version 15.7
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname C867VAE
!
boot-start-marker
boot system flash:c860vae-advsecurityk9-mz.157-3.M2.bin
boot-end-marker
!
!
enable secret xxxxxxxxx
!
aaa new-model
!
!
!
aaa session-id common
wan mode dsl
!
!
!
!
ip dhcp pool HOUSE-OPEN-POOL
 network 192.168.10.0 255.255.255.0
 default-router 192.168.10.1 
 dns-server 79.79.79.77 
!
!
!
ip domain name tomnet.local
ip name-server 79.79.79.77
ip cef
no ipv6 cef
!
!
!
!
!
!
!
vtp domain tomnet.local
vtp mode transparent
username user secret 4 xxxxxxx
!
!
controller VDSL 0
 operating mode vdsl2
 sra
!
vlan 10
 name HOUSE-OPEN
!
vlan 32
 name HOUSE-ASA-OUTSIDE
!
! 
!
!
!
!
interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive
!
interface Ethernet0
 description VDSL
 no ip address
 no cdp enable
!
interface Ethernet0.101
 encapsulation dot1Q 101
 ip nat outside
 ip virtual-reassembly in
 ip tcp adjust-mss 1452
 no cdp enable
 pppoe-client dial-pool-number 1
!
interface FastEthernet0
 description ACCESS-VLAN10
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet1
 description ACCESS-VLAN10
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet2
 description ACCESS-VLAN10
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet3
 description CONN-ASA5505
 switchport access vlan 32
 no ip address
!
interface GigabitEthernet0
 description CONN-C3560C
 switchport access vlan 310
 no ip address
!
interface GigabitEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Virtual-Template1
 no ip address
!
interface Vlan1
 no ip address
!
interface Vlan10
 description HOUSE-OPEN
 ip address 192.168.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Vlan32
 description CONN HOUSE ASA OUTSIDE
 ip address 172.16.32.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Dialer0
 mtu 1492
 ip address negotiated
 ip nat outside
 ip virtual-reassembly in
 ip virtual-reassembly out
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp chap hostname xxxx@yyy.com
 ppp chap password 0 xxxxxxxxx
!
router rip
 version 2
 redistribute static
 network 172.16.0.0
 no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list NAT-ACL interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 10.0.0.0 255.0.0.0 172.16.32.2
ip route 172.16.0.0 255.255.0.0 172.16.32.2
!
ip access-list extended ACL-BLOCK-SSH
 deny   tcp any any eq telnet
 deny   tcp any any eq 22
 permit ip any any
ip access-list extended NAT-ACL
 permit ip 172.16.0.0 0.0.255.255 any
 permit ip 172.30.0.0 0.0.255.255 any
 permit ip 10.0.0.0 0.255.255.255 any
 permit ip 192.168.0.0 0.0.255.255 any
!
dialer-list 1 protocol ip permit
!
!
!
!
line con 0
 logging synchronous
 no modem enable
line aux 0
line vty 0 4
 password password
 logging synchronous
 transport preferred ssh
 transport input ssh
!
scheduler allocate 60000 1000
ntp server 1.uk.pool.ntp.org
ntp server 0.uk.pool.ntp.org
!
end