shayneg
asked on
Cisco port forward rule
Hi, we have a Cisco 1921 which I manage through Cisco Configuration Professional.
I haven't done much with Cisco for years now and things have changed since I last had to configure one :(
I'm trying to create a simple rule for an internal web server which needs port 8808 on our WAN side to be directed to an internal server on port 8808.
I have created a port to application mapping but when I go into firewall I'm not sure what to do next.
We have the following zones:
1) sdm-permit-ip (ezvpn-zone to out-zone, out-zone to ezvpn-zone, ezvpn-zone to ezvpn-zone)
2) ccp-permit-icmpreply (self to out-zone)
3) ccp-policy-ccp-cls--1 (out-zone to in-zone)
4) ccp-inspect (in-zone to out-zone)
5) ccp-permit (out-zone to self)
I've tried adding a rule to zone 3 and 4 with my logic being in/out and out/in however it doesn't work.
I can get to the webpage internally on http://192.168.0.2:8808?
I'm sure this is simple for those who know Cisco :)
I haven't done much with Cisco for years now and things have changed since I last had to configure one :(
I'm trying to create a simple rule for an internal web server which needs port 8808 on our WAN side to be directed to an internal server on port 8808.
I have created a port to application mapping but when I go into firewall I'm not sure what to do next.
We have the following zones:
1) sdm-permit-ip (ezvpn-zone to out-zone, out-zone to ezvpn-zone, ezvpn-zone to ezvpn-zone)
2) ccp-permit-icmpreply (self to out-zone)
3) ccp-policy-ccp-cls--1 (out-zone to in-zone)
4) ccp-inspect (in-zone to out-zone)
5) ccp-permit (out-zone to self)
I've tried adding a rule to zone 3 and 4 with my logic being in/out and out/in however it doesn't work.
I can get to the webpage internally on http://192.168.0.2:8808?
I'm sure this is simple for those who know Cisco :)
Are you performing NAT as well? The address 192.168.0.2 would not be routable from an outside interface.
ASKER
Yes I NAT translation is in place. Does it help if I get the running config up here?
ASKER
Here is our config: Ideally I would like to add the rules through CCP as it will make it easier for me in the future.
I have edited the WAN ip's and replaced them with fictitious ones and blanked out passwords
Building configuration...
I have edited the WAN ip's and replaced them with fictitious ones and blanked out passwords
Building configuration...
Current configuration : 63316 bytes
!
! Last configuration change at 09:29:43 UTC Fri Jul 18 2014
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname c1921
!
boot-start-marker
boot system flash c1900-universalk9-mz.SPA.151-4.M.bin
boot config usbflash0:jungood
boot-end-marker
!
!
logging buffered 52000
enable secret 5 *******
enable password *******
!
aaa new-model
!
!
aaa group server radius sdm-vpn-server-group-1
server 128.66.2.170
!
aaa authentication login default local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authentication login ciscocp_vpn_xauth_ml_2 group sdm-vpn-server-group-1 local
aaa authentication login ciscocp_vpn_xauth_ml_3 local
aaa authorization exec default local
aaa authorization network ciscocp_vpn_group_ml_1 local
aaa authorization network ciscocp_vpn_group_ml_2 group sdm-vpn-server-group-1 local
aaa authorization network ciscocp_vpn_group_ml_3 local
!
!
!
!
!
aaa session-id common
!
!
no ipv6 cef
ip source-route
ip cef
!
!
!
ip multicast-routing
ip dhcp excluded-address 128.66.0.1 128.66.9.255
ip dhcp excluded-address 128.66.15.255 128.66.255.254
!
ip dhcp pool TMLan
import all
network 128.66.0.0 255.255.0.0
update dns both
domain-name mydomain.co.uk
dns-server 128.66.2.10 128.66.2.11
default-router 128.66.1.1
netbios-name-server 128.66.2.10 128.66.2.11
lease 8
!
!
ip domain name mydomain.co.uk
ip name-server 128.66.2.11
ip name-server 8.8.8.8
ip port-map user-ctcp-ezvpnsvr port tcp 10000
ip ddns update method sdm_ddns1
DDNS both
!
!
multilink bundle-name authenticated
!
!
energywise domain mydomain.co.uk security shared-secret 7 ******* protocol udp port 43440 interface GigabitEthernet0/0
energywise management security shared-secret 0 *******
no energywise allow query set
!
key chain key1
key 1
key-string border1
key chain PfR_DM
key 1
key-string PfR_DM
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-597298012
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-597298012
revocation-check none
rsakeypair TP-self-signed-597298012
!
!
crypto pki certificate chain TP-self-signed-597298012
certificate self-signed 01
3082024B 308201B4 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
quit
license udi pid CISCO1921/K9 sn *******
!
!
archive
path scp://cisco:ocsic@128.66.2.24//backups/cisco/1921/h$
write-memory
time-period 1440
object-group network WAN1-Servers
range 128.66.2.1 128.66.2.21
!
object-group network WAN2-Only
description Applications that don't like DualWAN
host *******
host *******
host *******
host *******
host *******
range ******* *******4
range ******* *******
!
username root privilege 15 secret 5 $*******
!
redundancy
!
!
!
!
!
track 1 ip route 0.0.0.0 0.0.0.0 reachability
!
class-map type inspect match-any SDM_BOOTPC
match access-group name SDM_BOOTPC
class-map type inspect match-all sdm-cls-VPNOutsideToInside-1
match access-group 114
class-map type inspect match-any SDM_HTTPS
match access-group name SDM_HTTPS
class-map type inspect match-any SDM_SSH
match access-group name SDM_SSH
class-map type inspect match-any SDM_SHELL
match access-group name SDM_SHELL
class-map type inspect match-any sdm-cls-access
match class-map SDM_HTTPS
match class-map SDM_SSH
match class-map SDM_SHELL
class-map type inspect match-all sdm-cls-VPNOutsideToInside-3
match access-group 118
class-map type inspect match-all sdm-cls-VPNOutsideToInside-2
match access-group 116
class-map type inspect match-all sdm-cls-VPNOutsideToInside-5
match access-group 122
class-map type inspect match-all sdm-cls-VPNOutsideToInside-4
match access-group 120
class-map type inspect match-all sdm-cls-VPNOutsideToInside-7
match access-group 124
class-map type inspect match-any SDM_DHCP_CLIENT_PT
match class-map SDM_BOOTPC
class-map type inspect match-all sdm-cls-VPNOutsideToInside-6
match access-group 123
class-map type inspect match-all sdm-cls-VPNOutsideToInside-9
match access-group 127
class-map type inspect match-all sdm-cls-VPNOutsideToInside-8
match access-group 126
class-map type inspect match-any SDM_AH
match access-group name SDM_AH
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-all ccp-cls--1
match access-group name All
class-map type inspect match-any sdm-cls-bootps
match protocol bootps
class-map type inspect match-any SDM_ESP
match access-group name SDM_ESP
class-map type inspect match-any SDM_VPN_TRAFFIC
match protocol isakmp
match protocol ipsec-msft
match class-map SDM_AH
match class-map SDM_ESP
class-map type inspect match-all SDM_VPN_PT
match access-group 113
match class-map SDM_VPN_TRAFFIC
class-map type inspect match-any ccp-cls-insp-traffic
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-any SDM_IP
match access-group name SDM_IP
class-map type inspect match-any SDM_EASY_VPN_SERVER_TRAFFIC
match protocol isakmp
match protocol ipsec-msft
match class-map SDM_AH
match class-map SDM_ESP
class-map type inspect match-all SDM_EASY_VPN_SERVER_PT
match class-map SDM_EASY_VPN_SERVER_TRAFFIC
class-map type inspect match-all SDM_VPN_PT0
match access-group 141
match class-map SDM_VPN_TRAFFIC
class-map type inspect match-all SDM_VPN_PT1
match access-group 147
match class-map SDM_VPN_TRAFFIC
class-map type inspect match-any Mail
match protocol http
match protocol https
match protocol imap
match protocol imap3
match protocol imaps
match protocol lotusmtap
match protocol lotusnote
match protocol pop3
match protocol pop3s
match protocol smtp
match protocol tcp
match protocol udp
match protocol ssh
match protocol ntp
match protocol icmp
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-all sdm-cls-VPNOutsideToInside-10
match access-group 128
class-map type inspect match-all sdm-cls-VPNOutsideToInside-23
match access-group 149
class-map type inspect match-all sdm-cls-VPNOutsideToInside-32
match access-group 161
class-map type inspect match-all sdm-cls-VPNOutsideToInside-11
match access-group 130
class-map type inspect match-all sdm-cls-VPNOutsideToInside-22
match access-group 148
class-map type inspect match-all sdm-cls-VPNOutsideToInside-33
match access-group 162
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-all sdm-cls-VPNOutsideToInside-12
match access-group 131
class-map type inspect match-all sdm-cls-VPNOutsideToInside-21
match access-group 145
class-map type inspect match-all sdm-cls-VPNOutsideToInside-30
match access-group 159
class-map type inspect match-all sdm-cls-VPNOutsideToInside-13
match access-group 133
class-map type inspect match-all sdm-cls-VPNOutsideToInside-20
match access-group 144
class-map type inspect match-all sdm-cls-VPNOutsideToInside-31
match access-group 160
class-map type inspect match-all sdm-cls-VPNOutsideToInside-14
match access-group 134
class-map type inspect match-all sdm-cls-VPNOutsideToInside-27
match access-group 155
class-map type inspect match-all sdm-cls-VPNOutsideToInside-15
match access-group 135
class-map type inspect match-all sdm-cls-VPNOutsideToInside-26
match access-group 154
class-map type inspect match-all sdm-cls-VPNOutsideToInside-16
match access-group 137
class-map type inspect match-all sdm-cls-VPNOutsideToInside-25
match access-group 152
class-map type inspect match-all sdm-cls-VPNOutsideToInside-17
match access-group 138
class-map type inspect match-all sdm-cls-VPNOutsideToInside-24
match access-group 150
class-map type inspect match-all sdm-cls-VPNOutsideToInside-18
match access-group 142
class-map type inspect match-all sdm-cls-VPNOutsideToInside-19
match access-group 143
class-map type inspect match-all sdm-cls-VPNOutsideToInside-29
match access-group 157
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-all sdm-cls-VPNOutsideToInside-28
match access-group 156
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect match-all sdm-access
match class-map sdm-cls-access
match access-group 101
class-map type inspect match-all SDM_GRE
match access-group name SDM_GRE
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect match-all ccp-invalid-src
match access-group 108
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
class-map type inspect match-all ccp-cls-sdm-permit-ip-1
match class-map Mail
match access-group name Mail
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect match-all outsidemail
match access-group name outside_mail_in
match protocol tcp
class-map type inspect match-all ccp-protocol-http
match protocol http
!
!
policy-map type inspect ccp-permit-icmpreply
class type inspect sdm-cls-bootps
pass
class type inspect ccp-icmp-access
inspect
class class-default
pass
policy-map type inspect ccp-inspect
class type inspect ccp-cls-sdm-permit-ip-1
inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class type inspect ccp-sip-inspect
inspect
class type inspect ccp-h323-inspect
inspect
class type inspect ccp-h323annexe-inspect
inspect
class type inspect ccp-h225ras-inspect
inspect
class type inspect ccp-h323nxg-inspect
inspect
class type inspect ccp-skinny-inspect
inspect
class class-default
drop
policy-map type inspect ccp-permit
class type inspect SDM_VPN_PT1
pass
class type inspect SDM_EASY_VPN_SERVER_PT
pass
class type inspect SDM_DHCP_CLIENT_PT
pass
class class-default
drop
policy-map type inspect ccp-policy-ccp-cls--1
class type inspect ccp-cls-sdm-permit-ip-1
inspect
class type inspect ccp-cls--1
inspect
class type inspect sdm-cls-VPNOutsideToInside-1
inspect
class type inspect sdm-cls-VPNOutsideToInside-2
inspect
class type inspect sdm-cls-VPNOutsideToInside-3
inspect
class type inspect sdm-cls-VPNOutsideToInside-4
inspect
class type inspect sdm-cls-VPNOutsideToInside-5
inspect
class type inspect sdm-cls-VPNOutsideToInside-6
pass
class type inspect sdm-cls-VPNOutsideToInside-7
pass
class type inspect sdm-cls-VPNOutsideToInside-8
inspect
class type inspect sdm-cls-VPNOutsideToInside-9
pass
class type inspect sdm-cls-VPNOutsideToInside-10
pass
class type inspect sdm-cls-VPNOutsideToInside-11
inspect
class type inspect sdm-cls-VPNOutsideToInside-12
pass
class type inspect sdm-cls-VPNOutsideToInside-13
inspect
class type inspect sdm-cls-VPNOutsideToInside-14
pass
class type inspect sdm-cls-VPNOutsideToInside-15
pass
class type inspect sdm-cls-VPNOutsideToInside-16
inspect
class type inspect sdm-cls-VPNOutsideToInside-17
pass
class type inspect sdm-cls-VPNOutsideToInside-18
inspect
class type inspect sdm-cls-VPNOutsideToInside-19
pass
class type inspect sdm-cls-VPNOutsideToInside-20
pass
class type inspect sdm-cls-VPNOutsideToInside-21
pass
class type inspect sdm-cls-VPNOutsideToInside-22
pass
class type inspect sdm-cls-VPNOutsideToInside-23
pass
class type inspect sdm-cls-VPNOutsideToInside-24
pass
class type inspect sdm-cls-VPNOutsideToInside-25
pass
class type inspect sdm-cls-VPNOutsideToInside-26
inspect
class type inspect sdm-cls-VPNOutsideToInside-27
pass
class type inspect sdm-cls-VPNOutsideToInside-28
pass
class type inspect sdm-cls-VPNOutsideToInside-29
pass
class type inspect sdm-cls-VPNOutsideToInside-30
inspect
class type inspect sdm-cls-VPNOutsideToInside-31
pass
class type inspect sdm-cls-VPNOutsideToInside-32
pass
class type inspect sdm-cls-VPNOutsideToInside-33
pass
class class-default
drop
policy-map type inspect myinspectpolicy
class type inspect outsidemail
inspect
policy-map type inspect sdm-permit-ip
class type inspect SDM_IP
pass
class type inspect sdm-cls-VPNOutsideToInside-18
inspect
class type inspect sdm-cls-VPNOutsideToInside-19
pass
class type inspect sdm-cls-VPNOutsideToInside-20
pass
class type inspect sdm-cls-VPNOutsideToInside-21
pass
class type inspect sdm-cls-VPNOutsideToInside-22
pass
class type inspect sdm-cls-VPNOutsideToInside-23
pass
class type inspect sdm-cls-VPNOutsideToInside-24
pass
class type inspect sdm-cls-VPNOutsideToInside-25
pass
class type inspect sdm-cls-VPNOutsideToInside-26
inspect
class type inspect sdm-cls-VPNOutsideToInside-27
pass
class type inspect sdm-cls-VPNOutsideToInside-28
pass
class type inspect sdm-cls-VPNOutsideToInside-29
pass
class type inspect sdm-cls-VPNOutsideToInside-30
inspect
class type inspect sdm-cls-VPNOutsideToInside-31
pass
class type inspect sdm-cls-VPNOutsideToInside-32
pass
class type inspect sdm-cls-VPNOutsideToInside-33
pass
class class-default
drop log
!
zone security ezvpn-zone
zone security out-zone
zone security in-zone
zone-pair security sdm-zp-in-ezvpn1 source in-zone destination ezvpn-zone
service-policy type inspect sdm-permit-ip
zone-pair security sdm-zp-out-ezpn1 source out-zone destination ezvpn-zone
service-policy type inspect sdm-permit-ip
zone-pair security sdm-zp-ezvpn-out1 source ezvpn-zone destination out-zone
service-policy type inspect sdm-permit-ip
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security sdm-zp-ezvpn-in1 source ezvpn-zone destination in-zone
service-policy type inspect sdm-permit-ip
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security sdm-zp-out-zone-in-zone source out-zone destination in-zone
service-policy type inspect ccp-policy-ccp-cls--1
zone-pair security sdm-zp-ezvpn-in2 source ezvpn-zone destination ezvpn-zone
service-policy type inspect sdm-permit-ip
!
crypto ctcp port 10000
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 2
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 10
authentication pre-share
crypto isakmp key 33747464552386 address *******
crypto isakmp invalid-spi-recovery
!
crypto isakmp client configuration group *******
key *******
dns 128.66.2.10
domain mydomain.co.uk
pool SDM_POOL_1
acl 146
include-local-lan
split-dns mydomain.co.uk
max-users 50
netmask 255.255.0.0
crypto isakmp profile ciscocp-ike-profile-2
match identity group *******
client authentication list ciscocp_vpn_xauth_ml_3
isakmp authorization list ciscocp_vpn_group_ml_3
client configuration address respond
virtual-template 2
!
crypto ipsec security-association lifetime seconds 86400
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA16 esp-3des esp-sha-hmac
mode transport
!
crypto ipsec profile CiscoCP_Profile2
set security-association lifetime seconds 3600
set security-association idle-time 7200
set transform-set ESP-3DES-SHA
set isakmp-profile ciscocp-ike-profile-2
!
crypto map SDM_CMAP_1 3 ipsec-isakmp
description Tunnel to*******
set peer *******
set transform-set ESP-3DES-SHA
match address 117
!
bridge irb
!
!
!
!
interface Loopback100
description $FW_INSIDE$
ip address 11.255.1.1 255.255.255.255
zone-member security in-zone
!
interface Tunnel0
ip address 172.16.32.2 255.255.255.0
ip mtu 1400
zone-member security in-zone
tunnel source *******
tunnel mode ipsec ipv4
tunnel destination *******
tunnel protection ipsec profile *******
!
interface Tunnel1
no ip address
tunnel destination *******
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $ETH-LAN$$FW_INSIDE$
bandwidth 10000000
ip address 128.66.1.1 255.255.0.0
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
ip policy route-map SDM_RMAP_2
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
description $FW_OUTSIDE$$ETH-WAN$
bandwidth 10000
ip address 144.112.247.22 255.255.255.240 secondary
ip address 144.112.247.18 255.255.255.240
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
duplex auto
speed auto
crypto map SDM_CMAP_1
!
interface ATM0/1/0
mac-address ******
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip virtual-reassembly in
no atm ilmi-keepalive
!
interface ATM0/1/0.1 point-to-point
description $FW_OUTSIDE$
ip address 87.24.55.78 255.255.255.248
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
atm route-bridged ip
pvc 0/101
oam-pvc manage
encapsulation aal5snap
protocol ip inarp
!
!
interface Virtual-Template2 type tunnel
ip unnumbered Loopback100
zone-member security ezvpn-zone
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile2
!
interface BVI1
description $FW_INSIDE$
no ip address
zone-member security in-zone
shutdown
!
ip local pool SDM_POOL_1 128.66.22.1 128.66.22.254
ip forward-protocol nd
!
no ip http server
ip http secure-server
ip flow-export destination 128.66.10.24 2055
ip flow-top-talkers
top 50
sort-by bytes
!
ip nat pool limeLan 144.112.247.18 144.112.247.30 netmask 255.255.255.240
ip nat inside source route-map MWLink interface GigabitEthernet0/1 overload
ip nat inside source route-map SDM_RMAP_1 interface ATM0/1/0.1 overload
ip nat inside source route-map SDM_RMAP_2 interface GigabitEthernet0/1 overload
ip nat inside source static tcp 128.66.2.30 3389 144.112.247.18 3389 extendable
ip nat inside source static tcp 128.66.2.38 5900 144.112.247.18 5900 extendable
ip nat inside source static 128.66.1.230 144.112.247.22
ip nat inside source static tcp 128.66.1.247 1038 144.112.247.23 1038 extendable
ip nat inside source static tcp 128.66.1.247 5060 144.112.247.23 5060 extendable
ip nat inside source static tcp 128.66.2.38 20 144.112.247.24 20 extendable
ip nat inside source static tcp 128.66.2.38 21 144.112.247.24 21 extendable
ip nat inside source static tcp 128.66.2.38 3389 144.112.247.24 3389 extendable
ip nat inside source static tcp 128.66.2.20 22 144.112.247.26 22 extendable
ip nat inside source static tcp 128.66.17.15 3389 144.112.247.29 3389 extendable
ip nat inside source static tcp 128.66.1.230 25 144.112.247.30 25 extendable
ip nat inside source static tcp 128.66.2.15 3389 144.112.247.30 3389 extendable
ip route 0.0.0.0 0.0.0.0 144.112.247.17 permanent
ip route 10.0.0.0 255.0.0.0 128.66.1.251 permanent
ip route 128.66.0.0 255.255.0.0 GigabitEthernet0/0 permanent
ip route 192.168.7.0 255.255.255.0 Tunnel0
ip route 192.168.14.0 255.255.255.0 128.66.1.251
ip route 192.168.40.0 255.255.255.0 128.66.1.251 permanent
!
ip access-list extended All
remark CCP_ACL Category=128
permit ip any any
ip access-list extended Mail
remark CCP_ACL Category=128
permit ip any host 144.112.247.19
permit ip any host 128.66.2.5
permit ip any host 144.112.247.20
ip access-list extended SDM_AH
remark CCP_ACL Category=1
permit ahp any any
ip access-list extended SDM_BOOTPC
remark CCP_ACL Category=0
permit udp any any eq bootpc
ip access-list extended SDM_ESP
remark CCP_ACL Category=1
permit esp any any
ip access-list extended SDM_GRE
remark CCP_ACL Category=1
permit gre any any
ip access-list extended SDM_HTTPS
remark CCP_ACL Category=1
permit tcp any any eq 443
ip access-list extended SDM_IP
remark CCP_ACL Category=1
permit ip any any
ip access-list extended SDM_SHELL
remark CCP_ACL Category=1
permit tcp any any eq cmd
ip access-list extended SDM_SSH
remark CCP_ACL Category=1
permit tcp any any eq 22
ip access-list extended outside_mail_in
permit tcp any host 128.66.2.5
!
ip sla ethernet-monitor 1
type echo domain google.co.uk vlan 1
access-list 1 remark INSIDE_IF=GigabitEthernet0/0
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 128.66.0.0 0.0.255.255
access-list 2 remark CCP_ACL Category=2
access-list 2 permit 128.66.10.0 0.0.0.255
access-list 2 permit 128.66.11.0 0.0.0.255
access-list 2 permit 128.66.12.0 0.0.0.255
access-list 2 permit 128.66.13.0 0.0.0.255
access-list 2 permit 128.66.14.0 0.0.0.255
access-list 2 permit 128.66.15.0 0.0.0.255
access-list 2 permit 128.66.16.0 0.0.0.255
access-list 2 permit 128.66.17.0 0.0.0.255
access-list 2 permit 128.66.18.0 0.0.0.255
access-list 2 permit 128.66.19.0 0.0.0.255
access-list 2 permit 128.66.20.0 0.0.0.255
access-list 2 permit 128.66.5.0 0.0.0.255
access-list 2 permit 128.66.1.0 0.0.0.255
access-list 3 remark CCP_ACL Category=2
access-list 3 permit 128.66.2.0 0.0.0.255
access-list 100 remark CCP_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 128.66.0.0 0.0.255.255 192.168.7.0 0.0.0.255
access-list 101 remark CCP_ACL Category=128
access-list 101 permit ip any any
access-list 102 remark CCP_ACL Category=4
access-list 102 permit ip 128.66.0.0 0.0.255.255 any
access-list 103 remark CCP_ACL Category=2
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.21.0 0.0.0.255
access-list 103 deny ip 192.168.21.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.7.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.4.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.6.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.207.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.14.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 128.66.21.0 0.0.0.7
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.5.0 0.0.0.7
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.20.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.2.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.3.0 0.0.0.255
access-list 103 permit ip 128.66.1.0 0.0.0.255 any
access-list 103 permit ip 128.66.20.0 0.0.0.255 any
access-list 103 permit ip 128.66.19.0 0.0.0.255 any
access-list 103 permit ip 128.66.18.0 0.0.0.255 any
access-list 103 permit ip 128.66.17.0 0.0.0.255 any
access-list 103 permit ip 128.66.16.0 0.0.0.255 any
access-list 103 permit ip 128.66.15.0 0.0.0.255 any
access-list 103 permit ip 128.66.14.0 0.0.0.255 any
access-list 103 permit ip 128.66.13.0 0.0.0.255 any
access-list 103 deny ip 128.66.0.0 0.0.255.255 172.16.32.0 0.0.0.255
access-list 103 permit ip 128.66.12.0 0.0.0.255 any
access-list 103 permit ip 128.66.11.0 0.0.0.255 any
access-list 103 permit ip 128.66.10.0 0.0.0.255 any
access-list 103 permit ip 128.66.2.0 0.0.0.255 any
access-list 103 deny ip 128.66.5.0 0.0.0.255 any
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 10.0.0.0 0.255.255.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.22.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.5.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.30.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.40.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 deny ip 128.66.0.0 0.0.255.255 192.168.30.0 0.0.0.7
access-list 103 permit ip 128.66.7.0 0.0.0.255 any
access-list 103 deny ip any host 84.55.47.31
access-list 103 permit ip 128.66.0.0 0.0.255.255 any
access-list 104 remark CCP_ACL Category=2
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.21.0 0.0.0.255
access-list 104 deny ip 192.168.21.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.7.0 0.0.0.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.4.0 0.0.0.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.6.0 0.0.0.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.207.0 0.0.0.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.14.0 0.0.0.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 128.66.21.0 0.0.0.7
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.5.0 0.0.0.7
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.20.0 0.0.0.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.2.0 0.0.0.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.3.0 0.0.0.255
access-list 104 deny ip 128.66.0.0 0.0.255.255 any
access-list 104 deny ip 128.66.5.0 0.0.0.255 any
access-list 104 deny ip 128.66.2.0 0.0.0.255 any
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.30.0 0.0.0.7
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.30.0 0.0.0.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.22.0 0.0.0.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 10.0.0.0 0.255.255.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.5.0 0.0.0.255
access-list 104 remark IPSec Rule
access-list 104 deny ip 128.66.0.0 0.0.255.255 192.168.40.0 0.0.0.255
access-list 104 deny ip 128.66.0.0 0.0.255.255 172.16.32.0 0.0.0.255
access-list 104 permit ip any host 84.55.47.31
access-list 104 deny ip 192.168.1.0 0.0.0.255 any
access-list 105 remark CCP_ACL Category=4
access-list 105 remark IPSec Rule
access-list 105 permit ip 128.66.0.0 0.0.255.255 192.168.40.0 0.0.0.255
access-list 106 remark CCP_ACL Category=4
access-list 106 remark IPSec Rule
access-list 106 permit ip 128.66.0.0 0.0.255.255 192.168.5.0 0.0.0.7
access-list 107 remark CCP_ACL Category=4
access-list 107 remark IPSec Rule
access-list 107 permit ip 128.66.0.0 0.0.255.255 192.168.30.0 0.0.0.7
access-list 108 remark CCP_ACL Category=128
access-list 108 permit ip host 255.255.255.255 any
access-list 108 permit ip 127.0.0.0 0.255.255.255 any
access-list 108 permit ip 87.24.55.66 0.0.0.7 any
access-list 108 permit ip 144.112.247.80 0.0.0.7 any
access-list 109 permit ip host 0.0.0.0 any
access-list 110 remark CCP_ACL Category=0
access-list 111 remark CCP_ACL Category=4
access-list 111 remark IPSec Rule
access-list 111 permit ip 128.66.0.0 0.0.255.255 192.168.11.0 0.0.0.255
access-list 112 remark CCP_ACL Category=4
access-list 112 remark IPSec Rule
access-list 112 permit ip 128.66.0.0 0.0.255.255 10.0.0.0 0.255.255.255
access-list 113 remark CCP_ACL Category=128
access-list 113 permit ip host *.*.*.* any
access-list 113 permit ip host *.*.*.* any
access-list 113 permit ip host *.*.*.* any
access-list 113 permit ip host *.*.*.* any
access-list 113 permit ip host *.*.*.* any
access-list 113 permit ip host *.*.*.* any
access-list 113 permit ip host *.*.*.* any
access-list 113 permit ip host *.*.*.* any
access-list 114 remark CCP_ACL Category=0
access-list 114 remark IPSec Rule
access-list 114 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 115 permit ip 128.66.0.0 0.0.255.255 192.168.6.0 0.0.0.255
access-list 116 remark CCP_ACL Category=0
access-list 116 remark IPSec Rule
access-list 116 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 116 remark IPSec Rule
access-list 116 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 116 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 117 remark CCP_ACL Category=4
access-list 117 remark IPSec Rule
access-list 117 permit ip 128.66.0.0 0.0.255.255 192.168.2.0 0.0.0.255
access-list 118 remark CCP_ACL Category=0
access-list 118 remark IPSec Rule
access-list 118 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 118 remark IPSec Rule
access-list 118 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 118 remark IPSec Rule
access-list 118 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 118 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 119 permit ip 128.66.0.0 0.0.255.255 192.168.4.0 0.0.0.255
access-list 120 remark CCP_ACL Category=0
access-list 120 remark IPSec Rule
access-list 120 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 120 remark IPSec Rule
access-list 120 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 120 remark IPSec Rule
access-list 120 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 120 remark IPSec Rule
access-list 120 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 120 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 121 remark CCP_ACL Category=4
access-list 121 remark IPSec Rule
access-list 121 permit ip 128.66.0.0 0.0.255.255 192.168.20.0 0.0.0.255
access-list 122 remark CCP_ACL Category=0
access-list 122 remark IPSec Rule
access-list 122 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 122 remark IPSec Rule
access-list 122 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 122 remark IPSec Rule
access-list 122 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 122 remark IPSec Rule
access-list 122 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 122 remark IPSec Rule
access-list 122 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 122 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 123 remark CCP_ACL Category=0
access-list 123 remark IPSec Rule
access-list 123 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 123 remark IPSec Rule
access-list 123 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 123 remark IPSec Rule
access-list 123 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 123 remark IPSec Rule
access-list 123 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 123 remark IPSec Rule
access-list 123 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 123 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 124 remark CCP_ACL Category=0
access-list 124 remark IPSec Rule
access-list 124 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 124 remark IPSec Rule
access-list 124 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 124 remark IPSec Rule
access-list 124 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 124 remark IPSec Rule
access-list 124 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 124 remark IPSec Rule
access-list 124 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 124 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 125 remark CCP_ACL Category=4
access-list 125 remark IPSec Rule
access-list 125 permit ip 128.66.0.0 0.0.255.255 192.168.20.0 0.0.0.255
access-list 126 remark CCP_ACL Category=0
access-list 126 remark IPSec Rule
access-list 126 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 126 remark IPSec Rule
access-list 126 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 126 remark IPSec Rule
access-list 126 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 126 remark IPSec Rule
access-list 126 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 126 remark IPSec Rule
access-list 126 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 126 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 127 remark CCP_ACL Category=0
access-list 127 remark IPSec Rule
access-list 127 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 127 remark IPSec Rule
access-list 127 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 127 remark IPSec Rule
access-list 127 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 127 remark IPSec Rule
access-list 127 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 127 remark IPSec Rule
access-list 127 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 127 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 128 remark CCP_ACL Category=0
access-list 128 remark IPSec Rule
access-list 128 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 128 remark IPSec Rule
access-list 128 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 128 remark IPSec Rule
access-list 128 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 128 remark IPSec Rule
access-list 128 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 128 remark IPSec Rule
access-list 128 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 128 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 130 remark CCP_ACL Category=0
access-list 130 remark IPSec Rule
access-list 130 permit ip 192.168.5.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 130 remark IPSec Rule
access-list 130 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 130 remark IPSec Rule
access-list 130 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 130 remark IPSec Rule
access-list 130 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 130 remark IPSec Rule
access-list 130 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 130 remark IPSec Rule
access-list 130 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 130 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 131 remark CCP_ACL Category=0
access-list 131 remark IPSec Rule
access-list 131 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 131 remark IPSec Rule
access-list 131 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 131 remark IPSec Rule
access-list 131 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 131 remark IPSec Rule
access-list 131 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 131 remark IPSec Rule
access-list 131 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 131 remark IPSec Rule
access-list 131 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 131 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 132 remark CCP_ACL Category=16
access-list 132 permit ip 192.168.21.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 132 remark IPSec Rule
access-list 132 permit ip 128.66.0.0 0.0.255.255 192.168.21.0 0.0.0.255
access-list 133 remark CCP_ACL Category=0
access-list 133 remark IPSec Rule
access-list 133 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 133 remark IPSec Rule
access-list 133 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 133 remark IPSec Rule
access-list 133 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 133 remark IPSec Rule
access-list 133 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 133 remark IPSec Rule
access-list 133 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 133 remark IPSec Rule
access-list 133 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 133 remark IPSec Rule
access-list 133 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 133 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 134 remark CCP_ACL Category=0
access-list 134 remark IPSec Rule
access-list 134 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 134 remark IPSec Rule
access-list 134 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 134 remark IPSec Rule
access-list 134 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 134 remark IPSec Rule
access-list 134 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 134 remark IPSec Rule
access-list 134 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 134 remark IPSec Rule
access-list 134 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 134 remark IPSec Rule
access-list 134 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 134 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 135 remark CCP_ACL Category=0
access-list 135 remark IPSec Rule
access-list 135 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 135 remark IPSec Rule
access-list 135 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 135 remark IPSec Rule
access-list 135 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 135 remark IPSec Rule
access-list 135 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 135 remark IPSec Rule
access-list 135 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 135 remark IPSec Rule
access-list 135 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 135 remark IPSec Rule
access-list 135 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 135 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 136 remark CCP_ACL Category=4
access-list 136 remark IPSec Rule
access-list 136 permit ip 128.66.0.0 0.0.255.255 192.168.6.0 0.0.0.255
access-list 137 remark CCP_ACL Category=0
access-list 137 remark IPSec Rule
access-list 137 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 137 remark IPSec Rule
access-list 137 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 137 remark IPSec Rule
access-list 137 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 137 remark IPSec Rule
access-list 137 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 137 remark IPSec Rule
access-list 137 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 137 remark IPSec Rule
access-list 137 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 137 remark IPSec Rule
access-list 137 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 137 remark IPSec Rule
access-list 137 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 138 remark CCP_ACL Category=0
access-list 138 remark IPSec Rule
access-list 138 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 138 remark IPSec Rule
access-list 138 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 138 remark IPSec Rule
access-list 138 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 138 remark IPSec Rule
access-list 138 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 138 remark IPSec Rule
access-list 138 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 138 remark IPSec Rule
access-list 138 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 138 remark IPSec Rule
access-list 138 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 138 remark IPSec Rule
access-list 138 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 139 remark CCP_ACL Category=16
access-list 139 permit ip 128.66.0.0 0.0.255.255 any
access-list 139 permit ip any 128.66.0.0 0.0.255.255
access-list 140 remark CCP_ACL Category=4
access-list 140 remark IPSec Rule
access-list 140 permit ip 128.66.0.0 0.0.255.255 192.168.14.0 0.0.0.255
access-list 141 remark CCP_ACL Category=128
access-list 141 permit ip host *.*.*.* any
access-list 142 remark CCP_ACL Category=0
access-list 142 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 142 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 142 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 142 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 142 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 142 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 142 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 142 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 142 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 143 remark CCP_ACL Category=0
access-list 143 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 143 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 143 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 143 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 143 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 143 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 143 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 143 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 143 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 144 remark CCP_ACL Category=0
access-list 144 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 144 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 144 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 144 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 144 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 144 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 144 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 144 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 144 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 145 remark CCP_ACL Category=0
access-list 145 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 145 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 145 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 145 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 145 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 145 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 145 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 145 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 145 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 146 remark CCP_ACL Category=4
access-list 146 permit ip 128.66.0.0 0.0.255.255 any
access-list 147 remark CCP_ACL Category=128
access-list 147 permit ip host *.*.*.* any
access-list 147 permit ip host *.*.*.* any
access-list 147 permit ip host *.*.*.* any
access-list 148 remark CCP_ACL Category=0
access-list 148 remark IPSec Rule
access-list 148 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 148 remark IPSec Rule
access-list 148 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 148 remark IPSec Rule
access-list 148 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 148 remark IPSec Rule
access-list 148 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 148 remark IPSec Rule
access-list 148 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 148 remark IPSec Rule
access-list 148 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 148 remark IPSec Rule
access-list 148 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 148 remark IPSec Rule
access-list 148 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 148 remark IPSec Rule
access-list 148 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 149 remark CCP_ACL Category=0
access-list 149 remark IPSec Rule
access-list 149 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 149 remark IPSec Rule
access-list 149 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 149 remark IPSec Rule
access-list 149 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 149 remark IPSec Rule
access-list 149 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 149 remark IPSec Rule
access-list 149 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 149 remark IPSec Rule
access-list 149 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 149 remark IPSec Rule
access-list 149 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 149 remark IPSec Rule
access-list 149 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 149 remark IPSec Rule
access-list 149 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 150 remark CCP_ACL Category=0
access-list 150 remark IPSec Rule
access-list 150 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 150 remark IPSec Rule
access-list 150 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 150 remark IPSec Rule
access-list 150 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 150 remark IPSec Rule
access-list 150 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 150 remark IPSec Rule
access-list 150 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 150 remark IPSec Rule
access-list 150 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 150 remark IPSec Rule
access-list 150 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 150 remark IPSec Rule
access-list 150 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 150 remark IPSec Rule
access-list 150 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 151 remark CCP_ACL Category=18
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 10.0.0.0 0.255.255.255
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 192.168.21.0 0.0.0.255
access-list 151 deny ip 192.168.21.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 192.168.7.0 0.0.0.255
access-list 151 deny ip 128.66.0.0 0.0.255.255 172.16.32.0 0.0.0.255
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 192.168.4.0 0.0.0.255
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 192.168.6.0 0.0.0.255
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 192.168.207.0 0.0.0.255
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 192.168.14.0 0.0.0.255
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 128.66.21.0 0.0.0.7
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 192.168.5.0 0.0.0.7
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 192.168.20.0 0.0.0.255
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 192.168.2.0 0.0.0.255
access-list 151 remark IPSec Rule
access-list 151 deny ip 128.66.0.0 0.0.255.255 192.168.3.0 0.0.0.255
access-list 151 permit ip 128.66.0.0 0.0.255.255 any
access-list 151 permit ip any host 144.112.247.19
access-list 151 permit ip any host 128.66.255.128
access-list 152 remark CCP_ACL Category=0
access-list 152 remark IPSec Rule
access-list 152 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 152 remark IPSec Rule
access-list 152 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 152 remark IPSec Rule
access-list 152 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 152 remark IPSec Rule
access-list 152 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 152 remark IPSec Rule
access-list 152 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 152 remark IPSec Rule
access-list 152 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 152 remark IPSec Rule
access-list 152 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 152 remark IPSec Rule
access-list 152 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 152 remark IPSec Rule
access-list 152 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 153 remark CCP_ACL Category=4
access-list 153 remark IPSec Rule
access-list 153 permit ip 128.66.0.0 0.0.255.255 192.168.207.0 0.0.0.255
access-list 154 remark CCP_ACL Category=0
access-list 154 remark IPSec Rule
access-list 154 permit ip 192.168.207.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 154 remark IPSec Rule
access-list 154 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 154 remark IPSec Rule
access-list 154 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 154 remark IPSec Rule
access-list 154 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 154 remark IPSec Rule
access-list 154 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 154 remark IPSec Rule
access-list 154 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 154 remark IPSec Rule
access-list 154 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 154 remark IPSec Rule
access-list 154 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 154 remark IPSec Rule
access-list 154 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 154 remark IPSec Rule
access-list 154 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 155 remark CCP_ACL Category=0
access-list 155 remark IPSec Rule
access-list 155 permit ip 192.168.207.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 155 remark IPSec Rule
access-list 155 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 155 remark IPSec Rule
access-list 155 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 155 remark IPSec Rule
access-list 155 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 155 remark IPSec Rule
access-list 155 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 155 remark IPSec Rule
access-list 155 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 155 remark IPSec Rule
access-list 155 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 155 remark IPSec Rule
access-list 155 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 155 remark IPSec Rule
access-list 155 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 155 remark IPSec Rule
access-list 155 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 156 remark CCP_ACL Category=0
access-list 156 remark IPSec Rule
access-list 156 permit ip 192.168.207.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 156 remark IPSec Rule
access-list 156 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 156 remark IPSec Rule
access-list 156 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 156 remark IPSec Rule
access-list 156 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 156 remark IPSec Rule
access-list 156 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 156 remark IPSec Rule
access-list 156 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 156 remark IPSec Rule
access-list 156 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 156 remark IPSec Rule
access-list 156 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 156 remark IPSec Rule
access-list 156 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 156 remark IPSec Rule
access-list 156 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 157 remark CCP_ACL Category=0
access-list 157 remark IPSec Rule
access-list 157 permit ip 192.168.207.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 157 remark IPSec Rule
access-list 157 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 157 remark IPSec Rule
access-list 157 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 157 remark IPSec Rule
access-list 157 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 157 remark IPSec Rule
access-list 157 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 157 remark IPSec Rule
access-list 157 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 157 remark IPSec Rule
access-list 157 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 157 remark IPSec Rule
access-list 157 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 157 remark IPSec Rule
access-list 157 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 157 remark IPSec Rule
access-list 157 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 158 permit ip 128.66.0.0 0.0.255.255 192.168.7.0 0.0.0.255
access-list 159 remark CCP_ACL Category=0
access-list 159 remark IPSec Rule
access-list 159 permit ip 192.168.7.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 159 permit ip 172.16.32.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 159 remark IPSec Rule
access-list 159 permit ip 192.168.207.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 159 remark IPSec Rule
access-list 159 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 159 remark IPSec Rule
access-list 159 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 159 remark IPSec Rule
access-list 159 permit ip 128.66.21.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 159 remark IPSec Rule
access-list 159 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 159 remark IPSec Rule
access-list 159 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 159 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 159 remark IPSec Rule
access-list 159 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 159 remark IPSec Rule
access-list 159 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 159 remark IPSec Rule
access-list 159 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 160 remark CCP_ACL Category=0
access-list 160 permit ip 192.168.207.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 160 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 160 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 160 permit ip 128.66.0.0 0.0.255.255 192.168.21.0 0.0.0.255
access-list 160 permit ip 192.168.21.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 160 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 160 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 160 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 160 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 160 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 160 permit ip 192.168.11.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 160 permit ip 192.168.7.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 160 permit ip 172.16.32.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 161 remark CCP_ACL Category=0
access-list 161 permit ip 192.168.207.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 161 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 161 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 161 permit ip 128.66.0.0 0.0.255.255 192.168.21.0 0.0.0.255
access-list 161 permit ip 192.168.21.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 161 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 161 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 161 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 161 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 161 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 161 permit ip 10.0.0.0 0.255.255.255 128.66.0.0 0.0.255.255
access-list 161 permit ip 192.168.7.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 161 permit ip 172.16.32.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 162 remark CCP_ACL Category=0
access-list 162 permit ip 192.168.7.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 162 permit ip 172.16.32.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 162 permit ip 192.168.207.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 162 permit ip 192.168.14.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 162 permit ip 192.168.6.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 162 permit ip 128.66.0.0 0.0.255.255 192.168.21.0 0.0.0.255
access-list 162 permit ip 192.168.21.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 162 permit ip 192.168.5.0 0.0.0.7 128.66.0.0 0.0.255.255
access-list 162 permit ip 192.168.20.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 162 permit ip 192.168.4.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 162 permit ip 192.168.2.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 162 permit ip 192.168.3.0 0.0.0.255 128.66.0.0 0.0.255.255
access-list 162 permit ip 10.0.0.0 0.255.255.255 128.66.0.0 0.0.255.255
!
!
!
!
route-map MWLink permit 10
match ip address 151
set ip next-hop 144.112.247.81 144.112.247.17
set interface GigabitEthernet0/1
!
route-map SDM_RMAP_1 permit 1
match ip address 103
set ip next-hop 144.112.247.81
set interface ATM0/1/0.1 GigabitEthernet0/1
!
route-map SDM_RMAP_2 permit 1
match ip address 104
set ip default next-hop 128.66.1.251
!
route-map ISP! permit 10
!
route-map ISP1 permit 10
match ip address 109
set ip next-hop 128.66.1.251
!
!
snmp-server community public RO
snmp-server community private RW
radius-server host 128.66.2.17 timeout 10 key *****************************
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password ***********
transport input telnet ssh
!
scheduler allocate 20000 1000
event manager applet change-tunnel-dest
event timer cron name CHRON cron-entry "15 * * * *"
action 1.0 cli command "enable"
action 1.1 cli command "configure terminal"
action 1.2 cli command "interface Tunnel1"
!
end
ASKER
I need a NAT rule for 144.112.247.20:8808 to go to 128.66.2.53:8808 but I also don't see this WAN ip configured anywhere in the config
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.