Katana#show run Building configuration... Current configuration : 3472 bytes ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Katana ! boot-start-marker boot-end-marker ! logging buffered 51200 warnings ! aaa new-model ! ! aaa authentication attempts login 5 aaa authentication login default local aaa authentication login VPN-AUTHENTICATE local aaa authorization exec default local aaa authorization network VPN-AUTHORIZE local ! aaa session-id common ! resource policy ! ip cef ! ! no ip dhcp use vrf connected ip dhcp excluded-address 192.168.1.1 192.168.1.99 ip dhcp excluded-address 192.168.1.201 192.168.1.254 ! ip dhcp pool CLIENT_POOL network 192.168.1.0 255.255.255.0 dns-server 68.94.156.1 68.94.157.1 default-router 192.168.1.1 ! ! ip tcp synwait-time 10 no ip domain lookup ip domain name katanainfotech.com ip ssh authentication-retries 5 ip ssh authentication-retries 5 ip inspect name TRUSTED appfw P2P ip inspect name TRUSTED tcp ip inspect name TRUSTED udp router-traffic ip inspect name TRUSTED dns ip inspect name TRUSTED icmp ip inspect name TRUSTED imap ip inspect name TRUSTED pop3 ip inspect name TRUSTED http ip inspect name TRUSTED https ip inspect name TRUSTED esmtp ip inspect name TRUSTED isakmp ! appfw policy-name P2P application http port-misuse p2p action reset ! ! ! username jeremy privilege 15 secret 5 XXXXXXXXXXXXX ! ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 ! crypto isakmp client configuration group VPNGROUP key XXXXXXXXXXXXX dns 68.94.156.1 pool VPN-IP-POOL ! ! crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac ! crypto dynamic-map DYNMAP 1 set transform-set ESP-3DES-SHA reverse-route ! ! crypto map CLIENTMAP client authentication list VPN-AUTHENTICATE crypto map CLIENTMAP isakmp authorization list VPN-AUTHORIZE crypto map CLIENTMAP client configuration address respond crypto map CLIENTMAP 10 ipsec-isakmp dynamic DYNMAP ! ! ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 no ip address duplex auto speed auto pppoe enable group global pppoe-client dial-pool-number 1 no cdp enable ! interface Vlan1 ip address 192.168.1.1 255.255.255.0 ip nat inside ip inspect TRUSTED in ip virtual-reassembly ip tcp adjust-mss 1412 ! interface Dialer0 ip address 99.66.28.61 255.255.255.248 ip access-group 130 in ip mtu 1452 ip nat outside ip virtual-reassembly encapsulation ppp dialer pool 1 dialer-group 1 no cdp enable ppp authentication pap callin ppp pap sent-username breakthecycle@att.net password 0 XXXXXXXXXXXXX crypto map CLIENTMAP ! ip local pool VPN-IP-POOL 192.168.100.100 192.168.100.200 ip route 0.0.0.0 0.0.0.0 99.66.28.62 ! ! no ip http server no ip http secure-server ip nat inside source list 1 interface Dialer0 overload ! access-list 1 permit 192.168.1.0 0.0.0.255 access-list 130 permit ahp any host 99.66.28.61 access-list 130 permit esp any host 99.66.28.61 access-list 130 permit udp any host 99.66.28.61 eq isakmp access-list 130 permit tcp any host 99.66.28.61 eq 22 access-list 130 permit udp any host 99.66.28.61 eq non500-isakmp access-list 130 permit icmp any host 99.66.28.61 echo-reply access-list 130 permit icmp any host 99.66.28.61 echo access-list 130 deny ip any any log dialer-list 1 protocol ip permit ! ! ! ! control-plane ! ! line con 0 no modem enable line aux 0 line vty 0 4 privilege level 15 transport input ssh ! scheduler max-task-time 5000 end