Link to home
Start Free TrialLog in
Avatar of Alejandro_Lopez
Alejandro_Lopez

asked on

Troubleshooting Cisco 1841

HI

 I had a network like this

----ethernet inside--pix 506--ethernet outside----------ethernet--cisco 2600--serial--------internet
    192.168.1.1-----------------xxx.xxx.211.116-------xxx.xxx.211.114------xxx.xxx.199.53-----

now i just have al multiservices cisco 1841 and trying to replace before configuration set it up like this

---eternet 0/1 inside--------cisco 1841--------serial interface------internet
   192.168.1.1-------------------------------------xxx.xxx.199.53
 i have a ip range xxx.xxx.211.114 25.255.255.240

as you can see y have to release valid ip address because i don't need now ip for router (gateway) an no ip for pix

well the problem it's i'm not sure my nat it's working correctly because y tried the bellow conf and sometimes work fine but sometimes not, as you can see i have firewall and i'm giving some computers web access but it does not work. Can some one take a look at it?? (iknow it's too large because of VPN but you can just ignore it)

Building configuration...

Current configuration : 59254 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname somehostname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authorization exec default local
aaa authorization network sdm_vpn_group_ml_1 local
!
aaa session-id common
!
resource policy
!
clock timezone PCTime -6
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW https
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW vdolive
ip inspect name SDM_LOW http
ip inspect name SDM_LOW telnet
ip inspect name SDM_LOW pcanywheredata
ip inspect name SDM_LOW pcanywherestat
ip inspect name SDM_LOW appleqtc
!
!
ip ips notify SDEE
ip domain name damain.com
!
!
!
crypto pki trustpoint TP-self-signed-*****some numbers******
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-*****some numbers******
 revocation-check none
 rsakeypair TP-self-signed-*****some numbers******
!
!
crypto pki certificate chain TP-self-signed-2198227959
 certificate self-signed 01
  *****some numbers******
  quit

!
!
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
crypto isakmp xauth timeout 15

!
crypto isakmp client configuration group VPNNorm
 key NormVPNPass03
 dns 192.168.1.200
 pool Norm
 acl 100
!
crypto isakmp client configuration group Aces06
 key Maq06Aces
 dns 192.168.1.200
 pool Aces
 acl 104
!
crypto isakmp client configuration group PanExpress
 key Pan06Exp
 dns 192.168.1.200
 pool Panexpress
 acl 105
!
crypto isakmp client configuration group HotelStore
 key Store06Hotel
 dns 192.168.1.200
 pool HotelStore
 acl 106
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto dynamic-map SDM_DYNMAP_1 1
 set transform-set ESP-3DES-SHA
 reverse-route
!
!
crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_1
crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_1
crypto map SDM_CMAP_1 client configuration address respond
crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
!
!
!
interface FastEthernet0/0
 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$$FW_INSIDE$
 ip address 192.168.1.1 255.255.255.0
 ip access-group 107 in
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address xxx.xxx.211.114 255.255.255.240  <----- (i think i don't need to use this interface)
 duplex auto
 speed auto
!
interface Serial0/1/0
 description **********Enlace a Internet 512 KB**************$FW_OUTSIDE$
 bandwidth 512
 ip address xxx.xxx.199.53 255.255.255.252
 ip access-group 108 in
 ip verify unicast reverse-path
 ip inspect SDM_LOW out
 ip nat outside
 ip virtual-reassembly
 clock rate 2000000
 crypto map SDM_CMAP_1
!
ip local pool Norm 10.10.1.1 10.10.1.50
ip local pool Aces 10.10.2.1 10.10.2.50
ip local pool HotelStore 10.10.4.1 10.10.4.50
ip local pool Panexpress 10.10.3.1 10.10.3.50
ip classless
ip route 0.0.0.0 0.0.0.0 xxx.xxx.199.54    <------   (serial interface ISP)
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat pool internet xxx.xxxx.211.117 xxx.xxx.211.121 netmask 255.255.255.240
ip nat inside source route-map SDM_RMAP_1 pool internet
ip nat inside source static 192.168.1.3 xxx.xxx.211.122 route-map SDM_RMAP_3
ip nat inside source static 192.168.1.4 xxx.xxx.211.123 route-map SDM_RMAP_2
ip nat inside source static network 192.168.1.2 148.233.211.124 /32
!
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 remark SDM_ACL Category=4
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
access-list 101 remark SDM_ACL Category=2
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.1
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.2
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.3
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.4
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.5
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.6
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.7
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.8
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.9
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.10
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.11
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.12
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.13
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.14
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.15
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.16
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.17
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.18
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.19
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.20
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.21
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.22
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.23
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.24
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.25
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.26
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.27
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.28
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.29
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.30
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.31
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.32
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.33
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.34
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.35
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.36
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.37
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.38
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.39
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.40
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.41
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.42
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.43
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.44
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.45
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.46
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.47
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.48
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.49
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.4.50
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.1
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.2
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.3
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.4
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.5
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.6
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.7
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.8
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.9
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.10
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.11
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.12
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.13
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.14
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.15
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.16
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.17
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.18
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.19
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.20
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.21
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.22
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.23
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.24
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.25
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.26
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.27
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.28
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.29
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.30
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.31
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.32
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.33
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.34
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.35
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.36
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.37
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.38
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.39
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.40
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.41
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.42
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.43
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.44
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.45
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.46
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.47
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.48
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.49
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.3.50
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.1
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.2
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.3
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.4
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.5
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.6
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.7
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.8
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.9
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.10
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.11
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.12
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.13
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.14
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.15
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.16
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.17
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.18
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.19
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.20
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.21
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.22
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.23
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.24
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.25
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.26
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.27
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.28
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.29
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.30
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.31
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.32
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.33
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.34
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.35
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.36
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.37
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.38
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.39
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.40
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.41
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.42
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.43
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.44
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.45
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.46
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.47
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.48
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.49
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.2.50
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.1
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.2
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.3
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.4
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.5
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.6
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.7
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.8
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.9
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.10
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.11
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.12
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.13
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.14
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.15
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.16
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.17
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.18
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.19
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.20
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.21
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.22
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.23
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.24
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.25
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.26
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.27
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.28
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.29
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.30
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.31
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.32
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.33
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.34
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.35
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.36
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.37
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.38
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.39
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.40
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.41
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.42
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.43
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.44
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.45
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.46
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.47
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.48
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.49
access-list 101 deny   ip 192.168.1.0 0.0.0.255 host 10.10.1.50
access-list 101 deny   ip host 192.168.1.3 any
access-list 101 deny   ip host 192.168.1.4 any
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 remark SDM_ACL Category=2
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.50
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.49
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.48
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.47
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.46
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.45
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.44
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.43
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.42
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.41
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.40
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.39
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.38
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.37
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.36
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.35
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.34
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.33
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.32
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.31
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.30
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.29
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.28
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.27
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.26
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.25
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.24
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.23
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.22
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.21
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.20
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.19
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.18
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.17
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.16
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.15
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.14
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.13
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.12
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.11
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.10
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.9
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.8
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.7
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.6
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.5
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.4
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.3
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.2
access-list 102 deny   ip host 192.168.1.4 host 10.10.4.1
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.50
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.49
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.48
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.47
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.46
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.45
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.44
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.43
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.42
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.41
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.40
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.39
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.38
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.37
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.36
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.35
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.34
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.33
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.32
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.31
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.30
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.29
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.28
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.27
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.26
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.25
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.24
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.23
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.22
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.21
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.20
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.19
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.18
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.17
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.16
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.15
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.14
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.13
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.12
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.11
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.10
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.9
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.8
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.7
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.6
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.5
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.4
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.3
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.2
access-list 102 deny   ip host 192.168.1.4 host 10.10.3.1
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.50
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.49
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.48
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.47
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.46
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.45
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.44
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.43
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.42
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.41
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.40
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.39
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.38
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.37
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.36
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.35
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.34
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.33
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.32
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.31
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.30
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.29
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.28
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.27
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.26
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.25
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.24
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.23
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.22
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.21
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.20
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.19
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.18
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.17
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.16
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.15
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.14
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.13
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.12
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.11
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.10
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.9
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.8
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.7
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.6
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.5
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.4
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.3
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.2
access-list 102 deny   ip host 192.168.1.4 host 10.10.2.1
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.50
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.49
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.48
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.47
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.46
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.45
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.44
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.43
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.42
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.41
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.40
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.39
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.38
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.37
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.36
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.35
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.34
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.33
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.32
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.31
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.30
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.29
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.28
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.27
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.26
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.25
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.24
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.23
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.22
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.21
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.20
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.19
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.18
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.17
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.16
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.15
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.14
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.13
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.12
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.11
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.10
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.9
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.8
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.7
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.6
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.5
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.4
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.3
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.2
access-list 102 deny   ip host 192.168.1.4 host 10.10.1.1
access-list 102 permit ip host 192.168.1.4 any
access-list 103 remark SDM_ACL Category=2
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.50
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.49
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.48
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.47
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.46
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.45
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.44
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.43
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.42
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.41
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.40
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.39
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.38
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.37
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.36
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.35
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.34
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.33
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.32
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.31
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.30
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.29
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.28
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.27
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.26
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.25
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.24
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.23
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.22
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.21
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.20
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.19
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.18
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.17
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.16
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.15
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.14
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.13
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.12
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.11
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.10
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.9
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.8
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.7
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.6
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.5
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.4
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.3
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.2
access-list 103 deny   ip host 192.168.1.3 host 10.10.4.1
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.50
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.49
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.48
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.47
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.46
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.45
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.44
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.43
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.42
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.41
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.40
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.39
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.38
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.37
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.36
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.35
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.34
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.33
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.32
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.31
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.30
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.29
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.28
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.27
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.26
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.25
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.24
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.23
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.22
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.21
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.20
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.19
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.18
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.17
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.16
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.15
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.14
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.13
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.12
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.11
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.10
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.9
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.8
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.7
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.6
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.5
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.4
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.3
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.2
access-list 103 deny   ip host 192.168.1.3 host 10.10.3.1
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.50
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.49
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.48
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.47
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.46
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.45
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.44
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.43
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.42
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.41
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.40
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.39
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.38
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.37
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.36
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.35
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.34
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.33
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.32
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.31
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.30
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.29
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.28
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.27
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.26
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.25
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.24
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.23
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.22
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.21
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.20
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.19
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.18
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.17
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.16
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.15
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.14
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.13
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.12
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.11
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.10
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.9
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.8
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.7
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.6
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.5
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.4
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.3
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.2
access-list 103 deny   ip host 192.168.1.3 host 10.10.2.1
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.50
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.49
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.48
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.47
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.46
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.45
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.44
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.43
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.42
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.41
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.40
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.39
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.38
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.37
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.36
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.35
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.34
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.33
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.32
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.31
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.30
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.29
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.28
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.27
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.26
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.25
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.24
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.23
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.22
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.21
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.20
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.19
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.18
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.17
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.16
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.15
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.14
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.13
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.12
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.11
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.10
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.9
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.8
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.7
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.6
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.5
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.4
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.3
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.2
access-list 103 deny   ip host 192.168.1.3 host 10.10.1.1
access-list 103 permit ip host 192.168.1.3 any
access-list 104 remark SDM_ACL Category=4
access-list 104 permit ip 192.168.1.0 0.0.0.255 any
access-list 105 remark SDM_ACL Category=4
access-list 105 permit ip 192.168.1.0 0.0.0.255 any
access-list 106 remark SDM_ACL Category=4
access-list 106 permit ip 192.168.1.0 0.0.0.255 any
access-list 107 remark auto generated by SDM firewall configuration
access-list 107 remark SDM_ACL Category=1
access-list 107 permit tcp host 192.168.1.6 any
access-list 107 permit tcp host 192.168.1.5 any
access-list 107 permit tcp host 192.168.1.4 any
access-list 107 permit tcp host 192.168.1.3 any
access-list 107 permit tcp host 192.168.1.2 any
access-list 107 permit tcp host 192.168.1.7 any
access-list 107 permit tcp host 192.168.1.8 eq www any eq www
access-list 107 permit tcp host 192.168.1.13 eq www any eq www
access-list 107 permit tcp host 192.168.1.40 eq www any eq www
access-list 107 permit tcp host 192.168.1.28 eq www any eq www
access-list 107 permit tcp host 192.168.1.23 eq www any eq www
access-list 107 permit tcp host 192.168.1.21 eq www any eq www
access-list 107 permit tcp host 192.168.1.41 eq www any eq www
access-list 107 permit tcp host 192.168.1.42 eq www any eq www
access-list 107 permit tcp host 192.168.1.43 eq www any eq www
access-list 107 permit tcp host 192.168.1.44 eq www any eq www
access-list 107 permit tcp host 192.168.1.46 eq www any eq www
access-list 107 permit tcp host 192.168.1.45 eq www any eq www
access-list 107 permit tcp host 192.168.1.47 eq www any eq www
access-list 107 permit tcp host 192.168.1.48 eq www any eq www
access-list 107 permit tcp host 192.168.1.49 any
access-list 107 permit tcp host 192.168.1.50 any log
access-list 107 permit tcp host 192.168.1.56 eq www any eq www
access-list 107 permit tcp host 192.168.1.31 eq www any eq www
access-list 107 permit tcp host 192.168.1.55 eq www any eq www
access-list 107 permit tcp host 192.168.1.100 eq www any eq www
access-list 107 permit tcp host 192.168.1.52 eq www any eq www
access-list 107 permit tcp host 192.168.1.158 eq www any eq www
access-list 107 permit tcp host 192.168.1.160 eq www any eq www
access-list 107 permit tcp host 192.168.1.162 eq www any eq www
access-list 107 permit tcp host 192.168.1.200 any
access-list 107 deny   ip 148.233.199.52 0.0.0.3 any log
access-list 107 deny   ip host 255.255.255.255 any
access-list 107 deny   ip 127.0.0.0 0.255.255.255 any
access-list 107 permit ip any any
access-list 108 remark auto generated by SDM firewall configuration
access-list 108 remark SDM_ACL Category=1
access-list 108 permit udp any host 148.233.211.124
access-list 108 permit tcp any host 148.233.211.124
access-list 108 permit udp any host 148.233.211.123
access-list 108 permit tcp any host 148.233.211.123
access-list 108 permit udp any host 148.233.211.122
access-list 108 permit tcp any host 148.233.211.122
access-list 108 permit ahp any host 148.233.199.53
access-list 108 permit esp any host 148.233.199.53
access-list 108 permit udp any host 148.233.199.53 eq isakmp
access-list 108 permit udp any host 148.233.199.53 eq non500-isakmp
access-list 108 permit ip host 10.10.2.50 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.49 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.48 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.47 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.46 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.45 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.44 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.43 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.42 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.41 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.40 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.39 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.38 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.37 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.36 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.35 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.34 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.33 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.32 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.31 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.30 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.29 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.28 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.27 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.26 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.25 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.24 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.23 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.22 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.21 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.20 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.19 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.18 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.17 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.16 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.15 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.14 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.13 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.12 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.11 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.10 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.9 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.8 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.7 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.6 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.5 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.4 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.3 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.2 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.2.1 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.50 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.49 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.48 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.47 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.46 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.45 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.44 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.43 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.42 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.41 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.40 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.39 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.38 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.37 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.36 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.35 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.34 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.33 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.32 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.31 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.30 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.29 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.28 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.27 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.26 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.25 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.24 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.23 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.22 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.21 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.20 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.19 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.18 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.17 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.16 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.15 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.14 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.13 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.12 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.11 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.10 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.9 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.8 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.7 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.6 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.5 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.4 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.3 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.2 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.4.1 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.50 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.49 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.48 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.47 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.46 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.45 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.44 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.43 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.42 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.41 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.40 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.39 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.38 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.37 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.36 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.35 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.34 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.33 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.32 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.31 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.30 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.29 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.28 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.27 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.26 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.25 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.24 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.23 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.22 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.21 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.20 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.19 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.18 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.17 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.16 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.15 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.14 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.13 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.12 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.11 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.10 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.9 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.8 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.7 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.6 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.5 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.4 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.3 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.2 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.1.1 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.50 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.49 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.48 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.47 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.46 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.45 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.44 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.43 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.42 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.41 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.40 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.39 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.38 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.37 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.36 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.35 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.34 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.33 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.32 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.31 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.30 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.29 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.28 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.27 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.26 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.25 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.24 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.23 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.22 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.21 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.20 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.19 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.18 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.17 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.16 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.15 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.14 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.13 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.12 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.11 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.10 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.9 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.8 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.7 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.6 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.5 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.4 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.3 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.2 192.168.1.0 0.0.0.255
access-list 108 permit ip host 10.10.3.1 192.168.1.0 0.0.0.255
access-list 108 deny   ip 192.168.1.0 0.0.0.255 any
access-list 108 permit icmp any host 148.233.199.53 echo-reply
access-list 108 permit icmp any host 148.233.199.53 time-exceeded
access-list 108 permit icmp any host 148.233.199.53 unreachable
access-list 108 permit tcp any host 148.233.199.53 eq 443
access-list 108 permit tcp any host 148.233.199.53 eq 22
access-list 108 permit tcp any host 148.233.199.53 eq cmd
access-list 108 deny   ip 10.0.0.0 0.255.255.255 any
access-list 108 deny   ip 172.16.0.0 0.15.255.255 any
access-list 108 deny   ip 192.168.0.0 0.0.255.255 any
access-list 108 deny   ip 127.0.0.0 0.255.255.255 any
access-list 108 deny   ip host 255.255.255.255 any
access-list 108 deny   ip host 0.0.0.0 any
access-list 108 deny   ip any any log
route-map SDM_RMAP_1 permit 1
 match ip address 101
!
route-map SDM_RMAP_2 permit 1
 match ip address 102
!
route-map SDM_RMAP_3 permit 1
 match ip address 103
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 transport input telnet ssh
line vty 5 15
 transport input telnet ssh
!
end

Avatar of mikebernhardt
mikebernhardt
Flag of United States of America image
ip nat inside source static 192.168.1.3 xxx.xxx.211.122 route-map SDM_RMAP_3
ip nat inside source static 192.168.1.4 xxx.xxx.211.123 route-map SDM_RMAP_2
ip nat inside source static network 192.168.1.2 148.233.211.124 /32

Just make these
ip nat inside source static 192.168.1.3 xxx.xxx.211.122
ip nat inside source static 192.168.1.4 xxx.xxx.211.123
ip nat inside source static 192.168.1.2 148.233.211.124

and for God's sake, shorten up those access lists! Use wildcard bits for all those hosts!
Make these:
ip local pool Norm 10.10.1.1 10.10.1.50
ip local pool Aces 10.10.2.1 10.10.2.50
ip local pool HotelStore 10.10.4.1 10.10.4.50
ip local pool Panexpress 10.10.3.1 10.10.3.50

Into these:
ip local pool Norm 10.10.1.1 10.10.1.63
ip local pool Aces 10.10.2.1 10.10.2.63
ip local pool HotelStore 10.10.4.1 10.10.4.63
ip local pool Panexpress 10.10.3.1 10.10.3.63

and then your access lists each shorten to only 4 lines like this:
access-list 101 deny   ip 192.168.1.0 0.0.0.255 10.10.1.0 0.0.0.63
access-list 101 deny   ip 192.168.1.0 0.0.0.255 10.10.2.0 0.0.0.63
access-list 101 deny   ip 192.168.1.0 0.0.0.255 10.10.3.0 0.0.0.63
access-list 101 deny   ip 192.168.1.0 0.0.0.255 10.10.4.0 0.0.0.63

etc.
Avatar of Les Moore
Les Moore
Flag of United States of America image
Agree with Mike. You need to shorten those acls.
May I ask - why on earth did you replace a PIX with a pseudo-firewall router?
PIX was designed ground up to be a firewall and nothing more
Routers were designed ground up to pass packets from one interface to another as efficiently as possible
Adding firewall "features" to the router makes it less than efficient as a router, and only marginally efficient as a firewall.

My unsolicted $0.02

<8-}
Avatar of Alejandro_Lopez
Alejandro_Lopez

ASKER

Hi,

Mike, i'd like your sugestion the thing here it's sdm place than tons of lines (i know sdm it's not as good as it shold but it really helps), but i should assume that the rest of the configuration it's good ?? you know the pool for dynamic nat?? because i was thinking of delete all and start one step over one step (first basic route, then dynamic nat, then static, then firewall then vpn)

Irlmoore it's so glad to see you again!! and the reason it's pix it's getting old and i have no way to update it (no more memory and by consecuence no best ios), and the other reason i let me go by cisco marketing that says it's all inclusive and promise to work just fine, anyway now i have to make it work and it eventually worked but not sure with my code:
ip route 0.0.0.0 0.0.0.0 xxx.xxx.199.54  it's correct or should i limit it to xxx.xxx.233.114 255.255.0.0 (ip range asigned by me isp)
interface FastEthernet0/0
 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$$FW_INSIDE$
 ip address 192.168.1.1 255.255.255.0
 ip access-group 107 in
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface Serial0/1/0
 description **********Enlace a Internet 512 KB**************$FW_OUTSIDE$
 bandwidth 512
 ip address xxx.xxx.199.53 255.255.255.252
 ip access-group 108 in
 ip verify unicast reverse-path
 ip inspect SDM_LOW out
 ip nat outside
 ip virtual-reassembly
 clock rate 2000000
 crypto map SDM_CMAP_1
!

ip classless
ip route 0.0.0.0 0.0.0.0 xxx.xxx.199.54    <------   (serial interface ISP)
!
ip nat pool internet xxx.xxxx.211.117 xxx.xxx.211.121 netmask 255.255.255.240

and by consecuence to focus on firewall (i only have to allow access to web and other services to certain computers)

thanks in advanced

 
ASKER CERTIFIED SOLUTION
Avatar of mikebernhardt
mikebernhardt
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Alejandro_Lopez
Alejandro_Lopez

ASKER

ok thanks Mike it worked...

I had an issue with acl (block www and other services) because i wasn't very clear about firewall role but now it's working
Avatar of mikebernhardt
mikebernhardt
Flag of United States of America image
Really consider my access list suggestion- ACLs that long tax the router more and slow things down.