Building configuration...

Current configuration : 4640 bytes
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname YBGC
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
redundancy
!
no cdp log mismatch duplex
!
track 1 ip sla 1 reachability
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
 ip address 192.168.1.254 255.255.255.0
 ip access-group LEGIT out
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
 media-type rj45
!
interface GigabitEthernet0/1
 ip address 200.60.65.1 255.255.255.252
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
 media-type rj45
!
interface GigabitEthernet0/2
 ip address 110.60.65.1 255.255.255.252
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
 media-type rj45
!
interface GigabitEthernet0/3
 no ip address
 shutdown
 duplex auto
 speed auto
 media-type rj45
!
ip local policy route-map TRACK_PRIMARY_IF
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip nat inside source route-map WAN01 interface GigabitEthernet0/1 overload
ip nat inside source route-map WAN02 interface GigabitEthernet0/2 overload
ip nat inside source static tcp 192.168.1.2 22 110.60.65.1 22 extendable
ip nat inside source static tcp 192.168.1.2 80 110.60.65.1 80 extendable
ip nat inside source static tcp 192.168.1.2 22 200.60.65.1 22 extendable
ip nat inside source static tcp 192.168.1.2 80 200.60.65.1 80 extendable
ip route 0.0.0.0 0.0.0.0 200.60.65.2 track 1
ip route 0.0.0.0 0.0.0.0 110.60.65.2 240
!
ip access-list extended LAN
 permit ip 192.168.1.0 0.0.0.255 any
ip access-list extended LEGIT
 permit tcp 10.10.10.0 0.0.0.255 host 192.168.1.2 eq www
 permit tcp 10.10.10.0 0.0.0.255 host 192.168.1.2 eq 22
 deny   tcp any host 192.168.1.2 eq www
 deny   tcp any host 192.168.1.2 eq 22
 permit ip any any
ip access-list extended PING_PERMIT
 permit icmp any host 200.60.65.2
!
ip sla 1
 icmp-echo 200.60.65.2 source-interface GigabitEthernet0/1
 threshold 1000
 frequency 10
ip sla schedule 1 life forever start-time now
ipv6 ioam timestamp
!
route-map TRACK_PRIMARY_IF permit 10
 match ip address PING_PERMIT
 set interface GigabitEthernet0/1
!
route-map WAN01 permit 10
 match ip address LAN
 match interface GigabitEthernet0/1
!
route-map WAN02 permit 10
 match ip address LAN
 match interface GigabitEthernet0/2
!
!
!
control-plane
!

!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
 transport input none
!
no scheduler allocate
!
end