access list globalaccess remark HTTP and HTTPS to IT Web Server access list

Access list globalaccess remark http and https to it

This preview shows page 75 - 78 out of 84 pages.

access-list global_access remark HTTP and HTTPS to IT Web Server access-list global_access extended permit tcp any4 object Research_Web_Server object- group DM_INLINE_TCP_4 access-list outside_access_in remark Permit Mgmt Traffic from MgmtRange to SR VLANs access-list outside_access_in extended permit object-group Mgmt-Traffic object IT_ Management_Host_Range object-group DM_INLINE_NETWORK_1 access-list SRVLAN155_mpc extended permit ip any4 any4 pager lines 24 logging enable logging buffered informational mtu SRVLAN154 1500 mtu SRVLAN155 1500 mtu outside 1500 mtu IPS-mgmt 1500 failover failover lan unit primary failover lan unit secondary
Image of page 75
Appendix B: Configuration Examples August 2014 Series 74 failover lan interface failover GigabitEthernet0/2 failover polltime unit msec 200 holdtime msec 800 failover polltime interface msec 500 holdtime 5 failover key ***** failover replication http failover link failover GigabitEthernet0/2 failover interface ip failover 10.5.26.130 255.255.255.252 standby 10.5.26.129 monitor-interface SRVLAN154 monitor-interface SRVLAN155 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-716.bin no asdm history enable arp timeout 14400 no arp permit-nonconnected access-group outside_access_in in interface outside access-group global_access global route outside 0.0.0.0 0.0.0.0 10.5.26.1 1 timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy aaa-server AAA-SERVER protocol tacacs+ aaa-server AAA-SERVER (outside) host 10.4.48.15 key ***** user-identity default-domain LOCAL aaa authentication enable console AAA-SERVER LOCAL aaa authentication ssh console AAA-SERVER LOCAL aaa authentication http console AAA-SERVER LOCAL aaa authentication serial console AAA-SERVER LOCAL aaa authorization exec authentication-server http server enable http 10.4.48.0 255.255.255.0 outside snmp-server host outside 10.4.48.35 community ***** no snmp-server location no snmp-server contact snmp-server community ***** snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart sysopt noproxyarp SRVLAN154 sysopt noproxyarp SRVLAN155 sysopt noproxyarp outside crypto ipsec security-association pmtu-aging infinite crypto ca trustpool policy
Image of page 76
Appendix B: Configuration Examples August 2014 Series 75 telnet timeout 5 ssh stricthostkeycheck ssh 10.4.48.0 255.255.255.0 outside ssh timeout 5 ssh version 2 ssh key-exchange group dh-group1-sha1 console timeout 0 ! tls-proxy maximum-session 1000 ! threat-detection statistics access-list no threat-detection statistics tcp-intercept ntp server 10.4.48.17 ssl encryption aes256-sha1 aes128-sha1 3des-sha1 webvpn anyconnect-essentials username admin password <removed> encrypted privilege 15 !
Image of page 77
Image of page 78

You've reached the end of your free preview.

Want to read all 84 pages?

  • Spring '17

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture