Router2801#sho run Building configuration... Current configuration : 8842 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname router2801 ! boot-start-marker boot-end-marker ! enable secret 5 ___________________________ enable password 7 ___________________________ ! aaa new-model ! ! aaa authentication login default local aaa authentication ppp default local aaa authorization network default local ! aaa session-id common ! resource policy ! mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ip subnet-zero ip cef ! ! ip telnet source-interface FastEthernet0/0 no ip dhcp use vrf connected ip dhcp excluded-address 10.10.60.1 10.10.60.15 ip dhcp excluded-address 10.10.50.230 10.10.50.254 ! ip dhcp pool poool network 10.10.60.0 255.255.255.0 default-router 10.10.60.1 lease 30 ! ! no ip ips deny-action ips-interface vpdn enable vpdn ip udp ignore checksum ! vpdn-group grupa ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 ! ! async-bootp dns-server 10.10.60.10 ! ! ! ! ! ! ! ! ! ! ! ! ! ! username admin password 7 _______________ username digit password 7 __________________ ! ! ! crypto isakmp policy 10 encr 3des hash md5 authentication pre-share crypto isakmp key ________________ address 212.91.126.162 ! ! crypto ipsec transform-set vindija esp-3des esp-sha-hmac ! crypto map mymap 1 ipsec-isakmp set peer 212.91.126.162 set transform-set myset match address 101 ! ! ! ! interface FastEthernet0/0 ip address 10.10.60.1 255.255.255.0 ip nat inside ip virtual-reassembly duplex auto speed auto ! interface FastEthernet0/1 ip address A.B.C.D 255.255.255.252 ip nat outside ip virtual-reassembly duplex auto speed auto crypto map mymap ! interface Virtual-Template1 ip unnumbered FastEthernet0/0 peer default ip address pool pptp ppp encrypt mppe auto ppp authentication ms-chap chap pap callin ! ! interface Virtual-TokenRing1 no ip address ring-speed 16 ! ip local pool pptp 172.16.1.1 172.16.1.64 ip classless ip route 0.0.0.0 0.0.0.0 A.B.C.D ! no ip http server no ip http secure-server ip nat pool poolnat A.B.C.D A.B.C.D netmask 255.255.255.252 ip nat inside source route-map nonat pool poolnat overload ! ip access-list extended local permit tcp 10.10.60.0 0.0.0.255 any eq domain permit udp 10.10.60.0 0.0.0.255 any eq domain permit tcp 10.10.60.0 0.0.0.255 any eq www permit tcp 10.10.60.0 0.0.0.255 any eq 443 permit tcp 10.10.60.0 0.0.0.255 any eq nntp permit tcp 10.10.60.0 0.0.0.255 any eq pop3 permit tcp 10.10.60.0 0.0.0.255 any eq smtp permit icmp 10.10.60.0 0.0.0.255 any permit tcp host 10.10.60.10 any eq ftp permit tcp host 10.10.60.10 any eq ftp-data permit tcp host 10.10.60.11 any eq ftp permit tcp host 10.10.60.11 any eq ftp-data permit tcp host 10.10.60.250 any eq ftp permit tcp host 10.10.60.250 any eq ftp-data permit ip 10.10.60.0 0.0.0.255 10.10.2.0 0.0.0.255 permit ip 10.10.60.0 0.0.0.255 10.10.3.192 0.0.0.31 deny ip 10.10.60.0 0.0.0.7 172.16.1.0 0.0.0.15 permit ip 10.10.60.0 0.0.0.255 172.16.1.0 0.0.0.15 permit ip 10.10.60.0 0.0.0.255 host 10.10.60.1 permit tcp 10.10.61.0 0.0.0.255 any eq domain permit udp 10.10.61.0 0.0.0.255 any eq domain permit tcp 10.10.61.0 0.0.0.255 any eq www permit tcp 10.10.61.0 0.0.0.255 any eq 443 permit tcp 10.10.61.0 0.0.0.255 any eq nntp permit tcp 10.10.61.0 0.0.0.255 any eq pop3 permit tcp 10.10.61.0 0.0.0.255 any eq smtp permit icmp 10.10.61.0 0.0.0.255 any permit tcp host 10.10.61.10 any eq ftp permit tcp host 10.10.61.10 any eq ftp-data permit tcp host 10.10.61.11 any eq ftp permit tcp host 10.10.61.11 any eq ftp-data permit tcp host 10.10.61.250 any eq ftp permit tcp host 10.10.61.250 any eq ftp-data permit ip 10.10.61.0 0.0.0.255 10.10.2.0 0.0.0.255 permit ip 10.10.61.0 0.0.0.255 10.10.3.192 0.0.0.31 permit ip 10.10.61.0 0.0.0.255 172.16.1.0 0.0.0.15 permit ip 10.10.61.0 0.0.0.255 host 10.10.60.1 permit ip 10.10.61.0 0.0.0.255 any permit tcp 10.10.61.0 0.0.0.255 any ! access-list 1 permit 10.0.0.0 0.0.0.255 access-list 1 permit 172.16.0.0 0.0.255.255 access-list 100 deny ip 10.10.60.0 0.0.0.255 10.10.2.0 0.0.0.255 access-list 100 deny ip 10.10.60.0 0.0.0.255 10.10.3.192 0.0.0.31 access-list 100 deny ip 10.10.60.0 0.0.0.255 10.10.4.0 0.0.0.255 access-list 100 deny ip 10.10.61.0 0.0.0.255 10.10.2.0 0.0.0.255 access-list 100 deny ip 10.10.61.0 0.0.0.255 10.10.3.192 0.0.0.31 access-list 100 deny ip 10.10.61.0 0.0.0.255 10.10.4.0 0.0.0.255 access-list 100 permit ip 10.10.60.0 0.0.0.255 any access-list 100 permit ip 10.10.61.0 0.0.0.255 any access-list 101 permit ip 10.10.60.0 0.0.0.255 10.10.2.0 0.0.0.255 access-list 101 permit ip 10.10.60.0 0.0.0.255 10.10.3.192 0.0.0.31 access-list 101 permit ip 10.10.60.0 0.0.0.255 10.10.4.0 0.0.0.255 access-list 101 permit ip 10.10.61.0 0.0.0.255 10.10.2.0 0.0.0.255 access-list 101 permit ip 10.10.61.0 0.0.0.255 10.10.3.192 0.0.0.31 access-list 101 permit ip 10.10.61.0 0.0.0.255 10.10.4.0 0.0.0.255 ! route-map nonat permit 10 match ip address 100 ! ! ! ! control-plane ! ! ! ! ! ! ! ! ! line con 0 password 7 _____________ line aux 0 line 0/1/0 0/1/1 stopbits 1 speed 115200 flowcontrol hardware line vty 0 4 password 7 __________________ ! end