unset key protection enable set clock ntp set clock timezone -6 set clock dst recurring start-weekday 2 0 3 02:00 end-weekday 1 0 11 02:00 set vrouter trust-vr sharable set vrouter "untrust-vr" exit set vrouter "trust-vr" unset auto-route-export exit set vrouter name "allegiance-vr" id 1025 sharable set vrouter "allegiance-vr" unset auto-route-export set preference nhrp 100 set preference ospf-e2 254 exit set service "RDP" protocol tcp src-port 0-65535 dst-port 3389-3389 set service "Broadvox SIP TCP" protocol tcp src-port 0-65535 dst-port 5060-5060 set service "Broadvox SIP TCP" + tcp src-port 0-65535 dst-port 5090-5090 set service "Broadvox SIP UDP" protocol udp src-port 0-65535 dst-port 1024-65535 set service "TIME IPS" protocol tcp src-port 0-65535 dst-port 6035-6035 set service "KMS" protocol tcp src-port 0-65535 dst-port 1688-1688 set service "Itivity Agent" protocol tcp src-port 0-65535 dst-port 23800-23800 set service "Itivity Viewer" protocol tcp src-port 0-65535 dst-port 25800-25800 set service "VAF VPN" protocol tcp src-port 0-65535 dst-port 1723-1723 set service "VAF VPN" + 47 src-port 0-65535 dst-port 0-65535 set service "Ventrilo Server UDP" protocol udp src-port 0-65535 dst-port 3784-3784 set service "iPerf TCP/UDP" protocol tcp src-port 5002-5002 dst-port 5002-5002 set service "iPerf TCP/UDP" + udp src-port 5002-5002 dst-port 5002-5002 set service "SIP From Internal" protocol tcp src-port 0-65535 dst-port 5060-5061 set service "SIP From Internal" + udp src-port 0-65535 dst-port 1024-65535 set service "SIP From Internal" + udp src-port 0-65535 dst-port 69-69 set service "VLI EMS Anyware Server" protocol tcp src-port 0-65535 dst-port 3572-3572 set service "VMWare View 4172" protocol tcp src-port 0-65535 dst-port 4172-4172 set service "VMWare View 4172" + udp src-port 0-65535 dst-port 4172-4172 set service "3CX SIP" protocol tcp src-port 0-65535 dst-port 5060-5060 set service "3CX SIP" + tcp src-port 0-65535 dst-port 5061-5061 set service "3CX SIP" + tcp src-port 0-65535 dst-port 5090-5090 set service "3CX SIP" + udp src-port 0-65535 dst-port 5090-5090 set service "3CX SIP" + udp src-port 0-65535 dst-port 9000-65535 set service "HTTP PORT 5000" protocol tcp src-port 0-65535 dst-port 5000-5000 set service "POP3 Secure" protocol tcp src-port 0-65535 dst-port 995-995 set service "Labtech" protocol tcp src-port 0-65535 dst-port 70-75 set service "Labtech" + tcp src-port 0-65535 dst-port 5500-5999 set service "Labtech" + tcp src-port 0-65535 dst-port 8000-9024 set service "Labtech" + tcp src-port 0-65535 dst-port 40000-41000 set service "Labtech" + tcp src-port 0-65535 dst-port 993-993 set service "iRAPP" protocol tcp src-port 0-65535 dst-port 4073-4073 set service "FTPS" protocol tcp src-port 0-65535 dst-port 990-990 set service "FTPS" + tcp src-port 0-65535 dst-port 21-21 set service "Cerberus FTP Passive" protocol tcp src-port 0-65535 dst-port 11000-13000 set service "VMware vCenter" protocol tcp src-port 0-65535 dst-port 9443-9443 set service "VMware VC Console Access" protocol tcp src-port 0-65535 dst-port 7331-7331 unset alg sip enable unset alg rtsp enable set alg appleichat enable unset alg appleichat re-assembly enable set alg sctp enable set auth-server "Local" id 0 set auth-server "Local" server-name "Local" set auth default auth server "Local" set auth radius accounting port 1646 set admin name "netscreen" set admin password "nM1UJGr+I1ZIcaHPMs8MVKHtTHCzmn" set admin access attempts 5 set admin access lock-on-failure 15 set admin http redirect set admin auth web timeout 10 set admin auth server "Local" set admin format dos set zone "Trust" vrouter "trust-vr" set zone "Untrust" vrouter "trust-vr" set zone "DMZ" vrouter "trust-vr" set zone "VLAN" vrouter "trust-vr" set zone id 100 "Allegiance" set zone "Allegiance" vrouter "allegiance-vr" set zone id 101 "Untrust-ALG" set zone "Untrust-ALG" vrouter "allegiance-vr" set zone "Untrust-Tun" vrouter "trust-vr" set zone "Trust" tcp-rst set zone "Trust" asymmetric-vpn set zone "Untrust" block unset zone "Untrust" tcp-rst set zone "MGT" block unset zone "V1-Trust" tcp-rst unset zone "V1-Untrust" tcp-rst set zone "DMZ" tcp-rst unset zone "V1-DMZ" tcp-rst unset zone "VLAN" tcp-rst set zone "Allegiance" tcp-rst set zone "Allegiance" asymmetric-vpn set zone "Untrust-ALG" block unset zone "Untrust-ALG" tcp-rst set zone "Trust" screen tear-drop set zone "Trust" screen ping-death set zone "Trust" screen limit-session destination-ip-based set zone "Untrust" screen tear-drop set zone "Untrust" screen syn-flood set zone "Untrust" screen ping-death set zone "Untrust" screen ip-filter-src set zone "Untrust" screen land set zone "Untrust" screen limit-session source-ip-based set zone "V1-Untrust" screen tear-drop set zone "V1-Untrust" screen syn-flood set zone "V1-Untrust" screen ping-death set zone "V1-Untrust" screen ip-filter-src set zone "V1-Untrust" screen land set zone "Allegiance" screen tear-drop set zone "Allegiance" screen ping-death set zone "Allegiance" screen limit-session destination-ip-based set zone "Untrust-ALG" screen tear-drop set zone "Untrust-ALG" screen syn-flood set zone "Untrust-ALG" screen ping-death set zone "Untrust-ALG" screen ip-filter-src set zone "Untrust-ALG" screen land set zone "Untrust-ALG" screen limit-session source-ip-based set zone "Untrust" screen limit-session source-ip-based 250 set zone "Trust" screen limit-session destination-ip-based 1000 set zone "Untrust" screen limit-session destination-ip-based 300 set zone "Allegiance" screen limit-session destination-ip-based 1000 set interface ethernet0/3 phy full 100mb set interface "ethernet0/0" zone "Trust" set interface "ethernet0/1" zone "Null" set interface "ethernet0/2" zone "Null" set interface "ethernet0/3" zone "Untrust" set interface "ethernet0/4" zone "Allegiance" set interface "ethernet0/5" zone "Untrust-ALG" set interface "ethernet0/8" zone "HA" set interface "ethernet0/9" zone "HA" set interface ethernet0/0 ip 10.0.0.1/24 set interface ethernet0/0 nat unset interface vlan1 ip set interface ethernet0/3 ip 1.1.1.4/25 set interface ethernet0/3 nat set interface ethernet0/4 ip 10.4.0.1/24 set interface ethernet0/4 nat set interface ethernet0/5 ip 2.2.2.196/27 set interface ethernet0/5 nat unset interface vlan1 bypass-others-ipsec unset interface vlan1 bypass-non-ip set interface ethernet0/0 manage-ip 10.0.0.2 set interface ethernet0/3 manage-ip 1.1.1.5 set interface ethernet0/0 ip manageable set interface ethernet0/3 ip manageable unset interface ethernet0/4 ip manageable unset interface ethernet0/5 ip manageable set interface ethernet0/0 manage mtrace set interface ethernet0/3 manage ping set interface ethernet0/4 manage ping set interface ethernet0/4 manage ssh set interface ethernet0/5 manage ping set interface vlan1 manage mtrace set interface "ethernet0/3" mip 1.1.1.15 host 10.0.10.27 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.16 host 10.0.10.192 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.20 host 10.0.10.90 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.21 host 10.0.10.50 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.30 host 10.0.10.135 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.31 host 10.2.13.20 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.40 host 10.0.10.182 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.41 host 10.0.10.183 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.42 host 10.0.10.187 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.43 host 10.0.10.186 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.44 host 10.0.10.181 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.50 host 10.0.10.168 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.51 host 10.0.10.169 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.60 host 10.2.1.27 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.61 host 10.0.10.200 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.70 host 10.0.10.120 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.71 host 10.0.10.121 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.72 host 10.0.10.127 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.73 host 10.0.10.124 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.74 host 10.0.10.126 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.120 host 192.168.140.10 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.121 host 192.168.140.15 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.122 host 192.168.140.30 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.8 host 10.0.50.10 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.62 host 10.0.10.201 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.63 host 10.0.10.194 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.45 host 10.0.10.166 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.46 host 10.0.51.10 netmask 255.255.255.255 vr "trust-vr" set interface "ethernet0/3" mip 1.1.1.75 host 10.0.10.128 netmask 255.255.255.255 vr "trust-vr" set interface ethernet0/1 disable unset flow no-tcp-seq-check set flow tcp-syn-check unset flow tcp-syn-bit-check set flow mac-cache mgt set flow reverse-route clear-text always set flow reverse-route tunnel always set flow vpn-tcp-mss 1387 set console timeout 0 set console page 10 set domain infinitechccs.com set hostname iccs-gw-aus-01 set pki authority default scep mode "auto" set pki x509 default cert-path partial set pki x509 dn state-name "Texas" set pki x509 dn local-name "Houston" set pki x509 dn org-name "InfiniTech Cloud Computing Services, Inc" set pki x509 dn org-unit-name "Network Operations" set pki x509 dn name "*.infinitechccs.com" set pki x509 dn phone "2815204028" set pki x509 dn email "noc@infinitechccs.com" set pki x509 default send-to "phillip@infinitechccs.com" set nsrp cluster id 1 set nsrp cluster name ICCS-GW-Hou-Alpheus set nsrp rto-mirror sync set nsrp rto-mirror session ageout-ack set nsrp vsd-group master-always-exist set nsrp vsd-group id 0 priority 1 set nsrp vsd-group id 0 preempt set nsrp vsd-group id 0 preempt hold-down 10 set nsrp arp 5 set nsrp monitor interface ethernet0/0 set nsrp monitor interface ethernet0/3 set dns host dns1 10.0.10.10 src-interface ethernet0/0 set dns host dns2 10.0.10.11 src-interface ethernet0/0 set dns host dns3 0.0.0.0 set dns host schedule 03:30 interval 4 set address "Trust" "ACL LAN - 10.2.17.x" 10.2.17.0 255.255.255.0 set address "Trust" "ACP LAN - 10.2.0.x" 10.2.0.0 255.255.255.0 set address "Trust" "ASM LAN - 10.2.16.x" 10.2.16.0 255.255.255.0 set address "Trust" "Email Gateway Proofpoint" 192.168.1.227 255.255.255.255 set address "Trust" "GEMS LAN - 10.2.5.x" 10.2.5.0 255.255.255.0 set address "Trust" "HLA - LAN" 10.2.4.0 255.255.255.0 set address "Trust" "ICCS - Alpheus" 10.0.0.0 255.0.0.0 set address "Trust" "ICCS - Big Mac" 10.0.10.200 255.255.255.255 set address "Trust" "ICCS - DHCP" 10.0.10.193 255.255.255.192 set address "Trust" "ICCS - ICCS-Iris-08" 10.0.10.183 255.255.255.255 set address "Trust" "ICCS - ICCS-Themis-03 (MCE ProQA Server)" 10.0.10.184 255.255.255.255 set address "Trust" "ICCS - Metis-04 (EMSA Mobile Manager)" 10.0.10.123 255.255.255.255 set address "Trust" "ICCS - VMware" 10.0.50.1 255.255.255.0 set address "Trust" "ICCS - VMware Services" 10.0.51.0 255.255.255.0 set address "Trust" "ICCS - VNX 5300" 10.0.0.26 255.255.255.255 set address "Trust" "ICCS LAN" 192.168.1.0 255.255.255.0 set address "Trust" "ICCS LAN - 10.0.10.x" 10.0.10.0 255.255.255.0 set address "Trust" "ICCS-Atlas-00" 10.0.50.10 255.255.255.255 set address "Trust" "ICCS-Cerberus-01" 10.0.10.201 255.255.255.255 set address "Trust" "ICCS-Iris-07" 10.0.10.180 255.255.255.255 set address "Trust" "ICCS-Metis-07 - Wordpress Server" 10.0.10.126 255.255.255.255 set address "Trust" "ICCS-Metis-08 - SBS Web Server" 10.0.10.128 255.255.255.255 set address "Trust" "ICCS-Themis-07" 10.0.10.189 255.255.255.255 set address "Trust" "LSA LAN - 10.2.6.x" 10.2.6.0 255.255.255.0 set address "Trust" "MAT - LAN" 10.2.2.0 255.255.255.0 set address "Trust" "MCE - LAN" 10.2.10.0 255.255.255.0 set address "Trust" "ODY - LAN" 10.2.3.0 255.255.255.0 set address "Trust" "PCG - LAN" 10.2.1.0 255.255.255.0 set address "Trust" "PCI LAN - 10.2.11.x" 10.2.11.0 255.255.255.0 set address "Trust" "RTX - 3CX Server" 10.2.13.20 255.255.255.255 set address "Trust" "RTX - RTX-Zeus-01" 10.2.13.21 255.255.255.255 set address "Trust" "RTX LAN - 10.2.13.x" 10.2.13.0 255.255.255.0 set address "Trust" "SBS LAN - 10.2.7.x" 10.2.7.0 255.255.255.0 set address "Trust" "VAF-LAN" 192.168.141.0 255.255.255.0 set address "Untrust" "ACL-LAN" 10.25.0.0 255.255.255.192 set address "Untrust" "ACP-LAN" 10.25.0.128 255.255.255.192 set address "Untrust" "ALG-Coldsprings" 10.132.0.0 255.255.255.0 set address "Untrust" "AR Concepts FTP" ftp.arconceptsems.com set address "Untrust" "ASM - Athens" 10.150.0.0 255.255.255.0 set address "Untrust" "Bandwidth.com - Primary" 216.82.224.202 255.255.255.255 set address "Untrust" "Bandwidth.com - Secondary" 216.82.225.202 255.255.255.255 set address "Untrust" "Broadvox Media IP 1" 64.158.162.71 255.255.255.255 set address "Untrust" "Broadvox Media IP 10" 64.156.174.79 255.255.255.255 set address "Untrust" "Broadvox Media IP 11" 208.93.227.5 255.255.255.255 set address "Untrust" "Broadvox Media IP 12" 208.93.227.13 255.255.255.255 set address "Untrust" "Broadvox Media IP 13" 208.93.226.5 255.255.255.255 set address "Untrust" "Broadvox Media IP 14" 208.93.226.13 255.255.255.255 set address "Untrust" "Broadvox Media IP 15" 208.93.226.196 255.255.255.255 set address "Untrust" "Broadvox Media IP 16" 64.158.162.80 255.255.255.255 set address "Untrust" "Broadvox Media IP 17" 64.158.162.81 255.255.255.255 set address "Untrust" "Broadvox Media IP 18" 64.152.60.80 255.255.255.255 set address "Untrust" "Broadvox Media IP 19" 64.152.60.81 255.255.255.255 set address "Untrust" "Broadvox Media IP 2" 64.158.162.100 255.255.255.255 set address "Untrust" "Broadvox Media IP 20" 209.249.3.80 255.255.255.255 set address "Untrust" "Broadvox Media IP 21" 209.249.3.81 255.255.255.255 set address "Untrust" "Broadvox Media IP 22" 64.156.174.80 255.255.255.255 set address "Untrust" "Broadvox Media IP 23" 64.156.174.81 255.255.255.255 set address "Untrust" "Broadvox Media IP 24" 208.93.227.14 255.255.255.255 set address "Untrust" "Broadvox Media IP 25" 208.93.227.15 255.255.255.255 set address "Untrust" "Broadvox Media IP 26" 208.93.226.14 255.255.255.255 set address "Untrust" "Broadvox Media IP 27" 208.93.226.15 255.255.255.255 set address "Untrust" "Broadvox Media IP 28" 64.158.162.80 255.255.255.255 set address "Untrust" "Broadvox Media IP 29" 64.158.162.81 255.255.255.255 set address "Untrust" "Broadvox Media IP 3" 64.158.162.79 255.255.255.255 set address "Untrust" "Broadvox Media IP 30" 64.152.60.80 255.255.255.255 set address "Untrust" "Broadvox Media IP 31" 64.152.60.81 255.255.255.255 set address "Untrust" "Broadvox Media IP 32" 209.249.3.80 255.255.255.255 set address "Untrust" "Broadvox Media IP 33" 209.249.3.81 255.255.255.255 set address "Untrust" "Broadvox Media IP 34" 64.156.174.80 255.255.255.255 set address "Untrust" "Broadvox Media IP 35" 64.156.174.81 255.255.255.255 set address "Untrust" "Broadvox Media IP 4" 64.152.60.71 255.255.255.255 set address "Untrust" "Broadvox Media IP 5" 64.152.60.164 255.255.255.255 set address "Untrust" "Broadvox Media IP 6" 209.249.3.71 255.255.255.255 set address "Untrust" "Broadvox Media IP 7" 209.249.3.81 255.255.255.255 set address "Untrust" "Broadvox Media IP 8" 209.249.3.164 255.255.255.255 set address "Untrust" "Broadvox Media IP 9" 64.156.174.71 255.255.255.255 set address "Untrust" "Broadvox SIP IP 1" 208.93.224.224 255.255.255.240 set address "Untrust" "Broadvox SIP IP 2" 208.93.226.208 255.255.255.240 set address "Untrust" "Broadvox SIP IP 3" 208.93.227.208 255.255.255.240 set address "Untrust" "ConnectWise 1" 70.46.245.125 255.255.255.255 set address "Untrust" "ConnectWise 2" 63.145.136.126 255.255.255.255 set address "Untrust" "Craigslist" craigslist.org set address "Untrust" "DGC-John Owen" 75.53.97.202 255.255.255.255 set address "Untrust" "Facebook (facebook.com)" facebook.com set address "Untrust" "Facebook (www.facebook.com)" www.facebook.com set address "Untrust" "GEMS - Dallas" 10.86.10.0 255.255.255.0 set address "Untrust" "GEMS - Houston North" 10.51.3.0 255.255.255.0 set address "Untrust" "GEMS - Houston South" 10.51.2.0 255.255.255.0 set address "Untrust" "GEMS-OklahomaCity" 10.55.1.0 255.255.255.0 set address "Untrust" "HLA - Kokomo" 10.25.2.64 255.255.255.192 set address "Untrust" "HLA - Lafayette" 10.25.3.192 255.255.255.192 set address "Untrust" "HLA - Muncie" 10.25.2.128 255.255.255.192 set address "Untrust" "HLA - Muncie 2" 10.25.0.64 255.255.255.192 set address "Untrust" "HLA-Indianapolis" 10.25.1.64 255.255.255.192 set address "Untrust" "HLA-Jackson Home" 192.168.16.0 255.255.255.0 set address "Untrust" "HLA-Shelbyville" 10.25.2.0 255.255.255.192 set address "Untrust" "IBAC" 192.168.14.0 255.255.255.0 set address "Untrust" "ICCS - North Houston" 10.0.11.0 255.255.255.0 set address "Untrust" "LSA - San Antonio" 10.25.3.128 255.255.255.192 set address "Untrust" "M1 - Dallas" 10.3.0.0 255.255.128.0 set address "Untrust" "M1 - Dallas Server Core" 10.150.1.0 255.255.255.0 set address "Untrust" "M1 - Dallas Server Network" 10.125.90.0 255.255.255.0 set address "Untrust" "MAT-BC-LAN" 10.25.0.192 255.255.255.192 set address "Untrust" "MAT-BC-Radio" 10.10.0.64 255.255.255.224 set address "Untrust" "MAT-PL-LAN" 192.168.21.0 255.255.255.192 set address "Untrust" "MCE-MC-LAN" 10.150.3.0 255.255.255.0 set address "Untrust" "MCE-SB-LAN" 192.168.25.0 255.255.255.192 set address "Untrust" "MSN" msn.com set address "Untrust" "MySpace (myspace.com" myspace.com set address "Untrust" "Myspace (www.myspace.com)" www.myspace.com set address "Untrust" "nexVortex 1" 66.23.129.253 255.255.255.255 set address "Untrust" "nexVortex 2" 66.23.138.162 255.255.255.255 set address "Untrust" "nexVortex 3" 66.23.190.100 255.255.255.255 set address "Untrust" "nexVortex 4" 66.23.190.200 255.255.255.255 set address "Untrust" "ODY - Houston" 10.75.0.0 255.255.255.128 set address "Untrust" "PCG-LAN" 10.75.0.129 255.255.255.128 set address "Untrust" "RTX - Cleveland" 10.25.4.0 255.255.255.192 set address "Untrust" "RTX - The Woodlands" 10.25.2.192 255.255.255.192 set address "Untrust" "RTX - The Woodlands 2" 10.25.1.192 255.255.255.192 set address "Untrust" "RTX - Walker" 192.168.39.1 255.255.255.0 set address "Untrust" "STX Consulting" 74.122.68.219 255.255.255.255 set address "Untrust" "STX Consulting FTP" 66.96.163.128 255.255.255.255 set address "Untrust" "Twitter" twitter.com set address "Untrust" "Yahoo" yahoo.com set address "Untrust" "youtube.com" youtube.com set address "Allegiance" "ALG-DataFoundry" 10.4.0.0 255.255.255.0 set address "Untrust-ALG" "ALG-Carrollton" 10.86.0.0 255.255.0.0 set address "Untrust-ALG" "ALG-Coldspring" 10.132.0.0 255.255.255.0 set group address "Trust" "ACL - Lufkin" set group address "Trust" "ACL - Lufkin" add "ACL LAN - 10.2.17.x" set group address "Trust" "ACL - Lufkin" add "ICCS LAN - 10.0.10.x" set group address "Trust" "ACL - Lufkin" add "PCG - LAN" set group address "Trust" "ACP - Livingston Group" set group address "Trust" "ACP - Livingston Group" add "ACP LAN - 10.2.0.x" set group address "Trust" "ACP - Livingston Group" add "ICCS LAN - 10.0.10.x" set group address "Trust" "ACP - Livingston Group" add "PCG - LAN" set group address "Trust" "ASM - Athens" set group address "Trust" "ASM - Athens" add "ASM LAN - 10.2.16.x" set group address "Trust" "ASM - Athens" add "ICCS LAN" set group address "Trust" "ASM - Athens" add "ICCS LAN - 10.0.10.x" set group address "Trust" "ASM - Athens" add "PCG - LAN" set group address "Trust" "CAR - New Orleans" set group address "Trust" "CAR - New Orleans" add "ICCS LAN" set group address "Trust" "CAR - New Orleans" add "ICCS LAN - 10.0.10.x" set group address "Trust" "CAR - New Orleans" add "PCG - LAN" set group address "Trust" "HeartlandAMB" set group address "Trust" "HeartlandAMB" add "HLA - LAN" set group address "Trust" "HeartlandAMB" add "ICCS LAN - 10.0.10.x" set group address "Trust" "HLA - Kokomo" set group address "Trust" "HLA - Kokomo" add "HLA - LAN" set group address "Trust" "HLA - Kokomo" add "ICCS LAN - 10.0.10.x" set group address "Trust" "HLA - Lafayette" set group address "Trust" "HLA - Lafayette" add "HLA - LAN" set group address "Trust" "HLA - Lafayette" add "ICCS LAN - 10.0.10.x" set group address "Trust" "HLA - Muncie" set group address "Trust" "HLA - Muncie" add "HLA - LAN" set group address "Trust" "HLA - Muncie" add "ICCS LAN - 10.0.10.x" set group address "Trust" "ICCS - North Houston" set group address "Trust" "ICCS - North Houston" add "ACL LAN - 10.2.17.x" set group address "Trust" "ICCS - North Houston" add "ACP LAN - 10.2.0.x" set group address "Trust" "ICCS - North Houston" add "ASM LAN - 10.2.16.x" set group address "Trust" "ICCS - North Houston" add "HLA - LAN" set group address "Trust" "ICCS - North Houston" add "ICCS - Alpheus" set group address "Trust" "ICCS - North Houston" add "ICCS - VMware" set group address "Trust" "ICCS - North Houston" add "ICCS - VMware Services" set group address "Trust" "ICCS - North Houston" add "ICCS LAN" set group address "Trust" "ICCS - North Houston" add "ICCS LAN - 10.0.10.x" set group address "Trust" "ICCS - North Houston" add "LSA LAN - 10.2.6.x" set group address "Trust" "ICCS - North Houston" add "MAT - LAN" set group address "Trust" "ICCS - North Houston" add "MCE - LAN" set group address "Trust" "ICCS - North Houston" add "PCG - LAN" set group address "Trust" "ICCS - North Houston" add "PCI LAN - 10.2.11.x" set group address "Trust" "ICCS - North Houston" add "RTX LAN - 10.2.13.x" set group address "Trust" "ICCS - North Houston" add "SBS LAN - 10.2.7.x" set group address "Trust" "ICCS - North Houston" add "VAF-LAN" set group address "Trust" "ICCS - Phillip" set group address "Trust" "ICCS - Phillip" add "ICCS - Alpheus" set group address "Trust" "ICCS - Phillip" add "ICCS LAN" set group address "Trust" "LSA - Garland" set group address "Trust" "LSA - Garland" add "ICCS LAN" set group address "Trust" "LSA - Garland" add "ICCS LAN - 10.0.10.x" set group address "Trust" "LSA - Garland" add "LSA LAN - 10.2.6.x" set group address "Trust" "LSA -San Antonio" set group address "Trust" "LSA -San Antonio" add "ICCS LAN - 10.0.10.x" set group address "Trust" "LSA -San Antonio" add "LSA LAN - 10.2.6.x" set group address "Trust" "MAT - Bay City" set group address "Trust" "MAT - Bay City" add "ICCS LAN - 10.0.10.x" set group address "Trust" "MAT - Bay City" add "MAT - LAN" set group address "Trust" "MAT - Bay City" add "PCG - LAN" set group address "Trust" "MAT - Palacious" set group address "Trust" "MAT - Palacious" add "ICCS LAN" set group address "Trust" "MAT - Palacious" add "ICCS LAN - 10.0.10.x" set group address "Trust" "MAT - Palacious" add "MAT - LAN" set group address "Trust" "MCE - McAllen" set group address "Trust" "MCE - McAllen" add "ICCS LAN" set group address "Trust" "MCE - McAllen" add "ICCS LAN - 10.0.10.x" set group address "Trust" "MCE - McAllen" add "MCE - LAN" set group address "Trust" "ODY - Houston" set group address "Trust" "ODY - Houston" add "ICCS LAN - 10.0.10.x" set group address "Trust" "ODY - Houston" add "ODY - LAN" set group address "Trust" "ODY - Houston" add "PCG - LAN" set group address "Trust" "PCG - Beaumont" set group address "Trust" "PCG - Beaumont" add "ICCS LAN - 10.0.10.x" set group address "Trust" "PCG - Beaumont" add "PCG - LAN" set group address "Trust" "RTX - The Woodlands" set group address "Trust" "RTX - The Woodlands" add "ICCS LAN" set group address "Trust" "RTX - The Woodlands" add "ICCS LAN - 10.0.10.x" set group address "Trust" "RTX - The Woodlands" add "RTX LAN - 10.2.13.x" set group address "Trust" "RTX - Walker" set group address "Trust" "RTX - Walker" add "ICCS LAN - 10.0.10.x" set group address "Trust" "RTX - Walker" add "RTX LAN - 10.2.13.x" set group address "Trust" "VLI - Medic One" set group address "Trust" "VLI - Medic One" add "ICCS - DHCP" set group address "Trust" "VLI - Medic One" add "ICCS - Metis-04 (EMSA Mobile Manager)" set group address "Untrust" "Bandwidth.com" set group address "Untrust" "Bandwidth.com" add "Bandwidth.com - Primary" set group address "Untrust" "Bandwidth.com" add "Bandwidth.com - Secondary" set group address "Untrust" "Broadvox Media IPS" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 1" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 10" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 11" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 12" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 13" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 14" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 15" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 16" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 17" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 18" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 19" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 2" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 20" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 21" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 22" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 23" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 24" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 25" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 26" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 27" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 28" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 29" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 3" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 30" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 31" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 32" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 33" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 34" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 35" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 4" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 5" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 6" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 7" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 8" set group address "Untrust" "Broadvox Media IPS" add "Broadvox Media IP 9" set group address "Untrust" "Broadvox SIP IPS" set group address "Untrust" "Broadvox SIP IPS" add "Broadvox SIP IP 1" set group address "Untrust" "Broadvox SIP IPS" add "Broadvox SIP IP 2" set group address "Untrust" "Broadvox SIP IPS" add "Broadvox SIP IP 3" set group address "Untrust" "ConnectWise" set group address "Untrust" "ConnectWise" add "ConnectWise 1" set group address "Untrust" "ConnectWise" add "ConnectWise 2" set group address "Untrust" "Global-URL Block Access" set group address "Untrust" "Global-URL Block Access" add "Facebook (facebook.com)" set group address "Untrust" "Global-URL Block Access" add "MySpace (myspace.com" set group address "Untrust" "HLA - Muncie VPN" set group address "Untrust" "HLA - Muncie VPN" add "HLA - Muncie" set group address "Untrust" "HLA - Muncie VPN" add "HLA - Muncie 2" set group address "Untrust" "LSA - Website Blacklist" set group address "Untrust" "LSA - Website Blacklist" add "Facebook (facebook.com)" set group address "Untrust" "LSA - Website Blacklist" add "Facebook (www.facebook.com)" set group address "Untrust" "LSA - Website Blacklist" add "MySpace (myspace.com" set group address "Untrust" "LSA - Website Blacklist" add "Myspace (www.myspace.com)" set group address "Untrust" "LSA - Website Blacklist" add "Twitter" set group address "Untrust" "LSA - Website Blacklist" add "Yahoo" set group address "Untrust" "LSA - Website Blacklist" add "youtube.com" set group address "Untrust" "MAT - BC VPN" set group address "Untrust" "MAT - BC VPN" add "MAT-BC-LAN" set group address "Untrust" "MAT - BC VPN" add "MAT-BC-Radio" set group address "Untrust" "MCE-URL Block Access" set group address "Untrust" "MCE-URL Block Access" add "Craigslist" set group address "Untrust" "MCE-URL Block Access" add "youtube.com" set group address "Untrust" "Medic One" set group address "Untrust" "Medic One" add "M1 - Dallas" set group address "Untrust" "Medic One" add "M1 - Dallas Server Network" set group address "Untrust" "nexVortex" set group address "Untrust" "nexVortex" add "nexVortex 1" set group address "Untrust" "nexVortex" add "nexVortex 2" set group address "Untrust" "nexVortex" add "nexVortex 3" set group address "Untrust" "nexVortex" add "nexVortex 4" set group address "Untrust" "Proofpoint Management Group" set group address "Untrust" "RTX - Woodlands Group" set group address "Untrust" "RTX - Woodlands Group" add "RTX - The Woodlands" set group address "Untrust" "RTX - Woodlands Group" add "RTX - The Woodlands 2" set group address "Untrust" "SBS-URL Block Access" set group address "Untrust" "SBS-URL Block Access" add "Facebook (facebook.com)" set group address "Untrust" "SBS-URL Block Access" add "Facebook (www.facebook.com)" set group address "Untrust" "SBS-URL Block Access" add "MySpace (myspace.com" set group address "Untrust" "SBS-URL Block Access" add "Myspace (www.myspace.com)" set group address "Untrust" "STX Consulting Sites" set group address "Untrust" "STX Consulting Sites" add "STX Consulting" set group address "Untrust" "STX Consulting Sites" add "STX Consulting FTP" set group service "Labtech Ignite" set group service "Labtech Ignite" add "HTTP" set group service "Labtech Ignite" add "HTTPS" set group service "Labtech Ignite" add "Labtech" set group service "Labtech Ignite" add "RDP" set group service "Wyse Device Manager" comment "Wyse management ports terminals" set group service "Wyse Device Manager" add "FTP" set group service "Wyse Device Manager" add "HTTP" set group service "Wyse Device Manager" add "HTTPS" set group service "Wyse Device Manager" add "PING" set group service "Wyse Device Manager" add "TFTP" set group service "Wyse Device Manager" add "VNC" set user "CAR - New Orleans" uid 30 set user "CAR - New Orleans" ike-id fqdn "car-no" share-limit 1 set user "CAR - New Orleans" type ike set user "CAR - New Orleans" "enable" set user "GEMS - Dallas" uid 32 set user "GEMS - Dallas" ike-id u-fqdn "gemsvpndallas@guardian-ems.com" share-limit 1 set user "GEMS - Dallas" type ike set user "GEMS - Dallas" "enable" set user "SBS - Aimee Engle" uid 10 set user "SBS - Aimee Engle" ike-id fqdn "sbs-aengle" share-limit 1 set user "SBS - Aimee Engle" type ike set user "SBS - Aimee Engle" "enable" set user "SBS - Belinda Lopez" uid 15 set user "SBS - Belinda Lopez" ike-id fqdn "sbs-blopez" share-limit 1 set user "SBS - Belinda Lopez" type ike set user "SBS - Belinda Lopez" "enable" set user "SBS - Bonnie Boleyn" uid 16 set user "SBS - Bonnie Boleyn" ike-id fqdn "sbs-bboleyn" share-limit 1 set user "SBS - Bonnie Boleyn" type ike set user "SBS - Bonnie Boleyn" "enable" set user "SBS - Cassandra Husbands" uid 23 set user "SBS - Cassandra Husbands" ike-id fqdn "sbs-chusbands" share-limit 1 set user "SBS - Cassandra Husbands" type ike set user "SBS - Cassandra Husbands" "enable" set user "SBS - Cassie McClelland" uid 18 set user "SBS - Cassie McClelland" ike-id fqdn "sbs-cmcclelland" share-limit 1 set user "SBS - Cassie McClelland" type ike set user "SBS - Cassie McClelland" "enable" set user "SBS - Courtney Vann" uid 5 set user "SBS - Courtney Vann" ike-id fqdn "sbs-cvann" share-limit 1 set user "SBS - Courtney Vann" type ike set user "SBS - Courtney Vann" "enable" set user "SBS - Crystal Conger" uid 25 set user "SBS - Crystal Conger" ike-id fqdn "sbs-cconger" share-limit 1 set user "SBS - Crystal Conger" type ike set user "SBS - Crystal Conger" "enable" set user "SBS - Deanna Gillette" uid 22 set user "SBS - Deanna Gillette" ike-id fqdn "sbs-dgillette" share-limit 1 set user "SBS - Deanna Gillette" type ike set user "SBS - Deanna Gillette" "enable" set user "SBS - Ellen Haughn" uid 14 set user "SBS - Ellen Haughn" ike-id fqdn "sbs-ehaughn" share-limit 1 set user "SBS - Ellen Haughn" type ike set user "SBS - Ellen Haughn" "enable" set user "SBS - Emily Watts" uid 7 set user "SBS - Emily Watts" ike-id fqdn "sbs-ewatts" share-limit 1 set user "SBS - Emily Watts" type ike set user "SBS - Emily Watts" "enable" set user "SBS - Gina Deavers" uid 24 set user "SBS - Gina Deavers" ike-id fqdn "sbs-gdeavers" share-limit 1 set user "SBS - Gina Deavers" type ike set user "SBS - Gina Deavers" "enable" set user "SBS - Kristen Southworth" uid 20 set user "SBS - Kristen Southworth" ike-id fqdn "sbs-ksouthworth" share-limit 1 set user "SBS - Kristen Southworth" type ike set user "SBS - Kristen Southworth" "enable" set user "SBS - Lakeisha Cash" uid 6 set user "SBS - Lakeisha Cash" ike-id fqdn "sbs-lcash" share-limit 1 set user "SBS - Lakeisha Cash" type ike set user "SBS - Lakeisha Cash" "enable" set user "SBS - Linda Lasalle" uid 19 set user "SBS - Linda Lasalle" ike-id fqdn "sbs-llasalle" share-limit 1 set user "SBS - Linda Lasalle" type ike set user "SBS - Linda Lasalle" "enable" set user "SBS - Liz Lyons" uid 12 set user "SBS - Liz Lyons" ike-id fqdn "sbs-llyons" share-limit 1 set user "SBS - Liz Lyons" type ike set user "SBS - Liz Lyons" "enable" set user "SBS - Michelle Thompson" uid 11 set user "SBS - Michelle Thompson" ike-id fqdn "sbs-mthompson" share-limit 1 set user "SBS - Michelle Thompson" type ike set user "SBS - Michelle Thompson" "enable" set user "SBS - Sandy Gripp" uid 21 set user "SBS - Sandy Gripp" ike-id fqdn "sbs-sgripp" share-limit 1 set user "SBS - Sandy Gripp" type ike set user "SBS - Sandy Gripp" "enable" set user "SBS - Wendy Watts" uid 4 set user "SBS - Wendy Watts" ike-id fqdn "sbs-wwatts" share-limit 1 set user "SBS - Wendy Watts" type ike set user "SBS - Wendy Watts" "enable" set user "SBS - Winde Ford" uid 13 set user "SBS - Winde Ford" ike-id fqdn "sbs-wford" share-limit 1 set user "SBS - Winde Ford" type ike set user "SBS - Winde Ford" "enable" set user-group "SBS - VPN Users" id 3 set user-group "SBS - VPN Users" user "SBS - Belinda Lopez" set user-group "SBS - VPN Users" user "SBS - Crystal Conger" set user-group "SBS - VPN Users" user "SBS - Deanna Gillette" set user-group "SBS - VPN Users" user "SBS - Ellen Haughn" set user-group "SBS - VPN Users" user "SBS - Lakeisha Cash" set crypto-policy exit set ike p1-proposal "ICCS - pre-dh2-3des-sha" preshare group2 esp 3des sha-1 second 172800 set ike p1-proposal "MAT-BC-Phase 1" preshare group5 esp 3des sha-1 second 172800 set ike p1-proposal "ACL-Phase 1" preshare group5 esp 3des sha-1 second 172800 set ike p1-proposal "IBAC-Phase 1" preshare group2 esp 3des sha-1 second 172800 set ike p1-proposal "M1 - ASA" preshare group2 esp aes256 sha-1 second 86400 set ike p1-proposal "Meraki" preshare group2 esp 3des sha-1 hour 8 set ike p1-proposal "Amazon-AWS-1" preshare group2 esp aes128 sha-1 second 28800 set ike p1-proposal "Amazon-AWS-2" preshare group2 esp aes128 sha-1 second 28800 set ike p2-proposal "ICCS - dh2-3des-sha1" group2 esp 3des sha-1 second 172800 set ike p2-proposal "MAT-BC-Phase 2" group5 esp 3des sha-1 second 172800 set ike p2-proposal "ACL-Phase 2" group5 esp 3des sha-1 second 172800 set ike p2-proposal "IBAC-Phase 2" group2 esp 3des sha-1 second 172800 set ike p2-proposal "Amazon-AWS-1" group2 esp aes128 sha-1 second 3600 set ike p2-proposal "Amazon-AWS-2" group2 esp aes128 sha-1 second 3600 set ike p2-proposal "Meraki" no-pfs esp 3des sha-1 hour 8 set ike gateway "MCE - McAllen" address 67.78.43.50 Main outgoing-interface "ethernet0/3" preshare "uYwNjrrBNFrvkss+l0ClY+fr96nqRPIjaQ==" sec-level standard set ike gateway "MCE - McAllen" nat-traversal unset ike gateway "MCE - McAllen" nat-traversal udp-checksum set ike gateway "MCE - McAllen" nat-traversal keepalive-frequency 5 set ike gateway "ASM - Athens" address 66.76.57.167 Main outgoing-interface "ethernet0/3" preshare "GVcW5FIXNbDVaUsx2DCPrP7dGAn58LdOyA==" proposal "pre-g2-3des-sha" set ike gateway "ASM - Athens" nat-traversal unset ike gateway "ASM - Athens" nat-traversal udp-checksum set ike gateway "ASM - Athens" nat-traversal keepalive-frequency 5 set ike gateway "ACL - Lufkin" address 66.76.50.58 Main outgoing-interface "ethernet0/3" preshare "WYKb3bydNR5U6PsJAmCOLBgcNnnihqLVNg==" proposal "ACL-Phase 1" "pre-g2-aes128-sha" set ike gateway "ACL - Lufkin" nat-traversal unset ike gateway "ACL - Lufkin" nat-traversal udp-checksum set ike gateway "ACL - Lufkin" nat-traversal keepalive-frequency 5 set ike gateway "MAT - Bay City" address mat-gw-bc.dyndns.org Main outgoing-interface "ethernet0/3" preshare "b0+Y4kxJN5IZAUsdCoC0nn2xK0nwJktuMQ==" proposal "MAT-BC-Phase 1" set ike gateway "MAT - Bay City" nat-traversal unset ike gateway "MAT - Bay City" nat-traversal udp-checksum set ike gateway "MAT - Bay City" nat-traversal keepalive-frequency 5 set ike gateway "HLA - Muncie" address 50.195.188.1 Main outgoing-interface "ethernet0/3" preshare "rz3NpE+WNOItaYs7sWCpi97WaxnYnQDdrQ==" sec-level standard set ike gateway "HLA - Muncie" nat-traversal unset ike gateway "HLA - Muncie" nat-traversal udp-checksum set ike gateway "HLA - Muncie" nat-traversal keepalive-frequency 5 set ike gateway "ICCS - North Houston" address 23.30.73.205 Main outgoing-interface "ethernet0/3" preshare "e/hm0REhNQNoOQsiFFCCDz9IsQn7LReW3PLCkeSEkbmP9e3imvZdN4I=" sec-level standard set ike gateway "ICCS - North Houston" nat-traversal unset ike gateway "ICCS - North Houston" nat-traversal udp-checksum set ike gateway "ICCS - North Houston" nat-traversal keepalive-frequency 5 set ike gateway "ODY - Houston" address 173.11.211.65 Main outgoing-interface "ethernet0/3" preshare "8ek/EsbdNZ0nXIsjHJCDT1T6S6nwW1a71Q==" sec-level standard set ike gateway "ODY - Houston" nat-traversal unset ike gateway "ODY - Houston" nat-traversal udp-checksum set ike gateway "ODY - Houston" nat-traversal keepalive-frequency 5 set ike gateway "HLA - Kokomo" address 71.229.64.28 Aggr outgoing-interface "ethernet0/3" preshare "Xdsi7ZQ1N0Ugyhsy4FCHLYmCQnntFX4ZKA==" sec-level standard set ike gateway "HLA - Kokomo" nat-traversal unset ike gateway "HLA - Kokomo" nat-traversal udp-checksum set ike gateway "HLA - Kokomo" nat-traversal keepalive-frequency 5 set ike gateway "RTX - The Woodlands" address 66.196.240.222 Main outgoing-interface "ethernet0/3" preshare "TZpW2iIYNQyZFGsntpCmNtZ3eunHjSIAv/g4xe1ve3lFwQtoxLykjbM=" proposal "pre-g2-3des-sha" set ike gateway "RTX - Cleveland" address rtx-gw-cleveland.dyndns.org Main outgoing-interface "ethernet0/3" preshare "xh/pxzt9NKPoolsg8UCo/w3vSsnHbtn5Mzbix3/yVZtKDZX9Z9kBuy8=" sec-level standard set ike gateway "RTX - Cleveland" nat-traversal unset ike gateway "RTX - Cleveland" nat-traversal udp-checksum set ike gateway "RTX - Cleveland" nat-traversal keepalive-frequency 5 set ike gateway "RTX - Walker" address rtx-walker.dyndns.org Main outgoing-interface "ethernet0/3" preshare "yoVGA1vmNAcY0ssZI1CfPeQy2TnLMTxfWw==" proposal "pre-g2-3des-sha" set ike gateway "RTX - Walker" nat-traversal unset ike gateway "RTX - Walker" nat-traversal udp-checksum set ike gateway "RTX - Walker" nat-traversal keepalive-frequency 5 set ike gateway "MAT - Palacious" address mat-pl-gw.dyndns.org Main outgoing-interface "ethernet0/3" preshare "jRy2QJnrNN6N20sKApCCGif+smnMw/J0OWwN2fABfVG+knEI2TxA4lo=" proposal "ICCS - pre-dh2-3des-sha" set ike gateway "MAT - Palacious" nat-traversal unset ike gateway "MAT - Palacious" nat-traversal udp-checksum set ike gateway "MAT - Palacious" nat-traversal keepalive-frequency 5 set ike gateway "LSA - San Antonio" address lsa-sa-gw.dyndns.org Main outgoing-interface "ethernet0/3" preshare "Wq5y5hzANHLA78sdxoC/eOlSJ1n6GdJlwbH4qiFKotsCSFDKZxjTv1k=" proposal "pre-g2-3des-sha" set ike gateway "LSA - San Antonio" nat-traversal unset ike gateway "LSA - San Antonio" nat-traversal udp-checksum set ike gateway "LSA - San Antonio" nat-traversal keepalive-frequency 5 set ike gateway "IBAC" address 104.50.79.41 Main outgoing-interface "ethernet0/3" preshare "764cjql+NYsZbYsxQDCehaR8AEn5IT/Jyw==" proposal "IBAC-Phase 1" set ike gateway "IBAC" nat-traversal unset ike gateway "IBAC" nat-traversal udp-checksum set ike gateway "IBAC" nat-traversal keepalive-frequency 5 set ike gateway "HLA - Lafayette" address 50.195.157.13 Main outgoing-interface "ethernet0/3" preshare "YcZh0rlMNMCFVZsTRkCXNyvQ9rnSE6hVFwskLdJvea5nateEUexzSbU=" sec-level standard set ike gateway "HLA - Lafayette" nat-traversal unset ike gateway "HLA - Lafayette" nat-traversal udp-checksum set ike gateway "HLA - Lafayette" nat-traversal keepalive-frequency 5 set ike gateway "ACP - Livingston" address 8.2.208.138 Main outgoing-interface "ethernet0/3" preshare "w7G900P+N1aXeEs4CDCaKmZILrnv6FdgXF6VC+qJNjyTd4L4hJwFAVk=" sec-level standard set ike gateway "ACP - Livingston" nat-traversal unset ike gateway "ACP - Livingston" nat-traversal udp-checksum set ike gateway "ACP - Livingston" nat-traversal keepalive-frequency 5 set ike gateway "PCG - Beaumont" address 67.10.125.218 Main outgoing-interface "ethernet0/3" preshare "0hHjqaOFNC8mAJsGw8CT6okFDznskzmVEg==" proposal "pre-g2-3des-sha" set ike gateway "PCG - Beaumont" nat-traversal unset ike gateway "PCG - Beaumont" nat-traversal udp-checksum set ike gateway "PCG - Beaumont" nat-traversal keepalive-frequency 5 set ike gateway "M1 - Dallas" address 50.84.238.130 Main outgoing-interface "ethernet0/3" preshare "hLFMnjgENKItLXstGOCKC5w/J1nU3B2O11Y7NJhlPvKTRBnx7ZJjiyA=" proposal "M1 - ASA" "pre-g2-aes128-sha" set ike gateway "GEMS - Dallas" dialup "GEMS - Dallas" Aggr outgoing-interface "ethernet0/3" preshare "CHUEODYWNMEzFPsAZICkAGQMhknoSeFyvg==" sec-level standard unset ike gateway "GEMS - Dallas" nat-traversal udp-checksum set ike gateway "GEMS - Dallas" nat-traversal keepalive-frequency 5 set ike gateway "GEMS - Houston South" address 50.244.121.73 Main outgoing-interface "ethernet0/3" preshare "feKTdAw2NSjpDmsZnsCmdno57Yn82+yaM3qM2YSm3iAn0JyhX4NUyI0=" sec-level standard set ike gateway "GEMS - Houston North" address 173.11.232.185 Main outgoing-interface "ethernet0/3" preshare "N5fGpZY0NkK4qKsW0jC1ti597ZnbKMN+NA/O79A7MZQJB5asyQQNtLc=" sec-level standard set ike gateway "GEMS-OKC" address 184.186.208.70 Main outgoing-interface "ethernet0/3" preshare "aj1pZX0aNH/E6/sAwZCFfZzkkVnv7oVBjg==" proposal "Meraki" set ike gateway "GEMS-OKC" nat-traversal unset ike gateway "GEMS-OKC" nat-traversal udp-checksum set ike gateway "GEMS-OKC" nat-traversal keepalive-frequency 0 set ike gateway "HLA-Shelbyville" address hla-shelbyville-gw.dyndns.org Main outgoing-interface "ethernet0/3" preshare "0ALNFly4NVzYp4socbCszsnnIGnmLyChpvh9a+K2Z5D+nDPIW3uLJqc=" sec-level standard set ike gateway "HLA-Shelbyville" nat-traversal unset ike gateway "HLA-Shelbyville" nat-traversal udp-checksum set ike gateway "HLA-Shelbyville" nat-traversal keepalive-frequency 5 set ike gateway "HLA-Indianapolis" address 69.245.181.219 Main outgoing-interface "ethernet0/3" preshare "tVsDk3nwNYaCxgsIy/CtvyY+jXnXB5OPC3oeT5tAjNFu5z96Dc4dqc0=" sec-level standard set ike gateway "HLA-Indianapolis" nat-traversal unset ike gateway "HLA-Indianapolis" nat-traversal udp-checksum set ike gateway "HLA-Indianapolis" nat-traversal keepalive-frequency 5 set ike respond-bad-spi 1 set ike ikev2 ike-sa-soft-lifetime 60 unset ike ikeid-enumeration unset ike dos-protection unset ipsec access-session enable set ipsec access-session maximum 5000 set ipsec access-session upper-threshold 0 set ipsec access-session lower-threshold 0 set ipsec access-session dead-p2-sa-timeout 0 unset ipsec access-session log-error unset ipsec access-session info-exch-connected unset ipsec access-session use-error-log set vpn "MCE - McAllen" gateway "MCE - McAllen" no-replay tunnel idletime 0 sec-level standard set vpn "MCE - McAllen" monitor optimized set vpn "ASM - Athens" gateway "ASM - Athens" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha" set vpn "ASM - Athens" monitor optimized set vpn "ACL - Lufkin" gateway "ACL - Lufkin" no-replay tunnel idletime 0 proposal "ACL-Phase 2" set vpn "ACL - Lufkin" monitor source-interface ethernet0/0 destination-ip 10.25.0.1 optimized set vpn "MAT - Bay City" gateway "MAT - Bay City" no-replay tunnel idletime 0 proposal "MAT-BC-Phase 2" set vpn "MAT - Bay City" monitor source-interface ethernet0/0 destination-ip 10.25.0.193 optimized set vpn "HLA - Muncie" gateway "HLA - Muncie" no-replay tunnel idletime 0 sec-level standard set vpn "HLA - Muncie" monitor optimized set vpn "ICCS - North Houston" gateway "ICCS - North Houston" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha" set vpn "ICCS - North Houston" monitor optimized set vpn "ODY - Houston" gateway "ODY - Houston" no-replay tunnel idletime 0 sec-level standard set vpn "ODY - Houston" monitor optimized set vpn "HLA - Kokomo" gateway "HLA - Kokomo" no-replay tunnel idletime 0 sec-level standard set vpn "HLA - Kokomo" monitor optimized set vpn "RTX - The Woodlands" gateway "RTX - The Woodlands" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha" set vpn "RTX - The Woodlands" monitor optimized set vpn "RTX - Cleveland" gateway "RTX - Cleveland" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha" set vpn "RTX - Cleveland" monitor optimized set vpn "RTX - Walker" gateway "RTX - Walker" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha" set vpn "RTX - Walker" monitor optimized set vpn "MAT - Palacious" gateway "MAT - Palacious" no-replay tunnel idletime 0 proposal "ICCS - dh2-3des-sha1" set vpn "MAT - Palacious" monitor optimized set vpn "LSA - San Antonio" gateway "LSA - San Antonio" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha" set vpn "LSA - San Antonio" monitor optimized set vpn "IBAC" gateway "IBAC" no-replay tunnel idletime 0 proposal "IBAC-Phase 2" set vpn "IBAC" monitor optimized set vpn "HLA - Lafayette" gateway "HLA - Lafayette" no-replay tunnel idletime 0 sec-level standard set vpn "HLA - Lafayette" monitor optimized set vpn "ACP - Livingston" gateway "ACP - Livingston" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha" "g2-esp-aes128-sha" set vpn "ACP - Livingston" monitor optimized set vpn "PCG - Beaumont" gateway "PCG - Beaumont" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha" "g2-esp-aes128-sha" set vpn "PCG - Beaumont" monitor optimized set vpn "M1 - Dallas" gateway "M1 - Dallas" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha" set vpn "M1 - Dallas" monitor source-interface ethernet0/0 optimized set vpn "GEMS - Dallas" gateway "GEMS - Dallas" no-replay tunnel idletime 0 sec-level standard set vpn "GEMS - Dallas" monitor optimized set vpn "GEMS - Houston South" gateway "GEMS - Houston South" no-replay tunnel idletime 0 sec-level standard set vpn "GEMS - Houston South" monitor optimized set vpn "GEMS - Houston North" gateway "GEMS - Houston North" no-replay tunnel idletime 0 sec-level standard set vpn "GEMS - Houston North" monitor optimized set vpn "GEMS-OKC" gateway "GEMS-OKC" no-replay tunnel idletime 0 proposal "Meraki" set vpn "GEMS-OKC" monitor optimized set vpn "HLA-Shelbyville" gateway "HLA-Shelbyville" no-replay tunnel idletime 0 sec-level standard set vpn "HLA-Shelbyville" monitor optimized set vpn "HLA-Indianapolis" gateway "HLA-Indianapolis" no-replay tunnel idletime 0 sec-level standard set vpn "HLA-Indianapolis" monitor optimized set vpn-group id 100 set ftp non-rfc-support set av scan-mgr max-content-size 25000 set av scan-mgr corrupt-file drop set url protocol websense exit set policy id 341 from "Allegiance" to "Untrust-ALG" "Any" "Any" "ANY" permit set policy id 341 exit set policy id 340 from "Trust" to "Untrust" "HeartlandAMB" "HLA-Indianapolis" "ANY" tunnel vpn "HLA-Indianapolis" id 0xb2 set policy id 340 exit set policy id 339 from "Untrust" to "Trust" "HLA-Shelbyville" "HeartlandAMB" "ANY" tunnel vpn "HLA-Shelbyville" id 0xb1 pair-policy 338 set policy id 339 exit set policy id 338 from "Trust" to "Untrust" "HeartlandAMB" "HLA-Shelbyville" "ANY" tunnel vpn "HLA-Shelbyville" id 0xb1 pair-policy 339 set policy id 338 exit set policy id 337 from "Untrust" to "Trust" "GEMS-OklahomaCity" "ICCS LAN - 10.0.10.x" "ANY" tunnel vpn "GEMS-OKC" id 0xb0 pair-policy 336 set policy id 337 exit set policy id 336 from "Trust" to "Untrust" "ICCS LAN - 10.0.10.x" "GEMS-OklahomaCity" "ANY" tunnel vpn "GEMS-OKC" id 0xb0 pair-policy 337 set policy id 336 exit set policy id 335 from "Untrust" to "Trust" "HLA - Kokomo" "HLA - Kokomo" "ANY" tunnel vpn "HLA - Kokomo" id 0xaf pair-policy 334 set policy id 335 exit set policy id 334 from "Trust" to "Untrust" "HLA - Kokomo" "HLA - Kokomo" "ANY" tunnel vpn "HLA - Kokomo" id 0xaf pair-policy 335 set policy id 334 exit set policy id 319 from "Trust" to "Untrust" "ICCS LAN - 10.0.10.x" "M1 - Dallas" "ANY" tunnel vpn "M1 - Dallas" id 0x9e pair-policy 318 set policy id 319 exit set policy id 318 from "Untrust" to "Trust" "M1 - Dallas" "ICCS LAN - 10.0.10.x" "ANY" tunnel vpn "M1 - Dallas" id 0x9e pair-policy 319 set policy id 318 exit set policy id 317 from "Untrust" to "Trust" "M1 - Dallas Server Network" "ICCS LAN - 10.0.10.x" "ANY" tunnel vpn "M1 - Dallas" id 0x9d pair-policy 316 set policy id 317 exit set policy id 316 from "Trust" to "Untrust" "ICCS LAN - 10.0.10.x" "M1 - Dallas Server Network" "ANY" tunnel vpn "M1 - Dallas" id 0x9d pair-policy 317 set policy id 316 exit set policy id 315 from "Trust" to "Untrust" "ICCS LAN - 10.0.10.x" "GEMS - Houston North" "ANY" tunnel vpn "GEMS - Houston North" id 0x9a pair-policy 314 set policy id 315 exit set policy id 314 from "Untrust" to "Trust" "GEMS - Houston North" "ICCS LAN - 10.0.10.x" "ANY" tunnel vpn "GEMS - Houston North" id 0x9a pair-policy 315 set policy id 314 exit set policy id 313 from "Untrust" to "Trust" "GEMS - Houston South" "ICCS LAN - 10.0.10.x" "ANY" tunnel vpn "GEMS - Houston South" id 0x98 pair-policy 312 set policy id 313 exit set policy id 312 from "Trust" to "Untrust" "ICCS LAN - 10.0.10.x" "GEMS - Houston South" "ANY" tunnel vpn "GEMS - Houston South" id 0x98 pair-policy 313 set policy id 312 exit set policy id 311 from "Untrust" to "Trust" "Dial-Up VPN" "GEMS LAN - 10.2.5.x" "ANY" tunnel vpn "GEMS - Dallas" id 0x97 pair-policy 310 set policy id 311 exit set policy id 310 from "Trust" to "Untrust" "GEMS LAN - 10.2.5.x" "Dial-Up VPN" "ANY" tunnel vpn "GEMS - Dallas" id 0x97 pair-policy 311 set policy id 310 exit set policy id 309 from "Untrust" to "Trust" "Dial-Up VPN" "ICCS LAN - 10.0.10.x" "ANY" tunnel vpn "GEMS - Dallas" id 0x96 pair-policy 308 set policy id 309 exit set policy id 308 from "Trust" to "Untrust" "ICCS LAN - 10.0.10.x" "Dial-Up VPN" "ANY" tunnel vpn "GEMS - Dallas" id 0x96 pair-policy 309 set policy id 308 exit set policy id 307 from "Trust" to "Untrust" "Dial-Up VPN" "GEMS - Dallas" "ANY" tunnel vpn "GEMS - Dallas" id 0x94 set policy id 307 exit set policy id 297 from "Untrust" to "Trust" "PCG-LAN" "PCG - Beaumont" "ANY" tunnel vpn "PCG - Beaumont" id 0x91 pair-policy 296 set policy id 297 exit set policy id 296 from "Trust" to "Untrust" "PCG - Beaumont" "PCG-LAN" "ANY" tunnel vpn "PCG - Beaumont" id 0x91 pair-policy 297 set policy id 296 exit set policy id 293 from "Untrust" to "Trust" "ACP-LAN" "ACP - Livingston Group" "ANY" tunnel vpn "ACP - Livingston" id 0x8f pair-policy 292 set policy id 293 exit set policy id 292 from "Trust" to "Untrust" "ACP - Livingston Group" "ACP-LAN" "ANY" tunnel vpn "ACP - Livingston" id 0x8f pair-policy 293 set policy id 292 exit set policy id 291 from "Trust" to "Untrust" "HLA - Lafayette" "HLA - Lafayette" "ANY" tunnel vpn "HLA - Lafayette" id 0x8e pair-policy 290 set policy id 291 exit set policy id 290 from "Untrust" to "Trust" "HLA - Lafayette" "HLA - Lafayette" "ANY" tunnel vpn "HLA - Lafayette" id 0x8e pair-policy 291 set policy id 290 exit set policy id 289 from "Untrust" to "Trust" "IBAC" "ICCS LAN - 10.0.10.x" "ANY" tunnel vpn "IBAC" id 0x8d pair-policy 288 set policy id 289 exit set policy id 288 from "Trust" to "Untrust" "ICCS LAN - 10.0.10.x" "IBAC" "ANY" tunnel vpn "IBAC" id 0x8d pair-policy 289 set policy id 288 exit set policy id 287 from "Trust" to "Untrust" "LSA -San Antonio" "LSA - San Antonio" "ANY" tunnel vpn "LSA - San Antonio" id 0x8c pair-policy 286 set policy id 287 exit set policy id 286 from "Untrust" to "Trust" "LSA - San Antonio" "LSA -San Antonio" "ANY" tunnel vpn "LSA - San Antonio" id 0x8c pair-policy 287 set policy id 286 exit set policy id 285 from "Untrust" to "Trust" "MAT-PL-LAN" "MAT - Palacious" "ANY" tunnel vpn "MAT - Palacious" id 0x8b pair-policy 284 set policy id 285 exit set policy id 284 from "Trust" to "Untrust" "MAT - Palacious" "MAT-PL-LAN" "ANY" tunnel vpn "MAT - Palacious" id 0x8b pair-policy 285 set policy id 284 exit set policy id 281 from "Untrust" to "Trust" "RTX - Walker" "RTX - Walker" "ANY" tunnel vpn "RTX - Walker" id 0x89 pair-policy 280 set policy id 281 exit set policy id 280 from "Trust" to "Untrust" "RTX - Walker" "RTX - Walker" "ANY" tunnel vpn "RTX - Walker" id 0x89 pair-policy 281 set policy id 280 exit set policy id 279 from "Trust" to "Untrust" "RTX - The Woodlands" "RTX - Cleveland" "ANY" tunnel vpn "RTX - Cleveland" id 0x88 pair-policy 278 set policy id 279 exit set policy id 278 from "Untrust" to "Trust" "RTX - Cleveland" "RTX - The Woodlands" "ANY" tunnel vpn "RTX - Cleveland" id 0x88 pair-policy 279 set policy id 278 exit set policy id 277 from "Untrust" to "Trust" "RTX - Woodlands Group" "RTX - The Woodlands" "ANY" tunnel vpn "RTX - The Woodlands" id 0x9f pair-policy 276 set policy id 277 exit set policy id 276 from "Trust" to "Untrust" "RTX - The Woodlands" "RTX - Woodlands Group" "ANY" tunnel vpn "RTX - The Woodlands" id 0x9f pair-policy 277 set policy id 276 exit set policy id 271 from "Trust" to "Untrust" "ODY - Houston" "ODY - Houston" "ANY" tunnel vpn "ODY - Houston" id 0x83 pair-policy 270 set policy id 271 exit set policy id 270 from "Untrust" to "Trust" "ODY - Houston" "ODY - Houston" "ANY" tunnel vpn "ODY - Houston" id 0x83 pair-policy 271 set policy id 270 exit set policy id 269 from "Untrust" to "Trust" "ICCS - North Houston" "ICCS - North Houston" "ANY" tunnel vpn "ICCS - North Houston" id 0x82 pair-policy 268 set policy id 269 exit set policy id 268 from "Trust" to "Untrust" "ICCS - North Houston" "ICCS - North Houston" "ANY" tunnel vpn "ICCS - North Houston" id 0x82 pair-policy 269 set policy id 268 exit set policy id 267 from "Trust" to "Untrust" "HLA - Muncie" "HLA - Muncie VPN" "ANY" tunnel vpn "HLA - Muncie" id 0x92 pair-policy 266 set policy id 267 exit set policy id 266 from "Untrust" to "Trust" "HLA - Muncie VPN" "HLA - Muncie" "ANY" tunnel vpn "HLA - Muncie" id 0x92 pair-policy 267 set policy id 266 exit set policy id 263 from "Trust" to "Untrust" "MAT - Bay City" "MAT - BC VPN" "ANY" tunnel vpn "MAT - Bay City" id 0x7f pair-policy 262 set policy id 263 exit set policy id 262 from "Untrust" to "Trust" "MAT - BC VPN" "MAT - Bay City" "ANY" tunnel vpn "MAT - Bay City" id 0x7f pair-policy 263 set policy id 262 exit set policy id 259 from "Untrust" to "Trust" "ACL-LAN" "ACL - Lufkin" "ANY" tunnel vpn "ACL - Lufkin" id 0x7d pair-policy 258 set policy id 259 exit set policy id 258 from "Trust" to "Untrust" "ACL - Lufkin" "ACL-LAN" "ANY" tunnel vpn "ACL - Lufkin" id 0x7d pair-policy 259 set policy id 258 exit set policy id 255 from "Untrust" to "Trust" "ASM - Athens" "ICCS - Alpheus" "ANY" tunnel vpn "ASM - Athens" id 0x7a pair-policy 254 set policy id 255 exit set policy id 254 from "Trust" to "Untrust" "ICCS - Alpheus" "ASM - Athens" "ANY" tunnel vpn "ASM - Athens" id 0x7a pair-policy 255 set policy id 254 exit set policy id 253 from "Trust" to "Untrust" "MCE - McAllen" "MCE-MC-LAN" "ANY" tunnel vpn "MCE - McAllen" id 0x79 pair-policy 252 set policy id 253 exit set policy id 252 from "Untrust" to "Trust" "MCE-MC-LAN" "MCE - McAllen" "ANY" tunnel vpn "MCE - McAllen" id 0x79 pair-policy 253 set policy id 252 exit set policy id 251 from "Untrust" to "Trust" "Any" "MIP(1.1.1.8)" "PING" permit set policy id 251 set service "RDP" exit set policy id 300 from "Untrust" to "Trust" "Any" "MIP(1.1.1.122)" "DNS" permit set policy id 300 set service "FTP" set service "HTTP" set service "HTTPS" set service "PING" set service "RDP" exit set policy id 299 from "Untrust" to "Trust" "Any" "MIP(1.1.1.121)" "FTP" permit set policy id 299 set service "HTTP" set service "HTTPS" set service "PING" set service "RDP" set service "TELNET" exit set policy id 248 from "Untrust" to "Trust" "Any" "MIP(1.1.1.120)" "HTTP" permit set policy id 248 set service "HTTPS" set service "PING" set service "RDP" set service "VAF VPN" exit set policy id 304 from "Untrust" to "Trust" "Any" "MIP(1.1.1.75)" "HTTP" permit set policy id 304 set service "HTTPS" set service "PING" exit set policy id 247 from "Untrust" to "Trust" "Any" "MIP(1.1.1.74)" "HTTP" permit set policy id 247 set service "HTTPS" set service "PING" exit set policy id 246 from "Untrust" to "Trust" "Any" "MIP(1.1.1.73)" "HTTP" permit set policy id 246 set service "HTTPS" set service "PING" exit set policy id 245 from "Untrust" to "Trust" "Any" "MIP(1.1.1.72)" "HTTP" permit set policy id 245 set service "HTTPS" set service "PING" exit set policy id 244 from "Untrust" to "Trust" "Any" "MIP(1.1.1.71)" "HTTP" permit set policy id 244 set service "HTTPS" set service "PING" exit set policy id 243 from "Untrust" to "Trust" "Any" "MIP(1.1.1.70)" "FTP" permit set policy id 243 set service "HTTP" set service "HTTPS" set service "PING" exit set policy id 301 from "Untrust" to "Trust" "Any" "MIP(1.1.1.63)" "HTTP" permit set policy id 301 set service "HTTPS" set service "PING" set service "RDP" exit set policy id 298 from "Untrust" to "Trust" "Any" "MIP(1.1.1.62)" "PING" permit set policy id 298 set service "RDP" exit set policy id 242 from "Untrust" to "Trust" "Any" "MIP(1.1.1.61)" "iRAPP" permit set policy id 242 set service "PING" set service "RDP" exit set policy id 241 from "Untrust" to "Trust" "Any" "MIP(1.1.1.60)" "PING" permit set policy id 241 set service "RDP" exit set policy id 240 from "Untrust" to "Trust" "Any" "MIP(1.1.1.51)" "HTTP" permit set policy id 240 set service "HTTPS" set service "PING" set service "VMWare View 4172" exit set policy id 239 from "Untrust" to "Trust" "Any" "MIP(1.1.1.50)" "HTTP" permit set policy id 239 set service "HTTPS" set service "PING" set service "VMWare View 4172" exit set policy id 303 from "Untrust" to "Trust" "Any" "MIP(1.1.1.46)" "VMware VC Console Access" permit set policy id 303 set service "VMware vCenter" exit set policy id 302 from "Untrust" to "Trust" "Any" "MIP(1.1.1.45)" "HTTPS" permit set policy id 302 exit set policy id 238 from "Untrust" to "Trust" "Any" "MIP(1.1.1.44)" "Labtech Ignite" permit set policy id 238 exit set policy id 237 from "Untrust" to "Trust" "Any" "MIP(1.1.1.43)" "HTTP" permit set policy id 237 set service "HTTPS" set service "Labtech" set service "PING" exit set policy id 236 from "Untrust" to "Trust" "Any" "MIP(1.1.1.42)" "HTTP" permit set policy id 236 set service "HTTPS" set service "Itivity Agent" set service "Itivity Viewer" set service "PING" exit set policy id 235 from "Untrust" to "Trust" "Any" "MIP(1.1.1.41)" "Cerberus FTP Passive" permit set policy id 235 set service "FTP" set service "FTPS" set service "HTTP" set service "HTTPS" set service "PING" set service "SSH" exit set policy id 320 from "Untrust" to "Trust" "Any" "MIP(1.1.1.40)" "RDP" permit set policy id 320 exit set policy id 234 from "Untrust" to "Trust" "Any" "MIP(1.1.1.40)" "HTTP" permit set policy id 234 set service "HTTP-EXT" set service "HTTPS" set service "PING" exit set policy id 233 from "Untrust" to "Trust" "Any" "MIP(1.1.1.31)" "Broadvox SIP TCP" permit set policy id 233 set service "Broadvox SIP UDP" set service "PING" exit set policy id 232 from "Untrust" to "Trust" "Broadvox Media IPS" "MIP(1.1.1.30)" "Broadvox SIP TCP" permit set policy id 232 set src-address "Broadvox SIP IPS" set src-address "nexVortex" set service "Broadvox SIP UDP" set service "PING" exit set policy id 231 from "Untrust" to "Trust" "Any" "MIP(1.1.1.21)" "HTTP" permit set policy id 231 set service "HTTPS" set service "PING" set service "POP3 Secure" exit set policy id 230 from "Untrust" to "Trust" "Any" "MIP(1.1.1.20)" "PING" permit set policy id 230 set service "SMTP" exit set policy id 229 from "Untrust" to "Trust" "Any" "MIP(1.1.1.16)" "DNS" permit set policy id 229 set service "PING" exit set policy id 228 from "Untrust" to "Trust" "Any" "MIP(1.1.1.15)" "KMS" permit set policy id 228 disable set policy id 228 set service "PING" exit set policy id 149 name "SBS-Blocked Sites" from "Trust" to "Untrust" "ICCS LAN" "SBS-URL Block Access" "HTTP" reject url-filter set policy id 149 application "HTTP" set policy id 149 set service "HTTPS" exit set policy id 192 from "Trust" to "Untrust" "LSA LAN - 10.2.6.x" "LSA - Website Blacklist" "ANY" deny set policy id 192 exit set policy id 196 from "Trust" to "Untrust" "Any" "STX Consulting Sites" "ANY" deny set policy id 196 exit set policy id 224 from "Trust" to "Untrust" "MCE - LAN" "AR Concepts FTP" "FTP" permit set policy id 224 exit set policy id 101 from "Trust" to "Untrust" "Any" "Any" "SIP From Internal" permit log set policy id 101 exit set policy id 190 name "FTP Access" from "Trust" to "Untrust" "ICCS - ICCS-Iris-08" "Any" "FTP" permit set policy id 190 set src-address "ICCS - ICCS-Themis-03 (MCE ProQA Server)" set src-address "ICCS - VNX 5300" set src-address "ICCS LAN - 10.0.10.x" set src-address "ICCS-Atlas-00" set src-address "ICCS-Themis-07" set src-address "RTX - RTX-Zeus-01" set src-address "SBS LAN - 10.2.7.x" exit set policy id 191 from "Trust" to "Untrust" "Any" "Any" "FTP" deny set policy id 191 exit set policy id 327 from "Trust" to "Untrust" "ICCS LAN - 10.0.10.x" "Any" "ANY" permit set policy id 327 exit set policy id 28 from "Trust" to "Untrust" "Any" "Any" "ANY" permit set policy id 28 av "ns-profile" set policy id 28 exit set nsmgmt bulkcli reboot-timeout 60 set ssh version v2 set ssh enable set config lock timeout 5 unset license-key auto-update set telnet client enable set ssl cert-hash "172E57F29816710EC720D79F5AA73C3B88E73053" set ntp server "time.nist.gov" set ntp server src-interface "ethernet0/3" set ntp "no-ha-sync" set ntp max-adjustment 3600 set snmp port listen 161 set snmp port trap 162 set snmpv3 local-engine id "0185112010001996" set vrouter "untrust-vr" exit set vrouter "trust-vr" unset add-default-route set route 10.0.50.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.0.60.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.0.10.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.0.2.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.13.0/24 interface ethernet0/0 gateway 10.0.0.10 set route 10.2.14.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.15.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.16.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.2.1/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.6.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.10.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.1.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.7.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 192.168.1.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.4.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.5.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.3.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.0.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.17.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.2.11.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 0.0.0.0/0 interface ethernet0/3 gateway 1.1.1.1 permanent set route 192.168.140.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent set route 10.0.51.0/24 interface ethernet0/0 gateway 10.0.0.10 permanent exit set vrouter "allegiance-vr" set route 0.0.0.0/0 interface ethernet0/5 gateway 2.2.2.193 preference 25 permanent exit set vrouter "untrust-vr" exit set vrouter "trust-vr" exit set vrouter "allegiance-vr" exit