Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Access from DMZ to Inside via port 389
- Thread starter drmohlen
- Start date
Supergrrover
IS-IT--Management
Post a scrubbed config. It will be easier to give you the commands with some context.
Brent
Systems Engineer / Consultant
CCNP, CCSP
Brent
Systems Engineer / Consultant
CCNP, CCSP
- Thread starter
- #3
Okay here is the config file:
PIX Version 7.0(5)
!
hostname pix515
domain-name test.test
enable password ********** encrypted
no names
name 192.1x8.1.10 LUKPC40
name 217.x.x.x LUKPCx3
name 217.x.x.x Exmail
name 192.1x8.1.2x LUKPC95
name 192.1x8.10.14 BCM
name x.x.x.1x3 Extera
name 192.1x8.1.141 mohsenpc
dns-guard
!
interface Ethernet0
nameif outside
security-level 0
ip address 217.x.x.x 255.255.255.240
!
interface Ethernet1
nameif inside
security-level 100
ip address 192.1x8.1.1 255.255.255.0
!
interface Ethernet2
nameif DMZ
security-level 4
ip address 192.1x8.10.1 255.255.255.0
!
passwd oshxv4bOUjXPA0ZS encrypted
boot system flash:/pix705.bin
ftp mode passive
clock timezone GMT/BST 0
clock summer-time GMT/BDT recurring last Sun Mar 1:00 last Sun Oct 2:00
object-group service SOSAccess tcp
port-object range 8890 8890
object-group service ViticServerAccess tcp
port-object eq www
port-object range 9000 9000
object-group service RemoteVPNUsers udp
port-object range isakmp isakmp
port-object range 4500 4500
port-object range 1701 1701
object-group service incomingSMTP tcp
port-object eq smtp
object-group service proxyusers tcp
object-group service Excipients tcp
description Access to excipients server
port-object eq www
port-object range 9000 9000
object-group service NoMiracle tcp
port-object eq www
object-group service Pluto tcp
port-object eq 8080
port-object eq www
access-list outside_access_in remark vitic access via PCx3
access-list outside_access_in extended permit tcp any host 217.x.x.39 object-group ViticServerAccess
access-list outside_access_in remark No Miracle server
access-list outside_access_in extended permit tcp any host 217.x.x.x object-group NoMiracle
access-list outside_access_in remark Pluto Derek for Windows on line
access-list outside_access_in extended permit tcp any host 217.x.x.35 object-group Pluto
access-list outside_access_in remark Allow access to excipients server
access-list outside_access_in extended permit tcp any host 217.x.x.37 object-group Excipients
access-list outside_access_in extended permit tcp any host 217.x.x.41 object-group SOSAccess
access-list outside_access_in extended permit icmp 217.x.x.32 255.255.255.240 217.x.x.0 255.255.255.0 echo
access-list outside_access_in extended permit tcp 193.109.254.0 255.255.254.0 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs server1
access-list outside_access_in extended permit tcp 195.245.230.0 255.255.254.0 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs server2
access-list outside_access_in extended permit tcp 194.10x.220.0 255.255.254.0 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs server3
access-list outside_access_in extended permit tcp 85.158.1x.0 255.255.248.0 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs server4
access-list outside_access_in extended permit tcp 21x.82.240.0 255.255.240.0 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs server5
access-list outside_access_in extended permit tcp host 195.21x.1x.211 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs serverx
access-list outside_access_in remark http for owa
access-list outside_access_in extended permit tcp any host 217.x.x.40 eq www
access-list outside_access_in remark Lhasa's FTP
access-list outside_access_in extended permit tcp any host 217.x.x.38 eq 989
access-list outside_access_in remark Lhasa's FTP
access-list outside_access_in extended permit tcp any host 217.x.x.38 eq 990
access-list outside_access_in remark Lhasa's FTP
access-list outside_access_in extended permit udp any host 217.x.x.38 eq 989
access-list outside_access_in remark Lhasa's FTP
access-list outside_access_in extended permit udp any host 217.x.x.38 eq 990
access-list outside_access_in remark Lhasa's FTP
access-list outside_access_in extended permit tcp any host 217.x.x.38 eq 2222
access-list DMZ_access_in extended permit icmp 192.1x8.10.0 255.255.255.0 217.x.x.32 255.255.255.240 echo-reply
access-list DMZ_access_in extended permit icmp 192.1x8.10.0 255.255.255.0 any echo-reply
access-list inside_outbound_nat0_acl extended permit ip any 192.1x8.1.224 255.255.255.240
access-list 101 extended permit ip 192.1x8.1.0 255.255.255.0 172.10.10.0 255.255.255.0
access-list 101 extended permit ip 192.1x8.1.0 255.255.255.0 192.1x8.2.0 255.255.255.0
access-list acl_outside extended permit tcp any host 217.x.x.38 eq ftp
access-list nonatDMZ extended permit ip host 192.1x8.10.14 192.1x8.3.0 255.255.255.0
access-list cap_out extended permit tcp host 217.x.x.45 host 217.x.x.33
access-list cap_out extended permit tcp host 217.x.x.33 host 217.x.x.45
access-list cap_in extended permit tcp host 217.x.x.45 host 192.1x8.10.13
access-list cap_in extended permit tcp host 192.1x8.10.13 host 217.x.x.45
access-list http-list2 extended permit tcp any host x.x.x.209
access-list DMZ-in extended deny tcp 192.1x8.10.0 255.255.255.0 192.1x8.1.0 255.255.255.0
!
tcp-map mss-map
exceed-mss allow
!
pager lines 24
logging enable
logging buffered debugging
logging trap errors
logging asdm warnings
logging host inside 192.1x8.1.12
mtu outside 1500
mtu inside 1500
mtu DMZ 1500
ip local pool RemotePool 192.1x8.2.1-192.1x8.2.254
ip local pool LocalPool 192.1x8.1.224-192.1x8.1.240
ip local pool ippool 172.10.10.1-172.10.10.200
ip local pool RemotePool2 192.1x8.3.1-192.1x8.3.254
asdm image flash:/asdm-505.bin
asdm history enable
arp timeout 14400
nat-control
global (outside) 10 interface
nat (inside) 0 access-list 101
nat (inside) 10 192.1x8.1.0 255.255.255.0
nat (DMZ) 0 access-list nonatDMZ
static (inside,outside) tcp 217.x.x.41 8890 192.1x8.1.10 8890 netmask 255.255.255.255
static (inside,outside) tcp 217.x.x.40 255.255.255.255
static (DMZ,outside) tcp 217.x.x.38 989 192.1x8.10.13 989 netmask 255.255.255.255
static (DMZ,outside) tcp 217.x.x.38 990 192.1x8.10.13 990 netmask 255.255.255.255
static (DMZ,outside) udp 217.x.x.38 989 192.1x8.10.13 989 netmask 255.255.255.255
static (DMZ,outside) udp 217.x.x.38 990 192.1x8.10.13 990 netmask 255.255.255.255
static (DMZ,outside) tcp 217.x.x.38 2222 192.1x8.10.13 ssh netmask 255.255.255.255
static (inside,DMZ) tcp 192.1x8.1.2x smtp 192.1x8.1.2x smtp netmask 255.255.255.255
static (DMZ,outside) 217.x.x.39 192.1x8.10.12 netmask 255.255.255.255
static (DMZ,outside) 217.x.x.37 192.1x8.10.15 netmask 255.255.255.255
static (outside,DMZ) 192.1x8.10.12 217.x.x.39 netmask 255.255.255.255
static (inside,outside) 217.x.x.40 192.1x8.1.2x netmask 255.255.255.255
static (outside,inside) 192.1x8.1.2x 217.x.x.40 netmask 255.255.255.255
static (DMZ,outside) 217.x.x.x 192.1x8.10.1x netmask 255.255.255.255
static (DMZ,outside) 217.x.x.35 192.1x8.10.17 netmask 255.255.255.255
static (inside,DMZ) 192.1x8.10.0 192.1x8.1.0 netmask 255.255.255.0
access-group outside_access_in in interface outside
access-group DMZ_access_in in interface DMZ
route outside 0.0.0.0 0.0.0.0 217.x.x.4x 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server RADIUS host 192.1x8.1.11
key thunderstorms
group-policy vpncert internal
group-policy vpncert attributes
vpn-idle-timeout 30
default-domain value test.test
group-policy vpn3000 internal
group-policy vpn3000 attributes
dns-server value 192.1x8.1.13
vpn-idle-timeout 30
default-domain value test.test
secure-unit-authentication enable
user-authentication enable
user-authentication-idle-timeout 3
username LUKVPN password ************ encrypted privilege 5
http server enable
http 192.1x8.1.0 255.255.255.0 inside
http 192.1x8.1.1 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps snmp authentication linkup linkdown coldstart
sysopt noproxyarp inside
crypto ipsec transform-set transset1 esp-des esp-md5-hmac
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto dynamic-map dynmap 10 set transform-set myset
crypto dynamic-map dynmap 20 set transform-set transset1
crypto map mymap 10 ipsec-isakmp dynamic dynmap
crypto map mymap interface outside
crypto ca trustpoint lukca
crl optional
enrollment retry count 20
enrollment url crl configure
isakmp identity address
isakmp enable outside
isakmp policy 1 authentication pre-share
isakmp policy 1 encryption des
isakmp policy 1 hash md5
isakmp policy 1 group 2
isakmp policy 1 lifetime 8x400
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 8x400
isakmp policy 20 authentication rsa-sig
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 8x400
isakmp policy x5535 authentication pre-share
isakmp policy x5535 encryption 3des
isakmp policy x5535 hash sha
isakmp policy x5535 group 2
isakmp policy x5535 lifetime 8x400
tunnel-group DefaultL2LGroup ipsec-attributes
trust-point lukca
tunnel-group DefaultRAGroup general-attributes
address-pool (outside) RemotePool
authentication-server-group (outside) RADIUS
tunnel-group DefaultRAGroup ipsec-attributes
trust-point lukca
tunnel-group vpn3000 type ipsec-ra
tunnel-group vpn3000 general-attributes
address-pool ippool
authentication-server-group (outside) RADIUS
default-group-policy vpn3000
tunnel-group vpn3000 ipsec-attributes
pre-shared-key *
trust-point lukca
tunnel-group vpncert type ipsec-ra
tunnel-group vpncert general-attributes
address-pool ippool
authentication-server-group (outside) RADIUS
default-group-policy vpncert
tunnel-group vpncert ipsec-attributes
pre-shared-key *
trust-point lukca
telnet timeout 20
ssh timeout 5
ssh version 1
console timeout 0
management-access inside
dhcpd dns 192.1x8.1.13 192.1x8.1.10
dhcpd lease 8x400
dhcpd ping_timeout 750
dhcpd domain test.test
!
class-map inspection_default
match default-inspection-traffic
class-map http-map1
match access-list http-list2
!
!
policy-map global_policy
class inspection_default
inspect dns maximum-length 512
inspect ftp
inspect h323 h225
inspect h323 ras
inspect http
inspect netbios
inspect pptp
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
policy-map http-map1
class http-map1
set connection advanced-options mss-map
!
service-policy global_policy global
service-policy http-map1 interface outside
Cryptochecksum:cc1270bea132x8x0c42efd54axcd8bb4
: end
PIX Version 7.0(5)
!
hostname pix515
domain-name test.test
enable password ********** encrypted
no names
name 192.1x8.1.10 LUKPC40
name 217.x.x.x LUKPCx3
name 217.x.x.x Exmail
name 192.1x8.1.2x LUKPC95
name 192.1x8.10.14 BCM
name x.x.x.1x3 Extera
name 192.1x8.1.141 mohsenpc
dns-guard
!
interface Ethernet0
nameif outside
security-level 0
ip address 217.x.x.x 255.255.255.240
!
interface Ethernet1
nameif inside
security-level 100
ip address 192.1x8.1.1 255.255.255.0
!
interface Ethernet2
nameif DMZ
security-level 4
ip address 192.1x8.10.1 255.255.255.0
!
passwd oshxv4bOUjXPA0ZS encrypted
boot system flash:/pix705.bin
ftp mode passive
clock timezone GMT/BST 0
clock summer-time GMT/BDT recurring last Sun Mar 1:00 last Sun Oct 2:00
object-group service SOSAccess tcp
port-object range 8890 8890
object-group service ViticServerAccess tcp
port-object eq www
port-object range 9000 9000
object-group service RemoteVPNUsers udp
port-object range isakmp isakmp
port-object range 4500 4500
port-object range 1701 1701
object-group service incomingSMTP tcp
port-object eq smtp
object-group service proxyusers tcp
object-group service Excipients tcp
description Access to excipients server
port-object eq www
port-object range 9000 9000
object-group service NoMiracle tcp
port-object eq www
object-group service Pluto tcp
port-object eq 8080
port-object eq www
access-list outside_access_in remark vitic access via PCx3
access-list outside_access_in extended permit tcp any host 217.x.x.39 object-group ViticServerAccess
access-list outside_access_in remark No Miracle server
access-list outside_access_in extended permit tcp any host 217.x.x.x object-group NoMiracle
access-list outside_access_in remark Pluto Derek for Windows on line
access-list outside_access_in extended permit tcp any host 217.x.x.35 object-group Pluto
access-list outside_access_in remark Allow access to excipients server
access-list outside_access_in extended permit tcp any host 217.x.x.37 object-group Excipients
access-list outside_access_in extended permit tcp any host 217.x.x.41 object-group SOSAccess
access-list outside_access_in extended permit icmp 217.x.x.32 255.255.255.240 217.x.x.0 255.255.255.0 echo
access-list outside_access_in extended permit tcp 193.109.254.0 255.255.254.0 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs server1
access-list outside_access_in extended permit tcp 195.245.230.0 255.255.254.0 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs server2
access-list outside_access_in extended permit tcp 194.10x.220.0 255.255.254.0 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs server3
access-list outside_access_in extended permit tcp 85.158.1x.0 255.255.248.0 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs server4
access-list outside_access_in extended permit tcp 21x.82.240.0 255.255.240.0 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs server5
access-list outside_access_in extended permit tcp host 195.21x.1x.211 host 217.x.x.40 object-group incomingSMTP
access-list outside_access_in remark messagelabs serverx
access-list outside_access_in remark http for owa
access-list outside_access_in extended permit tcp any host 217.x.x.40 eq www
access-list outside_access_in remark Lhasa's FTP
access-list outside_access_in extended permit tcp any host 217.x.x.38 eq 989
access-list outside_access_in remark Lhasa's FTP
access-list outside_access_in extended permit tcp any host 217.x.x.38 eq 990
access-list outside_access_in remark Lhasa's FTP
access-list outside_access_in extended permit udp any host 217.x.x.38 eq 989
access-list outside_access_in remark Lhasa's FTP
access-list outside_access_in extended permit udp any host 217.x.x.38 eq 990
access-list outside_access_in remark Lhasa's FTP
access-list outside_access_in extended permit tcp any host 217.x.x.38 eq 2222
access-list DMZ_access_in extended permit icmp 192.1x8.10.0 255.255.255.0 217.x.x.32 255.255.255.240 echo-reply
access-list DMZ_access_in extended permit icmp 192.1x8.10.0 255.255.255.0 any echo-reply
access-list inside_outbound_nat0_acl extended permit ip any 192.1x8.1.224 255.255.255.240
access-list 101 extended permit ip 192.1x8.1.0 255.255.255.0 172.10.10.0 255.255.255.0
access-list 101 extended permit ip 192.1x8.1.0 255.255.255.0 192.1x8.2.0 255.255.255.0
access-list acl_outside extended permit tcp any host 217.x.x.38 eq ftp
access-list nonatDMZ extended permit ip host 192.1x8.10.14 192.1x8.3.0 255.255.255.0
access-list cap_out extended permit tcp host 217.x.x.45 host 217.x.x.33
access-list cap_out extended permit tcp host 217.x.x.33 host 217.x.x.45
access-list cap_in extended permit tcp host 217.x.x.45 host 192.1x8.10.13
access-list cap_in extended permit tcp host 192.1x8.10.13 host 217.x.x.45
access-list http-list2 extended permit tcp any host x.x.x.209
access-list DMZ-in extended deny tcp 192.1x8.10.0 255.255.255.0 192.1x8.1.0 255.255.255.0
!
tcp-map mss-map
exceed-mss allow
!
pager lines 24
logging enable
logging buffered debugging
logging trap errors
logging asdm warnings
logging host inside 192.1x8.1.12
mtu outside 1500
mtu inside 1500
mtu DMZ 1500
ip local pool RemotePool 192.1x8.2.1-192.1x8.2.254
ip local pool LocalPool 192.1x8.1.224-192.1x8.1.240
ip local pool ippool 172.10.10.1-172.10.10.200
ip local pool RemotePool2 192.1x8.3.1-192.1x8.3.254
asdm image flash:/asdm-505.bin
asdm history enable
arp timeout 14400
nat-control
global (outside) 10 interface
nat (inside) 0 access-list 101
nat (inside) 10 192.1x8.1.0 255.255.255.0
nat (DMZ) 0 access-list nonatDMZ
static (inside,outside) tcp 217.x.x.41 8890 192.1x8.1.10 8890 netmask 255.255.255.255
static (inside,outside) tcp 217.x.x.40 255.255.255.255
static (DMZ,outside) tcp 217.x.x.38 989 192.1x8.10.13 989 netmask 255.255.255.255
static (DMZ,outside) tcp 217.x.x.38 990 192.1x8.10.13 990 netmask 255.255.255.255
static (DMZ,outside) udp 217.x.x.38 989 192.1x8.10.13 989 netmask 255.255.255.255
static (DMZ,outside) udp 217.x.x.38 990 192.1x8.10.13 990 netmask 255.255.255.255
static (DMZ,outside) tcp 217.x.x.38 2222 192.1x8.10.13 ssh netmask 255.255.255.255
static (inside,DMZ) tcp 192.1x8.1.2x smtp 192.1x8.1.2x smtp netmask 255.255.255.255
static (DMZ,outside) 217.x.x.39 192.1x8.10.12 netmask 255.255.255.255
static (DMZ,outside) 217.x.x.37 192.1x8.10.15 netmask 255.255.255.255
static (outside,DMZ) 192.1x8.10.12 217.x.x.39 netmask 255.255.255.255
static (inside,outside) 217.x.x.40 192.1x8.1.2x netmask 255.255.255.255
static (outside,inside) 192.1x8.1.2x 217.x.x.40 netmask 255.255.255.255
static (DMZ,outside) 217.x.x.x 192.1x8.10.1x netmask 255.255.255.255
static (DMZ,outside) 217.x.x.35 192.1x8.10.17 netmask 255.255.255.255
static (inside,DMZ) 192.1x8.10.0 192.1x8.1.0 netmask 255.255.255.0
access-group outside_access_in in interface outside
access-group DMZ_access_in in interface DMZ
route outside 0.0.0.0 0.0.0.0 217.x.x.4x 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server RADIUS host 192.1x8.1.11
key thunderstorms
group-policy vpncert internal
group-policy vpncert attributes
vpn-idle-timeout 30
default-domain value test.test
group-policy vpn3000 internal
group-policy vpn3000 attributes
dns-server value 192.1x8.1.13
vpn-idle-timeout 30
default-domain value test.test
secure-unit-authentication enable
user-authentication enable
user-authentication-idle-timeout 3
username LUKVPN password ************ encrypted privilege 5
http server enable
http 192.1x8.1.0 255.255.255.0 inside
http 192.1x8.1.1 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps snmp authentication linkup linkdown coldstart
sysopt noproxyarp inside
crypto ipsec transform-set transset1 esp-des esp-md5-hmac
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto dynamic-map dynmap 10 set transform-set myset
crypto dynamic-map dynmap 20 set transform-set transset1
crypto map mymap 10 ipsec-isakmp dynamic dynmap
crypto map mymap interface outside
crypto ca trustpoint lukca
crl optional
enrollment retry count 20
enrollment url crl configure
isakmp identity address
isakmp enable outside
isakmp policy 1 authentication pre-share
isakmp policy 1 encryption des
isakmp policy 1 hash md5
isakmp policy 1 group 2
isakmp policy 1 lifetime 8x400
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 8x400
isakmp policy 20 authentication rsa-sig
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 8x400
isakmp policy x5535 authentication pre-share
isakmp policy x5535 encryption 3des
isakmp policy x5535 hash sha
isakmp policy x5535 group 2
isakmp policy x5535 lifetime 8x400
tunnel-group DefaultL2LGroup ipsec-attributes
trust-point lukca
tunnel-group DefaultRAGroup general-attributes
address-pool (outside) RemotePool
authentication-server-group (outside) RADIUS
tunnel-group DefaultRAGroup ipsec-attributes
trust-point lukca
tunnel-group vpn3000 type ipsec-ra
tunnel-group vpn3000 general-attributes
address-pool ippool
authentication-server-group (outside) RADIUS
default-group-policy vpn3000
tunnel-group vpn3000 ipsec-attributes
pre-shared-key *
trust-point lukca
tunnel-group vpncert type ipsec-ra
tunnel-group vpncert general-attributes
address-pool ippool
authentication-server-group (outside) RADIUS
default-group-policy vpncert
tunnel-group vpncert ipsec-attributes
pre-shared-key *
trust-point lukca
telnet timeout 20
ssh timeout 5
ssh version 1
console timeout 0
management-access inside
dhcpd dns 192.1x8.1.13 192.1x8.1.10
dhcpd lease 8x400
dhcpd ping_timeout 750
dhcpd domain test.test
!
class-map inspection_default
match default-inspection-traffic
class-map http-map1
match access-list http-list2
!
!
policy-map global_policy
class inspection_default
inspect dns maximum-length 512
inspect ftp
inspect h323 h225
inspect h323 ras
inspect http
inspect netbios
inspect pptp
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
policy-map http-map1
class http-map1
set connection advanced-options mss-map
!
service-policy global_policy global
service-policy http-map1 interface outside
Cryptochecksum:cc1270bea132x8x0c42efd54axcd8bb4
: end
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question