version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service dhcp
!
hostname CiscoRtr
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
clock timezone London 0
!
!
dot11 syslog
no ip subnet-zero
no ip source-route
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.9.50
!
ip dhcp pool CiscoRtr
import all
network 192.168.9.0 255.255.255.0
dns-server 192.168.1.50 192.168.1.48
default-router 192.168.9.254
netbios-name-server 192.168.1.50
lease infinite
!
!
no ip domain lookup
ip name-server 213.213.213.213
!
multilink bundle-name authenticated
!
!
!
!
crypto isakmp policy 11
hash md5
authentication pre-share
group 2
crypto isakmp key egvpnkey address 80.80.80.80
crypto isakmp key egvpnkey address 89.89.89.89
!
!
crypto ipsec transform-set testerg esp-des esp-md5-hmac
!
crypto map testergvpn 11 ipsec-isakmp
set peer 80.80.80.80
set peer 89.89.89.89
set transform-set testerg
match address 104
!
archive
log config
hidekeys
!
!
!
bridge irb
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 8/35
pppoe-client dial-pool-number 1
!
dsl operating-mode auto
!
interface FastEthernet0
speed 100
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
ip address 192.168.9.253 255.255.255.0
ip access-group 102 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip mroute-cache
!
interface Dialer1
mtu 1492
ip address negotiated
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
no ip mroute-cache
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap chap callin
ppp chap hostname test
ppp chap password 7 000000000000000000
ppp pap sent-username test password 7 00000000000000000000000
crypto map testergvpn
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.0.0.0 255.0.0.0 Null0
ip route 127.0.0.0 255.0.0.0 Null0
ip route 172.16.0.0 255.240.0.0 Null0
!
!
no ip http server
no ip http secure-server
ip nat inside source list 106 interface Dialer1 overload
!
access-list 1 permit 80.80.80.80
access-list 1 permit 192.168.9.0 0.0.0.255
access-list 102 permit ip any any
access-list 102 permit udp host 0.0.0.0 host 255.255.255.255
access-list 104 permit ip 192.168.9.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 105 deny ip 192.168.9.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 106 deny ip 192.168.9.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 106 permit ip 192.168.9.0 0.0.0.255 any
dialer-list 1 protocol ip permit
!
!
scheduler max-task-time 5000
end
|