C3945E-ECYL#show running-config | begin interface interface Loopback0 ip address X.X.X.X X.X.X.X ! interface GigabitEthernet0/0 description Link_ISP1 no ip address no ip redirects no ip unreachables no ip proxy-arp duplex auto speed auto pppoe enable group global pppoe-client dial-pool-number 1 ! interface GigabitEthernet0/1 description Link_ISP2 no ip address no ip redirects no ip unreachables no ip proxy-arp duplex auto speed auto pppoe enable group global pppoe-client dial-pool-number 2 ! interface GigabitEthernet0/2 no ip address duplex auto speed auto ! interface GigabitEthernet0/3 ip address X.X.X.X 255.255.0.0 secondary ip address X.X.X.X 255.255.255.0 no ip redirects no ip unreachables ip nat inside ip virtual-reassembly in duplex auto speed auto ! interface GigabitEthernet0/0/0 switchport mode access no ip address ! interface GigabitEthernet0/0/1 switchport mode access no ip address ! interface GigabitEthernet0/0/2 switchport mode access no ip address ! interface GigabitEthernet0/0/3 switchport mode access no ip address ! interface Virtual-Template1 ip unnumbered Loopback0 ! interface Vlan1 no ip address no ip unreachables ip virtual-reassembly in ip tcp adjust-mss 1420 hold-queue 100 out ! interface Dialer1 mtu 1492 ip address negotiated ip mtu 1480 ip nat outside ip nat enable ip virtual-reassembly in encapsulation ppp dialer pool 1 dialer-group 1 no cdp enable ppp chap hostname XXXXXXXX ppp chap password 7 XXXXX ppp pap sent-username XXXXXX password 7 XXXXXX hold-queue 224 in ! interface Dialer2 mtu 1492 ip address negotiated ip nat outside ip nat enable ip virtual-reassembly in encapsulation ppp dialer pool 2 dialer-group 2 no cdp enable ppp chap hostname XXXXXXX ppp chap password 7 XXXXXXXX ppp pap sent-username XXXXXXX password 7 XXXXXX hold-queue 224 in ! ip local pool vpn-pool X.X.10.230 X.X.10.234 ip local pool SSLVPN_POOL X.X.11.90 X.X.11.95 ip forward-protocol nd ! ip http server ip http authentication local ip http secure-server ! ip nat inside source list nat-test interface Dialer1 overload ip nat inside source static tcp X.X.X.X 8002 interface Dialer1 8002 ip nat inside source static tcp X.X.X.X 81 interface Dialer1 81 ip nat inside source static tcp X.X.X.X 8001 interface Dialer1 8001 ip nat inside source static tcp X.X.X.X 82 interface Dialer1 82 ip nat inside source static udp X.X.X.X 8001 interface Dialer1 8001 ip nat inside source static tcp X.X.X.X 65531 interface Dialer1 65531 ip nat inside source static tcp X.X.X.X 10001 interface Dialer1 10001 ip nat inside source static tcp X.X.X.X 10002 interface Dialer1 10002 ip nat inside source static tcp X.X.X.X 10004 interface Dialer1 10004 ip nat inside source static tcp X.X.X.X 10005 interface Dialer1 10005 ip nat inside source static udp X.X.X.X 65531 interface Dialer1 65531 ip nat inside source static udp X.X.X.X 10002 interface Dialer1 10002 ip nat inside source static udp X.X.X.X 11002 interface Dialer1 11002 ip nat inside source static tcp X.X.X.X 11002 interface Dialer1 11002 ip nat inside source static udp X.X.X.X 65532 interface Dialer1 65532 ip nat inside source static tcp X.X.X.X 65532 interface Dialer1 65532 ip route 0.0.0.0 0.0.0.0 Dialer1 ! ip access-list extended nat-rule permit ip any any ip access-list extended nat-test permit ip any any ! ! nls resp-timeout 1 cpd cr-id 1 ! access-list 100 permit ip any any ! ! ! control-plane ! ! ! ! ! ! mgcp behavior rsip-range tgcp-only mgcp behavior comedia-role none mgcp behavior comedia-check-media-src disable mgcp behavior comedia-sdp-force disable ! mgcp profile default ! ! ! ! ! ! ! gatekeeper shutdown ! ! vstack ! line con 0 line aux 0 line vty 0 4 transport input telnet ssh ! scheduler allocate 20000 1000 ! ! webvpn gateway Cisco-VPN-Gateway ip interface Dialer2 port 443 no inservice ! webvpn gateway SSLVPN_GATEWAY ip address X.X.X.X port XXX http-redirect port XX ssl trustpoint SSLVPN_CERT inservice ! webvpn context Cisco-VPN title "WebVPN - Designed by Innercomm" ! acl "ssl-acl" permit ip X.X.X.X X.X.X.X X.X.X.X X.X.X.X login-message "Cisco Secure WebVPN" ! ssl authenticate verify all no inservice ! policy group webvpnpolicy functions svc-enabled filter tunnel ssl-acl svc address-pool "webvpn-pool" netmask 255.255.0.0 svc rekey method new-tunnel svc split include X.X.X.X 255.255.255.0 ! ! webvpn context Cisco-WebVPN aaa authentication list sslvpn gateway Cisco-VPN-Gateway max-users 3 ! ssl authenticate verify all ! url-list "rewrite" inservice ! policy group webvpnpolicy default-group-policy webvpnpolicy ! ! webvpn context SSL_contect ! ssl authenticate verify all no inservice ! ! webvpn context Cisco-WEBVPN ! ssl authenticate verify all no inservice ! ! webvpn context SSL_context virtual-template 1 ! ssl authenticate verify all inservice ! policy group SSL_Policy functions svc-enabled svc address-pool "SSLVPN_POOL" netmask 255.255.255.0 svc dns-server primary 8.8.8.8 default-group-policy SSL_Policy ! end ############################################################## C3945E-ECYL#show ver Cisco IOS Software, C3900e Software (C3900e-UNIVERSALK9-M), Version 15.7(3)M3, R ELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2018 by Cisco Systems, Inc. Compiled Wed 01-Aug-18 15:15 by prod_rel_team ROM: System Bootstrap, Version 15.1(1r)T5, RELEASE SOFTWARE (fc1) C3945E-ECYL uptime is 3 days, 3 hours, 21 minutes System returned to ROM by power-on System image file is "flash0:c3900e-universalk9-mz.SPA.157-3.M3.bin" Last reload type: Normal Reload Last reload reason: power-on This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export@cisco.com. Cisco CISCO3945-CHASSIS (revision 1.0) with C3900-SPE250/K9 with 740352K/308224K bytes of memory. Processor board ID FTX1452A177 8 Gigabit Ethernet interfaces 1 Virtual Private Network (VPN) Module DRAM configuration is 72 bits wide with parity enabled. 256K bytes of non-volatile configuration memory. 250880K bytes of ATA System CompactFlash 0 (Read/Write) License Info: License UDI: ------------------------------------------------- Device# PID SN ------------------------------------------------- *1 C3900-SPE250/K9 FOC20283Q7B Suite License Information for Module:'c3900e' -------------------------------------------------------------------------------- Suite Suite Current Type Suite Next reboot -------------------------------------------------------------------------------- FoundationSuiteK9 None None None securityk9 datak9 AdvUCSuiteK9 None None None uck9 cme-srst cube Technology Package License Information for Module:'c3900e' ------------------------------------------------------------------------ Technology Technology-package Technology-package Current Type Next reboot ------------------------------------------------------------------------ ipbase ipbasek9 Permanent ipbasek9 security securityk9 Permanent securityk9 uc uck9 Permanent uck9 data None None None Configuration register is 0x2102 C3945E-ECYL#