Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ASA 5520 passive FTP not working in browser 1

Status
Not open for further replies.
pbrj

pbrj

MIS
Apr 23, 2004
3
US
Hi,
I have an ftp site that uses passive mode, but passive mode does not work with browsers. If I turn off the passive mode in the browser, it works. Or use an ftp client with passive mode it works.
I know that IE is not a good ftp client, but that is what our vendors and clients are using.
The ftp server is on a windows 2003 server running filezilla, and is behind an asa 5520 at our colo site.
We have a fiber link to our colo site from the main office.
The asa has remote office connections to each of our branch offices as well.
No, I did not build this out, my previous boss did, with outside help.
Thanks for any help you can provide.
Here is my config
: Saved
:
ASA Version 8.0(3)
!
hostname COLOASA5520
domain-name paperloop.com
enable password xxxxxxxxx encrypted
names
name 192.168.51.0 Atlanta
name 228.0.0.0 tomcatthing
name 199.xxx.xxx.xxx ftp4.vendor.com
dns-guard
!
interface GigabitEthernet0/0
nameif COLOoutside
security-level 10
ip address 209.xx.xxx.xxx 255.255.255.240
!
interface GigabitEthernet0/0.2
no vlan
no nameif
security-level 10
ip address 209.xxx.xxx.xxx 255.255.255.224
!
interface GigabitEthernet0/1
speed 1000
duplex full
nameif ColoInside
security-level 80
ip address 192.168.3.252 255.255.255.0
!
interface GigabitEthernet0/2
nameif ColoToBed
security-level 80
ip address 192.168.2.1 255.255.255.0
!
interface GigabitEthernet0/3
nameif test
security-level 0
ip address 192.168.85.1 255.255.255.0
management-only
!
interface Management0/0
nameif management
security-level 100
ip address 192.168.21.1 255.255.255.0
management-only
!
passwd 2KFQnbNIdI.2KYOU encrypted
boot system disk0:/asa803-k8.bin
boot system disk0:/asa723-k8.bin
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup COLOoutside
dns domain-lookup ColoInside
dns server-group DefaultDNS
name-server 192.168.1.29
name-server 4.2.2.1
name-server 192.168.1.6
domain-name paperloop.com
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group network DM_INLINE_NETWORK_1
network-object 192.168.1.0 255.255.255.0
network-object 192.168.3.0 255.255.255.0
network-object 192.168.111.0 255.255.255.0
object-group network DM_INLINE_NETWORK_2
network-object 192.168.1.0 255.255.255.0
network-object 192.168.3.0 255.255.255.0
network-object 192.168.111.0 255.255.255.0
object-group network DM_INLINE_NETWORK_3
network-object 192.168.3.0 255.255.255.0
network-object tomcatthing 255.255.255.0
object-group network DM_INLINE_NETWORK_4
network-object 192.168.3.0 255.255.255.0
network-object tomcatthing 255.255.255.0
object-group network DM_INLINE_NETWORK_6
network-object host ftp4.vendor.com
network-object 63.xxx.xxx.xxx 255.255.255.0
object-group service ProductionPorts tcp
port-object eq 8443
port-object eq ftp
port-object eq www
port-object eq https
port-object eq ftp-data
port-object eq imap4
port-object eq kerberos
port-object eq pop3
port-object eq smtp
object-group service ExchangePorts
service-object tcp eq 465
service-object tcp eq 993
service-object tcp eq www
service-object tcp eq https
service-object tcp eq imap4
service-object tcp eq kerberos
service-object tcp eq pop3
service-object tcp eq smtp
access-list COLOoutside_access_out extended permit ip any any log
access-list COLOoutside_access_out extended permit icmp any any
access-list COLOoutside_access_in extended permit ip 63.xxx.xxx.xxx 255.255.255.0 any
access-list COLOoutside_access_in extended permit tcp object-group DM_INLINE_NETWORK_6 range 1 65535 any range 1 65535
access-list COLOoutside_access_in extended permit ip 67.xxx.xxx.xxx 255.255.255.0 host 209.xxx.xxx.xxx
access-list COLOoutside_access_in extended permit ip any host 209.xxx.xxx.xxx
access-list COLOoutside_access_in extended permit tcp any host 209.xxx.xxx.xxx object-group ProductionPorts
access-list COLOoutside_access_in extended permit ip any host 209.xxx.xxx.xxx inactive
access-list COLOoutside_access_in extended permit tcp any host 209.xxx.xxx.xxx object-group ProductionPorts
access-list COLOoutside_access_in extended permit tcp any host 209.xxx.xxx.xxx object-group ProductionPorts
access-list COLOoutside_access_in extended permit tcp any 192.168.3.0 255.255.255.0 object-group ProductionPorts
access-list COLOoutside_access_in extended permit tcp 192.168.3.0 255.255.255.0 any object-group ProductionPorts
access-list COLOoutside_access_in extended permit ip any any inactive
access-list COLOoutside_access_in extended permit icmp any any
access-list COLOoutside_access_in extended permit icmp any host 209.xxx.xxx.xxx
access-list COLOoutside_access_in extended deny ip any 129.21.0.0 255.255.0.0 inactive
access-list COLOoutside_access_in extended deny ip any 129.0.0.0 255.0.0.0
access-list ColoInside_access_in extended permit ip any any
access-list ColoInside_access_in extended permit icmp any any
access-list ColoInside_access_in extended permit tcp host ftp4.vendor.com any eq ftp inactive
access-list ColoInside_access_in extended permit udp object-group DM_INLINE_NETWORK_3 object-group DM_INLINE_NETWORK_4 inactive
access-list COLOoutside_1_cryptomap extended permit ip 192.168.3.0 255.255.255.0 10.150.4.0 255.255.255.0
access-list ColoInside_access_out extended permit ip 192.168.3.0 255.255.255.0 any
access-list ColoInside_access_out extended permit ip any any
access-list ColoInside_access_out extended permit icmp any any
access-list COLOoutside_2_cryptomap extended permit ip 192.168.3.0 255.255.255.0 10.3.32.0 255.255.224.0
access-list capture extended permit tcp any host 192.168.3.100
access-list capture extended permit tcp host 192.168.3.100 any
access-list coloInside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 192.168.10.0 255.255.255.0
access-list coloInside_nat0_outbound extended permit ip host 192.168.3.86 192.168.1.0 255.255.255.0
access-list coloInside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 host 192.168.3.86
access-list coloInside_nat0_outbound extended permit ip 192.168.10.0 255.255.255.0 192.168.3.0 255.255.255.0
access-list coloInside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 192.168.71.0 255.255.255.0
access-list coloInside_nat0_outbound extended permit ip object-group DM_INLINE_NETWORK_1 object-group DM_INLINE_NETWORK_2 inactive
access-list coloInside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 10.3.32.0 255.255.224.0
access-list coloInside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 Atlanta 255.255.255.0
access-list coloInside_nat0_outbound extended permit ip host 192.168.3.0 host 192.168.10.0
access-list coloInside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 192.168.3.0 255.255.255.0
access-list coloInside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list coloInside_nat0_outbound extended permit ip 10.150.4.0 255.255.255.0 192.168.3.0 255.255.255.0
access-list coloInside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 10.150.4.0 255.255.255.0
access-list coloInside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 192.168.61.0 255.255.255.0
access-list coloInside_nat0_outbound extended permit ip host 192.168.3.0 192.168.71.0 255.255.255.0
access-list SSLGroup_splitTunnelAcl standard permit 192.168.1.0 255.255.255.0
access-list SSLGroup_splitTunnelAcl standard permit 192.168.3.0 255.255.255.0
access-list SSLGroup_splitTunnelAcl standard permit 10.150.4.0 255.255.255.0
access-list COLOoutside_4_cryptomap extended permit ip host 192.168.3.0 192.168.71.0 255.255.255.0
access-list ColoToBed_access_in extended permit ip any any
access-list COLOoutside_3_cryptomap extended permit ip 192.168.3.0 255.255.255.0 Atlanta 255.255.255.0
access-list ColoToBed_1_cryptomap extended permit ip 192.168.3.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list Contractors standard permit host 192.168.3.82
access-list COLOoutside_5_cryptomap extended permit ip host 192.168.3.0 host 192.168.10.0
access-list ColoInside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 10.150.4.0 255.255.255.0
access-list ColoInside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 192.168.3.0 255.255.255.0
access-list ColoInside_access_in_1 extended permit ip any any
access-list ColoInside_access_in_2 extended permit ip any any
access-list ColoInside_access_in_2 extended permit ip host 192.168.3.1 any
access-list ColoInside_access_in_2 extended permit ip 192.168.1.0 255.255.255.0 any
access-list ColoInside_access_in_2 extended permit ip 192.168.3.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list ColoInside_access_out_1 extended permit ip any any
access-list ColoToBed_access_out extended permit ip any any
access-list COLOoutside_6_cryptomap extended permit ip 192.168.3.0 255.255.255.0 192.168.61.0 255.255.255.0
access-list ColoInside_nat_static extended permit tcp host 192.168.3.2 eq 8443 63.166.217.0 255.255.255.0
pager lines 24
logging enable
logging timestamp
logging buffer-size 8048
logging buffered debugging
logging trap emergencies
logging asdm debugging
logging device-id hostname
logging host ColoInside 192.168.3.26
logging permit-hostdown
mtu COLOoutside 1500
mtu ColoInside 1500
mtu ColoToBed 1500
mtu test 1500
mtu management 1500
ip local pool COLOpool 192.168.3.175-192.168.3.225 mask 255.255.255.0
ip audit info action
ip audit signature 1004 disable
ip audit signature 1006 disable
ip audit signature 3040 disable
ip audit signature 3041 disable
ip audit signature 3042 disable
ip audit signature 3153 disable
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any COLOoutside
icmp permit any ColoInside
icmp permit any ColoToBed
asdm image disk0:/asdm-611.bin
no asdm history enable
arp timeout 14400
global (COLOoutside) 1 209.67.233.99-209.67.233.125 netmask 255.255.255.0
global (COLOoutside) 2 209.67.234.124 netmask 255.255.255.0
global (ColoToBed) 101 interface
nat (ColoInside) 0 access-list coloInside_nat0_outbound
nat (ColoInside) 0 access-list ColoInside_nat0_outbound outside
nat (ColoInside) 1 192.168.3.0 255.255.255.0 dns
static (ColoInside,COLOoutside) tcp 209.xxx.xxx.xx4 https 192.168.3.173 https netmask 255.255.255.255 dns
static (ColoInside,COLOoutside) tcp 209.xxx.xxx.xx4 255.255.255.255 dns
static (ColoInside,COLOoutside) tcp 209.xxx.xxx.xx4 ftp-data 192.168.3.31 ftp-data netmask 255.255.255.255 dns
static (ColoInside,COLOoutside) tcp 209.xxx.xxx.xx4 ftp 192.168.3.31 ftp netmask 255.255.255.255 dns
static (ColoInside,COLOoutside) tcp 209.xxx.xxx.xx4 8443 access-list ColoInside_nat_static
static (ColoInside,COLOoutside) tcp 209.xxx.xxx.xx5 ftp 192.168.3.86 ftp netmask 255.255.255.255
static (ColoInside,COLOoutside) 209.xxx.xxx.xx7 192.168.3.174 netmask 255.255.255.255 dns
access-group COLOoutside_access_in in interface COLOoutside
access-group COLOoutside_access_out out interface COLOoutside
access-group ColoInside_access_in_2 in interface ColoInside
access-group ColoInside_access_out_1 out interface ColoInside
access-group ColoToBed_access_in in interface ColoToBed
access-group ColoToBed_access_out out interface ColoToBed
route COLOoutside 0.0.0.0 0.0.0.0 209.xxx.xxx.xxx 1
route ColoToBed 192.168.1.0 255.255.255.0 192.168.2.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa-server paperloop protocol radius
accounting-mode simultaneous
aaa-server paperloop (ColoInside) host 192.168.1.6
key movezig
aaa-server ntauth protocol nt
aaa-server ntauth (ColoInside) host 192.168.3.31
nt-auth-domain-controller 192.168.3.31
aaa-server ntauth (ColoInside) host 192.168.1.6
timeout 15
nt-auth-domain-controller 192.168.1.6
nac-policy DfltGrpPolicy-nac-framework-create nac-framework
reval-period 36000
sq-period 300
aaa authentication enable console LOCAL
aaa authentication ssh console LOCAL
aaa authorization command LOCAL
http server enable 8443
http 67.208.177.0 255.255.255.0 COLOoutside
http 192.168.1.0 255.255.255.0 ColoInside
http 192.168.3.0 255.255.255.0 ColoInside
http 192.168.21.0 255.255.255.0 management
snmp-server host ColoInside 192.168.1.128 poll community mycompany version 2c
snmp-server host ColoInside 192.168.1.208 poll community mycompany version 2c
snmp-server location COLO5520-A
no snmp-server contact
snmp-server community mycompany
snmp-server enable traps snmp authentication linkup linkdown coldstart
snmp-server enable traps remote-access session-threshold-exceeded
auth-prompt prompt Please AD enter your name and Password
auth-prompt accept Welcome to mycompany
auth-prompt reject I am sorry, you are not allowed to acces our systems
service resetinbound interface ColoInside
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map COLOoutside_dyn_map 20 set pfs
crypto dynamic-map COLOoutside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto map COLOoutside_map 1 match address COLOoutside_1_cryptomap
crypto map COLOoutside_map 1 set pfs
crypto map COLOoutside_map 1 set peer 65.xxx.xxx.xxx
crypto map COLOoutside_map 1 set transform-set ESP-3DES-SHA
crypto map COLOoutside_map 2 match address COLOoutside_2_cryptomap
crypto map COLOoutside_map 2 set pfs
crypto map COLOoutside_map 2 set peer 194.xxx.xxx.xxx
crypto map COLOoutside_map 2 set transform-set ESP-3DES-SHA
crypto map COLOoutside_map 3 match address COLOoutside_3_cryptomap
crypto map COLOoutside_map 3 set pfs
crypto map COLOoutside_map 3 set peer 216.xxx.xxx.xxx
crypto map COLOoutside_map 3 set transform-set ESP-3DES-SHA
crypto map COLOoutside_map 4 match address COLOoutside_4_cryptomap
crypto map COLOoutside_map 4 set pfs
crypto map COLOoutside_map 4 set peer 173.xxx.xxx.xxx
crypto map COLOoutside_map 4 set transform-set ESP-3DES-SHA
crypto map COLOoutside_map 5 match address COLOoutside_5_cryptomap
crypto map COLOoutside_map 5 set pfs
crypto map COLOoutside_map 5 set peer 202.xxx.xxx.xxx
crypto map COLOoutside_map 5 set transform-set ESP-3DES-SHA
crypto map COLOoutside_map 6 match address COLOoutside_6_cryptomap
crypto map COLOoutside_map 6 set pfs
crypto map COLOoutside_map 6 set peer 83.xxx.xxx.xxx
crypto map COLOoutside_map 6 set transform-set ESP-3DES-SHA
crypto map COLOoutside_map 65535 ipsec-isakmp dynamic COLOoutside_dyn_map
crypto map COLOoutside_map interface COLOoutside
crypto map ColoToBed_map 1 match address ColoToBed_1_cryptomap
crypto map ColoToBed_map 1 set pfs
crypto map ColoToBed_map 1 set peer 192.168.2.2
crypto map ColoToBed_map 1 set transform-set ESP-3DES-SHA
crypto map ColoToBed_map 1 set phase1-mode aggressive
crypto map ColoToBed_map interface ColoToBed
crypto ca trustpoint ASDM_TrustPoint0
enrollment terminal
crl configure
crypto ca certificate chain ASDM_TrustPoint0




quit
crypto isakmp identity address
crypto isakmp enable COLOoutside
crypto isakmp enable ColoInside
crypto isakmp enable ColoToBed
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption des
hash md5
group 1
lifetime 86400
crypto isakmp ipsec-over-tcp port 10000
no vpn-addr-assign aaa
no vpn-addr-assign dhcp
telnet 192.168.1.0 255.255.255.0 ColoInside
telnet timeout 5
ssh 67.xxx.xxx.xxx 255.255.255.0 COLOoutside
ssh 67.xxx.xxx.xxx 255.255.255.255 COLOoutside
ssh 203.xxx.xxx.xxx 255.255.255.255 COLOoutside
ssh 209.xxx.xxx.xxx 255.255.255.255 COLOoutside
ssh 24.xxx.xxx.xxx 255.255.255.255 COLOoutside
ssh 192.168.0.0 255.255.0.0 ColoInside
ssh timeout 60
console timeout 0
management-access ColoInside
l2tp tunnel hello 120
dhcpd address 192.168.21.3-192.168.21.6 management
dhcpd enable management
!
threat-detection basic-threat
threat-detection statistics
webvpn
enable COLOoutside
svc image disk0:/sslclient114177.pkg 1
svc image disk0:/anyconnect-win-2.2.0133-k9.pkg 2
svc enable
group-policy SSLGroup internal
group-policy SSLGroup attributes
dns-server value 192.168.1.29 192.168.1.6
vpn-idle-timeout none
vpn-tunnel-protocol IPSec l2tp-ipsec svc
ipsec-udp enable
ipsec-udp-port 10000
split-tunnel-policy tunnelspecified
split-tunnel-network-list value SSLGroup_splitTunnelAcl
default-domain value paperloop.com
webvpn
html-content-filter none
svc keep-installer installed
svc keepalive 300
svc rekey time none
svc rekey method none
svc compression deflate
svc ask none default svc
group-policy DfltGrpPolicy attributes
vpn-idle-timeout none
vpn-tunnel-protocol IPSec l2tp-ipsec
pfs enable
nem enable
nac-settings value DfltGrpPolicy-nac-framework-create
webvpn
svc keepalive none
svc dpd-interval client none
svc dpd-interval gateway none
customization value DfltCustomization
group-policy Contractor internal
group-policy Contractor attributes
banner none
wins-server none
dns-server none
vpn-tunnel-protocol IPSec l2tp-ipsec svc
split-tunnel-network-list value Contractors
secure-unit-authentication disable
user-authentication disable
user-authentication-idle-timeout 30
nem disable
address-pools value COLOpool
client-access-rule none
username adminuser password xxxxxxxxx encrypted privilege 15
username cisco password xxxxxxxxx encrypted privilege 15
username amakhija password xxxxxxxxx encrypted
username amakhija attributes
vpn-group-policy Contractor
vpn-simultaneous-logins 1
vpn-idle-timeout 30
vpn-session-timeout none
vpn-filter none
vpn-tunnel-protocol svc webvpn
group-lock value Contractor
service-type remote-access
memberof contractors
webvpn
svc ask none default webvpn
username exadmin password xxxxxxxxx encrypted privilege 13
tunnel-group DefaultRAGroup general-attributes
authentication-server-group paperloop LOCAL
authentication-server-group (ColoInside) paperloop LOCAL
default-group-policy SSLGroup
tunnel-group DefaultWEBVPNGroup general-attributes
address-pool COLOpool
authentication-server-group paperloop LOCAL
authentication-server-group (ColoInside) paperloop LOCAL
default-group-policy SSLGroup
override-account-disable
tunnel-group SSLGroup type remote-access
tunnel-group SSLGroup general-attributes
address-pool COLOpool
authentication-server-group paperloop LOCAL
authentication-server-group (ColoInside) paperloop LOCAL
default-group-policy SSLGroup
strip-realm
override-account-disable
strip-group
tunnel-group SSLGroup webvpn-attributes
radius-reject-message
tunnel-group SSLGroup ipsec-attributes
pre-shared-key *
tunnel-group SSLGroup ppp-attributes
authentication ms-chap-v2
tunnel-group 65.xxx.xxx.xxx type ipsec-l2l
tunnel-group 65.xxx.xxx.xxx ipsec-attributes
pre-shared-key *
tunnel-group 194.xxx.xxx.xxx type ipsec-l2l
tunnel-group 194.xxx.xxx.xxx ipsec-attributes
pre-shared-key *
tunnel-group 192.168.85.2 type ipsec-l2l
tunnel-group 192.168.2.2 type ipsec-l2l
tunnel-group 192.168.2.2 ipsec-attributes
pre-shared-key *
peer-id-validate nocheck
tunnel-group 216.xxx.xxx.xxx type ipsec-l2l
tunnel-group 216.xxx.xxx.xxx ipsec-attributes
pre-shared-key *
tunnel-group 173.xxx.xxx.xxx type ipsec-l2l
tunnel-group 173.xxx.xxx.xxx ipsec-attributes
pre-shared-key *
tunnel-group Contractor type remote-access
tunnel-group Contractor general-attributes
address-pool COLOpool
authentication-server-group (COLOoutside) LOCAL
authorization-server-group LOCAL
authorization-server-group (COLOoutside) LOCAL
default-group-policy Contractor
authorization-required
tunnel-group Contractor ipsec-attributes
pre-shared-key *
tunnel-group 202.xxx.xxx.xxx type ipsec-l2l
tunnel-group 202.xxx.xxx.xxx ipsec-attributes
pre-shared-key *
tunnel-group 83.xxx.xxx.xxx type ipsec-l2l
tunnel-group 83.xxx.xxx.xxx ipsec-attributes
pre-shared-key *
no tunnel-group-map enable ou
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
policy-map global_policy
description FTPlow
class inspection_default
inspect dns migrated_dns_map_1
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ftp
policy-map type inspect ftp ftplow
parameters
policy-map asa_global_fw_policy
class inspection_default
inspect ftp
!
service-policy global_policy global
privilege cmd level 13 mode exec command client-update
privilege cmd level 13 mode exec command no
privilege cmd level 13 mode exec command debug
privilege cmd level 13 mode exec command test
privilege cmd level 13 mode exec command undebug
privilege cmd level 13 mode exec command reload
privilege cmd level 13 mode exec command activation-key
privilege cmd level 13 mode exec command configure
privilege cmd level 13 mode exec command disable
privilege cmd level 13 mode exec command capture
privilege cmd level 13 mode exec command fips
privilege cmd level 13 mode exec command kill
privilege cmd level 13 mode exec command memory
privilege cmd level 13 mode exec command slip
privilege cmd level 3 mode exec command perfmon
privilege cmd level 13 mode exec command cpu
privilege cmd level 13 mode exec command verify
privilege cmd level 13 mode exec command copy
privilege cmd level 13 mode exec command erase
privilege cmd level 13 mode exec command fsck
privilege cmd level 13 mode exec command format
privilege cmd level 13 mode exec command fsck
privilege cmd level 13 mode exec command more
privilege cmd level 13 mode exec command rename
privilege cmd level 13 mode exec command delete
privilege cmd level 13 mode exec command rmdir
privilege cmd level 13 mode exec command mkdir
privilege cmd level 13 mode exec command cd
privilege cmd level 13 mode exec command pwd
privilege cmd level 13 mode exec command dir
privilege cmd level 13 mode exec command eject
privilege cmd level 3 mode exec command ping
privilege cmd level 13 mode exec command shun
privilege cmd level 13 mode exec command write
privilege cmd level 3 mode exec command who
privilege cmd level 13 mode exec command clock
privilege cmd level 3 mode exec command logging
privilege cmd level 3 mode exec command failover
privilege cmd level 13 mode exec command asdm
privilege cmd level 13 mode exec command dynamic-access-policy-config
privilege cmd level 13 mode exec command aaa-server
privilege cmd level 13 mode exec command eou
privilege cmd level 13 mode exec command crypto
privilege cmd level 13 mode exec command vpn-sessiondb
privilege cmd level 13 mode exec command ssh
privilege cmd level 13 mode exec command terminal
privilege cmd level 13 mode exec command blocks
privilege cmd level 13 mode exec command hw-module
privilege cmd level 13 mode exec command session
privilege cmd level 13 mode exec command packet-tracer
privilege cmd level 13 mode exec command crashinfo
privilege cmd level 13 mode exec command redundant-interface
privilege cmd level 13 mode exec command webvpn-cache
privilege cmd level 13 mode exec command revert
privilege cmd level 13 mode exec command export
privilege cmd level 13 mode exec command import
privilege cmd level 13 mode exec command no
privilege cmd level 13 mode exec command user-alert
privilege show level 5 mode exec command import
privilege show level 13 mode exec command user-alert
privilege show level 13 mode exec command global
privilege show level 13 mode exec command parser
privilege show level 13 mode exec command configuration
privilege show level 5 mode exec command running-config
privilege show level 13 mode exec command startup-config
privilege show level 13 mode exec command debug
privilege show level 13 mode exec command resource
privilege show level 13 mode exec command hostname
privilege show level 3 mode exec command reload
privilege show level 3 mode exec command mode
privilege show level 3 mode exec command firewall
privilege show level 13 mode exec command activation-key
privilege show level 13 mode exec command conn
privilege show level 13 mode exec command asp
privilege show level 13 mode exec command capture
privilege show level 13 mode exec command ips
privilege show level 13 mode exec command memory
privilege show level 13 mode exec command chunkstat
privilege show level 13 mode exec command gc
privilege show level 13 mode exec command sip
privilege show level 13 mode exec command skinny
privilege show level 13 mode exec command h225
privilege show level 13 mode exec command h245
privilege show level 13 mode exec command h323
privilege show level 13 mode exec command ctiqbe
privilege show level 13 mode exec command pclu
privilege show level 13 mode exec command wsdebug
privilege show level 13 mode exec command chardrop
privilege show level 13 mode exec command tcpstat
privilege show level 13 mode exec command console-output
privilege show level 13 mode exec command counters
privilege show level 3 mode exec command cpu
privilege show level 13 mode exec command file
privilege show level 13 mode exec command local-host
privilege show level 13 mode exec command tech-support
privilege show level 13 mode exec command slip
privilege show level 13 mode exec command perfmon
privilege show level 13 mode exec command dispatch
privilege show level 13 mode exec command tcpstat
privilege show level 13 mode exec command nic
privilege show level 13 mode exec command xlate
privilege show level 13 mode exec command bootvar
privilege show level 13 mode exec command shun
privilege show level 13 mode exec command kernel
privilege show level 13 mode exec command traffic
privilege show level 13 mode exec command names
privilege show level 13 mode exec command name
privilege show level 13 mode exec command ddns
privilege show level 3 mode exec command interface
privilege show level 13 mode exec command idb
privilege show level 13 mode exec command nameif
privilege show level 13 mode exec command mrib
privilege show level 13 mode exec command mfib
privilege show level 13 mode exec command pim
privilege show level 13 mode exec command mroute
privilege show level 13 mode exec command igmp
privilege show level 13 mode exec command class
privilege show level 13 mode exec command time-range
privilege show level 13 mode exec command checkheaps
privilege show level 13 mode exec command banner
privilege show level 3 mode exec command clock
privilege show level 3 mode exec command dns-hosts
privilege show level 3 mode exec command access-list
privilege show level 13 mode exec command pager
privilege show level 3 mode exec command logging
privilege show level 3 mode exec command vlan
privilege show level 3 mode exec command ip
privilege show level 13 mode exec command ipv6
privilege show level 3 mode exec command failover
privilege show level 13 mode exec command monitor-interface
privilege show level 3 mode exec command asdm
privilege show level 3 mode exec command arp
privilege show level 13 mode exec command nat
privilege show level 13 mode exec command route-map
privilege show level 3 mode exec command route
privilege show level 3 mode exec command ospf
privilege show level 3 mode exec command aaa-server
privilege show level 13 mode exec command nac-policy
privilege show level 13 mode exec command url-server
privilege show level 13 mode exec command url-cache
privilege show level 3 mode exec command aaa
privilege show level 13 mode exec command rip
privilege show level 3 mode exec command eigrp
privilege show level 13 mode exec command snmp-server
privilege show level 13 mode exec command fragment
privilege show level 13 mode exec command sla
privilege show level 3 mode exec command crypto
privilege show level 13 mode exec command isakmp
privilege show level 13 mode exec command ipsec
privilege show level 13 mode exec command track
privilege show level 3 mode exec command vpn-sessiondb
privilege show level 3 mode exec command ssh
privilege show level 13 mode exec command vpdn
privilege show level 3 mode exec command dhcpd
privilege show level 13 mode exec command dhcprelay
privilege show level 3 mode exec command vpn
privilege show level 13 mode exec command priority-queue
privilege show level 13 mode exec command tls-proxy
privilege show level 13 mode exec command threat-detection
privilege show level 13 mode exec command csc
privilege show level 13 mode exec command url-block
privilege show level 13 mode exec command rpc-server
privilege show level 13 mode exec command sunrpc-server
privilege show level 13 mode exec command terminal
privilege show level 13 mode exec command mgcp
privilege show level 3 mode exec command blocks
privilege show level 3 mode exec command wccp
privilege show level 13 mode exec command ntp
privilege show level 13 mode exec command ctl-provider
privilege show level 3 mode exec command webvpn
privilege show level 13 mode exec command service-policy
privilege show level 13 mode exec command module
privilege show level 13 mode exec command auto-update
privilege show level 13 mode exec command processes
privilege show level 3 mode exec command uauth
privilege show level 3 mode exec command compression
privilege show level 13 mode exec command controller
privilege show level 13 mode exec command crashinfo
privilege show level 13 mode exec command nat
privilege show level 13 mode configure command terminal
privilege show level 13 mode configure command enable
privilege show level 13 mode configure command domain-name
privilege show level 13 mode configure command hostname
privilege show level 13 mode configure command fips
privilege show level 13 mode configure command multicast-routing
privilege show level 13 mode configure command names
privilege show level 13 mode configure command name
privilege show level 13 mode configure command dns-guard
privilege show level 13 mode configure command ddns
privilege show level 13 mode configure command mac-address
privilege show level 3 mode configure command interface
privilege show level 13 mode configure command nameif
privilege show level 13 mode configure command passwd
privilege show level 13 mode configure command password
privilege show level 13 mode configure command passwd
privilege show level 13 mode configure command password
privilege show level 13 mode configure command regex
privilege show level 13 mode configure command pim
privilege show level 13 mode configure command class
privilege show level 13 mode configure command time-range
privilege show level 13 mode configure command banner
privilege show level 13 mode configure command boot
privilege show level 13 mode configure command ftp
privilege show level 3 mode configure command clock
privilege show level 13 mode configure command fixup
privilege show level 13 mode configure command dns
privilege show level 13 mode configure command same-security-traffic
privilege show level 13 mode configure command object-group
privilege show level 3 mode configure command access-list
privilege show level 13 mode configure command snmp-map
privilege show level 13 mode configure command tcp-map
privilege show level 13 mode configure command pager
privilege show level 3 mode configure command logging
privilege show level 13 mode configure command mtu
privilege show level 3 mode configure command ip
privilege show level 13 mode configure command ipv6
privilege show level 3 mode configure command failover
privilege show level 13 mode configure command mroute
privilege show level 13 mode configure command monitor-interface
privilege show level 13 mode configure command icmp
privilege show level 13 mode configure command asdm
privilege show level 3 mode configure command arp
privilege show level 13 mode configure command nat-control
privilege show level 13 mode configure command global
privilege show level 13 mode configure command nat
privilege show level 13 mode configure command alias
privilege show level 13 mode configure command static
privilege show level 13 mode configure command access-group
privilege show level 13 mode configure command established
privilege show level 13 mode configure command route-map
privilege show level 13 mode configure command prefix-list
privilege show level 13 mode configure command router
privilege show level 3 mode configure command route
privilege show level 13 mode configure command timeout
privilege show level 13 mode configure command ldap
privilege show level 13 mode configure command dynamic-access-policy-record
privilege show level 3 mode configure command aaa-server
privilege show level 13 mode configure command eou
privilege show level 13 mode configure command nac-policy
privilege show level 13 mode configure command mac-list
privilege show level 13 mode configure command url-server
privilege show level 13 mode configure command url-cache
privilege show level 3 mode configure command aaa
privilege show level 13 mode configure command filter
privilege show level 13 mode configure command http
privilege show level 13 mode configure command snmp-server
privilege show level 13 mode configure command virtual
privilege show level 13 mode configure command fragment
privilege show level 13 mode configure command sysopt
privilege show level 13 mode configure command auth-prompt
privilege show level 13 mode configure command service
privilege show level 3 mode configure command crypto
privilege show level 13 mode configure command isakmp
privilege show level 13 mode configure command map
privilege show level 13 mode configure command dynamic-map
privilege show level 13 mode configure command ipsec
privilege show level 13 mode configure command group-delimiter
privilege show level 13 mode configure command client-update
privilege show level 13 mode configure command vpn-addr-assign
privilege show level 13 mode configure command vpn-sessiondb
privilege show level 13 mode configure command remote-access
privilege show level 13 mode configure command telnet
privilege show level 3 mode configure command ssh
privilege show level 13 mode configure command console
privilege show level 13 mode configure command management-access
privilege show level 13 mode configure command vpdn
privilege show level 13 mode configure command l2tp
privilege show level 13 mode configure command dhcp-client
privilege show level 13 mode configure command dhcpd
privilege show level 13 mode configure command dhcprelay
privilege show level 13 mode configure command vpn
privilege show level 13 mode configure command priority-queue
privilege show level 13 mode configure command tls-proxy
privilege show level 13 mode configure command url-block
privilege show level 13 mode configure command rpc-server
privilege show level 13 mode configure command sunrpc-server
privilege show level 13 mode configure command wccp
privilege show level 13 mode configure command ntp
privilege show level 13 mode configure command tftp-server
privilege show level 13 mode configure command ssl
privilege show level 13 mode configure command ctl-provider
privilege show level 13 mode configure command webvpn
privilege show level 13 mode configure command group-policy
privilege show level 13 mode configure command tunnel-group
privilege show level 13 mode configure command tunnel-group-map
privilege show level 13 mode configure command class-map
privilege show level 13 mode configure command policy-map
privilege show level 13 mode configure command service-policy
privilege show level 13 mode configure command smtps
privilege show level 13 mode configure command pop3s
privilege show level 13 mode configure command imap4s
privilege show level 13 mode configure command smtp-server
privilege show level 13 mode configure command mount
privilege show level 5 mode configure command privilege
privilege show level 13 mode configure command prompt
privilege show level 13 mode configure command auto-update
privilege show level 13 mode configure command floodguard
privilege show level 13 mode configure command compression
privilege show level 13 mode configure command zonelabs-integrity
privilege clear level 13 mode exec command startup-config
privilege clear level 13 mode exec command resource
privilege clear level 13 mode exec command asp
privilege clear level 13 mode exec command capture
privilege clear level 13 mode exec command memory
privilege clear level 13 mode exec command gc
privilege clear level 13 mode exec command pclu
privilege clear level 13 mode exec command wsdebug
privilege clear level 13 mode exec command chardrop
privilege clear level 13 mode exec command console-output
privilege clear level 13 mode exec command counters
privilege clear level 13 mode exec command local-host
privilege clear level 13 mode exec command pc
privilege clear level 13 mode exec command cpu
privilege clear level 13 mode exec command dispatch
privilege clear level 13 mode exec command xlate
privilege clear level 13 mode exec command shun
privilege clear level 13 mode exec command traffic
privilege clear level 13 mode exec command interface
privilege clear level 13 mode exec command mfib
privilege clear level 13 mode exec command pim
privilege clear level 13 mode exec command igmp
privilege clear level 3 mode exec command dns-hosts
privilege clear level 13 mode exec command access-list
privilege clear level 3 mode exec command logging
privilege clear level 13 mode exec command ip
privilege clear level 13 mode exec command ipv6
privilege clear level 13 mode exec command failover
privilege clear level 3 mode exec command arp
privilege clear level 13 mode exec command nat
privilege clear level 13 mode exec command route
privilege clear level 13 mode exec command ospf
privilege clear level 3 mode exec command aaa-server
privilege clear level 13 mode exec command nac-policy
privilege clear level 13 mode exec command url-server
privilege clear level 13 mode exec command url-cache
privilege clear level 13 mode exec command aaa
privilege clear level 13 mode exec command eigrp
privilege clear level 13 mode exec command snmp-server
privilege clear level 13 mode exec command fragment
privilege clear level 3 mode exec command crypto
privilege clear level 13 mode exec command isakmp
privilege clear level 13 mode exec command ipsec
privilege clear level 13 mode exec command vpn-sessiondb
privilege clear level 13 mode exec command dhcpd
privilege clear level 13 mode exec command dhcprelay
privilege clear level 13 mode exec command priority-queue
privilege clear level 13 mode exec command url-block
privilege clear level 13 mode exec command rpc-server
privilege clear level 13 mode exec command sunrpc-server
privilege clear level 13 mode exec command terminal
privilege clear level 13 mode exec command blocks
privilege clear level 13 mode exec command wccp
privilege clear level 13 mode exec command webvpn
privilege clear level 13 mode exec command service-policy
privilege clear level 13 mode exec command module
privilege clear level 13 mode exec command process
privilege clear level 13 mode exec command uauth
privilege clear level 13 mode exec command compression
privilege clear level 13 mode exec command crashinfo
privilege cmd level 13 mode configure command configure
privilege cmd level 13 mode configure command help
privilege cmd level 13 mode configure command command-alias
privilege cmd level 13 mode configure command mode
privilege cmd level 13 mode configure command firewall
privilege cmd level 13 mode configure command terminal
privilege cmd level 13 mode configure command hostname
privilege cmd level 13 mode configure command domain-name
privilege cmd level 13 mode configure command enable
privilege cmd level 13 mode configure command fips
privilege cmd level 13 mode configure command multicast-routing
privilege cmd level 13 mode configure command multicast-routing
privilege cmd level 13 mode configure command multicast
privilege cmd level 13 mode configure command names
privilege cmd level 13 mode configure command name
privilege cmd level 13 mode configure command dns-guard
privilege cmd level 13 mode configure command ddns
privilege cmd level 13 mode configure command interface
privilege cmd level 13 mode configure command nameif
privilege cmd level 13 mode configure command passwd
privilege cmd level 13 mode configure command password
privilege cmd level 13 mode configure command passwd
privilege cmd level 13 mode configure command password
privilege cmd level 13 mode configure command regex
privilege cmd level 13 mode configure command pim
privilege cmd level 13 mode configure command time-range
privilege cmd level 13 mode configure command checkheaps
privilege cmd level 13 mode configure command banner
privilege cmd level 13 mode configure command boot
privilege cmd level 13 mode configure command ftp
privilege cmd level 13 mode configure command clock
privilege cmd level 13 mode configure command fixup
privilege cmd level 13 mode configure command dns
privilege cmd level 13 mode configure command dns-group
privilege cmd level 13 mode configure command same-security-traffic
privilege cmd level 13 mode configure command object-group
privilege cmd level 13 mode configure command access-list
privilege cmd level 13 mode configure command ftp-map
privilege cmd level 13 mode configure command http-map
privilege cmd level 13 mode configure command gtp-map
privilege cmd level 13 mode configure command mgcp-map
privilege cmd level 13 mode configure command h225-map
privilege cmd level 13 mode configure command snmp-map
privilege cmd level 13 mode configure command snmp
privilege cmd level 13 mode configure command tcp-map
privilege cmd level 13 mode configure command pager
privilege cmd level 13 mode configure command logging
privilege cmd level 13 mode configure command mtu
privilege cmd level 13 mode configure command ip
privilege cmd level 13 mode configure command ipv6
privilege cmd level 3 mode configure command failover
privilege cmd level 13 mode configure command mroute
privilege cmd level 13 mode configure command mroute
privilege cmd level 13 mode configure command monitor-interface
privilege cmd level 13 mode configure command icmp
privilege cmd level 13 mode configure command asdm
privilege cmd level 13 mode configure command pdm
privilege cmd level 13 mode configure command arp
privilege cmd level 13 mode configure command nat-control
privilege cmd level 13 mode configure command global
privilege cmd level 13 mode configure command nat
privilege cmd level 13 mode configure command alias
privilege cmd level 13 mode configure command static
privilege cmd level 13 mode configure command access-group
privilege cmd level 13 mode configure command established
privilege cmd level 13 mode configure command route-map
privilege cmd level 13 mode configure command prefix-list
privilege cmd level 13 mode configure command routing
privilege cmd level 13 mode configure command router
privilege cmd level 13 mode configure command route
privilege cmd level 13 mode configure command timeout
privilege cmd level 13 mode configure command port-forward
privilege cmd level 13 mode configure command ldap
privilege cmd level 13 mode configure command dynamic-access-policy-record
privilege cmd level 13 mode configure command aaa-server
privilege cmd level 13 mode configure command eou
privilege cmd level 13 mode configure command nac-policy
privilege cmd level 13 mode configure command mac-list
privilege cmd level 13 mode configure command url-server
privilege cmd level 13 mode configure command url-cache
privilege cmd level 13 mode configure command aaa
privilege cmd level 13 mode configure command filter
privilege cmd level 13 mode configure command http
privilege cmd level 13 mode configure command rip
privilege cmd level 13 mode configure command snmp-server
privilege cmd level 13 mode configure command virtual
privilege cmd level 13 mode configure command fragment
privilege cmd level 13 mode configure command sysopt
privilege cmd level 13 mode configure command auth-prompt
privilege cmd level 13 mode configure command sla
privilege cmd level 13 mode configure command service
privilege cmd level 13 mode configure command crypto
privilege cmd level 13 mode configure command ca
privilege cmd level 13 mode configure command isakmp
privilege cmd level 13 mode configure command map
privilege cmd level 13 mode configure command dynamic-map
privilege cmd level 13 mode configure command ipsec
privilege cmd level 13 mode configure command vpnsetup
privilege cmd level 13 mode configure command group-delimiter
privilege cmd level 13 mode configure command track
privilege cmd level 13 mode configure command client-update
privilege cmd level 13 mode configure command vpn-addr-assign
privilege cmd level 13 mode configure command vpn-sessiondb
privilege cmd level 13 mode configure command remote-access
privilege cmd level 13 mode configure command telnet
privilege cmd level 13 mode configure command ssh
privilege cmd level 13 mode configure command console
privilege cmd level 13 mode configure command management-access
privilege cmd level 13 mode configure command vpdn
privilege cmd level 13 mode configure command l2tp
privilege cmd level 13 mode configure command dhcp-client
privilege cmd level 13 mode configure command dhcpd
privilege cmd level 13 mode configure command dhcprelay
privilege cmd level 13 mode configure command vpn
privilege cmd level 13 mode configure command priority-queue
privilege cmd level 13 mode configure command tls-proxy
privilege cmd level 13 mode configure command url-block
privilege cmd level 13 mode configure command rpc-server
privilege cmd level 13 mode configure command sunrpc-server
privilege cmd level 13 mode configure command wccp
privilege cmd level 13 mode configure command ntp
privilege cmd level 13 mode configure command tftp-server
privilege cmd level 13 mode configure command ssl
privilege cmd level 13 mode configure command ctl-provider
privilege cmd level 13 mode configure command webvpn
privilege cmd level 13 mode configure command group-policy
privilege cmd level 13 mode configure command tunnel-group
privilege cmd level 13 mode configure command tunnel-group-map
privilege cmd level 13 mode configure command class-map
privilege cmd level 13 mode configure command policy-map
privilege cmd level 13 mode configure command service-policy
privilege cmd level 13 mode configure command imap4s
privilege cmd level 13 mode configure command pop3s
privilege cmd level 13 mode configure command smtps
privilege cmd level 13 mode configure command smtp-server
privilege cmd level 13 mode configure command mount
privilege cmd level 13 mode configure command prompt
privilege cmd level 13 mode configure command conduit
privilege cmd level 13 mode configure command outbound
privilege cmd level 13 mode configure command apply
privilege cmd level 13 mode configure command auto-update
privilege cmd level 13 mode configure command setup
privilege cmd level 13 mode configure command config-register
privilege cmd level 13 mode configure command floodguard
privilege cmd level 13 mode configure command compression
privilege cmd level 13 mode configure command zonelabs-integrity
privilege cmd level 13 mode configure command crashinfo
privilege clear level 13 mode configure command vpnclient
privilege clear level 3 mode configure command logging
privilege clear level 13 mode configure command hostname
privilege clear level 13 mode configure command domain-name
privilege clear level 13 mode configure command firewall
privilege clear level 13 mode configure command terminal
privilege clear level 13 mode configure command fips
privilege clear level 13 mode configure command multicast-routing
privilege clear level 13 mode configure command names
privilege clear level 13 mode configure command name
privilege clear level 13 mode configure command dns-guard
privilege clear level 13 mode configure command ddns
privilege clear level 13 mode configure command mac-address
privilege clear level 13 mode configure command interface
privilege clear level 13 mode configure command passwd
privilege clear level 13 mode configure command passwd
privilege clear level 13 mode configure command pim
privilege clear level 13 mode configure command class
privilege clear level 13 mode configure command checkheaps
privilege clear level 13 mode configure command banner
privilege clear level 13 mode configure command boot
privilege clear level 13 mode configure command ftp
privilege clear level 13 mode configure command clock
privilege clear level 13 mode configure command dns
privilege clear level 13 mode configure command same-security-traffic
privilege clear level 13 mode configure command service-policy
privilege clear level 13 mode configure command policy-map
privilege clear level 13 mode configure command class-map
privilege clear level 13 mode configure command snmp-map
privilege clear level 13 mode configure command tcp-map
privilege clear level 13 mode configure command pager
privilege clear level 13 mode configure command mtu
privilege clear level 13 mode configure command ip
privilege clear level 13 mode configure command failover
privilege clear level 13 mode configure command mroute
privilege clear level 13 mode configure command monitor-interface
privilege clear level 13 mode configure command icmp
privilege clear level 13 mode configure command asdm
privilege clear level 3 mode configure command arp
privilege clear level 13 mode configure command nat-control
privilege clear level 13 mode configure command global
privilege clear level 13 mode configure command nat
privilege clear level 13 mode configure command alias
privilege clear level 13 mode configure command static
privilege clear level 13 mode configure command access-group
privilege clear level 13 mode configure command established
privilege clear level 13 mode configure command route-map
privilege clear level 13 mode configure command prefix-list
privilege clear level 13 mode configure command router
privilege clear level 13 mode configure command route
privilege clear level 13 mode configure command timeout
privilege clear level 13 mode configure command ldap
privilege clear level 13 mode configure command dynamic-access-policy-record
privilege clear level 13 mode configure command aaa
privilege clear level 13 mode configure command eou
privilege clear level 13 mode configure command nac-policy
privilege clear level 13 mode configure command mac-list
privilege clear level 13 mode configure command url-cache
privilege clear level 13 mode configure command filter
privilege clear level 13 mode configure command http
privilege clear level 13 mode configure command snmp-server
privilege clear level 13 mode configure command virtual
privilege clear level 13 mode configure command fragment
privilege clear level 13 mode configure command sysopt
privilege clear level 13 mode configure command auth-prompt
privilege clear level 13 mode configure command sla
privilege clear level 13 mode configure command service
privilege clear level 3 mode configure command crypto
privilege clear level 13 mode configure command isakmp
privilege clear level 13 mode configure command map
privilege clear level 13 mode configure command dynamic-map
privilege clear level 13 mode configure command ipsec
privilege clear level 13 mode configure command group-delimiter
privilege clear level 13 mode configure command track
privilege clear level 13 mode configure command client-update
privilege clear level 13 mode configure command vpn-addr-assign
privilege clear level 13 mode configure command vpn-sessiondb
privilege clear level 13 mode configure command remote-access
privilege clear level 13 mode configure command telnet
privilege clear level 13 mode configure command ssh
privilege clear level 13 mode configure command console
privilege clear level 13 mode configure command management-access
privilege clear level 13 mode configure command vpdn
privilege clear level 13 mode configure command l2tp
privilege clear level 13 mode configure command dhcp-client
privilege clear level 13 mode configure command dhcpd
privilege clear level 13 mode configure command dhcprelay
privilege clear level 13 mode configure command vpn
privilege clear level 3 mode configure command aaa-server
privilege clear level 13 mode configure command priority-queue
privilege clear level 13 mode configure command tls-proxy
privilege clear level 13 mode configure command threat-detection
privilege clear level 13 mode configure command url-block
privilege clear level 13 mode configure command url-server
privilege clear level 13 mode configure command rpc-server
privilege clear level 13 mode configure command sunrpc-server
privilege clear level 13 mode configure command group-policy
privilege clear level 13 mode configure command access-list
privilege clear level 13 mode configure command wccp
privilege clear level 13 mode configure command ipv6
privilege clear level 13 mode configure command object-group
privilege clear level 13 mode configure command time-range
privilege clear level 13 mode configure command fixup
privilege clear level 13 mode configure command ntp
privilege clear level 13 mode configure command tftp-server
privilege clear level 13 mode configure command ssl
privilege clear level 13 mode configure command ctl-provider
privilege clear level 13 mode configure command webvpn
privilege clear level 13 mode configure command tunnel-group
privilege clear level 13 mode configure command tunnel-group-map
privilege clear level 13 mode configure command smtps
privilege clear level 13 mode configure command pop3s
privilege clear level 13 mode configure command imap4s
privilege clear level 13 mode configure command smtp-server
privilege clear level 13 mode configure command mount
privilege clear level 13 mode configure command prompt
privilege clear level 13 mode configure command auto-update
privilege clear level 13 mode configure command regex
privilege clear level 13 mode configure command floodguard
privilege clear level 13 mode configure command compression
privilege clear level 13 mode configure command zonelabs-integrity
privilege cmd level 13 mode interface command pppoe
privilege cmd level 13 mode interface command help
privilege cmd level 13 mode interface command member-interface
privilege cmd level 13 mode interface command description
privilege cmd level 13 mode interface command mac-address
privilege cmd level 13 mode interface command media-type
privilege cmd level 13 mode interface command speed
privilege cmd level 13 mode interface command duplex
privilege cmd level 13 mode interface command shutdown
privilege cmd level 13 mode interface command vlan
privilege cmd level 13 mode interface command nameif
privilege cmd level 13 mode interface command security-level
privilege cmd level 13 mode interface command ip
privilege cmd level 13 mode interface command dhcp
privilege cmd level 13 mode interface command ddns
privilege cmd level 13 mode interface command asr-group
privilege cmd level 13 mode interface command ospf
privilege cmd level 13 mode interface command rip
privilege cmd level 13 mode interface command hello-interval
privilege cmd level 13 mode interface command hold-time
privilege cmd level 13 mode interface command authentication
privilege cmd level 13 mode interface command summary-address
privilege cmd level 13 mode interface command split-horizon
privilege cmd level 13 mode interface command management-only
privilege cmd level 13 mode interface command multicast
privilege cmd level 13 mode interface command mfib
privilege cmd level 13 mode interface command pim
privilege cmd level 13 mode interface command igmp
privilege cmd level 13 mode interface command ipv6
privilege cmd level 13 mode subinterface command pppoe
privilege cmd level 13 mode subinterface command help
privilege cmd level 13 mode subinterface command member-interface
privilege cmd level 13 mode subinterface command description
privilege cmd level 13 mode subinterface command mac-address
privilege cmd level 13 mode subinterface command media-type
privilege cmd level 13 mode subinterface command speed
privilege cmd level 13 mode subinterface command duplex
privilege cmd level 13 mode subinterface command shutdown
privilege cmd level 13 mode subinterface command vlan
privilege cmd level 13 mode subinterface command nameif
privilege cmd level 13 mode subinterface command security-level
privilege cmd level 13 mode subinterface command ip
privilege cmd level 13 mode subinterface command dhcp
privilege cmd level 13 mode subinterface command ddns
privilege cmd level 13 mode subinterface command asr-group
privilege cmd level 13 mode subinterface command ospf
privilege cmd level 13 mode subinterface command rip
privilege cmd level 13 mode subinterface command hello-interval
privilege cmd level 13 mode subinterface command hold-time
privilege cmd level 13 mode subinterface command authentication
privilege cmd level 13 mode subinterface command summary-address
privilege cmd level 13 mode subinterface command split-horizon
privilege cmd level 13 mode subinterface command management-only
privilege cmd level 13 mode subinterface command multicast
privilege cmd level 13 mode subinterface command mfib
privilege cmd level 13 mode subinterface command pim
privilege cmd level 13 mode subinterface command igmp
privilege cmd level 13 mode subinterface command ipv6
privilege cmd level 13 mode class command no
privilege cmd level 13 mode class command limit-resource
privilege cmd level 13 mode trange command help
privilege cmd level 13 mode trange command no
privilege cmd level 13 mode trange command absolute
privilege cmd level 13 mode trange command periodic
privilege cmd level 13 mode protocol-object-group command help
privilege cmd level 13 mode protocol-object-group command no
privilege cmd level 13 mode protocol-object-group command protocol-object
privilege cmd level 13 mode protocol-object-group command group-object
privilege cmd level 13 mode protocol-object-group command description
privilege cmd level 13 mode network-object-group command help
privilege cmd level 13 mode network-object-group command no
privilege cmd level 13 mode network-object-group command network-object
privilege cmd level 13 mode network-object-group command group-object
privilege cmd level 13 mode network-object-group command description
privilege cmd level 13 mode service-object-group command help
privilege cmd level 13 mode service-object-group command no
privilege cmd level 13 mode service-object-group command port-object
privilege cmd level 13 mode service-object-group command group-object
privilege cmd level 13 mode service-object-group command description
privilege cmd level 13 mode dual-service-object-group command group-object
privilege cmd level 13 mode dual-service-object-group command description
privilege cmd level 13 mode icmp-object-group command help
privilege cmd level 13 mode icmp-object-group command no
privilege cmd level 13 mode icmp-object-group command icmp-object
privilege cmd level 13 mode icmp-object-group command group-object
privilege cmd level 13 mode icmp-object-group command description
privilege cmd level 13 mode ftp-map command no
privilege cmd level 13 mode ftp-map command request-command
privilege cmd level 13 mode ftp-map command mask-syst-reply
privilege cmd level 13 mode http-map command no
privilege cmd level 13 mode http-map command strict-http
privilege cmd level 13 mode http-map command transfer-encoding
privilege cmd level 13 mode http-map command content-length
privilege cmd level 13 mode http-map command content-type-verification
privilege cmd level 13 mode http-map command max-header-length
privilege cmd level 13 mode http-map command max-uri-length
privilege cmd level 13 mode http-map command port-misuse
privilege cmd level 13 mode http-map command request-method
privilege cmd level 13 mode gtpmap command help
privilege cmd level 13 mode gtpmap command description
privilege cmd level 13 mode gtpmap command drop
privilege cmd level 13 mode gtpmap command mcc
privilege cmd level 13 mode gtpmap command message-length
privilege cmd level 13 mode gtpmap command permit
privilege cmd level 13 mode gtpmap command tunnel-limit
privilege cmd level 13 mode gtpmap command request-queue
privilege cmd level 13 mode gtpmap command timeout
privilege cmd level 13 mode mgcp-map command help
privilege cmd level 13 mode h225-map command help
privilege cmd level 13 mode h225-map command no
privilege cmd level 13 mode hsi-group command help
privilege cmd level 13 mode hsi-group command no
privilege cmd level 13 mode snmp-map command help
privilege cmd level 13 mode snmp-map command no
privilege cmd level 13 mode tcp-map command no
privilege cmd level 13 mode tcp-map command default
privilege cmd level 13 mode tcp-map command check-retransmission
privilege cmd level 13 mode tcp-map command checksum-verification
privilege cmd level 13 mode tcp-map command exceed-mss
privilege cmd level 13 mode tcp-map command reserved-bits
privilege cmd level 13 mode tcp-map command syn-data
privilege cmd level 13 mode tcp-map command ttl-evasion-protection
privilege cmd level 13 mode tcp-map command urgent-flag
privilege cmd level 13 mode tcp-map command window-variation
privilege cmd level 13 mode tcp-map command tcp-options
privilege cmd level 13 mode tcp-map command queue-limit
privilege cmd level 13 mode fover-group command help
privilege cmd level 13 mode fover-group command primary
privilege cmd level 13 mode fover-group command secondary
privilege cmd level 13 mode fover-group command replication
privilege cmd level 13 mode fover-group command mac
privilege cmd level 13 mode fover-group command preempt
privilege cmd level 13 mode fover-group command interface-policy
privilege cmd level 13 mode fover-group command polltime
privilege cmd level 13 mode route-map command no
privilege cmd level 13 mode route-map command help
privilege cmd level 13 mode route-map command match
privilege cmd level 13 mode route-map command set
privilege cmd level 13 mode routing command ospf
privilege cmd level 13 mode router command no
privilege cmd level 13 mode router command area
privilege cmd level 13 mode router command router-id
privilege cmd level 13 mode router command routerid
privilege cmd level 13 mode router command compatible
privilege cmd level 13 mode router command ignore
privilege cmd level 13 mode router command log-adj-changes
privilege cmd level 13 mode router command network
privilege cmd level 13 mode router command eigrp
privilege cmd level 13 mode router command auto-summary
privilege cmd level 13 mode router command default-information
privilege cmd level 13 mode router command default-metric
privilege cmd level 13 mode router command distance
privilege cmd level 13 mode router command distribute-list
privilege cmd level 13 mode router command neighbor
privilege cmd level 13 mode router command passive-interface
privilege cmd level 13 mode router command redistribute
privilege cmd level 13 mode router command help
privilege cmd level 13 mode router command auto-summary
privilege cmd level 13 mode router command distribute-list
privilege cmd level 13 mode router command passive-interface
privilege cmd level 13 mode router command help
privilege cmd level 13 mode router command distance
privilege cmd level 13 mode router command default-information
privilege cmd level 13 mode router command neighbor
privilege cmd level 13 mode router command network
privilege cmd level 13 mode router command redistribute
privilege cmd level 13 mode router command summary-address
privilege cmd level 13 mode router command timers
privilege cmd level 13 mode aaa-server-host command help
privilege cmd level 13 mode aaa-server-host command no
privilege cmd level 13 mode aaa-server-host command start-url
privilege cmd level 13 mode aaa-server-host command action-uri
privilege cmd level 13 mode aaa-server-host command user-parameter
privilege cmd level 13 mode aaa-server-host command password-parameter
privilege cmd level 13 mode aaa-
 
Sort by date Sort by votes
Hi
Anyone have any ideas here?
Thanks
 
Upvote 0 Downvote
config t
!
policy-map global_policy
!
no inspect ftp
!
policy-map asa_global_fw_policy
!
no inspect ftp
!
end

This will most likely resolve your problem.

"I can picture a world without war. A world without hate. A world without fear. And I can picture us attacking that world, because they'd never expect it."
- Jack Handey, Deep Thoughts
 
Upvote 0 Downvote
Oh and by the way, invest in Cisco ACS. Then you can show your configuration some love. You don't need all the privledge commands with a properly configured ACS Server.

"I can picture a world without war. A world without hate. A world without fear. And I can picture us attacking that world, because they'd never expect it."
- Jack Handey, Deep Thoughts
 
Upvote 0 Downvote
Thanks Ipkonfig
I will give this a try when in the office in the next couple of days
Thanks
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ChrisFairley
  • Locked
  • Question
Downloads failing through ASA 5520
Replies
1
Views
81
iggsterman
iggsterman
AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
195
AllenH12
AllenH12
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
266
intel233
intel233
gkreg
  • Locked
  • Question
asa 5500-x url filtering
Replies
0
Views
176
gkreg
gkreg
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
296
intel233
intel233

Part and Inventory Search

Sponsor

Back
Top