255.0 
 management-only
!
passwd xxxxxxxxxxxxxxxxx encrypted
ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
dns domain-lookup Internal
dns domain-lookup wlan0
dns domain-lookup wan0
dns server-group DMZ_DNS
 name-server openfiler01_dns_dmz
dns server-group DefaultDNS
 name-server 4.2.2.1
 name-server 4.2.2.2
 domain-name xyz.com
dns server-group openfiler01
 name-server xo_dns_2
 name-server 208.67.222.222
 name-server 4.2.2.1
 name-server xo_dns_1
 domain-name xyz.com
dns-group openfiler01
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group service All_services tcp-udp
 description All services
 port-object range 1 65535
object-group service facebook tcp
 description facebook dev ports
 port-object range 3000 3010
object-group network cata_access
 network-object host cata5
 network-object host cata2
 network-object host cata1
 network-object host cata6
object-group service DM_INLINE_TCP_1 tcp
 group-object facebook
 port-object eq www
object-group service livelinks_flex tcp
 port-object eq 8090
object-group network andrews_remote
 network-object host cata2
 network-object host andrews_remote1
object-group service DM_INLINE_TCP_2 tcp
 port-object eq www
 port-object eq https
object-group service svn tcp
 description subversion
 port-object eq 3690
object-group service Openfiler tcp-udp
 description Openfiler ports 137-139 & 445
 port-object eq 137
 port-object eq 138
 port-object eq 139
object-group protocol TCPUDP
 protocol-object udp
 protocol-object tcp
object-group service iax2 udp
 description iax2 for asterisk VOIP
 port-object eq 4569
object-group network DM_INLINE_NETWORK_1
 network-object host xo_dns_2
 network-object host xo_dns_1
object-group network DM_INLINE_NETWORK_2
 network-object host andrews_int
 network-object host cata_int
 network-object host netflix_skunkworks_dev_int
 network-object host lifestg1_int
 network-object host collab.xyz.com_int
object-group network DM_INLINE_NETWORK_3
 network-object host andrews_int
 network-object host cata_int
 network-object host rapReport_dev_int
 network-object host woprstaging_int
object-group network DM_INLINE_NETWORK_4
 network-object host lfo.xyz.biz_ext
 network-object host secure.xyz.biz_ext
 network-object host www.xyz.com_dev_ext
 network-object host atlas.xyz.com_ext
 network-object host iPhone_dev_ext
 network-object host yovidportal_ext
 network-object host yovidportalalpha_ext
 network-object host life_alpha_ext
object-group network DM_INLINE_NETWORK_5
 network-object host mingle_ext
 network-object host woprtasker_ext
 network-object host collab.xyz.com_ext
 network-object host secure.xyz.biz_ext
object-group service ssh_11411 tcp
 description per maca for rap reporting
 port-object eq 11411
object-group network DM_INLINE_NETWORK_6
 network-object host folioMedia_ext
 network-object host rapReport_dev_ext
object-group service iax2voip udp
 description iax2
 group-object iax2
object-group network DM_INLINE_NETWORK_7
 network-object 0.0.0.0 0.0.0.0
 group-object cata_access
object-group network DM_INLINE_NETWORK_8
 network-object host xo_dns_2
 network-object host xo_dns_1
object-group service DM_INLINE_SERVICE_1
 service-object tcp-udp eq 10000 
 service-object udp range 50000 65535 
 service-object udp eq sip 
 service-object tcp eq 30000 
 service-object tcp eq 45606 
 service-object tcp eq 50000 
 service-object tcp eq 20000 
 service-object tcp eq 3478 
 service-object udp 
object-group service remote_desktop
 service-object tcp eq 3389 
object-group network consultant_vpn
 description consultant 88.X Network
 network-object Consultants_VPN_IP_Range 255.255.255.0
object-group network DM_INLINE_NETWORK_9
 network-object host yovidportal_int
 network-object host asterisknow_int
 network-object host lifestg1_int
object-group service VNC tcp
 description VNC access
 port-object range 5900 5901
object-group service DM_INLINE_SERVICE_4
 service-object tcp eq rtsp 
 service-object tcp-udp range 10000 20000 
 service-object udp range 50000 65535 
 service-object udp eq sip 
object-group service DM_INLINE_SERVICE_5
 service-object tcp eq rtsp 
 service-object tcp-udp range 10000 20000 
 service-object udp range 50000 65535 
 service-object udp eq sip 
object-group network life_testAccessGroup
 description life users access to our test env
 network-object host life_LeslieWhite
 network-object life_KevinHawkins 255.255.255.240
 network-object host life_ChetanGandhi
 network-object host Chetan_Lab
 network-object host life_BlakeBishop
 network-object life_TraceyStack 255.255.255.248
 network-object pfd_dsl_ext 255.255.0.0
 network-object pfd_dsl2_ext 255.255.0.0
object-group service DM_INLINE_UDP_1 udp
 port-object range 10000 10500
 port-object eq sip
object-group service DM_INLINE_SERVICE_6
 service-object tcp eq https 
 service-object tcp eq ssh 
 service-object udp range 10000 10500 
 service-object udp eq sip 
object-group service pptp tcp
 description Point ti Point Tunnel Protocol
 port-object eq pptp
object-group service gre tcp
 description gre
 port-object eq 47
object-group service DM_INLINE_TCP_3 tcp
 port-object eq 8080
 port-object eq www
object-group service DM_INLINE_SERVICE_8
 service-object tcp eq 30000 
 service-object tcp eq 45606 
 service-object tcp eq 50000 
 service-object tcp eq 20000 
 service-object udp 
 service-object tcp eq 10000 
 service-object tcp eq 3478 
object-group network DM_INLINE_NETWORK_12
 network-object host collab.xyz.com_int
 network-object host woprtasker_int
 network-object host woprstaging_int
object-group service Hyperic_2144 tcp
 description Hyperic health check protocol
 port-object eq 2144
object-group service Hyperic_7080 tcp
 description Hyperic
 port-object eq 7080
object-group service remoteDesktop tcp
 description Windows remote desktop
 port-object eq 3389
object-group service stun tcp-udp
 description nat-stun
 port-object eq 3478
object-group network DM_INLINE_NETWORK_13
 network-object host djoya_home
 network-object pfd_dsl_ext 255.255.0.0
object-group protocol DM_INLINE_PROTOCOL_1
 protocol-object ip
 protocol-object udp
object-group service rtp udp
 description RTP for voip voice and video traffic
 port-object range 10000 20000
object-group service vonage_sip_and_rtp tcp-udp
 description Vonage is nuts... seems to require many ports open
 port-object range 5000 31000
object-group network voicepulse_SIP
 description Voicepulse SIP networks
 network-object voicepulse_SIP_network2 255.255.255.0
 network-object voicepulse_SIP_network1 255.255.255.0
 network-object voicepulse_SIP_network3 255.255.255.224
object-group service DM_INLINE_UDP_3 udp
 group-object rtp
 port-object eq sip
object-group service DM_INLINE_UDP_4 udp
 group-object rtp
 port-object eq sip
object-group network change_client_ips
 description allow customer to access the Open Exchange staging site
 network-object host Dog_Ash
 network-object host Jon_Gold
object-group network DM_INLINE_NETWORK_11
 network-object host yovidportal_ext
 network-object host yovidportalalpha_ext
object-group network DM_INLINE_NETWORK_15
 network-object host yovidportal_ext
 network-object host yovidportalalpha_ext
object-group network DM_INLINE_NETWORK_16
 network-object host yovidportal_int
 network-object host yovidportalalpha_int
object-group network DM_INLINE_NETWORK_10
 network-object host lifestg1_ext
 network-object host life_alpha_ext
object-group network DM_INLINE_NETWORK_14
 network-object host asterisknow_ext
 network-object host asterisknow2_ext
object-group network DM_INLINE_NETWORK_17
 network-object host asterisknow_int
 network-object host asterisknow2_int
object-group network DM_INLINE_NETWORK_18
 network-object host asterisknow_int
 network-object host asterisknow2_int
object-group network DM_INLINE_NETWORK_19
 network-object host asterisknow_int
 network-object host asterisknow2_int
access-list wan0_access_in extended permit object-group TCPUDP host alan_home any object-group All_services 
access-list wan0_access_in remark allow wireless LAN access to outside internet
access-list wan0_access_in extended permit object-group DM_INLINE_PROTOCOL_1 wlan0_network 255.255.255.0 any log warnings 
access-list wan0_access_in extended permit object-group TCPUDP any wlan0_network 255.255.255.0 
access-list wan0_access_in extended permit tcp any object-group DM_INLINE_NETWORK_4 eq www log disable 
access-list wan0_access_in remark Public FTP server with secure login (leave this rule disabled until Alan verifies vsftpd security)
access-list wan0_access_in remark Same FTP server also accepts switchvox server backups to /home/switchvoxbackups
access-list wan0_access_in extended permit tcp any host FTPserver_ext eq ssh inactive 
access-list wan0_access_in extended permit tcp object-group DM_INLINE_NETWORK_7 host cata_ext eq www log 
access-list wan0_access_in remark comment
access-list wan0_access_in extended permit tcp any object-group DM_INLINE_NETWORK_5 eq https log warnings 
access-list wan0_access_in remark for asterisk voip server IAX2
access-list wan0_access_in extended permit udp any host qphone_ext object-group iax2 log errors 
access-list wan0_access_in remark for switchvox asterisk-based voip server
access-list wan0_access_in extended permit udp any host switchvox1_int object-group iax2 log warnings 
access-list wan0_access_in remark port 80 is for life,facebookdev1 is 3000-3010
access-list wan0_access_in extended permit tcp any host facebook_dev_ext object-group DM_INLINE_TCP_1 log disable 
access-list wan0_access_in remark i removed livelinks_flex (TCP/8090); not sure what that was for -djoya
access-list wan0_access_in extended permit tcp object-group life_testAccessGroup object-group DM_INLINE_NETWORK_10 object-group DM_INLINE_TCP_3 log disable 
access-list wan0_access_in remark Andrews demo site
access-list wan0_access_in remark Andrews demo site
access-list wan0_access_in remark Andrews demo site
access-list wan0_access_in remark Andrews demo site
access-list wan0_access_in remark Andrews demo site
access-list wan0_access_in remark Andrews demo site
access-list wan0_access_in remark Andrews demo site
access-list wan0_access_in remark Andrews demo site
access-list wan0_access_in remark Andrews demo site
access-list wan0_access_in extended permit tcp object-group andrews_remote host andrews_ext eq www log disable inactive 
access-list wan0_access_in extended permit tcp any object-group DM_INLINE_NETWORK_6 object-group DM_INLINE_TCP_2 log disable 
access-list wan0_access_in extended permit tcp host folioMediaOfficeFirewall1 host folioMedia_ext eq ftp log 
access-list wan0_access_in remark for yovid Portal / Router SIP UDP 5060 from outside world
access-list wan0_access_in remark these ports have been requested by the yovid support staff...
access-list wan0_access_in remark I'm not sure if they are all really needed tcp/3478 is for STUN
access-list wan0_access_in extended permit object-group DM_INLINE_SERVICE_1 any object-group DM_INLINE_NETWORK_11 log warnings 
access-list wan0_access_in remark for yovid staff to debug issue for Ivan
access-list wan0_access_in extended permit tcp any object-group DM_INLINE_NETWORK_15 eq 2222 log warnings 
access-list wan0_access_in remark for life yovid project for testing AsteriskNow VM with Voicepulse
access-list wan0_access_in extended permit udp object-group voicepulse_SIP object-group DM_INLINE_NETWORK_14 object-group DM_INLINE_UDP_4 log errors 
access-list wan0_access_in remark qphone voip
access-list wan0_access_in extended permit object-group DM_INLINE_SERVICE_4 any host qphone_ext log warnings inactive 
access-list wan0_access_in remark for yovid Portal / Router IAX2 access from outside world
access-list wan0_access_in extended permit udp any object-group DM_INLINE_NETWORK_19 object-group iax2 log warnings 
access-list wan0_access_in remark SIP VOIP soft phones can register with PFD switchvox1 server
access-list wan0_access_in remark for people working at home and contractors
access-list wan0_access_in extended permit udp object-group DM_INLINE_NETWORK_13 host switchvox1_ext object-group DM_INLINE_UDP_1 log critical 
access-list wan0_access_in remark SSH access for Switchvox tech support
access-list wan0_access_in extended permit object-group DM_INLINE_SERVICE_6 host switchvox_tech_support host switchvox1_ext log warnings 
access-list wan0_access_in remark allow SMTP connections from PFD servers at XO
access-list wan0_access_in extended permit tcp host xobot_firewall host svnmail_ext eq smtp log warnings 
access-list wan0_access_in extended permit icmp any any 
access-list wan0_access_in remark allow Open Exchange client IPs to access their staging VM port 80
access-list wan0_access_in extended permit tcp object-group change_client_ips host change_ext eq www log warnings 
access-list xyzinder_splitTunnelAcl standard permit 192.168.83.0 255.255.255.0 
access-list xyzinder_splitTunnelAcl standard permit 192.168.84.0 255.255.255.0 
access-list management_nat0_outbound extended permit ip any 192.168.86.2 255.255.255.254 
access-list administrators_splitTunnelAcl standard permit any 
access-list nonat extended permit ip 192.168.83.0 255.255.255.0 vpn_network 255.255.255.0 
access-list nonat extended permit ip 192.168.83.0 255.255.255.0 192.168.84.0 255.255.255.0 
access-list nonat extended permit ip 192.168.83.0 255.255.255.0 Consultants_VPN_IP_Range 255.255.255.0 
access-list nonat extended permit ip host svnmail_int vpn 255.255.255.0 
access-list nonat extended permit ip host svnmail_int Consultants_VPN_IP_Range 255.255.255.0 
access-list nonat extended permit ip host yovidportal_int Consultants_VPN_IP_Range 255.255.255.0 
access-list nonat extended permit ip 192.168.83.0 255.255.255.0 wlan0_network 255.255.255.0 
access-list DMZ0_nat0_outbound extended permit ip 192.168.84.0 255.255.255.0 vpn_network 255.255.255.0 
access-list DMZ0_nat0_outbound extended permit ip 192.168.84.0 255.255.255.0 vpn 255.255.255.0 
access-list DMZ0_nat0_outbound extended permit ip 192.168.84.0 255.255.255.0 Consultants_VPN_IP_Range 255.255.255.0 
access-list Internal_access_in extended permit udp any object-group DM_INLINE_NETWORK_1 eq domain log disable 
access-list Internal_access_in remark qphone voip
access-list Internal_access_in extended permit object-group DM_INLINE_SERVICE_5 any host qphone_int log disable 
access-list Internal_access_in extended permit icmp any 192.168.84.0 255.255.255.0 
access-list Internal_access_in extended permit ip any 192.168.84.0 255.255.255.0 log disable 
access-list Internal_access_in remark DMZ access to subversion on svnmail
access-list Internal_access_in extended permit tcp object-group DM_INLINE_NETWORK_2 host svnmail_int object-group svn log 
access-list Internal_access_in remark DMZ access to smtp on svnmail
access-list Internal_access_in extended permit tcp object-group DM_INLINE_NETWORK_3 host svnmail_int eq smtp log 
access-list Internal_access_in remark atoth testing client apps with IE6
access-list Internal_access_in extended permit tcp host win2k_server_IE6 host atoth_macbook_pro eq www log 
access-list Internal_access_in extended permit icmp 192.168.83.0 255.255.255.0 any 
access-list Internal_access_in extended permit ip any any log disable 
access-list Internal_access_in remark All SSH to restore DB backups from Prod
access-list Internal_access_in extended permit tcp host PM_staging_DB_server host Openfiler eq ssh 
access-list Internal_access_in extended permit tcp object-group consultant_vpn object-group DM_INLINE_NETWORK_9 object-group All_services inactive 
access-list Internal_access_in extended permit tcp object-group consultant_vpn host svnmail_int object-group svn 
access-list Internal_access_in remark Allow consultants VPN access to any .83 device for agile dev.
access-list Internal_access_in extended permit tcp object-group consultant_vpn 192.168.83.0 255.255.255.0 object-group VNC inactive 
access-list Internal_access_in extended permit icmp object-group consultant_vpn 192.168.83.0 255.255.255.0 inactive 
access-list xyzinder_development_splitTunnelAcl standard permit 192.168.84.0 255.255.255.0 
access-list DMZ_in extended permit icmp any any 
access-list DMZ_in remark added by Cisco
access-list DMZ_in extended permit tcp any any eq https 
access-list DMZ_in remark allows http traffic out of the DMZ
access-list DMZ_in extended permit tcp any any eq www log disable 
access-list DMZ_in remark per maca for rapreporting
access-list DMZ_in extended permit tcp host rapReport_dev_int host 68.91.41.160 object-group ssh_11411 log warnings 
access-list DMZ_in remark per maca allow cruisecontrol to send emails
access-list DMZ_in extended permit tcp host rapReport_dev_int any eq smtp log warnings 
access-list DMZ_in remark allow confluence wiki & jira, and WOPR and WOPR staging to send emails
access-list DMZ_in extended permit tcp object-group DM_INLINE_NETWORK_12 any eq smtp log warnings 
access-list DMZ_in remark allow jira subversion commit plugin to contact subversion
access-list DMZ_in extended permit tcp host collab.xyz.com_int host svnmail_int object-group svn log warnings 
access-list DMZ_in remark allow pmruby1 folio Media staging / lfodemo / pmdemo to send emails thru
access-list DMZ_in remark mailer.foliomedia.com 222.222.22.183 which is at XO data center
access-list DMZ_in extended permit tcp host lfo.xyz.biz_int any eq smtp log warnings 
access-list DMZ_in remark allow asterisknow VM to make outbound SIP connections to Voicepulse and to softphones on our LAN
access-list DMZ_in remark for yovid/life project
access-list DMZ_in extended permit udp object-group DM_INLINE_NETWORK_18 object-group voicepulse_SIP object-group DM_INLINE_UDP_3 log errors 
access-list DMZ_in remark For life outbound yovid traffic tcp/3478 is for STUN
access-list DMZ_in extended permit object-group DM_INLINE_SERVICE_8 object-group DM_INLINE_NETWORK_16 any log disable 
access-list DMZ_in remark allow asterisknow VM to make outbound IAX2 connections to nufone, etc for yovid/life project
access-list DMZ_in extended permit udp object-group DM_INLINE_NETWORK_17 any object-group iax2 log warnings 
access-list DMZ_in remark allow vmdmz01 rsync data to xman:/offsite for critical backups
access-list DMZ_in extended permit tcp host vmdmz01_int host xoman eq ssh log warnings 
access-list DMZ_in remark allow servers on DMZ to access XO name servers for DNS if openfiler01 dnsmasq is not available
access-list DMZ_in extended permit udp 192.168.84.0 255.255.255.0 object-group DM_INLINE_NETWORK_8 eq domain log warnings 
access-list DMZ_in remark allow DMZ servers to access external time servers
access-list DMZ_in extended permit udp 192.168.84.0 255.255.255.0 any eq ntp log warnings 
access-list DMZ_in extended permit tcp any any eq ftp-data log disable 
access-list DMZ_in extended permit tcp any any eq ftp 
access-list DMZ_in extended permit object-group remote_desktop any any 
access-list DMZ_in remark allow openfiler01 on DMZ to provide DNS service for wireless clients connected to .85 net
access-list DMZ_in extended permit object-group TCPUDP host openfiler01_dns_dmz wlan0_network 255.255.255.0 eq domain log debugging 
access-list DMZ_in extended permit tcp 192.168.84.0 255.255.255.0 host xoman object-group Hyperic_7080 
access-list DMZ_in extended permit tcp any any object-group Hyperic_2144 
access-list capin extended permit icmp any any 
access-list xyzinder_customer_splitTunnelAcl standard permit 192.168.84.0 255.255.255.0 
access-list consultants_splitTunnelAcl standard permit host svnmail_int 
access-list consultants_splitTunnelAcl standard permit 192.168.83.0 255.255.255.0 
access-list consultants_splitTunnelAcl standard permit host lifestg1_int 
access-list consultants_splitTunnelAcl standard permit host yovidportal_int 
access-list consultants_splitTunnelAcl standard permit host asterisknow_int 
access-list wlan0_access_in remark allow openfiler01 DNS replies to wireless LAN clients
access-list wlan0_access_in extended permit object-group TCPUDP host openfiler01_dns_dmz wlan0_network 255.255.255.0 eq domain log warnings 
access-list wlan0_access_in extended permit object-group TCPUDP any host openfiler01_dns_dmz eq domain log warnings 
access-list DMZ0_nat0_outbound_1 extended permit ip 192.168.84.0 255.255.255.0 wlan0_network 255.255.255.0 
access-list wlan0_nat0_outbound extended permit ip wlan0_network 255.255.255.0 192.168.84.0 255.255.255.0 
access-list wlan0_nat0_outbound extended permit ip wlan0_network 255.255.255.0 220.5.222.96 255.255.255.224 
access-list wan0_nat0_outbound_1 extended permit ip 220.5.222.96 255.255.255.224 wlan0_network 255.255.255.0 
pager lines 24
logging enable
logging buffered warnings
logging asdm warnings
logging recipient-address support@xyz.com level errors
mtu Internal 1500
mtu DMZ0 1500
mtu wlan0 1500
mtu wan0 1500
mtu management 1500
ip local pool IPSec_IP_DMZ_Pool 192.168.87.2-192.168.87.252 mask 255.255.255.0
ip local pool management 192.168.1.2-192.168.1.10 mask 255.255.255.0
ip local pool IPSec_IP_Pool 192.168.86.2-192.168.86.252 mask 255.255.255.0
ip local pool consultants 192.168.88.2-192.168.88.12 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any Internal
asdm image disk0:/asdm-603.bin
no asdm history enable
arp wan0 collab.xyz.com_ext 001d.7066.7f61 alias
arp wan0 lfo.xyz.biz_ext 001d.7066.7f61 alias
arp wan0 www.xyz.com_dev_ext 001d.7066.7f61 alias
arp wan0 secure.xyz.biz_ext 001d.7066.7f61 alias
arp timeout 14400
global (wan0) 1 interface
nat (Internal) 0 access-list nonat
nat (Internal) 1 0.0.0.0 0.0.0.0
nat (DMZ0) 0 access-list DMZ0_nat0_outbound
nat (DMZ0) 0 access-list DMZ0_nat0_outbound_1 outside
nat (DMZ0) 1 0.0.0.0 0.0.0.0
nat (wlan0) 0 access-list wlan0_nat0_outbound
nat (wan0) 0 access-list wan0_nat0_outbound_1 outside
nat (wan0) 1 vpn 255.255.255.0
nat (management) 0 access-list management_nat0_outbound
static (wan0,Internal) udp interface domain Openfiler domain netmask 255.255.255.255 
static (wan0,DMZ0) udp interface domain openfiler01_dns_dmz domain netmask 255.255.255.255 
static (DMZ0,wan0) secure.xyz.biz_ext secure.xyz.biz_int netmask 255.255.255.255 
static (DMZ0,wan0) facebook_dev_ext facebook_dev_int netmask 255.255.255.255 
static (Internal,DMZ0) 192.168.83.0 192.168.83.0 netmask 255.255.255.0 
static (Internal,wan0) vmdev_ext vmdev_int netmask 255.255.255.255 
static (DMZ0,wan0) lifestg1_ext lifestg1_int netmask 255.255.255.255 
static (DMZ0,wan0) andrews_ext andrews_int netmask 255.255.255.255 
static (DMZ0,wan0) collab.xyz.com_ext collab.xyz.com_int netmask 255.255.255.255 
static (DMZ0,wan0) lfo.xyz.biz_ext lfo.xyz.biz_int netmask 255.255.255.255 
static (DMZ0,wan0) atlas.xyz.com_ext atlas.xyz.com_int netmask 255.255.255.255 
static (DMZ0,wan0) cata_ext cata_int netmask 255.255.255.255 
static (DMZ0,wan0) iPhone_dev_ext iPhone_dev_int netmask 255.255.255.255 
static (DMZ0,wan0) folioMedia_ext folioMedia_int netmask 255.255.255.255 
static (DMZ0,wan0) rapReport_dev_ext rapReport_dev_int netmask 255.255.255.255 
static (Internal,wan0) switchvox1_ext switchvox1_int netmask 255.255.255.255 
static (DMZ0,wan0) woprtasker_ext woprtasker_int netmask 255.255.255.255 
static (DMZ0,wan0) www.xyz.com_dev_ext www.xyz.com_dev_int netmask 255.255.255.255 
static (DMZ0,wan0) mingle_ext mingle_int netmask 255.255.255.255 
static (DMZ0,wan0) yovidportal_ext yovidportal_int netmask 255.255.255.255 
static (Internal,wan0) svnmail_ext svnmail_int netmask 255.255.255.255 
static (DMZ0,wan0) yovidportalalpha_ext yovidportalalpha_int netmask 255.255.255.255 
static (DMZ0,wan0) asterisknow_ext asterisknow_int netmask 255.255.255.255 
static (DMZ0,wan0) asterisknow2_ext asterisknow2_int netmask 255.255.255.255 
static (DMZ0,wan0) change_ext change_int netmask 255.255.255.255 
static (DMZ0,wan0) FTPserver_ext FTPserver_int netmask 255.255.255.255 
static (DMZ0,wan0) flossTest_ext flossTest_int netmask 255.255.255.255 
static (DMZ0,wan0) flossDev_int flossDev_ext netmask 255.255.255.255 
static (DMZ0,wan0) life_alpha_ext life_alpha_int netmask 255.255.255.255 
access-group Internal_access_in in interface Internal
access-group DMZ_in in interface DMZ0
access-group wlan0_access_in in interface wlan0
access-group wan0_access_in in interface wan0
route wan0 0.0.0.0 0.0.0.0 220.5.222.97 1
route Internal 192.168.83.0 255.255.255.0 192.168.83.1 1
route DMZ0 192.168.84.0 255.255.255.0 192.168.84.1 1
route wlan0 wlan0_network 255.255.255.0 192.168.85.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa authentication enable console LOCAL 
aaa authentication http console LOCAL 
aaa authentication serial console LOCAL 
aaa authentication ssh console LOCAL 
aaa authentication telnet console LOCAL 
aaa authorization command LOCAL 
aaa authentication secure-http-client
aaa authorization exec authentication-server
http server enable
http djoya_home 255.255.255.255 wan0
http 192.168.83.0 255.255.255.0 Internal
http vpn_network 255.255.255.0 Internal
http vpn_network 255.255.255.0 wan0
http 71.201.199.161 255.255.255.255 wan0
http 192.168.1.0 255.255.255.0 management
http 68.75.55.47 255.255.255.255 wan0
http 75.31.228.142 255.255.255.255 wan0
http 68.75.163.115 255.255.255.255 wan0
http 98.227.183.179 255.255.255.255 wan0
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac 
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac 
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac 
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac 
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac 
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac 
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac 
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac 
crypto ipsec transform-set myset esp-3des esp-md5-hmac 
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac 
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs 
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-256-MD5 ESP-3DES-MD5 ESP-3DES-SHA ESP-AES-256-SHA ESP-DES-SHA ESP-DES-MD5 ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5
crypto map wan0_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map wan0_map interface wan0
crypto map wlan0_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map wlan0_map interface wlan0
crypto ca trustpoint ASDM_TrustPoint0
 enrollment terminal
 fqdn pppfw01.xyz.com
 email support@xyz.com
 subject-name CN=xyzinder Develpment,OU=xyzinder,O=xyzinder,C=US,St=IL,L=Chicago
 keypair pppfw01.xyz.key
 no client-types
 crl configure
crypto ca trustpoint LOCAL-CA-SERVER
 keypair LOCAL-CA-SERVER
 crl configure
crypto ca trustpoint ASDM_TrustPoint1
 enrollment self
 fqdn pppfw01
 subject-name CN=pppfw01
 serial-number
 no client-types
 proxy-ldc-issuer
 crl configure
crypto ca server 
crypto ca certificate map DefaultCertificateMap 10
crypto ca certificate map xyzinder_Cet_SSL_map 20
crypto ca certificate chain LOCAL-CA-SERVER
 certificate ca 01
    
  quit
crypto ca certificate chain ASDM_TrustPoint1
 certificate 31
    
  quit
crypto isakmp identity address 
crypto isakmp enable wlan0
crypto isakmp enable wan0
crypto isakmp policy 5
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto isakmp policy 10
 authentication pre-share
 encryption des
 hash sha
 group 2
 lifetime 86400
crypto isakmp nat-traversal 120
telnet 192.168.83.45 255.255.255.255 Internal
telnet timeout 5
ssh scopy enable
ssh 192.168.83.0 255.255.255.0 Internal
ssh 192.168.0.0 255.255.0.0 Internal
ssh 203.157.75.41 255.255.255.255 wan0
ssh vpn_network 255.255.255.0 wan0
ssh 203.167.75.0 255.255.255.0 wan0
ssh 24.14.226.62 255.255.255.255 wan0
ssh 75.31.228.142 255.255.255.255 wan0
ssh timeout 20
ssh version 2
console timeout 0
management-access Internal
dhcpd dns Openfiler xo_dns_2
dhcpd lease 1200
dhcpd domain xyz.com
dhcpd option 6 ip Openfiler Openfiler
!
dhcpd address 192.168.83.100-192.168.83.171 Internal
dhcpd dns Openfiler interface Internal
dhcpd domain xyz.com interface Internal
dhcpd update dns both interface Internal
dhcpd option 5 ip Openfiler openfiler01_dns_dmz interface Internal
dhcpd enable Internal
!
dhcpd address 192.168.85.2-192.168.85.240 wlan0
dhcpd dns openfiler01_dns_dmz interface wlan0
dhcpd wins 192.168.83.77 interface wlan0
dhcpd update dns both interface wlan0
dhcpd option 3 ip 192.168.85.1 interface wlan0
dhcpd option 6 ip openfiler01_dns_dmz interface wlan0
dhcpd enable wlan0
!
vpn load-balancing 
 interface lbpublic DMZ0
 interface lbprivate DMZ0
priority-queue wan0
threat-detection basic-threat
threat-detection statistics
!
class-map wan0-class
 description RTP VOIP
 match rtp 10000 10000
!
!
policy-map wan0-policy-voip
 description RTP VOIP
 class wan0-class
  priority
policy-map type inspect sip Secure_SIP
 description sip policy for securing traffic flow
 parameters
  max-forwards-validation action drop log
  state-checking action drop-connection log
  software-version action mask log
  strict-header-validation action drop log
  no traffic-non-sip
  uri-non-sip action mask log
  rtp-conformance enforce-payloadtype
!
service-policy wan0-policy-voip interface wan0
ntp server 64.247.17.254 source wan0 prefer
ntp server 64.34.180.101 source wan0
ntp server 64.202.112.75 source wan0
ntp server 69.93.111.178 source wan0
tftp-server Internal 192.168.83.41 /
ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1 rc4-md5 des-sha1
ssl trust-point ASDM_TrustPoint1
ssl certificate-authentication interface wan0 port 443
ssl certificate-authentication interface wlan0 port 443
webvpn
 enable Internal
 enable DMZ0
 enable wlan0
 enable wan0
 svc image disk0:/anyconnect-win-2.2.0140-k9.pkg 1
 svc image disk0:/sslclient-win-1.1.4.176-anyconnect.pkg 2
 svc image disk0:/sslclient-win-1.1.4.176.pkg 3
 svc enable
 tunnel-group-list enable
 internal-password enable
 certificate-group-map xyzinder_Cet_SSL_map 20 xyzinder
group-policy xyzinder_development internal
group-policy xyzinder_development attributes
 dns-server value 192.168.84.77 192.168.84.250
 vpn-tunnel-protocol IPSec svc webvpn
 split-tunnel-policy tunnelall
 default-domain value xyz.com
group-policy xyzinder internal
group-policy xyzinder attributes
 dns-server none
 vpn-idle-timeout 120
 vpn-session-timeout 600
 vpn-tunnel-protocol IPSec svc webvpn
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value xyzinder_splitTunnelAcl
 default-domain value xyz.com
 webvpn
  url-list value PFA_AnyConnect_Bookmark
  svc ask enable
group-policy xyzinder_customer internal
group-policy xyzinder_customer attributes
 wins-server value 192.168.84.77
 dns-server value 192.168.84.77 192.168.84.250
 vpn-tunnel-protocol IPSec svc webvpn
 default-domain value xyz.com
 webvpn
  svc keep-installer none
group-policy xyzinder_split_tunnel internal
group-policy xyzinder_split_tunnel attributes
 dns-server none
 vpn-idle-timeout 120
 vpn-session-timeout 600
 vpn-tunnel-protocol IPSec svc webvpn
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value xyzinder_splitTunnelAcl
 default-domain value xyz.com
 webvpn
  url-list value PFA_AnyConnect_Bookmark
  svc ask enable
group-policy DfltGrpPolicy attributes
 vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
group-policy consultants internal
group-policy consultants attributes
 dns-server none
 vpn-tunnel-protocol IPSec 
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value consultants_splitTunnelAcl
username xxxxxxx password zzzzzzzzzz encrypted
username xxxxxxxxx attributes
 service-type remote-access
username wwwwwww password xxxxxxxxxx encrypted privilege 15
username wwwwwww attributes
 memberof xyzinder
tunnel-group DefaultRAGroup webvpn-attributes
 group-alias customer disable
 group-alias xyz.com disable
tunnel-group xyzinder type remote-access
tunnel-group xyzinder general-attributes
 address-pool (wan0) IPSec_IP_Pool
 address-pool IPSec_IP_Pool
 authentication-server-group (wan0) LOCAL
 authentication-server-group (wlan0) LOCAL
 authorization-server-group LOCAL
 default-group-policy xyzinder
 password-management
tunnel-group xyzinder webvpn-attributes
 group-alias staff.xyz.com enable
tunnel-group xyzinder ipsec-attributes
 pre-shared-key *
tunnel-group xyzinder_customer type remote-access
tunnel-group xyzinder_customer general-attributes
 address-pool IPSec_IP_DMZ_Pool
 authentication-server-group (DMZ0) LOCAL
 authorization-server-group LOCAL
 default-group-policy xyzinder_development
tunnel-group xyzinder_customer webvpn-attributes
 group-alias customer.xyz.com enable
tunnel-group xyzinder_customer ipsec-attributes
 pre-shared-key *
tunnel-group xyzinder_anyconnect type remote-access
tunnel-group xyzinder_anyconnect general-attributes
 address-pool IPSec_IP_Pool
tunnel-group consultants type remote-access
tunnel-group consultants general-attributes
 address-pool consultants
 default-group-policy consultants
tunnel-group consultants ipsec-attributes
 pre-shared-key *
tunnel-group xyzinder_split_tunnel type remote-access
tunnel-group xyzinder_split_tunnel general-attributes
 address-pool (wan0) IPSec_IP_Pool
 address-pool IPSec_IP_Pool
 authentication-server-group (wan0) LOCAL
 authentication-server-group (wlan0) LOCAL
 default-group-policy xyzinder_split_tunnel
 password-management
tunnel-group xyzinder_split_tunnel ipsec-attributes
 pre-shared-key *
smtp-server 228.79.38.134
privilege cmd level 3 mode exec command perfmon
privilege cmd level 3 mode exec command ping
privilege cmd level 3 mode exec command who
privilege cmd level 3 mode exec command logging
privilege cmd level 3 mode exec command failover
privilege show level 5 mode exec command import
privilege show level 5 mode exec command running-config
privilege show level 3 mode exec command reload
privilege show level 3 mode exec command mode
privilege show level 3 mode exec command firewall
privilege show level 3 mode exec command interface
privilege show level 3 mode exec command clock
privilege show level 3 mode exec command dns-hosts
privilege show level 3 mode exec command access-list
privilege show level 3 mode exec command logging
privilege show level 3 mode exec command vlan
privilege show level 3 mode exec command ip
privilege show level 3 mode exec command failover
privilege show level 3 mode exec command asdm
privilege show level 3 mode exec command arp
privilege show level 3 mode exec command route
privilege show level 3 mode exec command ospf
privilege show level 3 mode exec command aaa-server
privilege show level 3 mode exec command aaa
privilege show level 3 mode exec command eigrp
privilege show level 3 mode exec command crypto
privilege show level 3 mode exec command vpn-sessiondb
privilege show level 3 mode exec command ssh
privilege show level 3 mode exec command dhcpd
privilege show level 3 mode exec command vpn
privilege show level 3 mode exec command blocks
privilege show level 3 mode exec command wccp
privilege show level 3 mode exec command webvpn
privilege show level 3 mode exec command uauth
privilege show level 3 mode exec command compression
privilege show level 3 mode configure command interface
privilege show level 3 mode configure command clock
privilege show level 3 mode configure command access-list
privilege show level 3 mode configure command logging
privilege show level 3 mode configure command ip
privilege show level 3 mode configure command failover
privilege show level 5 mode configure command asdm
privilege show level 3 mode configure command arp
privilege show level 3 mode configure command route
privilege show level 3 mode configure command aaa-server
privilege show level 3 mode configure command aaa
privilege show level 3 mode configure command crypto
privilege show level 3 mode configure command ssh
privilege show level 3 mode configure command dhcpd
privilege show level 5 mode configure command privilege
privilege clear level 3 mode exec command dns-hosts
privilege clear level 3 mode exec command logging
privilege clear level 3 mode exec command arp
privilege clear level 3 mode exec command aaa-server
privilege clear level 3 mode exec command crypto
privilege cmd level 3 mode configure command failover
privilege clear level 3 mode configure command logging
privilege clear level 3 mode configure command arp
privilege clear level 3 mode configure command crypto
privilege clear level 3 mode configure command aaa-server
prompt hostname context 
Cryptochecksum:84536e504e4b5cdbc07180eabe335bd1
: end
asdm image disk0:/asdm-603.bin
asdm location secure.xyz.biz_int 255.255.255.255 management
asdm location www.xyz.com_dev_int 255.255.255.255 management
asdm location lfo.xyz.biz_int 255.255.255.255 management
asdm location collab.xyz.com_int 255.255.255.255 management
asdm location qphone_int 255.255.255.255 management
asdm location wopr.xyz.com_int 255.255.255.255 management
asdm location mingle_int 255.255.255.255 management
asdm location facebook_dev_int 255.255.255.255 management
asdm location andrews_int 255.255.255.255 management
asdm location cata_int 255.255.255.255 management
asdm location rapReport_dev_int 255.255.255.255 management
asdm location iPhone_dev_int 255.255.255.255 management
asdm location atlas.xyz.com_int 255.255.255.255 management
asdm location folioMedia_int 255.255.255.255 management
asdm location collab.xyz.com_ext 255.255.255.255 management
asdm location lfo.xyz.biz_ext 255.255.255.255 management
asdm location secure.xyz.biz_ext 255.255.255.255 management
asdm location www.xyz.com_dev_ext 255.255.255.255 management
asdm location folioMedia_ext 255.255.255.255 management
asdm location andrews_ext 255.255.255.255 management
asdm location atlas.xyz.com_ext 255.255.255.255 management
asdm location cata_ext 255.255.255.255 management
asdm location facebook_dev_ext 255.255.255.255 management
asdm location iPhone_dev_ext 255.255.255.255 management
asdm location mingle_ext 255.255.255.255 management
asdm location rapReport_dev_ext 255.255.255.255 management
asdm location woprtasker_ext 255.255.255.255 management
asdm location backup_test 255.255.255.255 management
asdm location lifestg1_ext 255.255.255.255 management
asdm location cata5 255.255.255.255 management
asdm location cata2 255.255.255.255 management
asdm location cata1 255.255.255.255 management
asdm location cata6 255.255.255.255 management
asdm location andrews_remote1 255.255.255.255 management
asdm location NAL_sharepoint_int 255.255.255.255 management
asdm location skunkworks_dev_int 255.255.255.255 management
asdm location NAL_build_int 255.255.255.255 management
asdm location win2k_server_IE6 255.255.255.255 management
asdm location svnmail_int 255.255.255.255 management
asdm location atoth_macbook_pro 255.255.255.255 management
asdm location Openfiler 255.255.255.255 management
asdm location PM_staging_DB_server 255.255.255.255 Internal
asdm location vmdev_int 255.255.255.255 Internal
asdm location vmdev_ext 255.255.255.255 Internal
asdm location yovidportal_int 255.255.255.255 Internal
asdm location yovidportal_ext 255.255.255.255 Internal
asdm location asterisknow_int 255.255.255.255 Internal
asdm location asterisknow_ext 255.255.255.255 Internal
asdm location folioMediaOfficeFirewall1 255.255.255.255 Internal
asdm location switchvox1_int 255.255.255.255 Internal
asdm location lifestg1_int 255.255.255.255 management
asdm location vmdmz01_int 255.255.255.255 Internal
asdm location qphone_ext 255.255.255.255 Internal
asdm location FTPserver_int 255.255.255.255 Internal
asdm location FTPserver_ext 255.255.255.255 Internal
asdm location life_LeslieWhite 255.255.255.255 Internal
asdm location switchvox1_ext 255.255.255.255 Internal
asdm location djoya_home 255.255.255.255 Internal
asdm location switchvox_tech_support 255.255.255.255 Internal
asdm location Alan_in_Australia 255.255.255.255 Internal
asdm location Costa_Rica_external_1 255.255.255.255 Internal
asdm location Karega_int 255.255.255.255 Internal
asdm location flossTest_ext 255.255.255.255 Internal
asdm location woprtasker_int 255.255.255.255 Internal
asdm location life_Hawkins 255.255.255.240 Internal
asdm location svnmail_ext 255.255.255.255 Internal
asdm location xobot_firewall 255.255.255.255 Internal
asdm location flossTest_int 255.255.255.255 Internal
asdm location stunusa.yovid.com 255.255.255.255 Internal
asdm location floss_Firewall2 255.255.255.255 Internal
asdm location flossDev_int 255.255.255.255 Internal
asdm location flossDev_ext 255.255.255.255 Internal
asdm location life_Bishop 255.255.255.255 Internal
asdm location life_Stack 255.255.255.248 Internal
asdm location collab3.xyz.com_int 255.255.255.255 Internal
asdm location pfd_dsl_ext 255.255.0.0 Internal
asdm location woprstaging_int 255.255.255.255 Internal
asdm location change_int 255.255.255.255 Internal
asdm location change_ext 255.255.255.255 Internal
asdm location yovidportalalpha_int 255.255.255.255 Internal
asdm location yovidportalalpha_ext 255.255.255.255 Internal
asdm location life_alpha_int 255.255.255.255 Internal
asdm location life_alpha_ext 255.255.255.255 Internal
asdm location pfd_dsl2_ext 255.255.0.0 Internal
asdm location asterisknow2_int 255.255.255.255 Internal
asdm location asterisknow2_ext 255.255.255.255 Internal
no asdm history enable
