version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HQ-Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
ethernet lmi ce
!
!
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
!
multilink bundle-name authenticated
!
license udi pid C841M-8X-JAIS/K9 sn FGL200420EP
!
!
!
redundancy
!
!
!
!
!
!
!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key cisco address 0.0.0.0
crypto isakmp keepalive 30
!
!
crypto ipsec transform-set MYSET esp-3des esp-md5-hmac
mode tunnel
!
crypto ipsec profile TP
set transform-set MYSET
!
!
!
!
!
!
!
!
interface Tunnel1
ip address 172.16.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
tunnel source Dialer2
tunnel mode ipsec ipv4
tunnel destination 40.255.255.1
tunnel protection ipsec profile TP
!
interface Tunnel2
ip address 172.16.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
tunnel source Dialer2
tunnel mode ipsec ipv4
tunnel destination 80.255.255.1
tunnel protection ipsec profile TP
!
interface GigabitEthernet0/0
no ip address
!
interface GigabitEthernet0/1
no ip address
!
interface GigabitEthernet0/2
no ip address
!
interface GigabitEthernet0/3
description to_SLALES
switchport access vlan 10
no ip address
!
interface GigabitEthernet0/4
no ip address
!
interface GigabitEthernet0/5
no ip address
!
interface GigabitEthernet0/6
description to_HR
switchport access vlan 20
no ip address
!
interface GigabitEthernet0/7
no ip address
!
interface GigabitEthernet0/8
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/9
description to_ISP_and_FletsVPNwide
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
pppoe-client dial-pool-number 2
!
interface Vlan1
no ip address
!
interface Vlan10
description to_SALES-LAN
ip address 192.168.10.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan20
description to_HR-LAN
ip address 192.168.20.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Dialer1
description to_ISP
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname ISP1@cisco.com
ppp chap password 0 cisco
ppp ipcp dns request accept
ppp ipcp route default
!
interface Dialer2
description to_FletsVPNwide
ip address 30.255.255.1 255.255.255.0
ip virtual-reassembly in
encapsulation ppp
dialer pool 2
dialer-group 1
ppp authentication chap callin
ppp chap hostname NTT1@domain
ppp chap password 0 nttuser
!
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 40.255.255.0 255.255.255.0 Dialer2
ip route 80.255.255.0 255.255.255.0 Dialer2
ip route 192.168.30.0 255.255.255.0 Tunnel1
ip route 192.168.40.0 255.255.255.0 Tunnel2
!
dialer-list 1 protocol ip permit
!
!
access-list 1 permit 192.168.0.0 0.0.255.255
!
control-plane
!
!
!
line con 0
no modem enable
line vty 0 4
login
transport input none
!
no scheduler allocate
!
end