pix6# show config
: Saved
: Written by enable_15 at 15:55:14.799 UTC Wed Mar 29 2006
PIX Version 6.3(3)
interface ethernet0 auto
interface ethernet1 100basetx
interface ethernet2 auto
interface ethernet3 auto shutdown
interface ethernet4 auto shutdown
interface ethernet5 auto shutdown
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 dmz security20
enable password *********** encrypted
passwd ********** encrypted
hostname pix6
domain-name acmecorp.com
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
object-group service web_svcs tcp
port-object eq www
port-object eq https
object-group network db_svrs
network-object host 192.168.1.200
network-object host 192.168.1.210
object-group network internal_mail_svrs
network-object host 10.1.10.200
network-object host 10.1.10.210
access-list dmz permit tcp host 192.168.1.1 host 10.1.10.1
access-list dmz permit udp host 192.168.1.1 host 10.1.10.1
access-list dmz permit tcp object-group db_svrs 10.1.10.0 255.255.255.0 eq 118
access-list dmz permit udp object-group db_svrs 10.1.10.0 255.255.255.0 eq 118
access-list NO_NAT permit ip host 10.1.10.1 host 192.168.1.1
access-list inside permit tcp host 10.1.10.1 host 192.168.1.1 eq smtp
access-list inside permit tcp any any object-group web_svcs
pager lines 25
logging on
logging buffered debugging
logging trap informational
logging host inside 172.16.0.200
mtu outside 1500
mtu inside 1500
mtu mail1 1500
mtu testweb 1500
mtu proxymail 1500
mtu vpn4 1500
ip address outside 166.22.22.2 255.255.255.0
ip address inside 10.1.10.2 255.255.255.0
ip address dmz 192.168.1.2 255.255.255.0
arp timeout 14400
global (dmz) 1 192.168.1.254
nat (inside) 0 access-list NO_NAT
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,dmz) 10.1.10.0 10.1.10.0 netmask 255.255.255.0 0 0
access-group inside in interface inside
access-group dmz in interface dmz
route outside 0.0.0.0 0.0.0.0 165.22.22.254 1
timeout xlate 1:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+ 
aaa-server RADIUS protocol radius 
aaa-server LOCAL protocol local 
aaa-server partnerauth protocol radius 
aaa-server partnerauth (inside) host 172.16.0.25 PHASE2 timeout 5
http server enable
http 172.16.31.46 255.255.255.255 inside
http 172.16.6.44 255.255.255.255 inside
http 172.16.0.101 255.255.255.255 inside
http 172.16.0.200 255.255.255.255 inside
snmp-server host inside 172.16.0.61
snmp-server location San Jose PIX
snmp-server contact AcmeCorp
snmp-server community harry
snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
telnet 172.16.0.0 255.255.0.0 inside
telnet 192.168.3.0 255.255.255.0 inside
telnet timeout 60
ssh timeout 5
console timeout 0
terminal width 80
banner motd WARNING: Unauthorized access to this device will result in prosecution to the fullest extent permissible by law
Cryptochecksum:74151f0b71a7d641d691819297fc6c74