Scribd Logo
Upload

Welcome to Scribd!

  • Sfirewall Config

    Uploaded by

    Prathvi R Singh
    106 views20 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    106 views20 pages

    Sfirewall Config

    Uploaded by

    Prathvi R Singh

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 20

    hostname ABPL-FW

    domain-name guww.net
    enable password admin

    no mac-address auto

    !
    interface GigabitEthernet1/1
    nameif outside
    security-level 0
    ip address 10.76.198.4 255.255.255.240 standby 10.76.198.5

    !
    interface GigabitEthernet1/2
    no nameif
    no security-level
    no ip address
    !
    interface GigabitEthernet1/2.2
    vlan 2
    nameif wired_video
    security-level 100
    ip address 10.76.194.1 255.255.255.240 standby 10.76.194.2
    !
    interface GigabitEthernet1/2.11
    vlan 11
    nameif MGMT
    security-level 100
    ip address 10.76.194.33 255.255.255.224 standby 10.76.194.34

    !
    interface GigabitEthernet1/2.21
    vlan 21
    nameif wireless_corp
    security-level 100
    ip address 10.76.195.1 255.255.255.0 standby 10.76.195.2
    !
    interface GigabitEthernet1/2.24
    vlan 24
    nameif Enrolment
    security-level 50
    ip address 10.76.196.65 255.255.255.192 standby 10.76.196.66

    !
    interface GigabitEthernet1/2.25
    vlan 25
    nameif wireless_diageomobile
    security-level 100
    ip address 10.76.197.1 255.255.255.0 standby 10.76.197.2
    !
    interface GigabitEthernet1/2.51
    vlan 51
    nameif wired_printer
    security-level 100
    ip address 10.76.193.17 255.255.255.240 standby 10.76.193.18

    !
    interface GigabitEthernet1/2.111
    vlan 111
    nameif wired_data
    security-level 100
    ip address 10.76.192.1 255.255.255.128 standby 10.76.192.2
    !
    interface GigabitEthernet1/2.121
    vlan 121
    nameif wired_voice
    security-level 100
    ip address 10.76.192.129 255.255.255.128 standby 10.76.192.130

    !
    interface GigabitEthernet1/3
    no nameif
    no security-level
    no ip address
    !
    interface GigabitEthernet1/3.22
    vlan 22
    nameif guest
    security-level 50
    ip address 10.76.196.1 255.255.255.192 standby 10.76.196.2

    !
    interface GigabitEthernet1/3.61
    vlan 61
    nameif CCTV
    security-level 50
    ip address 10.76.193.129 255.255.255.128 standby 10.76.193.130

    !
    interface GigabitEthernet1/3.62
    vlan 62
    nameif BIO
    security-level 50
    ip address 10.76.194.17 255.255.255.240 standby 10.76.194.18

    !
    interface GigabitEthernet1/3.63
    vlan 63
    nameif Mfg_machine
    security-level 50
    ip address 10.76.194.129 255.255.255.128 standby 10.76.194.130

    !
    interface GigabitEthernet1/7
    description STATE Failover Interface
    shutdown
    !
    interface GigabitEthernet1/8
    description LAN Failover Interface
    shutdown

    ftp mode passive


    clock timezone IST 5 30
    dns server-group DefaultDNS
    domain-name guww.net
    same-security-traffic permit inter-interface

    !
    interface Management1/1
    management-only
    no nameif
    security-level 100
    ip address 10.76.210.33 255.255.255.128

    object network obj_any


    subnet 0.0.0.0 0.0.0.0
    object network Siliguri_printer_10.76.193.16-28
    subnet 10.76.193.16 255.255.255.240

    object network 10.64.0.0_DiageoNetwork


    subnet 10.64.0.0 255.248.0.0

    object network EC_CORP_10.74.240.0


    subnet 10.74.240.0 255.255.255.0

    object-group network Siliguri_Guest_10.76.196.0_26


    network-object 10.76.196.0 255.255.255.192

    object-group network Siliguri_BIO_10.76.194.16_28


    network-object 10.76.194.16 255.255.255.240

    object-group network Siliguri_CCTV_10.76.193.128_25


    network-object 10.76.193.128 255.255.255.128

    object-group network Siliguri_Mfg_10.76.194.64_26


    network-object 10.76.194.128 255.255.255.128

    object-group network Siliguri_mgmt_10.76.194.32_27


    network-object 10.76.194.32 255.255.255.224

    object-group network Siliguri_wired_data_10.76.192.0_25


    network-object 10.76.192.0 255.255.255.128

    object-group network Siliguri_video_10.76.194.0_28


    network-object 10.76.194.0 255.255.255.240

    object-group network Siliguri_corp_10.76.195.0_24


    network-object 10.76.195.0 255.255.255.0

    object-group network Siliguri_byod_10.76.197.0_24


    network-object 10.76.197.0 255.255.255.0

    object-group network Guest_10.76.84.0_26


    network-object 10.76.84.0 255.255.255.192

    object-group network guest_1


    network-object host 10.69.255.135
    network-object host 10.69.255.200
    network-object host 192.77.1.43
    network-object host 192.77.1.149
    network-object host 10.75.19.11
    network-object host 10.73.19.11
    object-group network guest2
    network-object host 10.75.22.21
    network-object host 10.75.22.22
    network-object host 10.73.22.22
    network-object host 172.16.4.160
    network-object host 172.16.3.160

    object-group network DNS_Server


    network-object host 10.106.3.13
    network-object host 10.122.114.12
    network-object host 10.119.66.16
    network-object host 10.215.21.17
    network-object host 10.115.24.13

    object-group network DC_SERVERS


    network-object 10.69.255.128 255.255.255.224
    network-object 172.16.1.240 255.255.255.240
    network-object 172.64.1.64 255.255.255.224
    network-object 172.16.3.0 255.255.255.0
    network-object 172.16.5.0 255.255.255.128
    network-object 172.16.5.0 255.255.255.0
    network-object 172.16.7.0 255.255.255.0
    network-object 172.16.9.0 255.255.255.0
    network-object 172.17.1.0 255.255.255.0
    network-object 172.18.1.0 255.255.255.0
    network-object 172.18.3.0 255.255.255.0
    network-object 172.18.5.0 255.255.255.0
    network-object 172.18.7.0 255.255.255.0
    network-object 172.18.9.0 255.255.255.0
    network-object 192.77.1.0 255.255.255.224
    network-object 192.77.1.128 255.255.255.192
    network-object 192.77.1.64 255.255.255.192

    object-group network DR_SERVERS


    network-object 10.69.225.192 255.255.255.224
    network-object 172.16.2.240 255.255.255.240
    network-object 172.16.4.0 255.255.255.0
    network-object 172.16.10.0 255.255.255.0
    network-object 172.16.2.0 255.255.255.0
    network-object 172.16.6.0 255.255.255.0
    network-object 172.16.8.0 255.255.255.0
    network-object 192.77.1.32 255.255.255.224

    object-group network NOC_monitoring


    network-object host 172.18.1.97
    network-object host 172.18.1.190
    network-object host 10.73.24.21
    network-object host 172.18.1.89
    network-object host 172.18.1.189
    network-object host 10.75.26.76
    network-object host 10.75.20.21
    network-object object EC_CORP_10.74.240.0

    object-group network NOC_monitoring_ISE


    network-object host 10.75.22.21
    network-object host 10.75.22.22
    network-object host 10.73.22.21
    network-object host 172.16.3.160
    network-object host 172.16.4.160

    object-group network Diageo_HTTP


    network-object host 10.114.88.241
    network-object host 10.114.150.48
    network-object host 10.114.88.231
    network-object host 10.114.88.169
    network-object host 10.114.30.241
    network-object host 10.114.30.242

    object-group network Diageo_micro_stratergy


    network-object host 10.114.41.75
    network-object host 10.114.42.75
    network-object host 10.114.42.43
    network-object host 10.114.41.43
    network-object host 10.114.41.32
    network-object host 10.114.42.32

    object-group network Tetrapack-Destination-IPs


    network-object host 151.183.1.15
    network-object host 151.183.1.16
    network-object object Host_151.183.16.35
    network-object object Host_151.183.18.35
    network-object object Host_151.183.34.39
    network-object object Host_151.183.34.40
    network-object object Host_180.167.4.151
    network-object object Host_180.167.4.152

    !!!!!!!!
    !!!!!!!!
    !!!!!!!!

    object-group service AD_PORTS_GRC tcp-udp


    port-object eq 5722
    port-object eq 9389
    port-object eq 67
    port-object eq domain
    port-object eq www
    port-object eq 88
    port-object eq 389
    port-object eq 3268
    port-object eq 636
    port-object eq 3269
    port-object eq 445
    port-object eq 138
    port-object eq 137
    port-object eq 139
    port-object eq 123
    port-object eq 25
    port-object eq 49953
    port-object range 49150 49160
    port-object eq 464
    port-object eq 2535

    object-group service port1 tcp-udp


    port-object range 1812 1813
    port-object eq 8843

    object-group service port2 tcp-udp


    port-object eq domain
    port-object eq 88
    port-object eq 464
    port-object eq kerberos
    port-object eq 137
    port-object eq 138
    port-object eq 139
    port-object eq 135
    port-object eq 389
    port-object eq 636
    port-object eq 3268
    port-object eq 1433
    port-object range 49150 49160

    object-group service port3 tcp-udp


    port-object eq 9100
    port-object eq 161
    port-object eq 443
    port-object eq 5500
    port-object eq www
    port-object eq 445
    port-object eq 135
    port-object eq 49156

    object-group service port4 tcp


    port-object eq www
    port-object eq 82
    port-object eq 445
    port-object eq 85
    port-object eq 1433
    port-object eq https

    object-group service Quest-Ports tcp-udp


    port-object eq domain
    port-object eq 88
    port-object range 135 139
    port-object eq 389
    port-object eq 445
    port-object eq 636
    port-object range 1024 65535
    port-object eq 3268
    port-object eq 3269

    object-group service port5 tcp


    port-object eq https
    port-object eq 8080
    port-object eq 900
    port-object eq www
    port-object eq 3333

    object-group service port6 tcp


    port-object range 1128 1129
    port-object range 3000 3999
    port-object range 50000 51000
    port-object range 21212 21213
    port-object eq 8100
    port-object eq 44444

    object-group service port7 tcp-udp


    port-object eq 67
    port-object eq 69
    port-object eq 4011
    port-object eq 445
    port-object eq 389
    port-object eq domain
    port-object eq 1433
    port-object range 135 139

    object-group service port8 tcp-udp


    port-object eq 161
    port-object eq 443
    port-object eq 162
    port-object eq 9100
    port-object eq 7627

    object-group service port9 tcp-udp


    port-object range 21000 21512
    port-object range 16384 32767
    port-object range sip 5061

    object-group service AD-Allow-TCP tcp-udp


    port-object eq www
    port-object eq 88
    port-object eq 123
    port-object range 135 139
    port-object eq 389
    port-object eq 443
    port-object eq 445
    port-object eq 464
    port-object eq 3268
    port-object eq 9389
    port-object eq 39999
    port-object range 49150 49160

    object-group service Secure_Print tcp-udp


    port-object eq 9100
    port-object eq 443
    port-object eq www
    port-object eq 445
    port-object eq 135
    port-object eq 49156
    port-object eq 631
    port-object eq 515
    port-object eq 7515
    port-object eq 7627
    port-object eq 162
    port-object eq 5500
    port-object eq 161
    port-object eq 110
    port-object range 135 139
    port-object eq 142
    port-object eq 1433
    port-object eq 2000
    port-object eq 2001
    port-object eq 25
    port-object eq 389
    port-object eq 3910
    port-object eq 3911
    port-object eq 50080
    port-object eq 50101
    port-object eq 50102
    port-object eq 5600
    port-object eq 5601
    port-object eq 5700
    port-object eq 587
    port-object eq 5984
    port-object eq 636
    port-object eq 7501
    port-object eq 8081
    port-object eq 993
    port-object eq 995

    object-group service SSCM tcp-udp


    port-object eq 445
    port-object range 135 139
    port-object eq 389
    port-object eq domain
    port-object eq 1433
    port-object eq 67
    port-object eq 69
    port-object eq 4011

    object-group service spsrvdevapp tcp


    port-object eq www
    port-object eq 2222
    port-object eq 4307
    port-object eq 4308
    port-object eq 4466
    port-object eq 5307
    port-object eq 6334
    port-object eq 6677
    port-object eq 7777
    port-object eq 7779
    port-object eq 8647
    port-object eq 8877
    port-object eq 9292
    port-object eq 9494
    port-object eq 9876
    port-object eq 9999
    port-object eq 12345
    port-object eq 16216
    port-object eq 19225
    port-object eq 22372

    object-group service port10 tcp-udp


    port-object eq www
    port-object eq 443
    port-object range 1433 1434

    object-group service DM_INLINE_SERVICE_1


    service-object tcp-udp destination eq www
    service-object tcp destination eq https

    object-group service DM_INLINE_SERVICE_2


    service-object tcp destination eq www
    service-object tcp destination eq https
    service-object udp destination eq domain

    object-group service CCTV_TCP_Service tcp


    description: CCTV_TCP_Service
    port-object eq 1024
    port-object eq 8000
    port-object eq 8080
    port-object eq www
    port-object eq https
    port-object eq rtsp

    object-group protocol TCPUDP


    protocol-object udp
    protocol-object tcp

    object-group service DM_INLINE_TCP_1 tcp


    port-object eq www
    port-object eq https

    object-group network DM_INLINE_NETWORK_1


    group-object guest2
    group-object guest_1

    object-group service DM_INLINE_TCP_3 tcp


    port-object eq www
    port-object eq https

    object-group service DM_INLINE_TCP_2 tcp


    port-object eq www
    port-object eq https

    object-group protocol DM_INLINE_PROTOCOL_1


    protocol-object udp
    protocol-object tcp

    access-list BIO remark - Access control device


    access-list BIO extended permit tcp object-group Siliguri_BIO_10.76.194.16_28
    172.18.1.194 255.255.255.254 eq www
    access-list BIO extended permit tcp object-group Siliguri_BIO_10.76.194.16_28
    172.18.1.194 255.255.255.254 eq https
    access-list BIO remark - Server access
    access-list BIO extended permit tcp object-group Siliguri_BIO_10.76.194.16_28
    object-group DC_SERVERS
    access-list BIO extended permit tcp object-group Siliguri_BIO_10.76.194.16_28
    object-group DR_SERVERS
    access-list CCTV remark - DNS
    access-list CCTV extended permit object-group TCPUDP object-group
    Siliguri_CCTV_10.76.193.128/25 host 10.69.255.200 object-group port2
    access-list CCTV extended permit object-group TCPUDP object-group
    Siliguri_CCTV_10.76.193.128/25 host 10.69.255.135 object-group port2
    access-list CCTV remark - Server access
    access-list CCTV extended permit tcp object-group Siliguri_CCTV_10.76.193.128/25
    object-group DC_SERVERS
    access-list CCTV extended permit tcp object-group Siliguri_CCTV_10.76.193.128/25
    object-group DR_SERVERS
    access-list CCTV remark - Okta access_DNS
    access-list CCTV extended permit tcp object-group Siliguri_CCTV_10.76.193.128/25
    52.0.0.0 252.0.0.0 eq domain
    access-list CCTV extended permit udp object-group Siliguri_CCTV_10.76.193.128/25
    52.0.0.0 252.0.0.0 eq domain
    access-list CCTV remark - DNS
    access-list CCTV extended permit udp object-group Siliguri_CCTV_10.76.193.128/25
    any eq domain
    access-list CCTV remark - ICMP Allow
    access-list CCTV extended permit icmp object-group Siliguri_CCTV_10.76.193.128/25
    any
    access-list guest remark - Guest Portal access
    access-list guest extended permit tcp object-group Siliguri_Guest_10.76.196.0/26
    object-group guest2 eq 8443
    access-list guest remark - Internet Access
    access-list guest extended permit tcp object-group Siliguri_Guest_10.76.196.0/26
    any eq www
    access-list guest remark - Okta access
    access-list guest extended permit tcp object-group Siliguri_Guest_10.76.196.0/26
    52.0.0.0 252.0.0.0
    access-list guest remark - Proxy Zscaler Access
    access-list guest extended permit tcp object-group Siliguri_Guest_10.76.196.0/26
    host 165.225.104.36 eq 9400
    access-list guest extended permit tcp object-group Siliguri_Guest_10.76.196.0/26
    host 165.225.106.36 eq 9400
    access-list MGMT remark - WLC access for APs
    access-list MGMT extended permit ip object-group Siliguri_mgmt_10.76.194.32/27 host
    10.73.254.251
    access-list MGMT extended permit ip object-group Siliguri_mgmt_10.76.194.32/27 host
    10.75.22.200
    access-list MGMT remark - NTP
    access-list MGMT extended permit udp object-group Siliguri_mgmt_10.76.194.32/27
    host 192.77.1.149 eq ntp

    access-list MGMT remark - Monitoring


    access-list MGMT extended permit udp object-group Siliguri_mgmt_10.76.194.32/27
    object-group NOC_monitoring
    access-list MGMT remark - ISE
    access-list MGMT extended permit udp object-group Siliguri_mgmt_10.76.194.32/27
    object-group NOC_monitoring_ISE eq 1812
    access-list MGMT extended permit udp object-group Siliguri_mgmt_10.76.194.32/27
    object-group NOC_monitoring_ISE eq 1813
    access-list MGMT remark - DNS
    access-list MGMT extended permit object-group TCPUDP object-group
    Siliguri_mgmt_10.76.194.32/27 host 10.69.255.200 object-group port2
    access-list MGMT extended permit object-group TCPUDP object-group
    Siliguri_mgmt_10.76.194.32/27 host 10.69.255.135 object-group port2
    access-list MGMT remark - VPN ANY connect
    access-list MGMT extended permit icmp object-group Siliguri_mgmt_10.76.194.32/27
    10.73.0.0 255.255.0.0
    access-list MGMT extended permit icmp object-group Siliguri_mgmt_10.76.194.32/27
    10.75.0.0 255.255.0.0
    access-list MGMT remark - ELK
    access-list MGMT extended permit udp object-group Siliguri_mgmt_10.76.194.32/27
    host 10.75.20.24 eq 2514
    access-list MGMT remark - Server access
    access-list MGMT extended permit object-group TCPUDP object-group
    Siliguri_mgmt_10.76.194.32/27 object-group DC_SERVERS
    access-list MGMT extended permit object-group TCPUDP object-group
    Siliguri_mgmt_10.76.194.32/27 object-group DR_SERVERS
    access-list MGMT remark - ICMP Allow
    access-list MGMT extended permit icmp object-group Siliguri_mgmt_10.76.194.32/27
    any
    access-list outside remark - Sourcefire
    access-list outside extended permit ip host 10.75.22.90 object-group
    Siliguri_mgmt_10.76.194.32/27
    access-list outside remark - Management access
    access-list outside extended permit tcp object-group NOC_monitoring object-group
    Siliguri_mgmt_10.76.194.32/27 eq www
    access-list outside extended permit tcp object-group NOC_monitoring object-group
    Siliguri_mgmt_10.76.194.32/27 eq https
    access-list outside extended permit tcp object-group NOC_monitoring object-group
    Siliguri_mgmt_10.76.194.32/27 range ssh telnet
    access-list outside remark - SNMP
    access-list outside extended permit udp object-group NOC_monitoring object-group
    Siliguri_mgmt_10.76.194.32/27 eq snmp
    access-list outside extended permit udp object-group NOC_monitoring object-group
    Siliguri_mgmt_10.76.194.32/27 eq snmptrap
    access-list outside remark - ICMP Allow
    access-list outside extended permit icmp object-group NOC_monitoring object-group
    Siliguri_mgmt_10.76.194.32/27
    access-list outside remark - CCTV
    access-list outside extended permit tcp any object-group
    Siliguri_CCTV_10.76.193.128/25 object-group CCTV_TCP_Service
    access-list outside remark - DHCP
    access-list outside extended permit udp host 192.77.1.165 object-group
    Siliguri_subnet_10.76.192.0/21 range bootps bootpc

    access-list outside extended permit udp host 192.77.1.57 object-group


    Siliguri_subnet_10.76.192.0/21 range bootps bootpc
    access-list outside extended permit tcp 10.0.0.0 255.0.0.0 object-group
    Siliguri_video_10.76.194.0/28
    access-list outside remark - Printer access from Secure print
    access-list outside extended permit tcp host 10.75.45.23 object-group
    Siliguri_printer_10.76.193.16/28
    access-list outside remark - AD
    access-list outside extended permit tcp host 10.75.19.11 object-group
    Siliguri_subnet_10.76.192.0/21 object-group AD_PORTS_GRC
    access-list outside extended permit tcp host 10.73.19.11 object-group
    Siliguri_subnet_10.76.192.0/21 object-group AD_PORTS_GRC
    access-list outside extended permit object-group TCPUDP object-group DC_SERVERS
    object-group Siliguri_subnet_10.76.192.0/21
    access-list outside remark - Printer access
    access-list outside extended permit tcp any object-group
    Siliguri_printer_10.76.193.16/28 eq www
    access-list outside extended permit tcp any object-group
    Siliguri_printer_10.76.193.16/28 eq https
    access-list outside remark - ICMP Allow
    access-list outside extended permit icmp 10.64.0.0 255.240.0.0 object-group
    Siliguri_subnet_10.76.192.0/21

    access-list wired_data remark - Zscaler traffic


    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.106.0 255.255.255.0 eq 10085
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.104.0 255.255.255.0 eq 10085
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.106.0 255.255.255.0 eq https
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.104.0 255.255.255.0 eq https
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.106.0 255.255.255.0 eq www
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.104.0 255.255.255.0 eq www
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.106.0 255.255.255.0 eq 9400
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.104.0 255.255.255.0 eq 9400
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.106.0 255.255.255.0 eq 9443
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.104.0 255.255.255.0 eq 9443
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.106.0 255.255.255.0 eq 9480
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 165.225.104.0 255.255.255.0 eq 9480
    access-list wired_data remark - Printer access
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 object-group Siliguri_printer_10.76.193.16_28 eq
    9100
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 object-group Siliguri_printer_10.76.193.16_28 eq
    161

    access-list wired_data remark - SCCM, Intune


    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 172.18.1.116 range 8530 8531
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 172.18.1.116 eq www
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 172.18.1.116 eq https
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 172.18.2.34 range 8530 8531
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 172.18.2.34 eq www
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 172.18.2.34 eq https
    access-list wired_data remark - Secure print
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.75.45.23 object-group Secure_Print
    access-list wired_data remark - AD-Allow-TCP
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.73.19.11 object-group AD-Allow-TCP
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.75.19.11 object-group AD-Allow-TCP
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.69.255.200 object-group AD-Allow-TCP
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.69.255.135 object-group AD-Allow-TCP
    access-list wired_data remark - Nexthink access
    access-list wired_data extended permit udp object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.102.224.62 eq 999
    access-list wired_data extended permit udp object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.102.224.63 eq 999
    access-list wired_data extended permit udp object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.102.224.64 eq 999
    access-list wired_data extended permit udp object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.102.224.65 eq 999
    access-list wired_data extended permit udp object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.102.224.66 eq 999
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.102.224.62 eq 8443
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.102.224.63 eq 8443
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.102.224.64 eq 8443
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.102.224.65 eq 8443
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.102.224.66 eq 8443
    access-list wired_data remark - Secure print
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 host 172.18.1.142 object-group port3
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 host 172.18.1.143 object-group port3
    access-list wired_data remark - SAP
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 172.18.5.74 eq 44380
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 172.18.5.74 range 3200 3699
    access-list wired_data remark - AD
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.69.255.135 object-group port2
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 host 10.69.255.200 object-group port2
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 host 192.77.1.43 object-group port2
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 host 192.77.1.143 object-group port2
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 host 192.77.1.149 object-group port2
    access-list wired_data remark - Server access
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 object-group DC_SERVERS
    access-list wired_data extended permit object-group TCPUDP object-group
    Siliguri_wired_data_10.76.192.0_25 object-group DR_SERVERS
    access-list wired_data remark - Okta access
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 52.0.0.0 252.0.0.0
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 host 13.74.177.180
    access-list wired_data remark - ICMP Allow
    access-list wired_data extended permit icmp object-group
    Siliguri_wired_data_10.76.192.0_25 any
    access-list wired_data remark - Internet Access
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 any eq https
    access-list wired_data extended permit tcp object-group
    Siliguri_wired_data_10.76.192.0_25 any eq www

    access-list wired_printer remark - SMTP server access


    access-list wired_printer extended permit tcp object-group
    Siliguri_printer_10.76.193.16_28 host 10.75.26.25 eq smtp
    access-list wired_printer remark - AD
    access-list wired_printer extended permit object-group TCPUDP object-group
    Siliguri_printer_10.76.193.16_28 host 10.69.255.135 object-group port2
    access-list wired_printer extended permit object-group TCPUDP object-group
    Siliguri_printer_10.76.193.16_28 host 10.69.255.200 object-group port2
    access-list wired_printer extended permit object-group TCPUDP object-group
    Siliguri_printer_10.76.193.16_28 host 192.77.1.43 object-group port2
    access-list wired_printer extended permit object-group TCPUDP object-group
    Siliguri_printer_10.76.193.16_28 host 192.77.1.143 object-group port2
    access-list wired_printer remark - Server access
    access-list wired_printer extended permit object-group TCPUDP object-group
    Siliguri_printer_10.76.193.16_28 object-group DC_SERVERS
    access-list wired_printer extended permit object-group TCPUDP object-group
    Siliguri_printer_10.76.193.16_28 object-group DR_SERVERS
    access-list wired_printer remark - ICMP Allow
    access-list wired_printer extended permit icmp object-group
    Siliguri_printer_10.76.193.16_28 any
    access-list wired_printer extended permit object-group TCPUDP object-group
    Siliguri_printer_10.76.193.16_28 any object-group Secure_Print
    access-list wired_video remark - DNS
    access-list wired_video extended permit udp object-group
    Siliguri_video_10.76.194.0_28 object-group DNS_Server eq domain
    access-list wired_video remark - AD
    access-list wired_video extended permit udp object-group
    Siliguri_video_10.76.194.0_28 host 10.69.255.135 object-group port2
    access-list wired_video extended permit udp object-group
    Siliguri_video_10.76.194.0_28 host 10.69.255.200 object-group port2
    access-list wired_video remark - Server access
    access-list wired_video extended permit object-group TCPUDP object-group
    Siliguri_video_10.76.194.0_28 object-group DC_SERVERS
    access-list wired_video extended permit object-group TCPUDP object-group
    Siliguri_video_10.76.194.0_28 object-group DR_SERVERS
    access-list wired_video remark - Okta access
    access-list wired_video extended permit object-group TCPUDP object-group
    Siliguri_video_10.76.194.0_28 52.0.0.0 252.0.0.0
    access-list wired_video remark - ICMP Allow
    access-list wired_video extended permit icmp object-group
    Siliguri_video_10.76.194.0_28 any
    access-list wired_video extended permit udp object-group
    Siliguri_video_10.76.194.0_28 any
    access-list wired_video extended permit object-group TCPUDP object-group
    Siliguri_video_10.76.194.0_28 10.0.0.0 255.0.0.0
    access-list wired_video extended permit tcp object-group
    Siliguri_video_10.76.194.0_28 any
    access-list wireless_corp remark - Zscaler traffic
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.106.0 255.255.255.0 eq 10085
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.104.0 255.255.255.0 eq 10085
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.106.0 255.255.255.0 eq https
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.104.0 255.255.255.0 eq https
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.106.0 255.255.255.0 eq www
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.104.0 255.255.255.0 eq www
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.106.0 255.255.255.0 eq 9400
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.104.0 255.255.255.0 eq 9400
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.106.0 255.255.255.0 eq 9443
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.104.0 255.255.255.0 eq 9443
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.106.0 255.255.255.0 eq 9480
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 165.225.104.0 255.255.255.0 eq 9480
    access-list wireless_corp remark - Printer access
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 object-group Siliguri_printer_10.76.193.16_28 eq 9100
    access-list wireless_corp extended permit udp object-group
    Siliguri_corp_10.76.195.0_24 object-group Siliguri_printer_10.76.193.16_28 eq snmp
    access-list wireless_corp extended permit ip object-group
    Siliguri_corp_10.76.195.0_24 object-group Siliguri_printer_10.76.193.16_28
    access-list wireless_corp remark - Diageo HTTP
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 object-group Diageo_HTTP eq www
    access-list wireless_corp remark - SCCM Intune
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 172.18.1.116 range 8530 8531
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 172.18.1.116 eq www
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 172.18.1.116 eq https
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 172.18.2.34 range 8530 8531
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 172.18.2.34 eq www
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 172.18.2.34 eq https
    access-list wireless_corp remark - Sharepoint
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 172.75.26.50 eq https
    access-list wireless_corp remark - Secure print
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 10.75.45.23 object-group Secure_Print
    access-list wireless_corp remark - AD-Allow-TCP
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 host 10.73.19.11 object-group AD-Allow-TCP
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 host 10.75.19.11 object-group AD-Allow-TCP
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 host 10.69.255.200 object-group AD-Allow-TCP
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 host 10.69.255.135 object-group AD-Allow-TCP
    access-list wireless_corp remark - Nexthink access
    access-list wireless_corp extended permit udp object-group
    Siliguri_corp_10.76.195.0_24 host 10.102.224.62 eq 999
    access-list wireless_corp extended permit udp object-group
    Siliguri_corp_10.76.195.0_24 host 10.102.224.63 eq 999
    access-list wireless_corp extended permit udp object-group
    Siliguri_corp_10.76.195.0_24 host 10.102.224.64 eq 999
    access-list wireless_corp extended permit udp object-group
    Siliguri_corp_10.76.195.0_24 host 10.102.224.65 eq 999
    access-list wireless_corp extended permit udp object-group
    Siliguri_corp_10.76.195.0_24 host 10.102.224.66 eq 999
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 10.102.224.62 eq 8443
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 10.102.224.63 eq 8443
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 10.102.224.64 eq 8443
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 10.102.224.65 eq 8443
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 10.102.224.66 eq 8443
    access-list wireless_corp remark - Secure print
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 host 172.18.1.142 object-group port3
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 host 172.18.1.143 object-group port3
    access-list wireless_corp remark - SAP
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 172.18.5.74 eq 44380
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 host 172.18.5.74 range 3200 3699
    access-list wireless_corp remark - AD
    access-list wireless_corp extended permit UDP object-group
    Siliguri_corp_10.76.195.0_24 host 10.69.255.135 object-group port2
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 host 10.69.255.200 object-group port2
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 host 192.77.1.43 object-group port2
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 host 192.77.1.143 object-group port2
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 host 192.77.1.149 object-group port2
    access-list wireless_corp remark - Server access
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 object-group DC_SERVERS
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 object-group DR_SERVERS
    access-list wireless_corp remark - Okta access
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 52.0.0.0 252.0.0.0
    access-list wireless_corp extended permit object-group TCPUDP object-group
    Siliguri_corp_10.76.195.0_24 host 13.74.177.180
    access-list wireless_corp remark - ICMP Allow
    access-list wireless_corp extended permit icmp object-group
    Siliguri_corp_10.76.195.0_24 any
    access-list wireless_corp remark - Internet Access
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 any eq https
    access-list wireless_corp extended permit tcp object-group
    Siliguri_corp_10.76.195.0_24 any eq www
    access-list wireless_corp extended permit ip object-group
    Siliguri_corp_10.76.195.0_24 any
    access-list wireless_diageomobile remark - SCCM, Intune
    access-list wireless_diageomobile extended permit tcp object-group
    Siliguri_byod_10.76.197.0_24 any eq www
    access-list wireless_diageomobile extended permit tcp object-group
    Siliguri_byod_10.76.197.0_24 any eq https
    access-list wireless_diageomobile remark - AD
    access-list wireless_diageomobile extended permit object-group TCPUDP object-group
    Siliguri_byod_10.76.197.0_24 host 10.69.255.135 object-group port2
    access-list wireless_diageomobile extended permit object-group TCPUDP object-group
    Siliguri_byod_10.76.197.0_24 host 10.69.255.200 object-group port2
    access-list wireless_diageomobile extended permit object-group TCPUDP object-group
    Siliguri_byod_10.76.197.0_24 host 192.77.1.149 object-group port2
    access-list wireless_diageomobile extended permit object-group TCPUDP object-group
    Siliguri_byod_10.76.197.0_24 host 192.77.1.43 object-group port2
    access-list wireless_diageomobile remark - Server Access
    access-list wireless_diageomobile extended permit tcp object-group
    Siliguri_byod_10.76.197.0_24 object-group DC_SERVERS
    access-list wireless_diageomobile extended permit tcp object-group
    Siliguri_byod_10.76.197.0_24 object-group DR_SERVERS
    access-list wireless_diageomobile remark - Okta access
    access-list wireless_diageomobile extended permit object-group TCPUDP object-group
    Siliguri_byod_10.76.197.0_24 52.0.0.0 252.0.0.0
    access-list wireless_diageomobile remark - ICMP Allow
    access-list wireless_diageomobile extended permit icmp object-group
    Siliguri_byod_10.76.197.0_24 any
    access-list wireless_diageomobile extended permit ip object-group
    Siliguri_byod_10.76.197.0_24 object-group Siliguri_subnet_10.76.192.0_21
    access-list wireless_diageomobile remark - Internet Access
    access-list wireless_diageomobile extended permit ip object-group
    Siliguri_byod_10.76.197.0_24 any

    access-list SFR extended permit ip any any


    access-list inside_in remark this is a remark for the rule on line 5
    access-list inside_in remark this is a remark for the rule on line 5
    pager lines 24
    logging enable
    logging standby
    logging buffered debugging
    logging trap notifications
    logging asdm debugging
    logging permit-hostdown
    mtu outside 1500
    mtu wired_video 1500
    mtu MGMT 1500
    mtu wireless_corp 1500
    mtu Enrolment 1500
    mtu wireless_diageomobile 1500
    mtu wired_printer 1500
    mtu wired_data 1500
    mtu wired_voice 1500
    mtu guest 1500
    mtu CCTV 1500
    mtu BIO 1500
    mtu Mfg_machine 1500
    no failover
    no failover wait-disable
    no monitor-interface outside
    no monitor-interface wired_video
    no monitor-interface MGMT
    no monitor-interface wireless_corp
    no monitor-interface Enrolment
    no monitor-interface wireless_diageomobile
    no monitor-interface wired_printer
    no monitor-interface wired_data
    no monitor-interface wired_voice
    no monitor-interface guest
    no monitor-interface CCTV
    no monitor-interface BIO
    no monitor-interface Mfg_machine
    no monitor-interface service-module
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    no arp permit-nonconnected
    arp rate-limit 16384
    access-group outside in interface outside
    access-group wired_video in interface wired_video
    access-group MGMT in interface MGMT
    access-group wireless_corp in interface wireless_corp
    access-group wireless_diageomobile in interface wireless_diageomobile
    access-group wired_printer in interface wired_printer
    access-group wired_data in interface wired_data
    access-group guest in interface guest
    access-group CCTV in interface CCTV
    access-group BIO in interface BIO
    route outside 0.0.0.0 0.0.0.0 10.76.198.1
    timeout xlate 3:00:00
    timeout pat-xlate 0:00:30
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    timeout conn-holddown 0:00:15
    timeout igp stale-route 0:01:10
    aaa-server WINDOWS_RADIUS protocol radius
    aaa-server WINDOWS_RADIUS (outside) host 192.77.1.165
    key *****
    aaa-server WINDOWS_RADIUS (outside) host 192.77.1.57
    key *****
    user-identity default-domain LOCAL
    aaa authentication enable console WINDOWS_RADIUS LOCAL
    aaa authentication http console WINDOWS_RADIUS LOCAL
    aaa authentication serial console WINDOWS_RADIUS LOCAL
    aaa authentication ssh console WINDOWS_RADIUS LOCAL
    aaa authentication telnet console WINDOWS_RADIUS LOCAL
    aaa local authentication attempts max-fail 3
    aaa authentication login-history
    http server enable
    http 172.18.1.97 255.255.255.255 outside
    http 10.73.24.21 255.255.255.255 outside
    snmp-server group DinSNMPv3users v3 auth
    snmp-server group TestSNMPv3Group v3 priv
    snmp-server location Globus-Kolkata
    snmp-server contact Firewallolkata
    snmp-server community *****
    snmp-server enable traps ipsec start stop
    snmp-server enable traps entity config-change cpu-temperature
    snmp-server enable traps memory-threshold
    snmp-server enable traps interface-threshold
    snmp-server enable traps remote-access session-threshold-exceeded
    snmp-server enable traps connection-limit-reached
    snmp-server enable traps cpu threshold rising
    snmp-server enable traps config
    service sw-reset-button
    crypto ipsec security-association pmtu-aging infinite
    crypto ca trustpoint _SmartCallHome_ServerCA
    no validation-usage
    crl configure
    crypto ca trustpool policy
    telnet timeout 5
    no ssh stricthostkeycheck
    ssh timeout 5
    ssh version 2
    ssh cipher encryption custom "aes256-ctr:aes192-ctr:aes128-ctr"
    ssh key-exchange group dh-group1-sha1
    ssh 172.18.1.97 255.255.255.255 outside
    ssh 10.73.24.21 255.255.255.255 outside
    ssh 10.74.240.65 255.255.255.255 outside
    ssh 10.76.50.32 255.255.255.224 MGMT
    ssh 10.76.51.0 255.255.255.0 wireless_corp
    ssh 10.76.48.0 255.255.255.128 wired_data
    console timeout 0
    dhcpd auto_config outside
    !
    dhcprelay server 192.77.1.57 outside
    dhcprelay server 192.77.1.165 outside
    dhcprelay enable wired_video
    dhcprelay enable MGMT
    dhcprelay enable wireless_corp
    dhcprelay enable wireless_diageomobile
    dhcprelay enable wired_printer
    dhcprelay enable wired_data
    dhcprelay enable guest
    dhcprelay enable CCTV
    dhcprelay enable BIO
    dhcprelay enable Mfg_machine
    dhcprelay setroute wired_video
    dhcprelay setroute MGMT
    dhcprelay setroute wireless_corp
    dhcprelay setroute wireless_diageomobile
    dhcprelay setroute wired_printer
    dhcprelay setroute wired_data
    dhcprelay setroute guest
    dhcprelay setroute CCTV
    dhcprelay setroute BIO
    dhcprelay setroute Mfg_machine
    dhcprelay timeout 60
    threat-detection basic-threat
    threat-detection statistics
    threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-
    rate 200
    ntp server 192.77.1.149
    dynamic-access-policy-record DfltAccessPolicy
    password-policy authenticate-enable
    username admin password ***** pbkdf2
    username cisco password ***** pbkdf2
    !
    class-map inspection_default
    match default-inspection-traffic
    !
    !
    policy-map type inspect dns preset_dns_map
    parameters
    message-length maximum client auto
    message-length maximum 512
    no tcp-inspection
    policy-map global_policy
    class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect ip-options
    inspect snmp
    !
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:f9da138e5e60988b44c5b70fca458828
    : end

    route outside 0.0.0.0 0.0.0.0 10.76.198.1

    You might also like