Building configuration... Current configuration : 7699 bytes ! ! Last configuration change at 17:42:06 UTC Sun May 7 2017 by SMAdministrator ! NVRAM config last updated at 17:41:59 UTC Sun May 7 2017 by SMAdministrator ! NVRAM config last updated at 17:41:59 UTC Sun May 7 2017 by SMAdministrator version 15.1 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Router ! boot-start-marker boot-end-marker ! ! logging buffered 51200 warnings ! aaa new-model ! ! aaa authentication login default local aaa authentication login ciscocp_vpn_xauth_ml_1 local aaa authentication login ciscocp_vpn_xauth_ml_2 local aaa authentication login ciscocp_vpn_xauth_ml_3 local aaa authentication login ciscocp_vpn_xauth_ml_4 local aaa authentication login ciscocp_vpn_xauth_ml_5 local aaa authentication login ciscocp_vpn_xauth_ml_6 local aaa authorization exec default local aaa authorization network ciscocp_vpn_group_ml_1 local aaa authorization network ciscocp_vpn_group_ml_2 local aaa authorization network ciscocp_vpn_group_ml_3 local aaa authorization network ciscocp_vpn_group_ml_4 local ! ! ! ! ! aaa session-id common ! memory-size iomem 10 crypto pki token default removal timeout 0 ! crypto pki trustpoint TP-self-signed-2880221878 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-2880221878 revocation-check none rsakeypair TP-self-signed-2880221878 ! ! crypto pki certificate chain TP-self-signed-2880221878 certificate self-signed 01 3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 32383830 32323138 3738301E 170D3134 31313230 31373230 35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 38383032 32313837 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 81008832 D6D66473 6C02AE3C 6D47C33E 39DC17C4 27BFBB51 4EC5DE2A C4B8B687 E042B4B7 72D1D237 E36163C7 26F1D55F 4BB46923 20E2FFC4 5A98B017 1416FF60 0920A63E 913E6FCB DF6ABF56 F904EA85 9BD6DCD2 F6EC21E6 D1AA152F AE684742 4A135613 5CE81DDB D71A2BE9 584AA189 D11B3CA7 CC54FD6F 98D23B68 B58614A5 64110203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 551D2304 18301680 14156D02 678B8C43 9C1F5087 2FF23271 86B4C18D AC301D06 03551D0E 04160414 156D0267 8B8C439C 1F50872F F2327186 B4C18DAC 300D0609 2A864886 F70D0101 05050003 8181007E C3F6B14D 3C86ACF2 BE4863E2 48F5C946 174568FE 9E90ABD3 412E2DDB D4206B7B BED046B8 9749591C 68AC8ED4 C120F8CF 904DFBE5 CAFEDAC6 5036817E 082BEC7D 9DFA84B3 535BC2AB 741FBA44 EBD68DA2 E457ED24 7489CDED EB17904C 38EE5BE7 95FF7860 A2BDCB8F 816F9210 52E02896 B9899BA0 45FDF90D F6F47682 405225 quit ip source-route ! ! ! ip dhcp excluded-address 192.168.0.1 ! ip dhcp pool ccp-pool import all network 10.10.10.0 255.255.255.248 lease 0 2 ! ip dhcp pool Switchpool import all network 192.168.0.0 255.255.255.0 dns-server 209.18.47.61 209.18.47.62 default-router 192.168.0.1 lease 0 5 ! ! ip cef ip domain name yourdomain.com ip name-server 209.18.47.61 ip name-server 209.18.47.62 no ipv6 cef ! ! multilink bundle-name authenticated license udi pid CISCO881-SEC-K9 sn FTX170680R9 ! ! username SMAdministrator privilege 15 secret 4 F3HNLbuLTl59bSMmVL0ExiMd6IJOPhdsbLqljaSc2Y2 username BBVPN secret 4 1tMhj31oDrQktJQBNrZgwnpOyMuRmaVLMNC3jH/prFY ! ! ! ! no ip ftp passive ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 ! crypto isakmp client configuration group VPNGP key ScienceMill5% ! crypto isakmp client configuration group SMVPN key ScienceMill5% pool SDM_POOL_1 crypto isakmp profile ciscocp-ike-profile-1 match identity group SMVPN client authentication list ciscocp_vpn_xauth_ml_6 isakmp authorization list ciscocp_vpn_group_ml_4 client configuration address respond virtual-template 3 ! ! crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA3 esp-3des esp-sha-hmac ! crypto ipsec profile CiscoCP_Profile1 set transform-set ESP-3DES-SHA3 set isakmp-profile ciscocp-ike-profile-1 ! ! ! ! ! ! interface FastEthernet0 no ip address ! interface FastEthernet1 no ip address ! interface FastEthernet2 no ip address ! interface FastEthernet3 switchport access vlan 3 no ip address ! interface FastEthernet4 description $ETH-WAN$ ip address 50.84.145.146 255.255.255.252 ip nat outside ip virtual-reassembly in duplex auto speed auto ! interface Virtual-Template1 ip unnumbered FastEthernet4 ! interface Virtual-Template2 type tunnel ip unnumbered FastEthernet4 ! interface Virtual-Template3 type tunnel ip unnumbered Vlan1 tunnel mode ipsec ipv4 tunnel protection ipsec profile CiscoCP_Profile1 ! interface Vlan1 description $ETH_LAN$ ip address 10.10.10.1 255.255.255.248 ip nat inside ip virtual-reassembly in ip tcp adjust-mss 1452 ! interface Vlan3 ip address 192.168.0.1 255.255.255.0 ip nat inside ip virtual-reassembly in ! router rip version 2 network 10.0.0.0 no auto-summary ! ip local pool SDM_POOL_1 192.168.1.1 192.168.1.253 ip forward-protocol nd ip http server ip http access-class 23 ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ! ! ip nat pool PATextra 10.10.10.8 10.10.10.254 netmask 255.255.255.0 ip nat inside source list 2 interface FastEthernet4 overload ip nat inside source static tcp 192.168.0.55 9010 interface FastEthernet4 9010 ip nat inside source static udp 192.168.0.55 9010 interface FastEthernet4 9010 ip nat inside source static tcp 192.168.0.55 21 interface FastEthernet4 21 ip nat inside source static udp 192.168.0.55 21 interface FastEthernet4 21 ip nat inside source static tcp 192.168.0.8 9010 interface FastEthernet4 9010 ip nat inside source static udp 192.168.0.8 9010 interface FastEthernet4 9010 ip nat inside source static tcp 192.168.0.8 9011 interface FastEthernet4 9011 ip nat inside source static udp 192.168.0.8 9011 interface FastEthernet4 9011 ip nat inside source static tcp 192.168.0.8 8245 interface FastEthernet4 8245 ip nat inside source static udp 192.168.0.8 80 interface FastEthernet4 80 ip nat inside source static tcp 192.168.0.8 80 interface FastEthernet4 80 ip route 0.0.0.0 0.0.0.0 50.84.145.145 permanent ! access-list 1 remark CCP_ACL Category=2 access-list 1 permit 10.10.10.0 0.0.0.7 access-list 2 remark CCP_ACL Category=2 access-list 2 permit 10.10.10.0 0.0.0.7 access-list 2 permit 192.168.0.0 0.0.0.255 access-list 23 permit 10.10.10.0 0.0.0.7 access-list 100 remark NAT port opening access-list 100 remark CCP_ACL Category=2 access-list 100 permit tcp any eq 9010 any eq 9010 access-list 100 permit udp any eq 9010 any eq 9010 access-list 100 permit tcp any eq 8245 any eq 8245 access-list 100 permit udp any eq 8245 any eq 8245 access-list 100 permit tcp any eq 80 any eq 80 access-list 100 permit udp any eq 80 any eq 80 access-list 100 permit tcp any eq 9011 any eq 9011 access-list 100 permit udp any eq 9011 any eq 9011 access-list 100 permit tcp any eq 8000 any eq 8000 access-list 100 permit udp any eq 8000 any eq 8000 access-list 100 permit tcp any eq 21 any eq 21 access-list 100 permit udp any eq 21 any eq 21 no cdp run ! ! ! ! ! ! ! control-plane ! ! line con 0 line aux 0 line vty 0 4 access-class 23 in transport input telnet ssh ! ! webvpn gateway gateway_1 ip address 50.84.145.146 port 443 http-redirect port 80 ssl trustpoint TP-self-signed-2880221878 inservice end