Wifi issue with asa 5506
Hello Experts,
I revently purchased an asa 5506w-x. I uploaded my configuration file from my ASA 5505 and all my wired PC's can surf the net.
I've configured the wireless on this device and able to connect and resolves addresses, but can't seem to surf the internet on the wifi.
Belklow is my running config
Result of the command: "show running-config"
: Saved
:
: Hardware: ASA5506W, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)
:
ASA Version 9.4(1)
!
hostname ciscoasa
enable password fiINUAb/RStNPcIj encrypted
names
ip local pool L2TP-Pool 192.168.100.1-192.168.100.
!
interface GigabitEthernet1/1
nameif outside
security-level 0
ip address dhcp setroute
ipv6 address autoconfig
!
interface GigabitEthernet1/2
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface GigabitEthernet1/3
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/4
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/5
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/6
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/7
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/8
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/9
nameif wifi
security-level 100
ip address 192.168.10.1 255.255.255.0
!
interface Management1/1
management-only
no nameif
no security-level
no ip address
!
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup outside
dns domain-lookup inside
dns domain-lookup wifi
dns server-group DefaultDNS
name-server 192.168.1.8
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network Torrents
host 192.168.1.18
object network cosmos
host 192.168.1.18
object network united
host 192.168.1.8
object network HTTP
host 192.168.1.8
object network torr_udp
host 192.168.1.18
object network webserver
host 192.168.1.8
object network Internal-Subnet
subnet 192.168.1.0 255.255.255.0
object network L2TP-Subnet
subnet 192.168.100.0 255.255.255.248
object network VPN_Pool
subnet 192.168.100.0 255.255.255.0
object network RDP
host 192.168.1.8
object network remote_access
host 192.168.1.8
object network firewall
host 192.168.1.1
object network wifigw
host 192.168.10.1
object-group service DM_INLINE_SERVICE_1
service-object tcp destination eq 50555
service-object udp destination eq 50555
object-group service DM_INLINE_SERVICE_2
service-object tcp destination eq 50555
service-object udp destination eq 50555
object-group service DM_INLINE_SERVICE_3
service-object tcp destination eq domain
service-object udp destination eq domain
object-group service DM_INLINE_SERVICE_4
service-object ip
service-object udp
service-object tcp
service-object udp destination eq netbios-dgm
service-object udp destination eq netbios-ns
object-group service DM_INLINE_SERVICE_5
service-object ip
service-object udp
service-object tcp
service-object udp destination eq netbios-dgm
service-object udp destination eq netbios-ns
object-group service DM_INLINE_SERVICE_6
service-object tcp destination eq domain
service-object udp destination eq domain
access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any object cosmos
access-list outside_access_in extended permit tcp any object united eq www
access-list Split-Tunnel-ACL standard permit 192.168.1.0 255.255.255.0
access-list Split-Tunnel standard permit 192.168.1.0 255.255.255.0
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_3 any any
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_4 any any
access-list inbound extended permit icmp any any time-exceeded inactive
access-list inbound extended permit icmp any any unreachable inactive
access-list inbound extended permit object-group DM_INLINE_SERVICE_2 any any
access-list inbound extended permit tcp any any eq www
access-list inbound extended permit tcp any any eq 3389 inactive
access-list inbound extended permit tcp any any eq pptp
access-list wifi_access_in extended permit object-group DM_INLINE_SERVICE_6 any any
access-list wifi_access_in extended permit icmp any any
access-list wifi_access_in extended permit object-group DM_INLINE_SERVICE_5 any any
pager lines 24
logging enable
logging buffer-size 8192
logging asdm-buffer-size 500
logging asdm warnings
mtu outside 1500
mtu inside 1500
mtu wifi 1500
ip verify reverse-path interface outside
no failover
no monitor-interface service-module
icmp unreachable rate-limit 1 burst-size 1
icmp deny any outside
asdm image disk0:/asdm-743.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
!
object network obj_any
nat (inside,outside) dynamic interface
object network Torrents
nat (any,outside) static interface service tcp 50555 50555
object network torr_udp
nat (any,outside) static interface service udp 50555 50555
object network webserver
nat (any,outside) static interface service tcp www www
object network remote_access
nat (any,outside) static interface service tcp pptp pptp
object network wifigw
nat (any,outside) static interface
access-group inbound in interface outside
access-group inside_access_in in interface inside
access-group wifi_access_in in interface wifi
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
user-identity default-domain LOCAL
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
http server enable
http server idle-timeout 1440
http 192.168.1.0 255.255.255.0 inside
http 192.168.10.0 255.255.255.0 wifi
no snmp-server location
no snmp-server contact
service sw-reset-button
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set mode transport
crypto ipsec ikev1 transform-set trans1 esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set trans1 mode transport
crypto ipsec ikev1 transform-set trans2 esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set trans2 mode transport
crypto ipsec ikev2 ipsec-proposal L2TP-IKE1-Transform-Set
protocol esp encryption aes
protocol esp integrity sha-1
crypto ipsec ikev2 ipsec-proposal trans1
protocol esp encryption 3des
protocol esp integrity sha-1
crypto ipsec ikev2 ipsec-proposal trans2
protocol esp encryption aes-256
protocol esp integrity sha-1
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map L2TP-MAP 10 set ikev1 transform-set L2TP-IKE1-Transform-Set
crypto dynamic-map L2TP-MAP 10 set ikev2 ipsec-proposal trans2 trans1 L2TP-IKE1-Transform-Set
crypto map L2TP-VPN-MAP 20 ipsec-isakmp dynamic L2TP-MAP
crypto map L2TP-VPN-MAP interface outside
crypto ca trustpoint ASDM_Launcher_Access_Trust
enrollment self
subject-name CN=192.168.1.1,CN=ciscoasa
crl configure
crypto ca trustpool policy
crypto ikev2 policy 1
encryption 3des
integrity sha
group 1
prf sha
lifetime seconds 86400
crypto ikev2 policy 2
encryption 3des
integrity sha
group 1
prf sha
lifetime seconds 86400
crypto ikev2 policy 5
encryption 3des
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 6
encryption 3des
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 11
encryption aes-192
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev1 enable outside
crypto ikev1 policy 1
authentication pre-share
encryption 3des
hash sha
group 1
lifetime 86400
crypto ikev1 policy 5
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 10
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
telnet timeout 1440
no ssh stricthostkeycheck
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 60
ssh key-exchange group dh-group1-sha1
console timeout 0
no ipv6-vpn-addr-assign aaa
no ipv6-vpn-addr-assign local
dhcp-client client-id interface outside
dhcpd auto_config outside
!
dhcpd address 192.168.1.50-192.168.1.132
dhcpd dns 192.168.1.8 interface inside
!
dhcpd address 192.168.10.2-192.168.10.25
dhcpd dns 192.168.1.8 interface wifi
dhcpd wins 192.168.1.8 interface wifi
dhcpd domain zone.wifi interface wifi
dhcpd update dns both interface wifi
dhcpd enable wifi
!
threat-detection basic-threat
threat-detection scanning-threat shun except ip-address 192.168.1.0 255.255.255.0
threat-detection scanning-threat shun except ip-address 192.168.10.0 255.255.255.0
threat-detection statistics host number-of-rate 3
threat-detection statistics port number-of-rate 3
threat-detection statistics protocol number-of-rate 3
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
dynamic-filter updater-client enable
dynamic-filter use-database
dynamic-filter enable interface outside
dynamic-filter enable interface inside
ntp server 174.142.10.100 source outside
ssl cipher default custom "AES256-SHA:AES128-SHA:DES
ssl cipher tlsv1 custom "AES256-SHA:AES128-SHA:DES
ssl cipher dtlsv1 custom "AES256-SHA:AES128-SHA:DES
webvpn
anyconnect-essentials
error-recovery disable
group-policy L2TP-Policy internal
group-policy L2TP-Policy attributes
wins-server value 192.168.1.8
dns-server value 192.168.1.8
vpn-tunnel-protocol l2tp-ipsec
split-tunnel-policy tunnelall
default-domain value infonp.lan
split-tunnel-all-dns enable
intercept-dhcp enable
dynamic-access-policy-reco
username admin password DeoU7lerQZQu8xfL encrypted privilege 15
username vpnhome password Y2ZpF9MLWp6NvGyb3Ky+AA== nt-encrypted
username vpnhome attributes
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
tunnel-group DefaultRAGroup general-attributes
address-pool L2TP-Pool
default-group-policy L2TP-Policy
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ppp-attributes
no authentication chap
authentication ms-chap-v2
!
class-map global-class
match any
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect pptp
inspect icmp
class global-class
sfr fail-open
class class-default
set connection decrement-ttl
user-statistics accounting
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
hpm topN enable
Cryptochecksum:7f67c6c132d
: end
I revently purchased an asa 5506w-x. I uploaded my configuration file from my ASA 5505 and all my wired PC's can surf the net.
I've configured the wireless on this device and able to connect and resolves addresses, but can't seem to surf the internet on the wifi.
Belklow is my running config
Result of the command: "show running-config"
: Saved
:
: Hardware: ASA5506W, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)
:
ASA Version 9.4(1)
!
hostname ciscoasa
enable password fiINUAb/RStNPcIj encrypted
names
ip local pool L2TP-Pool 192.168.100.1-192.168.100.
!
interface GigabitEthernet1/1
nameif outside
security-level 0
ip address dhcp setroute
ipv6 address autoconfig
!
interface GigabitEthernet1/2
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface GigabitEthernet1/3
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/4
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/5
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/6
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/7
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/8
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/9
nameif wifi
security-level 100
ip address 192.168.10.1 255.255.255.0
!
interface Management1/1
management-only
no nameif
no security-level
no ip address
!
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup outside
dns domain-lookup inside
dns domain-lookup wifi
dns server-group DefaultDNS
name-server 192.168.1.8
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network Torrents
host 192.168.1.18
object network cosmos
host 192.168.1.18
object network united
host 192.168.1.8
object network HTTP
host 192.168.1.8
object network torr_udp
host 192.168.1.18
object network webserver
host 192.168.1.8
object network Internal-Subnet
subnet 192.168.1.0 255.255.255.0
object network L2TP-Subnet
subnet 192.168.100.0 255.255.255.248
object network VPN_Pool
subnet 192.168.100.0 255.255.255.0
object network RDP
host 192.168.1.8
object network remote_access
host 192.168.1.8
object network firewall
host 192.168.1.1
object network wifigw
host 192.168.10.1
object-group service DM_INLINE_SERVICE_1
service-object tcp destination eq 50555
service-object udp destination eq 50555
object-group service DM_INLINE_SERVICE_2
service-object tcp destination eq 50555
service-object udp destination eq 50555
object-group service DM_INLINE_SERVICE_3
service-object tcp destination eq domain
service-object udp destination eq domain
object-group service DM_INLINE_SERVICE_4
service-object ip
service-object udp
service-object tcp
service-object udp destination eq netbios-dgm
service-object udp destination eq netbios-ns
object-group service DM_INLINE_SERVICE_5
service-object ip
service-object udp
service-object tcp
service-object udp destination eq netbios-dgm
service-object udp destination eq netbios-ns
object-group service DM_INLINE_SERVICE_6
service-object tcp destination eq domain
service-object udp destination eq domain
access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any object cosmos
access-list outside_access_in extended permit tcp any object united eq www
access-list Split-Tunnel-ACL standard permit 192.168.1.0 255.255.255.0
access-list Split-Tunnel standard permit 192.168.1.0 255.255.255.0
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_3 any any
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_4 any any
access-list inbound extended permit icmp any any time-exceeded inactive
access-list inbound extended permit icmp any any unreachable inactive
access-list inbound extended permit object-group DM_INLINE_SERVICE_2 any any
access-list inbound extended permit tcp any any eq www
access-list inbound extended permit tcp any any eq 3389 inactive
access-list inbound extended permit tcp any any eq pptp
access-list wifi_access_in extended permit object-group DM_INLINE_SERVICE_6 any any
access-list wifi_access_in extended permit icmp any any
access-list wifi_access_in extended permit object-group DM_INLINE_SERVICE_5 any any
pager lines 24
logging enable
logging buffer-size 8192
logging asdm-buffer-size 500
logging asdm warnings
mtu outside 1500
mtu inside 1500
mtu wifi 1500
ip verify reverse-path interface outside
no failover
no monitor-interface service-module
icmp unreachable rate-limit 1 burst-size 1
icmp deny any outside
asdm image disk0:/asdm-743.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
!
object network obj_any
nat (inside,outside) dynamic interface
object network Torrents
nat (any,outside) static interface service tcp 50555 50555
object network torr_udp
nat (any,outside) static interface service udp 50555 50555
object network webserver
nat (any,outside) static interface service tcp www www
object network remote_access
nat (any,outside) static interface service tcp pptp pptp
object network wifigw
nat (any,outside) static interface
access-group inbound in interface outside
access-group inside_access_in in interface inside
access-group wifi_access_in in interface wifi
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
user-identity default-domain LOCAL
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
http server enable
http server idle-timeout 1440
http 192.168.1.0 255.255.255.0 inside
http 192.168.10.0 255.255.255.0 wifi
no snmp-server location
no snmp-server contact
service sw-reset-button
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set mode transport
crypto ipsec ikev1 transform-set trans1 esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set trans1 mode transport
crypto ipsec ikev1 transform-set trans2 esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set trans2 mode transport
crypto ipsec ikev2 ipsec-proposal L2TP-IKE1-Transform-Set
protocol esp encryption aes
protocol esp integrity sha-1
crypto ipsec ikev2 ipsec-proposal trans1
protocol esp encryption 3des
protocol esp integrity sha-1
crypto ipsec ikev2 ipsec-proposal trans2
protocol esp encryption aes-256
protocol esp integrity sha-1
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map L2TP-MAP 10 set ikev1 transform-set L2TP-IKE1-Transform-Set
crypto dynamic-map L2TP-MAP 10 set ikev2 ipsec-proposal trans2 trans1 L2TP-IKE1-Transform-Set
crypto map L2TP-VPN-MAP 20 ipsec-isakmp dynamic L2TP-MAP
crypto map L2TP-VPN-MAP interface outside
crypto ca trustpoint ASDM_Launcher_Access_Trust
enrollment self
subject-name CN=192.168.1.1,CN=ciscoasa
crl configure
crypto ca trustpool policy
crypto ikev2 policy 1
encryption 3des
integrity sha
group 1
prf sha
lifetime seconds 86400
crypto ikev2 policy 2
encryption 3des
integrity sha
group 1
prf sha
lifetime seconds 86400
crypto ikev2 policy 5
encryption 3des
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 6
encryption 3des
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 11
encryption aes-192
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev1 enable outside
crypto ikev1 policy 1
authentication pre-share
encryption 3des
hash sha
group 1
lifetime 86400
crypto ikev1 policy 5
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 10
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
telnet timeout 1440
no ssh stricthostkeycheck
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 60
ssh key-exchange group dh-group1-sha1
console timeout 0
no ipv6-vpn-addr-assign aaa
no ipv6-vpn-addr-assign local
dhcp-client client-id interface outside
dhcpd auto_config outside
!
dhcpd address 192.168.1.50-192.168.1.132
dhcpd dns 192.168.1.8 interface inside
!
dhcpd address 192.168.10.2-192.168.10.25
dhcpd dns 192.168.1.8 interface wifi
dhcpd wins 192.168.1.8 interface wifi
dhcpd domain zone.wifi interface wifi
dhcpd update dns both interface wifi
dhcpd enable wifi
!
threat-detection basic-threat
threat-detection scanning-threat shun except ip-address 192.168.1.0 255.255.255.0
threat-detection scanning-threat shun except ip-address 192.168.10.0 255.255.255.0
threat-detection statistics host number-of-rate 3
threat-detection statistics port number-of-rate 3
threat-detection statistics protocol number-of-rate 3
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
dynamic-filter updater-client enable
dynamic-filter use-database
dynamic-filter enable interface outside
dynamic-filter enable interface inside
ntp server 174.142.10.100 source outside
ssl cipher default custom "AES256-SHA:AES128-SHA:DES
ssl cipher tlsv1 custom "AES256-SHA:AES128-SHA:DES
ssl cipher dtlsv1 custom "AES256-SHA:AES128-SHA:DES
webvpn
anyconnect-essentials
error-recovery disable
group-policy L2TP-Policy internal
group-policy L2TP-Policy attributes
wins-server value 192.168.1.8
dns-server value 192.168.1.8
vpn-tunnel-protocol l2tp-ipsec
split-tunnel-policy tunnelall
default-domain value infonp.lan
split-tunnel-all-dns enable
intercept-dhcp enable
dynamic-access-policy-reco
username admin password DeoU7lerQZQu8xfL encrypted privilege 15
username vpnhome password Y2ZpF9MLWp6NvGyb3Ky+AA== nt-encrypted
username vpnhome attributes
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
tunnel-group DefaultRAGroup general-attributes
address-pool L2TP-Pool
default-group-policy L2TP-Policy
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ppp-attributes
no authentication chap
authentication ms-chap-v2
!
class-map global-class
match any
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect pptp
inspect icmp
class global-class
sfr fail-open
class class-default
set connection decrement-ttl
user-statistics accounting
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
hpm topN enable
Cryptochecksum:7f67c6c132d
: end
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i added this line instead
object network obj_any
nat (any,outside) dynamic interface
everything works thanks for the push in the right direction...had a brain fart moment ....
object network obj_any
nat (any,outside) dynamic interface
everything works thanks for the push in the right direction...had a brain fart moment ....
Are you able to access your wired network from within the wireless network?
ASKER
no, I cannot access file systems on computers on the wifi network,
Set a policy to allow traffic between the wifi and inside networks. This should make it so you will be able to get to your internal network. Let's work on the wifi connecting to inside network first so that we can get that portion up first.
ASKER
Hi trent,
thanks for the info. I will have to test this some other time as I think i have broken my wireless AP by trying to do an update to the firmware. I am going to submit a new question soon with the issues that i am now having. I can't seem to find any resources on how to replace or factory default the integrated AP on these devices.
thanks for the info. I will have to test this some other time as I think i have broken my wireless AP by trying to do an update to the firmware. I am going to submit a new question soon with the issues that i am now having. I can't seem to find any resources on how to replace or factory default the integrated AP on these devices.
What type of AP do you have? Make and model please. Don't open a new question let's just add it to this one.
ASKER
its the one built into the ASA 5506w-x. it would seem that its similar to the 702i.
this is my issue:
i downloaded a file from the cisco website ap1g1-k9w8-tar.153-3.JBB1.
I've tried resetting the asa to factory defaults.
when i access the wlan session i get the following
*Mar 2 20:49:20.539: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.
*Mar 2 20:49:23.743: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 192.168.10.34, mask 255.255.255.0, hostname AP547c.69db.e302
Translating "CISCO-CAPWAP-CONTROLLER.h
Not in Bound state.
Any suggestion ?
this is my issue:
i downloaded a file from the cisco website ap1g1-k9w8-tar.153-3.JBB1.
I've tried resetting the asa to factory defaults.
when i access the wlan session i get the following
*Mar 2 20:49:20.539: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.
*Mar 2 20:49:23.743: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 192.168.10.34, mask 255.255.255.0, hostname AP547c.69db.e302
Translating "CISCO-CAPWAP-CONTROLLER.h
Not in Bound state.
Any suggestion ?
How are you physically connecting to the switch?
ASKER
I'm connected on a layer 2 switch to port 1/2 I have 8 ports behind on my asa but the 1/9 is internal which is where the wirless is. The ports on this model is layers 3 switch
switch.jpg
switch.jpg
Can you console cable into the device? Since you reset it to factory defaults that may be the easiest way to get in.
ASKER
the only console is the ASA. from there i do the following :
To access the wireless access point console, perform the following steps.
Step 1 From the ASA CLI, session to the access point:
session wlan console
ciscoasa# session wlan console
opening console session with module wlan
connected to module wlan. Escape character sequence is ‘CTRL-^X’
ap>
To access the wireless access point console, perform the following steps.
Step 1 From the ASA CLI, session to the access point:
session wlan console
ciscoasa# session wlan console
opening console session with module wlan
connected to module wlan. Escape character sequence is ‘CTRL-^X’
ap>
Can you post the config for the device?
ASKER
AP547c.69db.e302#show configuration
startup-config is not present
AP547c.69db.e302#
startup-config is not present
AP547c.69db.e302#
ASKER
show run gives me the following
AP547c.69db.e302#show run
Building configuration...
Current configuration : 20767 bytes
!
! Last configuration change at 21:39:14 UTC Tue Mar 2 1993 by Cisco
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AP547c.69db.e302
!
!
logging rate-limit console 9
enable secret 5 $1$7vks$4jfJi/bvncWDT6BJrA
!
aaa new-model
!
!
aaa authentication login default local
!
!
!
!
!
aaa session-id common
no ip routing
no ip cef
!
!
!
!
power inline negotiation prestandard source
eap profile lwapp_eap_profile
method fast
!
!
crypto pki trustpoint cisco-m2-root-cert
revocation-check none
rsakeypair Cisco_IOS_M2_MIC_Keys
!
crypto pki trustpoint Cisco_IOS_M2_MIC_cert
revocation-check none
rsakeypair Cisco_IOS_M2_MIC_Keys
!
crypto pki trustpoint airespace-old-root-cert
--More--
Not in Bo revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint airespace-device-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint Cisco_IOS_MIC_cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
!
crypto pki certificate chain cisco-m2-root-cert
certificate ca 01
30820313 308201FB A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
2B310E30 0C060355 040A1305 43697363 6F311930 17060355 04031310 43697363
6F20526F 6F742043 41204D32 301E170D 31323131 31323133 30303138 5A170D33
37313131 32313330 3031385A 302B310E 300C0603 55040A13 05436973 636F3119
30170603 55040313 10436973 636F2052 6F6F7420 4341204D 32308201 22300D06
092A8648 86F70D01 01010500 0382010F 00308201 0A028201 0100D806 2521134F
8D3A757C E93DC874 413B4DA0 65F9C2BF 9484EF6B 0B7187D4 58C26032 2CBACCBA
BB6334DB B312426A 798586B3 E87FC992 8BE3A737 45D39483 686520DB 8AD44341
DFCA4CD4 D710CD68 2795724E 744A54F5 DA71E9A5 AF4D0CB1 6C31FB0C DE73829A
50095E0E E335BEBA 4EC2CAE0 6EC8842D 8AB3EE92 EC0482E4 C76E4D18 B5E964CB
6486D2F0 B8E15916 3AA62648 05EE6329 1E1583EF 1E79C182 0029D456 8F0A6DC2
C858392D 63B87180 3AE1DCEB B3135222 05514700 88876DED D13CD7B8 DA857924
C62A5D1D F2834D81 1FA7CDD4 198EAB69 40E6FB07 0AF28E65 3E6DE53D C132EE06
262DECBB 1EB14562 512BF059 1731721A CC0074C3 0CBB84CA 73AD0203 010001A3
42304030 0E060355 1D0F0101 FF040403 0201063
*Mar 2 21:40:10.487: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.0 0F060355 1D130101 FF040530
030101FF 301D0603 551D0E04 160414C9 00F91F8A 1FC266BD A5D26D65 0E222E34
C305A030 0D06092A 864886F7 0D01010B 05000382 0101007A BE3C8D27 E8CDE492
1CA68B30 6EC1D9D6 891AC3C0 9975F74E B582C895 2259B7A0 A8508E59 190B6F16
D90FF219 274D504D DEF46D0C E6745C74 F1447F82 92BC5C5E E3B37E25 A38BB910
3C6B5D5D 3E693BDC A85BEDA7 C2BAE8C2 F768CB28 8B707291 CF2C3FBA 75597333
52198294 ED709ED2 67147631 1B26A6A9 F97E7B19 B6E2A752 A2D453EA 6F867833
07C1DE7D DF15D03D 6CA225BC C732F049 7B6DF230 669BD914 5DB60FA5 6C5B926B
86B41304 8763F57D 69AE2262 6C767292 9AF3055E 6633E597 20E00D79 346F311D
585ECDE0 25C1C3A5 DD10DCCE 7E95F6DB 44A75DC6 7192CFA1 81FAF08D E9A6D992
C3E4F0AD DB6CAFEE ADDA8B09 4AFBDA2A 9E981650 077F87
quit
crypto pki certificate chain Cisco_IOS_M2_MIC_cert
certificate 24B271C8000000226D6A
3082046F 30820357 A0030201 02020A24 B271C800 0000226D 6A300D06 092A8648
86F70D01 010B0500 3036310E 300C0603 55040A13 05436973 636F3124 30220603
55040313 1B436973 636F204D 616E7566 61637475 72696E67 20434120 53484132
301E170D 31353036 31363139 32353133 5A170D32 35303631 36313933 3531335A
30818C31 0B300906 03550406 13025553 31133011 06035504 08130A43 616C6966
6F726E69 61311130 0F060355 04071308 53616E20 4A6F7365 31163014 06035504
0A130D43 6973636F 20537973 74656D73 311B3019 06035504 03131241 50314731
2D353437 63363964 62653330 32312030 1E06092A 864886F7 0D010901 16117375
70706F72 74406369 73636F2E 636F6D30 82012230 0D06092A 864886F7 0D010101
05000382 010F0030 82010A02 82010100 A59DAA13 A8BC2AB4 218E2578 C034DA5A
C52227CF 6F147A7A FB5BDDDD 022837AE AD628B0D 07A1862F F681F3C7 AE24A9CC
91533034 67AB4C4F FC6540B8 7021E5C7 D6BB0810 03B6D2E8 B37185BF 21BF7EC5
12B2BF6A CDE7864B 18E9AA3F 5423DA56 C519859B 50C430BA 1CB90FEE 2CA1051F
95AD1A07 55F0D193 8858D83D 5EBD4FED 6B9191E2 EE65F707 DADF27E7 6ED50FDE
DEB1DFFA 8F9CDF9A 8D10F969 169DAC9B E612C7CC 62A31D19 F15C232D D91D0EDF
32BCF44E 09FB1382 4E9A1AF5 EAB87334 75A0DD3D 601EC16F DE97907E 28750A39
846C1AF7 524452C7 EF6C64D1 F99DA6D0 855750C6 7DFF72DC 205EE44F C8FF824A
4BF364
*Mar 2 21:40:13.691: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 192.168.10.40, mask 255.255.255.C5 73BFDEFA 26CE4744 EA3B6CE7 02030100 01A38201 26308201 22300E06
03551D0F 0101FF04 04030205 A0301D06 03551D0E 04160414 70D426D4 5BB51ADF
E7E3F3B8 035CEC49 C23F3F3D 301F0603 551D2304 18301680 147AD779 95CABB48
2BB85514 FDA3C00F BCA70F96 19304006 03551D1F 04393037 3035A033 A031862F
68747470 3A2F2F77 77772E63 6973636F 2E636F6D 2F736563 75726974 792F706B
692F6372 6C2F636D 6361322E 63726C30 4D06082B 06010505 07010104 41303F30
3D06082B 06010505 07300286 31687474 703A2F2F 7777772E 63697360, hostname AP547c.69db.e302
3 6F2E636F
6D2F7365 63757269 74792F70 6B692F63 65727473 2F636D63 61322E63 6572303F
06092B06 01040182 37140204 321E3000 49005000 53004500 43004900 6E007400
65007200 6D006500 64006900 61007400 65004F00 66006600 6C006900 6E006530
0D06092A 864886F7 0D01010B 05000382 01010032 088F12DF 3E964FB0 07B8EE93
53049587 02F3BABA 7EFD8513 DCD7A166 C32B6058 7AB62F58 13A33BDE 847948EB
FBB7DB21 5A660AE2 6DDAF6D0 DA61606D 59B63845 E22E5D7C 7E408641 35529BC2
799BA101 87A7A019 2204E15D C26B6E09 7DA24E90 75D62A13 7E77D65E DAA49604
440DCDC5 DF059E6D 54C7F875 D8D2F4A0 3E1E2DD2 6F65C72C 5842FE94 EC5F7561
2EC96B49 8AB21170 19D6ED65 1CCBBA1A 2FD1B7FF AEB8A19F 8EC7C59F 546EC330
48910A7C B1C6DA46 F6C15A47 23F6D956 B50E2E97 D34299F5 65553631 442D9D29
E75BD8C5 584DD4EC 3FE84FAF D199E460 40B363E7 2404161B 732089AF F8CCA68E
FC902B82 E19A408A 481178AC E4FCE00B 2A2E57
quit
certificate ca 02
30820465 3082034D A0030201 02020102 300D0609 2A864886 F70D0101 0B050030
2B310E30 0C060355 040A1305 43697363 6F311930 17060355 04031310 43697363
6F20526F 6F742043 41204D32 301E170D 31323131 31323133 35303538 5A170D33
37313131 32313330 3031375A 3036310E 300C0603 55040A13 05436973 636F3124
30220603 55040313 1B436973 636F204D 616E7566 61637475 72696E67 20434120
53484132 30820122 300D0609 2A864886 F70D0101 01050003 82010F00 3082010A
02820101 00F4364B 42023267 DE493DF2 153BC145 69E9094E 16B948B4 471EE82A
5B7D8A5E 2DD51E65 DB80A3E4 B4A2DCD3 949C12D8 194C859B 5A72EF6F 5297E65B
DC3B9D0A 3DCD54F7 7B23EE84 5FFAFFD4 C4755067 EF9CDBE4 27D5F84E A577E7C7
9EE3E217 206EF870 C3251777 EF73A9FB DE7B21DA 16C8FBC3 F211D1D4 7246149D
C924A060 D1449C2F 8242C257 AEF7C5EA FF23E502 A0611316 BB6B6FDF A9299903
4BD9206D 5B05F599 63C66D49 E4F12A0D DE5B29D5 FB112569 B1EA4C33 1859FFB6
A1BB3860 1E6520D4 DB6201F2 4444CFE9 3F17AFA4 ED0F4877 EB9E0E50 7716FB59
9E06EFE3 72D96E30 AA697928 D5B6BA1F E6FB7EA5 B9028348 900008EC 2F4A9CCD
3DF268D5 EF020301 0001A382 01873082 0183300E 0603551D 0F0101FF 04040302
01063012 0603551D 130101FF 04083006 0101FF02 0100305C 0603551D 20045530
53305106 0A2B0601 04010915 01120030 43304106 082B0601 05050702 01163568
7474703A 2F2F7777 772E6369 73636F2E 636F6D2F 73656375 72697479 2F706B69
2F706F6C 69636965 732F696E 6465782E 68746D6C 301D0603 551D0E04 1604147A
D77995CA BB482BB8 5514FDA3 C00FBCA7 0F961930 41060355 1D1F043A 30383036
A034A032 86306874 74703A2F 2F777777 2E636973 636F2E63 6F6D2F73 65637572
6974792F 706B692F 63726C2F 63726361 6D322E63 726C307C 06082B06 01050507
01010470 306E303E 06082B06 01050507 30028632 68747470 3A2F2F77 77772E63
6973636F 2E636F6D 2F736563 75726974 792F706B 692F6365 7274732F 63726361
6D322E63 6572302C 06082B06 01050507 30018620 68747470 733A2F2F 746F6F6C
732E6369 73636F2E 636F6D2F 706B692F 6F637370 301F0603 551D2304 18301680
14C900F9 1F8A1FC2 66BDA5D2 6D650E22 2E34C305 A0300D06 092A8648 86F70D01
010B0500 03820101 00735936 AC7E984F 88EE171B 3DABB39B CDF70A6C DBCEC83B
1A53B6AF E081C55E 69FF2717 E706652F 631008D8 7C77C516 F42AD1B5 24691F7D
08D502D0 5BA135F2 9CB690B2 8FE38F8E 993AE6C8 17CCBA1E 8DE74C0B FB43A547
92A48275 90A556EF 75CDB1D5 F4515843 327
Translating "CISCO-CAPWAP-CONTROLLER.h
18F0D 50801D1A E08B52E3 285D9A09
77A03344 71BDEDAD 07B3AD0D FFF39EFF 212A8119 52C46CA1 CEBBC1FA CCE2E1C4
0819D3C6 9ED68410 409A3092 2D086DDF 8B44B1A8 BED1302E 0F32CAA8 93206BDE
ED514BDA C45AF19D EB2BDB65 C0A547DA 4A4528D0 1E377ADF 285AABD3 FC1E4747
322A998B 32B4814C 165CC507 09098178 5FA14EFF 7D8A3AA7 3124520E 28654852
3BC0BE2A 0EAA876E 73
quit
crypto pki certificate chain airespace-old-root-cert
certificate ca 00
30820406 3082032F A0030201 02020100 300D0609 2A864886 F70D0101 04050030
818F310B 30090603 55040613 02555331 13301106 03550408 130A4361 6C69666F
726E6961 3111300F 06035504 07130853 616E204A 6F736531 16301406 0355040A
130D6169 72657370 61636520 496E6331 0D300B06 0355040B 13046E6F 6E65310B
30090603 55040313 02636131 24302206 092A8648 86F70D01 09011615 73757070
6F727440 61697265 73706163 652E636F 6D301E17 0D303330 32313232 33333835
355A170D 31323131 31313233 33383535 5A30818F 310B3009 06035504 06130255
53311330 11060355 0408130A 43616C69 666F726E 69613111 300F0603 55040713
0853616E 204A6F73 65311630 14060355 040A130D 61697265 73706163 6520496E
63310D30 0B060355 040B1304 6E6F6E65 310B3009 06035504 03130263 61312430
2206092A 864886F7 0D010901 16157375 70706F72 74406169 72657370 6163652E
636F6D30 81DF300D 06092A86 4886F70D 01010105 000381CD 003081C9 0281C100
DB9D3901 30059DD1 05CB2793 9B9907F8 1FF57FA9 24065BF7 1A5865F8 B9CFCCB3
679354D4 69BAB847 1CA327AE EA006AAC 90479C9D C23B67DE FACC0D28 32C6103F
A59C41E2 E8B4250B 4D2903EB 52629A99 D618B747 C4A94151 1AB995BB 14905404
5F4A0B9F F387F346 D5F3A249 2AED1B6A 3DD639D8 4924366A 1234DD2D B13CD489
7E2EA101 63BCCC82 2F7A6D0B 33AB5705 3C784A6D A3DD1E5B 96CF54C6 CF4D59BC
1BFD6CB6 E72FCB29 88DCBE6D 4D76FB83 1FAF5683 E4E20822 00A9EB2E 3BEF0DF9
02030100 01A381EF 3081EC30 1D060355 1D0E0416 04149457 DF7D1482 2D31BB28
772E8996 1886DA46 84BA3081 BC060355 1D230481 B43081B1 80149457 DF7D1482
2D31BB28 772E8996 1886DA46 84BAA181 95A48192 30818F31 0B300906 03550406
13025553 31133011 06035504 08130A43 616C6966 6F726E69 61311130 0F060355
04071308 53616E20 4A6F7365 31163014 06035504 0A130D61 69726573 70616365
20496E63 310D300B 06035504 0B13046E 6F6E6531 0B300906 03550403 13026361
31243022 06092A86 4886F70D 01090116 15737570 706F7274 40616972 65737061
63652E63 6F6D8201 00300C06 03551D13 04053003 0101FF30 0D06092A 864886F7
0D010104 05000381 C100AEB0 349DC0F9 2AAA3A57 75B3A79C 5421A9D0 15389261
95C03479 04DA81D4 120F58FA E2299223 BEB54A90 6D70F7F7 2192EFAF A4B0F488
604E3094 BBCC77A3 60A88129 0849B87B 5CA1AA17 21922A55 6B68E0D3 1ADC7264
C4C4D6B2 33345C86 254E4988 096645CD 40F12761 8BC37E71 DAD91677 25322361
71D87A16 F92AF7C1 51CB8892 443BC666 59BEA47B 985E8866 68A1EBD4 88BBF6E7
A949FDF8 7711D518 A80E203D A12BEBDC 6963EDA7 B76079A3 22380C96 0CB8D324
CADD949D EA39E0EF 033D
quit
crypto pki certificate chain airespace-device-root-cert
certificate ca 03
3082047F 308203A8 A0030201 02020103 300D0609 2A864886 F70D0101 04050030
81A6310B 30090603 55040613 02555331 13301106 03550408 130A4361 6C69666F
726E6961 3111300F 06035504 07130853 616E204A 6F736531 17301506 0355040A
130E4169 72657370 61636520 496E632E 31143012 06035504 0B130B45 6E67696E
65657269 6E67311A 30180603 55040313 11416972 65737061 63652052 6F6F7420
43413124 30220609 2A864886 F70D0109 01161573 7570706F 72744061 69726573
70616365 2E636F6D 301E170D 30353034 32383232 33373133 5A170D31 35303132
36323233 3731335A 3081A831 0B300906 03550406 13025553 31133011 06035504
08130A43 616C6966 6F726E69 61311130 0F060355 04071308 53616E20 4A6F7365
31173015 06035504 0A130E41 69726573 70616365 20496E63 2E311430 12060355
040B130B 456E6769 6E656572 696E6731 1C301A06 03550403 13134169 72657370
61636520 44657669 63652043 41312430 2206092A 864886F7 0D010901 16157375
70706F72 74406169 72657370 6163652E 636F6D30 81DF300D 06092A86 4886F70D
01010105 000381CD 003081C9 0281C100 A93C0158 E7284E75 FF86A57A 886ACA37
430BECF0 7582F56B DB6AC514 554FB06E AA327B3E CE3C9391 03C93BA4 0C0AF932
A6CB5DA3 F1C3C528 53BF4E19 2C1BFC48 467EBD93 06B4974A 1273BF35 8AD8540F
261E612B A2673B68 D239C87E 1E9E967B 2654D285 45BB7F78 5F4E9D4B 7B8001AA
2F455CFF 4552ECDB 5667E3FC E7093E06 8FAE353D 4228B48D 8B415D9B F496342D
C1459987 B69BFA4B 51FB67B4 A0C21E7F C6269A39 47EB1D48 5E83B129 8B079E5E
1EDAB5A0 BE5E1DE0 109FF0BD 4750E32B 02030100 01A38201 37308201 33300C06
03551D13 04053003 0101FF30 2E060960 86480186 F842010D 0421161F 41697265
73706163 65204465 76696365 20434120 43657274 69666963 61746530 1D060355
1D0E0416 04140A52 3BB12570 523B9CEA 747FB2AD 3D8F95EA 3FCC3081 D3060355
1D230481 CB3081C8 8014538D 8360478D C20F8066 3232E9E1 7070552B 17EAA181
ACA481A9 3081A631 0B300906 03550406 13025553 31133011 06035504 08130A43
616C6966 6F726E69 61311130 0F060355 04071308 53616E20 4A6F7365 31173015
06035504 0A130E41 69726573 70616365 20496E63 2E311430 12060355 040B130B
456E6769 6E656572 696E6731 1A301806 03550403 13114169 72657370 61636520
526F6F74 20434131 24302206 092A8648 86F70D01 09011615 73757070 6F727440
61697265 73706163 652E636F 6D820100 300D0609 2A864886 F70D0101 04050003
81C100A0 E8D59D9B DA9EED0C 96045DFE A37084EC 59B5C3D3 71694DB0 70664E0C
8060D69E E366E81F 9F3CCF68 8AB0498E CCFA6CA7 2854F2D8 046690C9 8FEC84EF
2F7F0F08 C90F719D C0F4C125 CED1B525 6DD93E51 777BD5E8 7F1DC79F CC502DC2
0242C05D 1682DEE3 DF7541B8 C55B433C 10DFE2BF D2E802E7 D923329A 23A2076F
86BCC048 D569B383 59AC8979 97F02C55 6F8FE318 754F605C 43CDA7C8 1847B085
1DADF0D6 CD62C8DE A86E6E12 4A7CDCBF A6FCC7E1 852A1DB1 529D63B3 688305F6 7BD25F
quit
crypto pki certificate chain Cisco_IOS_MIC_cert
certificate 3AB3AB8E000000043294
30820470 30820358 A0030201 02020A3A B3AB8E00 00000432 94300D06 092A8648
86F70D01 01050500 30393116 30140603 55040A13 0D436973 636F2053 79737465
6D73311F 301D0603 55040313 16436973 636F204D 616E7566 61637475 72696E67
20434130 1E170D31 35303631 36313932 3230365A 170D3235 30363136 31393332
30365A30 818C310B 30090603 55040613 02555331 13301106 03550408 130A4361
6C69666F 726E6961 3111300F 06035504 07130853 616E204A 6F736531 16301406
0355040A 130D4369 73636F20 53797374 656D7331 1B301906 03550403 13124150
3147312D 35343763 36396462 65333032 3120301E 06092A86 4886F70D 01090116
11737570 706F7274 40636973 636F2E63 6F6D3082 0122300D 06092A86 4886F70D
01010105 00038201 0F003082 010A0282 010100B3 91217779 D32CCE22 5623B724
396F3AAF 5DB79119 31618AE8 AF852B8C 3939199B 8CB594F4 FBA2CEE4 9A758068
5BF986E3 ED15AF84 79D5713D 5290212A 7E738A1F 6CA946C9 0E7583FF 7B4C266F
0EF78B3D 95C33B11 E2757847 4F8C0FB9 294EDC53 D737CA5D 81D499C0 3B8B3315
F42AB6A3 87B3578F C21F6926 5E424B80 7F18C52B 2489123A 7758DC8E BFD8786E
1DB5E289 7C99EB52 BB30BE40 5D657D50 6D7C2CAF 3D472EFA A5B95DCF 3E316374
9704D365 BBEAC751 9D321C80 BBD2D1E3 8A875468 40D94EE2 9C892709 5E6090BA
2449EBCE 002C62E5 3377040A B61C423E FF2E40BF C89216DC 9A1F78BF 28D23C86
21F79136 067674A9 B163339F 81D2F449 CAB06F02 03010001 A3820124 30820120
300E0603 551D0F01 01FF0404 030205A0 301D0603 551D0E04 1604147F 7815E069
7A5CCFCA 9BC64762 77DCD6AF B880D230 1F060355 1D230418 30168014 D0C52226
AB4F4660 ECAE0591 C7DC5AD1 B047F76C 303F0603 551D1F04 38303630 34A032A0
30862E68 7474703A 2F2F7777 772E6369 73636F2E 636F6D2F 73656375 72697479
2F706B69 2F63726C 2F636D63 612E6372 6C304C06 082B0601 05050701 01044030
3E303C06 082B0601 05050730 02863068 7474703A 2F2F7777 772E6369 73636F2E
636F6D2F 73656375 72697479 2F706B69 2F636572 74732F63 6D63612E 63657230
3F06092B 06010401 82371402 04321E30 00490050 00530045 00430049 006E0074
00650072 006D0065 00640069 00610074 0065004F 00660066 006C0069 006E0065
300D0609 2A864886 F70D0101 05050003 82010100 4691B85D 59A0B082 846BB4B8
C170ED90 0641D4E9 771A8A71 2E433B60 C3F726B3 8EE2F076 7836F649 AE937EF3
1F582522 A44311A3 6DB9C45A 18A24B1B 08D3F25D 1D5BD5D3 A990AB53 76DFCB50
4E63FEFD DF4EAC90 8F5D199E 98F2FFA7 2485F93E 4098DD56 89C4D0D5 2598A667
EBEB835D E1752EA6 B95ECF60 5684A10E FDB33528 7F4131D1 1CD06E83 83F316BB
0EC6F36B 3A1FFC18 0FF7880B 0E78B5CE E6D39AD4 AF99179D 0FEEF37E 699DF584
7CBA03E2 3EEE897F 3FC61BE1 8B14215A 7DEC5FA9 0E1CEEAD 145707BD 45F198E0
4BFA7142 F2D4EEF6 A0DCE7A8 6B4174E3 748BB106 FAEF8D9B F4108718 35C4F87F
49A4D16A 49F619B3 D3FD580C 3AE5F193 0AFB0F7F
quit
certificate ca 6A6967B3000000000003
308204D9 308203C1 A0030201 02020A6A 6967B300 00000000 03300D06 092A8648
86F70D01 01050500 30353116 30140603 55040A13 0D436973 636F2053 79737465
6D73311B 30190603 55040313 12436973 636F2052 6F6F7420 43412032 30343830
1E170D30 35303631 30323231 3630315A 170D3239 30353134 32303235 34325A30
39311630 14060355 040A130D 43697363 6F205379 7374656D 73311F30 1D060355
04031316 43697363 6F204D61 6E756661 63747572 696E6720 43413082 0120300D
06092A86 4886F70D 01010105 00038201 0D003082 01080282 010100A0 C5F7DC96
943515F1 F4994EBB 9B41E17D DB791691 BBF354F2 414A9432 6262C923 F79AE7BB
9B79E807 294E30F5 AE1BC521 5646B0F8 F4E68E81 B816CCA8 9B85D242 81DB7CCB
94A91161 121C5CEA 33201C9A 16A77DDB 99066AE2 36AFECF8 0AFF9867 07F430EE
A5F8881A AAE8C73C 1CCEEE48 FDCD5C37 F186939E 3D71757D 34EE4B14 A9C0297B
0510EF87 9E693130 F548363F D8ABCE15 E2E8589F 3E627104 8726A415 620125AA
D5DFC9C9 5BB8C9A1 077BBE68 92939320 A86CBD15 75D3445D 454BECA8 DA60C7D8
C8D5C8ED 41E1F55F 578E5332 9349D5D9 0FF836AA 07C43241 C5A7AF1D 19FFF673
99395A73 67621334 0D1F5E95 70526417 06EC535C 5CDB6AEA 35004102 0103A382
01E73082 01E33012 0603551D 130101FF 04083006 0101FF02 0100301D 0603551D
0E041604 14D0C522 26AB4F46 60ECAE05 91C7DC5A D1B047F7 6C300B06 03551D0F
04040302 01863010 06092B06 01040182 37150104 03020100 30190609 2B060104
01823714 02040C1E 0A005300 75006200 43004130 1F060355 1D230418 30168014
27F3C815 1E6E9A02 0916AD2B A089605F DA7B2FAA 30430603 551D1F04 3C303A30
38A036A0 34863268 7474703A 2F2F7777 772E6369 73636F2E 636F6D2F 73656375
72697479 2F706B69 2F63726C 2F637263 61323034 382E6372 6C305006 082B0601
05050701 01044430 42304006 082B0601 05050730 02863468 7474703A 2F2F7777
772E6369 73636F2E 636F6D2F 73656375 72697479 2F706B69 2F636572 74732F63
72636132 3034382E 63657230 5C060355 1D200455 30533051 060A2B06 01040109
15010200 30433041 06082B06 01050507 02011635 68747470 3A2F2F77 77772E63
6973636F 2E636F6D 2F736563 75726974 792F706B 692F706F 6C696369 65732F69
6E646578 2E68746D 6C305E06 03551D25 04573055 06082B06 01050507 03010608
2B060105 05070302 06082B06 01050507 03050608 2B060105 05070306 06082B06
01050507 0307060A 2B060104 0182370A 0301060A 2B060104 01823714 02010609
2B060104 01823715 06300D06 092A8648 86F70D01 01050500 03820101 0030F330
2D8CF2CA 374A6499 24290AF2 86AA42D5 23E8A2EA 2B6F6923 7A828E1C 4C09CFA4
4FAB842F 37E96560 D19AC6D8 F30BF5DE D027005C 6F1D91BD D14E5851 1DC9E3F7
38E7D30B D168BE8E 22A54B06 E1E6A4AA 337D1A75 BA26F370 C66100A5 C379265B
A719D193 8DAB9B10 11291FA1 82FDFD3C 4B6E65DC 934505E9 AF336B67 23070686
22DAEBDC 87CF5921 421AE9CF 707588E0 243D5D7D 4E963880 97D56FF0 9B71D8BA
6019A5B0 6186ADDD 6566F6B9 27A2EE2F 619BBAA1 3061FDBE AC3514F9 B82D9706
AFC3EF6D CC3D3CEB 95E981D3 8A5EB6CE FA79A46B D7A25764 C43F4CC9 DBE882EC
0166D410 88A256E5 3C57EDE9 02A84891 6307AB61 264B1A13 9FE4DCDA 5F
quit
username Cisco secret 5 $1$oX64$i5/EIhkbmZYUaGGW5B
!
!
ip ssh version 2
lldp run
bridge irb
!
!
!
interface Dot11Radio0
no ip route-cache
antenna gain 0
mbssid
power local 5
power client local
packet retries 64 drop-packet
station-role root
no cdp enable
!
interface Dot11Radio1
no ip route-cache
antenna gain 0
peakdetect
mbssid
power local 4
power client local
packet retries 64 drop-packet
station-role root
no cdp enable
!
interface GigabitEthernet0
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
!
interface BVI1
mac-address 547c.69db.e302
no ip address
no ip route-cache
ipv6 address dhcp
ipv6 address autoconfig
ipv6 enable
!
ip forward-protocol nd
no ip http server
!
logging trap emergencies
logging origin-id string AP:547c.69db.e302
logging facility kern
logging host 255.255.255.255
!
!
bridge 1 protocol ieee
bridge 1 route ip
parser view capwap-config-view
secret 5 $1$7vks$4jfJi/bvncWDT6BJrA
commands configure include all capwap
commands exec include all enable
commands exec include configure terminal
commands exec include configure
commands exec include all show capwap
commands exec include show running-config
commands exec include show
!
!
line con 0
line vty 0 4
transport input none
line vty 5 198
transport input none
!
end
AP547c.69db.e302#$
AP547c.69db.e302#show run
Building configuration...
Current configuration : 20767 bytes
!
! Last configuration change at 21:39:14 UTC Tue Mar 2 1993 by Cisco
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AP547c.69db.e302
!
!
logging rate-limit console 9
enable secret 5 $1$7vks$4jfJi/bvncWDT6BJrA
!
aaa new-model
!
!
aaa authentication login default local
!
!
!
!
!
aaa session-id common
no ip routing
no ip cef
!
!
!
!
power inline negotiation prestandard source
eap profile lwapp_eap_profile
method fast
!
!
crypto pki trustpoint cisco-m2-root-cert
revocation-check none
rsakeypair Cisco_IOS_M2_MIC_Keys
!
crypto pki trustpoint Cisco_IOS_M2_MIC_cert
revocation-check none
rsakeypair Cisco_IOS_M2_MIC_Keys
!
crypto pki trustpoint airespace-old-root-cert
--More--
Not in Bo revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint airespace-device-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint Cisco_IOS_MIC_cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
!
crypto pki certificate chain cisco-m2-root-cert
certificate ca 01
30820313 308201FB A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
2B310E30 0C060355 040A1305 43697363 6F311930 17060355 04031310 43697363
6F20526F 6F742043 41204D32 301E170D 31323131 31323133 30303138 5A170D33
37313131 32313330 3031385A 302B310E 300C0603 55040A13 05436973 636F3119
30170603 55040313 10436973 636F2052 6F6F7420 4341204D 32308201 22300D06
092A8648 86F70D01 01010500 0382010F 00308201 0A028201 0100D806 2521134F
8D3A757C E93DC874 413B4DA0 65F9C2BF 9484EF6B 0B7187D4 58C26032 2CBACCBA
BB6334DB B312426A 798586B3 E87FC992 8BE3A737 45D39483 686520DB 8AD44341
DFCA4CD4 D710CD68 2795724E 744A54F5 DA71E9A5 AF4D0CB1 6C31FB0C DE73829A
50095E0E E335BEBA 4EC2CAE0 6EC8842D 8AB3EE92 EC0482E4 C76E4D18 B5E964CB
6486D2F0 B8E15916 3AA62648 05EE6329 1E1583EF 1E79C182 0029D456 8F0A6DC2
C858392D 63B87180 3AE1DCEB B3135222 05514700 88876DED D13CD7B8 DA857924
C62A5D1D F2834D81 1FA7CDD4 198EAB69 40E6FB07 0AF28E65 3E6DE53D C132EE06
262DECBB 1EB14562 512BF059 1731721A CC0074C3 0CBB84CA 73AD0203 010001A3
42304030 0E060355 1D0F0101 FF040403 0201063
*Mar 2 21:40:10.487: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.0 0F060355 1D130101 FF040530
030101FF 301D0603 551D0E04 160414C9 00F91F8A 1FC266BD A5D26D65 0E222E34
C305A030 0D06092A 864886F7 0D01010B 05000382 0101007A BE3C8D27 E8CDE492
1CA68B30 6EC1D9D6 891AC3C0 9975F74E B582C895 2259B7A0 A8508E59 190B6F16
D90FF219 274D504D DEF46D0C E6745C74 F1447F82 92BC5C5E E3B37E25 A38BB910
3C6B5D5D 3E693BDC A85BEDA7 C2BAE8C2 F768CB28 8B707291 CF2C3FBA 75597333
52198294 ED709ED2 67147631 1B26A6A9 F97E7B19 B6E2A752 A2D453EA 6F867833
07C1DE7D DF15D03D 6CA225BC C732F049 7B6DF230 669BD914 5DB60FA5 6C5B926B
86B41304 8763F57D 69AE2262 6C767292 9AF3055E 6633E597 20E00D79 346F311D
585ECDE0 25C1C3A5 DD10DCCE 7E95F6DB 44A75DC6 7192CFA1 81FAF08D E9A6D992
C3E4F0AD DB6CAFEE ADDA8B09 4AFBDA2A 9E981650 077F87
quit
crypto pki certificate chain Cisco_IOS_M2_MIC_cert
certificate 24B271C8000000226D6A
3082046F 30820357 A0030201 02020A24 B271C800 0000226D 6A300D06 092A8648
86F70D01 010B0500 3036310E 300C0603 55040A13 05436973 636F3124 30220603
55040313 1B436973 636F204D 616E7566 61637475 72696E67 20434120 53484132
301E170D 31353036 31363139 32353133 5A170D32 35303631 36313933 3531335A
30818C31 0B300906 03550406 13025553 31133011 06035504 08130A43 616C6966
6F726E69 61311130 0F060355 04071308 53616E20 4A6F7365 31163014 06035504
0A130D43 6973636F 20537973 74656D73 311B3019 06035504 03131241 50314731
2D353437 63363964 62653330 32312030 1E06092A 864886F7 0D010901 16117375
70706F72 74406369 73636F2E 636F6D30 82012230 0D06092A 864886F7 0D010101
05000382 010F0030 82010A02 82010100 A59DAA13 A8BC2AB4 218E2578 C034DA5A
C52227CF 6F147A7A FB5BDDDD 022837AE AD628B0D 07A1862F F681F3C7 AE24A9CC
91533034 67AB4C4F FC6540B8 7021E5C7 D6BB0810 03B6D2E8 B37185BF 21BF7EC5
12B2BF6A CDE7864B 18E9AA3F 5423DA56 C519859B 50C430BA 1CB90FEE 2CA1051F
95AD1A07 55F0D193 8858D83D 5EBD4FED 6B9191E2 EE65F707 DADF27E7 6ED50FDE
DEB1DFFA 8F9CDF9A 8D10F969 169DAC9B E612C7CC 62A31D19 F15C232D D91D0EDF
32BCF44E 09FB1382 4E9A1AF5 EAB87334 75A0DD3D 601EC16F DE97907E 28750A39
846C1AF7 524452C7 EF6C64D1 F99DA6D0 855750C6 7DFF72DC 205EE44F C8FF824A
4BF364
*Mar 2 21:40:13.691: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 192.168.10.40, mask 255.255.255.C5 73BFDEFA 26CE4744 EA3B6CE7 02030100 01A38201 26308201 22300E06
03551D0F 0101FF04 04030205 A0301D06 03551D0E 04160414 70D426D4 5BB51ADF
E7E3F3B8 035CEC49 C23F3F3D 301F0603 551D2304 18301680 147AD779 95CABB48
2BB85514 FDA3C00F BCA70F96 19304006 03551D1F 04393037 3035A033 A031862F
68747470 3A2F2F77 77772E63 6973636F 2E636F6D 2F736563 75726974 792F706B
692F6372 6C2F636D 6361322E 63726C30 4D06082B 06010505 07010104 41303F30
3D06082B 06010505 07300286 31687474 703A2F2F 7777772E 63697360, hostname AP547c.69db.e302
3 6F2E636F
6D2F7365 63757269 74792F70 6B692F63 65727473 2F636D63 61322E63 6572303F
06092B06 01040182 37140204 321E3000 49005000 53004500 43004900 6E007400
65007200 6D006500 64006900 61007400 65004F00 66006600 6C006900 6E006530
0D06092A 864886F7 0D01010B 05000382 01010032 088F12DF 3E964FB0 07B8EE93
53049587 02F3BABA 7EFD8513 DCD7A166 C32B6058 7AB62F58 13A33BDE 847948EB
FBB7DB21 5A660AE2 6DDAF6D0 DA61606D 59B63845 E22E5D7C 7E408641 35529BC2
799BA101 87A7A019 2204E15D C26B6E09 7DA24E90 75D62A13 7E77D65E DAA49604
440DCDC5 DF059E6D 54C7F875 D8D2F4A0 3E1E2DD2 6F65C72C 5842FE94 EC5F7561
2EC96B49 8AB21170 19D6ED65 1CCBBA1A 2FD1B7FF AEB8A19F 8EC7C59F 546EC330
48910A7C B1C6DA46 F6C15A47 23F6D956 B50E2E97 D34299F5 65553631 442D9D29
E75BD8C5 584DD4EC 3FE84FAF D199E460 40B363E7 2404161B 732089AF F8CCA68E
FC902B82 E19A408A 481178AC E4FCE00B 2A2E57
quit
certificate ca 02
30820465 3082034D A0030201 02020102 300D0609 2A864886 F70D0101 0B050030
2B310E30 0C060355 040A1305 43697363 6F311930 17060355 04031310 43697363
6F20526F 6F742043 41204D32 301E170D 31323131 31323133 35303538 5A170D33
37313131 32313330 3031375A 3036310E 300C0603 55040A13 05436973 636F3124
30220603 55040313 1B436973 636F204D 616E7566 61637475 72696E67 20434120
53484132 30820122 300D0609 2A864886 F70D0101 01050003 82010F00 3082010A
02820101 00F4364B 42023267 DE493DF2 153BC145 69E9094E 16B948B4 471EE82A
5B7D8A5E 2DD51E65 DB80A3E4 B4A2DCD3 949C12D8 194C859B 5A72EF6F 5297E65B
DC3B9D0A 3DCD54F7 7B23EE84 5FFAFFD4 C4755067 EF9CDBE4 27D5F84E A577E7C7
9EE3E217 206EF870 C3251777 EF73A9FB DE7B21DA 16C8FBC3 F211D1D4 7246149D
C924A060 D1449C2F 8242C257 AEF7C5EA FF23E502 A0611316 BB6B6FDF A9299903
4BD9206D 5B05F599 63C66D49 E4F12A0D DE5B29D5 FB112569 B1EA4C33 1859FFB6
A1BB3860 1E6520D4 DB6201F2 4444CFE9 3F17AFA4 ED0F4877 EB9E0E50 7716FB59
9E06EFE3 72D96E30 AA697928 D5B6BA1F E6FB7EA5 B9028348 900008EC 2F4A9CCD
3DF268D5 EF020301 0001A382 01873082 0183300E 0603551D 0F0101FF 04040302
01063012 0603551D 130101FF 04083006 0101FF02 0100305C 0603551D 20045530
53305106 0A2B0601 04010915 01120030 43304106 082B0601 05050702 01163568
7474703A 2F2F7777 772E6369 73636F2E 636F6D2F 73656375 72697479 2F706B69
2F706F6C 69636965 732F696E 6465782E 68746D6C 301D0603 551D0E04 1604147A
D77995CA BB482BB8 5514FDA3 C00FBCA7 0F961930 41060355 1D1F043A 30383036
A034A032 86306874 74703A2F 2F777777 2E636973 636F2E63 6F6D2F73 65637572
6974792F 706B692F 63726C2F 63726361 6D322E63 726C307C 06082B06 01050507
01010470 306E303E 06082B06 01050507 30028632 68747470 3A2F2F77 77772E63
6973636F 2E636F6D 2F736563 75726974 792F706B 692F6365 7274732F 63726361
6D322E63 6572302C 06082B06 01050507 30018620 68747470 733A2F2F 746F6F6C
732E6369 73636F2E 636F6D2F 706B692F 6F637370 301F0603 551D2304 18301680
14C900F9 1F8A1FC2 66BDA5D2 6D650E22 2E34C305 A0300D06 092A8648 86F70D01
010B0500 03820101 00735936 AC7E984F 88EE171B 3DABB39B CDF70A6C DBCEC83B
1A53B6AF E081C55E 69FF2717 E706652F 631008D8 7C77C516 F42AD1B5 24691F7D
08D502D0 5BA135F2 9CB690B2 8FE38F8E 993AE6C8 17CCBA1E 8DE74C0B FB43A547
92A48275 90A556EF 75CDB1D5 F4515843 327
Translating "CISCO-CAPWAP-CONTROLLER.h
18F0D 50801D1A E08B52E3 285D9A09
77A03344 71BDEDAD 07B3AD0D FFF39EFF 212A8119 52C46CA1 CEBBC1FA CCE2E1C4
0819D3C6 9ED68410 409A3092 2D086DDF 8B44B1A8 BED1302E 0F32CAA8 93206BDE
ED514BDA C45AF19D EB2BDB65 C0A547DA 4A4528D0 1E377ADF 285AABD3 FC1E4747
322A998B 32B4814C 165CC507 09098178 5FA14EFF 7D8A3AA7 3124520E 28654852
3BC0BE2A 0EAA876E 73
quit
crypto pki certificate chain airespace-old-root-cert
certificate ca 00
30820406 3082032F A0030201 02020100 300D0609 2A864886 F70D0101 04050030
818F310B 30090603 55040613 02555331 13301106 03550408 130A4361 6C69666F
726E6961 3111300F 06035504 07130853 616E204A 6F736531 16301406 0355040A
130D6169 72657370 61636520 496E6331 0D300B06 0355040B 13046E6F 6E65310B
30090603 55040313 02636131 24302206 092A8648 86F70D01 09011615 73757070
6F727440 61697265 73706163 652E636F 6D301E17 0D303330 32313232 33333835
355A170D 31323131 31313233 33383535 5A30818F 310B3009 06035504 06130255
53311330 11060355 0408130A 43616C69 666F726E 69613111 300F0603 55040713
0853616E 204A6F73 65311630 14060355 040A130D 61697265 73706163 6520496E
63310D30 0B060355 040B1304 6E6F6E65 310B3009 06035504 03130263 61312430
2206092A 864886F7 0D010901 16157375 70706F72 74406169 72657370 6163652E
636F6D30 81DF300D 06092A86 4886F70D 01010105 000381CD 003081C9 0281C100
DB9D3901 30059DD1 05CB2793 9B9907F8 1FF57FA9 24065BF7 1A5865F8 B9CFCCB3
679354D4 69BAB847 1CA327AE EA006AAC 90479C9D C23B67DE FACC0D28 32C6103F
A59C41E2 E8B4250B 4D2903EB 52629A99 D618B747 C4A94151 1AB995BB 14905404
5F4A0B9F F387F346 D5F3A249 2AED1B6A 3DD639D8 4924366A 1234DD2D B13CD489
7E2EA101 63BCCC82 2F7A6D0B 33AB5705 3C784A6D A3DD1E5B 96CF54C6 CF4D59BC
1BFD6CB6 E72FCB29 88DCBE6D 4D76FB83 1FAF5683 E4E20822 00A9EB2E 3BEF0DF9
02030100 01A381EF 3081EC30 1D060355 1D0E0416 04149457 DF7D1482 2D31BB28
772E8996 1886DA46 84BA3081 BC060355 1D230481 B43081B1 80149457 DF7D1482
2D31BB28 772E8996 1886DA46 84BAA181 95A48192 30818F31 0B300906 03550406
13025553 31133011 06035504 08130A43 616C6966 6F726E69 61311130 0F060355
04071308 53616E20 4A6F7365 31163014 06035504 0A130D61 69726573 70616365
20496E63 310D300B 06035504 0B13046E 6F6E6531 0B300906 03550403 13026361
31243022 06092A86 4886F70D 01090116 15737570 706F7274 40616972 65737061
63652E63 6F6D8201 00300C06 03551D13 04053003 0101FF30 0D06092A 864886F7
0D010104 05000381 C100AEB0 349DC0F9 2AAA3A57 75B3A79C 5421A9D0 15389261
95C03479 04DA81D4 120F58FA E2299223 BEB54A90 6D70F7F7 2192EFAF A4B0F488
604E3094 BBCC77A3 60A88129 0849B87B 5CA1AA17 21922A55 6B68E0D3 1ADC7264
C4C4D6B2 33345C86 254E4988 096645CD 40F12761 8BC37E71 DAD91677 25322361
71D87A16 F92AF7C1 51CB8892 443BC666 59BEA47B 985E8866 68A1EBD4 88BBF6E7
A949FDF8 7711D518 A80E203D A12BEBDC 6963EDA7 B76079A3 22380C96 0CB8D324
CADD949D EA39E0EF 033D
quit
crypto pki certificate chain airespace-device-root-cert
certificate ca 03
3082047F 308203A8 A0030201 02020103 300D0609 2A864886 F70D0101 04050030
81A6310B 30090603 55040613 02555331 13301106 03550408 130A4361 6C69666F
726E6961 3111300F 06035504 07130853 616E204A 6F736531 17301506 0355040A
130E4169 72657370 61636520 496E632E 31143012 06035504 0B130B45 6E67696E
65657269 6E67311A 30180603 55040313 11416972 65737061 63652052 6F6F7420
43413124 30220609 2A864886 F70D0109 01161573 7570706F 72744061 69726573
70616365 2E636F6D 301E170D 30353034 32383232 33373133 5A170D31 35303132
36323233 3731335A 3081A831 0B300906 03550406 13025553 31133011 06035504
08130A43 616C6966 6F726E69 61311130 0F060355 04071308 53616E20 4A6F7365
31173015 06035504 0A130E41 69726573 70616365 20496E63 2E311430 12060355
040B130B 456E6769 6E656572 696E6731 1C301A06 03550403 13134169 72657370
61636520 44657669 63652043 41312430 2206092A 864886F7 0D010901 16157375
70706F72 74406169 72657370 6163652E 636F6D30 81DF300D 06092A86 4886F70D
01010105 000381CD 003081C9 0281C100 A93C0158 E7284E75 FF86A57A 886ACA37
430BECF0 7582F56B DB6AC514 554FB06E AA327B3E CE3C9391 03C93BA4 0C0AF932
A6CB5DA3 F1C3C528 53BF4E19 2C1BFC48 467EBD93 06B4974A 1273BF35 8AD8540F
261E612B A2673B68 D239C87E 1E9E967B 2654D285 45BB7F78 5F4E9D4B 7B8001AA
2F455CFF 4552ECDB 5667E3FC E7093E06 8FAE353D 4228B48D 8B415D9B F496342D
C1459987 B69BFA4B 51FB67B4 A0C21E7F C6269A39 47EB1D48 5E83B129 8B079E5E
1EDAB5A0 BE5E1DE0 109FF0BD 4750E32B 02030100 01A38201 37308201 33300C06
03551D13 04053003 0101FF30 2E060960 86480186 F842010D 0421161F 41697265
73706163 65204465 76696365 20434120 43657274 69666963 61746530 1D060355
1D0E0416 04140A52 3BB12570 523B9CEA 747FB2AD 3D8F95EA 3FCC3081 D3060355
1D230481 CB3081C8 8014538D 8360478D C20F8066 3232E9E1 7070552B 17EAA181
ACA481A9 3081A631 0B300906 03550406 13025553 31133011 06035504 08130A43
616C6966 6F726E69 61311130 0F060355 04071308 53616E20 4A6F7365 31173015
06035504 0A130E41 69726573 70616365 20496E63 2E311430 12060355 040B130B
456E6769 6E656572 696E6731 1A301806 03550403 13114169 72657370 61636520
526F6F74 20434131 24302206 092A8648 86F70D01 09011615 73757070 6F727440
61697265 73706163 652E636F 6D820100 300D0609 2A864886 F70D0101 04050003
81C100A0 E8D59D9B DA9EED0C 96045DFE A37084EC 59B5C3D3 71694DB0 70664E0C
8060D69E E366E81F 9F3CCF68 8AB0498E CCFA6CA7 2854F2D8 046690C9 8FEC84EF
2F7F0F08 C90F719D C0F4C125 CED1B525 6DD93E51 777BD5E8 7F1DC79F CC502DC2
0242C05D 1682DEE3 DF7541B8 C55B433C 10DFE2BF D2E802E7 D923329A 23A2076F
86BCC048 D569B383 59AC8979 97F02C55 6F8FE318 754F605C 43CDA7C8 1847B085
1DADF0D6 CD62C8DE A86E6E12 4A7CDCBF A6FCC7E1 852A1DB1 529D63B3 688305F6 7BD25F
quit
crypto pki certificate chain Cisco_IOS_MIC_cert
certificate 3AB3AB8E000000043294
30820470 30820358 A0030201 02020A3A B3AB8E00 00000432 94300D06 092A8648
86F70D01 01050500 30393116 30140603 55040A13 0D436973 636F2053 79737465
6D73311F 301D0603 55040313 16436973 636F204D 616E7566 61637475 72696E67
20434130 1E170D31 35303631 36313932 3230365A 170D3235 30363136 31393332
30365A30 818C310B 30090603 55040613 02555331 13301106 03550408 130A4361
6C69666F 726E6961 3111300F 06035504 07130853 616E204A 6F736531 16301406
0355040A 130D4369 73636F20 53797374 656D7331 1B301906 03550403 13124150
3147312D 35343763 36396462 65333032 3120301E 06092A86 4886F70D 01090116
11737570 706F7274 40636973 636F2E63 6F6D3082 0122300D 06092A86 4886F70D
01010105 00038201 0F003082 010A0282 010100B3 91217779 D32CCE22 5623B724
396F3AAF 5DB79119 31618AE8 AF852B8C 3939199B 8CB594F4 FBA2CEE4 9A758068
5BF986E3 ED15AF84 79D5713D 5290212A 7E738A1F 6CA946C9 0E7583FF 7B4C266F
0EF78B3D 95C33B11 E2757847 4F8C0FB9 294EDC53 D737CA5D 81D499C0 3B8B3315
F42AB6A3 87B3578F C21F6926 5E424B80 7F18C52B 2489123A 7758DC8E BFD8786E
1DB5E289 7C99EB52 BB30BE40 5D657D50 6D7C2CAF 3D472EFA A5B95DCF 3E316374
9704D365 BBEAC751 9D321C80 BBD2D1E3 8A875468 40D94EE2 9C892709 5E6090BA
2449EBCE 002C62E5 3377040A B61C423E FF2E40BF C89216DC 9A1F78BF 28D23C86
21F79136 067674A9 B163339F 81D2F449 CAB06F02 03010001 A3820124 30820120
300E0603 551D0F01 01FF0404 030205A0 301D0603 551D0E04 1604147F 7815E069
7A5CCFCA 9BC64762 77DCD6AF B880D230 1F060355 1D230418 30168014 D0C52226
AB4F4660 ECAE0591 C7DC5AD1 B047F76C 303F0603 551D1F04 38303630 34A032A0
30862E68 7474703A 2F2F7777 772E6369 73636F2E 636F6D2F 73656375 72697479
2F706B69 2F63726C 2F636D63 612E6372 6C304C06 082B0601 05050701 01044030
3E303C06 082B0601 05050730 02863068 7474703A 2F2F7777 772E6369 73636F2E
636F6D2F 73656375 72697479 2F706B69 2F636572 74732F63 6D63612E 63657230
3F06092B 06010401 82371402 04321E30 00490050 00530045 00430049 006E0074
00650072 006D0065 00640069 00610074 0065004F 00660066 006C0069 006E0065
300D0609 2A864886 F70D0101 05050003 82010100 4691B85D 59A0B082 846BB4B8
C170ED90 0641D4E9 771A8A71 2E433B60 C3F726B3 8EE2F076 7836F649 AE937EF3
1F582522 A44311A3 6DB9C45A 18A24B1B 08D3F25D 1D5BD5D3 A990AB53 76DFCB50
4E63FEFD DF4EAC90 8F5D199E 98F2FFA7 2485F93E 4098DD56 89C4D0D5 2598A667
EBEB835D E1752EA6 B95ECF60 5684A10E FDB33528 7F4131D1 1CD06E83 83F316BB
0EC6F36B 3A1FFC18 0FF7880B 0E78B5CE E6D39AD4 AF99179D 0FEEF37E 699DF584
7CBA03E2 3EEE897F 3FC61BE1 8B14215A 7DEC5FA9 0E1CEEAD 145707BD 45F198E0
4BFA7142 F2D4EEF6 A0DCE7A8 6B4174E3 748BB106 FAEF8D9B F4108718 35C4F87F
49A4D16A 49F619B3 D3FD580C 3AE5F193 0AFB0F7F
quit
certificate ca 6A6967B3000000000003
308204D9 308203C1 A0030201 02020A6A 6967B300 00000000 03300D06 092A8648
86F70D01 01050500 30353116 30140603 55040A13 0D436973 636F2053 79737465
6D73311B 30190603 55040313 12436973 636F2052 6F6F7420 43412032 30343830
1E170D30 35303631 30323231 3630315A 170D3239 30353134 32303235 34325A30
39311630 14060355 040A130D 43697363 6F205379 7374656D 73311F30 1D060355
04031316 43697363 6F204D61 6E756661 63747572 696E6720 43413082 0120300D
06092A86 4886F70D 01010105 00038201 0D003082 01080282 010100A0 C5F7DC96
943515F1 F4994EBB 9B41E17D DB791691 BBF354F2 414A9432 6262C923 F79AE7BB
9B79E807 294E30F5 AE1BC521 5646B0F8 F4E68E81 B816CCA8 9B85D242 81DB7CCB
94A91161 121C5CEA 33201C9A 16A77DDB 99066AE2 36AFECF8 0AFF9867 07F430EE
A5F8881A AAE8C73C 1CCEEE48 FDCD5C37 F186939E 3D71757D 34EE4B14 A9C0297B
0510EF87 9E693130 F548363F D8ABCE15 E2E8589F 3E627104 8726A415 620125AA
D5DFC9C9 5BB8C9A1 077BBE68 92939320 A86CBD15 75D3445D 454BECA8 DA60C7D8
C8D5C8ED 41E1F55F 578E5332 9349D5D9 0FF836AA 07C43241 C5A7AF1D 19FFF673
99395A73 67621334 0D1F5E95 70526417 06EC535C 5CDB6AEA 35004102 0103A382
01E73082 01E33012 0603551D 130101FF 04083006 0101FF02 0100301D 0603551D
0E041604 14D0C522 26AB4F46 60ECAE05 91C7DC5A D1B047F7 6C300B06 03551D0F
04040302 01863010 06092B06 01040182 37150104 03020100 30190609 2B060104
01823714 02040C1E 0A005300 75006200 43004130 1F060355 1D230418 30168014
27F3C815 1E6E9A02 0916AD2B A089605F DA7B2FAA 30430603 551D1F04 3C303A30
38A036A0 34863268 7474703A 2F2F7777 772E6369 73636F2E 636F6D2F 73656375
72697479 2F706B69 2F63726C 2F637263 61323034 382E6372 6C305006 082B0601
05050701 01044430 42304006 082B0601 05050730 02863468 7474703A 2F2F7777
772E6369 73636F2E 636F6D2F 73656375 72697479 2F706B69 2F636572 74732F63
72636132 3034382E 63657230 5C060355 1D200455 30533051 060A2B06 01040109
15010200 30433041 06082B06 01050507 02011635 68747470 3A2F2F77 77772E63
6973636F 2E636F6D 2F736563 75726974 792F706B 692F706F 6C696369 65732F69
6E646578 2E68746D 6C305E06 03551D25 04573055 06082B06 01050507 03010608
2B060105 05070302 06082B06 01050507 03050608 2B060105 05070306 06082B06
01050507 0307060A 2B060104 0182370A 0301060A 2B060104 01823714 02010609
2B060104 01823715 06300D06 092A8648 86F70D01 01050500 03820101 0030F330
2D8CF2CA 374A6499 24290AF2 86AA42D5 23E8A2EA 2B6F6923 7A828E1C 4C09CFA4
4FAB842F 37E96560 D19AC6D8 F30BF5DE D027005C 6F1D91BD D14E5851 1DC9E3F7
38E7D30B D168BE8E 22A54B06 E1E6A4AA 337D1A75 BA26F370 C66100A5 C379265B
A719D193 8DAB9B10 11291FA1 82FDFD3C 4B6E65DC 934505E9 AF336B67 23070686
22DAEBDC 87CF5921 421AE9CF 707588E0 243D5D7D 4E963880 97D56FF0 9B71D8BA
6019A5B0 6186ADDD 6566F6B9 27A2EE2F 619BBAA1 3061FDBE AC3514F9 B82D9706
AFC3EF6D CC3D3CEB 95E981D3 8A5EB6CE FA79A46B D7A25764 C43F4CC9 DBE882EC
0166D410 88A256E5 3C57EDE9 02A84891 6307AB61 264B1A13 9FE4DCDA 5F
quit
username Cisco secret 5 $1$oX64$i5/EIhkbmZYUaGGW5B
!
!
ip ssh version 2
lldp run
bridge irb
!
!
!
interface Dot11Radio0
no ip route-cache
antenna gain 0
mbssid
power local 5
power client local
packet retries 64 drop-packet
station-role root
no cdp enable
!
interface Dot11Radio1
no ip route-cache
antenna gain 0
peakdetect
mbssid
power local 4
power client local
packet retries 64 drop-packet
station-role root
no cdp enable
!
interface GigabitEthernet0
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
!
interface BVI1
mac-address 547c.69db.e302
no ip address
no ip route-cache
ipv6 address dhcp
ipv6 address autoconfig
ipv6 enable
!
ip forward-protocol nd
no ip http server
!
logging trap emergencies
logging origin-id string AP:547c.69db.e302
logging facility kern
logging host 255.255.255.255
!
!
bridge 1 protocol ieee
bridge 1 route ip
parser view capwap-config-view
secret 5 $1$7vks$4jfJi/bvncWDT6BJrA
commands configure include all capwap
commands exec include all enable
commands exec include configure terminal
commands exec include configure
commands exec include all show capwap
commands exec include show running-config
commands exec include show
!
!
line con 0
line vty 0 4
transport input none
line vty 5 198
transport input none
!
end
AP547c.69db.e302#$
ASKER
Result of the command: "show running-config"
: Saved
:
: Hardware: ASA5506W, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)
:
ASA Version 9.4(1)
!
hostname ciscoasa
enable password fiINUAb/RStNPcIj encrypted
names
ip local pool L2TP-Pool 192.168.100.1-192.168.100.
!
interface GigabitEthernet1/1
nameif outside
security-level 0
ip address dhcp setroute
ipv6 address autoconfig
!
interface GigabitEthernet1/2
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface GigabitEthernet1/3
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/4
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/5
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/6
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/7
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/8
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/9
nameif wifi
security-level 100
ip address 192.168.10.1 255.255.255.0
!
interface Management1/1
management-only
no nameif
no security-level
no ip address
!
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup outside
dns domain-lookup inside
dns domain-lookup wifi
dns server-group DefaultDNS
name-server 192.168.1.8
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network Torrents
host 192.168.1.18
object network cosmos
host 192.168.1.18
object network united
host 192.168.1.8
object network HTTP
host 192.168.1.8
object network torr_udp
host 192.168.1.18
object network webserver
host 192.168.1.8
object network Internal-Subnet
subnet 192.168.1.0 255.255.255.0
object network L2TP-Subnet
subnet 192.168.100.0 255.255.255.248
object network VPN_Pool
subnet 192.168.100.0 255.255.255.0
object network RDP
host 192.168.1.8
object network remote_access
host 192.168.1.8
object network firewall
host 192.168.1.1
object network wifigw
host 192.168.10.1
object network nat_wifi
subnet 0.0.0.0 255.255.255.0
object-group service DM_INLINE_SERVICE_1
service-object tcp destination eq 50555
service-object udp destination eq 50555
object-group service DM_INLINE_SERVICE_2
service-object tcp destination eq 50555
service-object udp destination eq 50555
object-group service DM_INLINE_SERVICE_3
service-object tcp destination eq domain
service-object udp destination eq domain
object-group service DM_INLINE_SERVICE_4
service-object ip
service-object udp
service-object tcp
service-object udp destination eq netbios-dgm
service-object udp destination eq netbios-ns
object-group service DM_INLINE_SERVICE_5
service-object ip
service-object udp
service-object tcp
service-object udp destination eq netbios-dgm
service-object udp destination eq netbios-ns
object-group service DM_INLINE_SERVICE_6
service-object tcp destination eq domain
service-object udp destination eq domain
access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any object cosmos
access-list outside_access_in extended permit tcp any object united eq www
access-list Split-Tunnel-ACL standard permit 192.168.1.0 255.255.255.0
access-list Split-Tunnel standard permit 192.168.1.0 255.255.255.0
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_3 any any
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_4 any any
access-list inbound extended permit icmp any any time-exceeded inactive
access-list inbound extended permit icmp any any unreachable inactive
access-list inbound extended permit object-group DM_INLINE_SERVICE_2 any any
access-list inbound extended permit tcp any any eq www
access-list inbound extended permit tcp any any eq 3389 inactive
access-list inbound extended permit tcp any any eq pptp
access-list wifi_access_in extended permit object-group DM_INLINE_SERVICE_6 any any
access-list wifi_access_in extended permit icmp any any
access-list wifi_access_in extended permit object-group DM_INLINE_SERVICE_5 any any
pager lines 24
logging enable
logging buffer-size 8192
logging asdm-buffer-size 500
logging asdm warnings
mtu outside 1500
mtu inside 1500
mtu wifi 1500
ip verify reverse-path interface outside
no failover
no monitor-interface service-module
icmp unreachable rate-limit 1 burst-size 1
icmp deny any outside
asdm image disk0:/asdm-743.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
!
object network obj_any
nat (inside,outside) dynamic interface
object network Torrents
nat (any,outside) static interface service tcp 50555 50555
object network torr_udp
nat (any,outside) static interface service udp 50555 50555
object network webserver
nat (any,outside) static interface service tcp www www
object network remote_access
nat (any,outside) static interface service tcp pptp pptp
object network nat_wifi
nat (wifi,outside) dynamic interface
access-group inbound in interface outside
access-group inside_access_in in interface inside
access-group wifi_access_in in interface wifi
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
user-identity default-domain LOCAL
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
http server enable
http server idle-timeout 1440
http 192.168.1.0 255.255.255.0 inside
http 192.168.10.0 255.255.255.0 wifi
no snmp-server location
no snmp-server contact
service sw-reset-button
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set mode transport
crypto ipsec ikev1 transform-set trans1 esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set trans1 mode transport
crypto ipsec ikev1 transform-set trans2 esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set trans2 mode transport
crypto ipsec ikev2 ipsec-proposal L2TP-IKE1-Transform-Set
protocol esp encryption aes
protocol esp integrity sha-1
crypto ipsec ikev2 ipsec-proposal trans1
protocol esp encryption 3des
protocol esp integrity sha-1
crypto ipsec ikev2 ipsec-proposal trans2
protocol esp encryption aes-256
protocol esp integrity sha-1
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map L2TP-MAP 10 set ikev1 transform-set L2TP-IKE1-Transform-Set
crypto dynamic-map L2TP-MAP 10 set ikev2 ipsec-proposal trans2 trans1 L2TP-IKE1-Transform-Set
crypto map L2TP-VPN-MAP 20 ipsec-isakmp dynamic L2TP-MAP
crypto map L2TP-VPN-MAP interface outside
crypto ca trustpoint ASDM_Launcher_Access_Trust
enrollment self
subject-name CN=192.168.1.1,CN=ciscoasa
crl configure
crypto ca trustpool policy
crypto ikev2 policy 1
encryption 3des
integrity sha
group 1
prf sha
lifetime seconds 86400
crypto ikev2 policy 2
encryption 3des
integrity sha
group 1
prf sha
lifetime seconds 86400
crypto ikev2 policy 5
encryption 3des
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 6
encryption 3des
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 11
encryption aes-192
integrity sha
group 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev1 enable outside
crypto ikev1 policy 1
authentication pre-share
encryption 3des
hash sha
group 1
lifetime 86400
crypto ikev1 policy 5
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 10
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
telnet timeout 1440
no ssh stricthostkeycheck
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 60
ssh key-exchange group dh-group1-sha1
console timeout 0
no ipv6-vpn-addr-assign aaa
no ipv6-vpn-addr-assign local
dhcp-client client-id interface outside
dhcpd auto_config outside
!
dhcpd address 192.168.1.50-192.168.1.132
dhcpd dns 192.168.1.8 interface inside
!
dhcpd address 192.168.10.2-192.168.10.25
dhcpd dns 192.168.1.8 interface wifi
dhcpd wins 192.168.1.8 interface wifi
dhcpd domain zone.wifi interface wifi
dhcpd update dns both interface wifi
dhcpd enable wifi
!
threat-detection basic-threat
threat-detection scanning-threat shun except ip-address 192.168.1.0 255.255.255.0
threat-detection scanning-threat shun except ip-address 192.168.10.0 255.255.255.0
threat-detection statistics host number-of-rate 3
threat-detection statistics port number-of-rate 3
threat-detection statistics protocol number-of-rate 3
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
dynamic-filter updater-client enable
dynamic-filter use-database
dynamic-filter enable interface outside
dynamic-filter enable interface inside
ntp server 174.142.10.100 source outside
ssl cipher default custom "AES256-SHA:AES128-SHA:DES
ssl cipher tlsv1 custom "AES256-SHA:AES128-SHA:DES
ssl cipher dtlsv1 custom "AES256-SHA:AES128-SHA:DES
webvpn
anyconnect-essentials
error-recovery disable
group-policy L2TP-Policy internal
group-policy L2TP-Policy attributes
wins-server value 192.168.1.8
dns-server value 192.168.1.8
vpn-tunnel-protocol l2tp-ipsec
split-tunnel-policy tunnelall
default-domain value infonp.lan
split-tunnel-all-dns enable
intercept-dhcp enable
dynamic-access-policy-reco
username admin password DeoU7lerQZQu8xfL encrypted privilege 15
username vpnhome password Y2ZpF9MLWp6NvGyb3Ky+AA== nt-encrypted
username vpnhome attributes
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
tunnel-group DefaultRAGroup general-attributes
address-pool L2TP-Pool
default-group-policy L2TP-Policy
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ppp-attributes
no authentication chap
authentication ms-chap-v2
!
class-map global-class
match any
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect pptp
inspect icmp
class global-class
sfr fail-open
class class-default
set connection decrement-ttl
user-statistics accounting
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
hpm topN enable
Cryptochecksum:b5cc8697ef4
: end