ACC.BR#sh run Building configuration... Current configuration : 4445 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname ACC.BR ! boot-start-marker boot-end-marker ! logging buffered 51200 warnings ! no aaa new-model ! resource policy ! mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ip subnet-zero ip cef ! ! no ip dhcp use vrf connected ! ! ip domain name yourdomain.com no ip ips deny-action ips-interface ! ! ! ! ! ! ! ! ! ! ! ! ! ! crypto pki trustpoint TP-self-signed-641923976 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-641923976 revocation-check none rsakeypair TP-self-signed-641923976 ! ! crypto pki certificate chain TP-self-signed-641923976 certificate self-signed 01 3082024B 308201B4 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 36343139 32333937 36301E17 0D303230 33303130 30323430 325A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3634 31393233 39373630 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 E396312B E694C48C 9D6E9D76 DC495E30 A4022AAA 4D4B8ADD EF0DF7A4 EE1973FC 4DB799C7 9CD77F10 C21484E9 CE9099D8 A5DE9B03 98D5CCFD 1D59D37D 43F2D0F7 F20DF08A 933E36DA 672CDEC9 F00220CE B612E789 E2B8F919 FBE4F4D8 B5430AC5 613B10F8 3725DC4A D3850446 92F19D7D 8B914173 415BDAE8 6C12A574 026FCEF7 02030100 01A37530 73300F06 03551D13 0101FF04 05300301 01FF3020 0603551D 11041930 17821541 43432E42 522E796F 7572646F 6D61696E 2E636F6D 301F0603 551D2304 18301680 141B765D AF8B3102 57F222F4 BBBF8170 33F642CD A5301D06 03551D0E 04160414 1B765DAF 8B310257 F222F4BB BF817033 F642CDA5 300D0609 2A864886 F70D0101 04050003 81810029 2B049565 B59F5541 11BA5D4C 8B1116C5 18B42145 F6AA889A 707F01BE F9C1E94A 6574A72C 521DBDD9 74EA6B8F F9EB45DF 179279D7 72679096 580520E2 75D0646A 30B16594 B353F1FD 189D9364 D3D6FBCB AB8CC817 215AC0DF AA2D9E15 2E67E408 D182FA92 DF8BD205 E12ED160 6CC8ED53 5C5AD660 E81E136A 3F89F3F7 BD058A quit username cisco privilege 15 secret 5 $1$ToZf$UFvfypbIOE1C.7gfxkNNm. ! ! ! crypto isakmp policy 40 encr 3des authentication pre-share group 2 crypto isakmp key ACC.BR.VPN address 10.170.40.254 ! ! crypto ipsec transform-set HeadOffice esp-3des ! crypto map HOffice 40 ipsec-isakmp set peer 10.170.40.254 set transform-set HeadOffice match address 140 ! ! ! ! interface FastEthernet0/0 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-10/100 Ethernet$ ip address 10.170.4.1 255.255.255.0 speed auto ! interface Serial0/0 no ip address encapsulation frame-relay ! interface Serial0/0.4 point-to-point ip address 10.170.40.253 255.255.255.252 ip access-group 110 in frame-relay interface-dlci 50 crypto map HOffice ! ip classless ip route 0.0.0.0 0.0.0.0 10.170.40.254 ! ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 5 life 86400 requests 10000 ! access-list 110 permit ahp host 10.170.40.254 host 10.170.40.253 access-list 110 permit esp host 10.170.40.254 host 10.170.40.253 access-list 110 permit udp host 10.170.40.254 host 10.170.40.253 eq isakmp access-list 110 permit ip any any access-list 140 permit ip 10.170.4.0 0.0.0.255 10.170.0.0 0.0.255.255 access-list 140 permit ip 10.170.4.0 0.0.0.255 204.4.0.0 0.0.255.255 access-list 140 permit ip any any ! ! control-plane ! ! ! ! ! ! ! ! banner login ^C ----------------------------------------------------------------------- Cisco Router and Security Device Manager (SDM) is installed on this device. This feature requires the one-time use of the username "cisco" with the password "cisco". Please change these publicly known initial credentials using SDM or the IOS CLI. Here are the Cisco IOS commands. username privilege 15 secret 0 no username cisco Replace and with the username and password you want to use . For more information about SDM please follow the instructions in the QUICK START GUIDE for your router or go to http://www.cisco.com/go/sdm ----------------------------------------------------------------------- ^C ! line con 0 login local line aux 0 line vty 0 4 privilege level 15 login local transport input telnet ssh line vty 5 15 privilege level 15 login local transport input telnet ssh ! end dst src state conn-id slot status 10.170.40.254 10.170.40.253 QM_IDLE 1 0 ACTIVE ACC.BR#sh crypto ipsec sa interface: Serial0/0.4 Crypto map tag: HOffice, local addr 10.170.40.253 protected vrf: (none) local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0) remote ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0) current_peer 10.170.40.254 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 64, #pkts encrypt: 64, #pkts digest: 64 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 13, #recv errors 0 local crypto endpt.: 10.170.40.253, remote crypto endpt.: 10.170.40.254 path mtu 1500, ip mtu 1500 current outbound spi: 0x869B5095(2258325653) inbound esp sas: spi: 0xD5E87BED(3588783085) transform: esp-3des , in use settings ={Tunnel, } conn id: 2002, flow_id: C1700_EM:2, crypto map: HOffice sa timing: remaining key lifetime (k/sec): (4481705/2723) IV size: 8 bytes replay detection support: N Status: ACTIVE inbound ah sas: inbound pcp sas: outbound esp sas: spi: 0x869B5095(2258325653) transform: esp-3des , in use settings ={Tunnel, } conn id: 2001, flow_id: C1700_EM:1, crypto map: HOffice sa timing: remaining key lifetime (k/sec): (4481696/2721) IV size: 8 bytes replay detection support: N Status: ACTIVE outbound ah sas: outbound pcp sas: protected vrf: (none) local ident (addr/mask/prot/port): (10.170.4.0/255.255.255.0/0/0) remote ident (addr/mask/prot/port): (10.170.0.0/255.255.0.0/0/0) current_peer 10.170.40.254 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 14, #pkts encrypt: 14, #pkts digest: 14 #pkts decaps: 14, #pkts decrypt: 14, #pkts verify: 14 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 10.170.40.253, remote crypto endpt.: 10.170.40.254 path mtu 1500, ip mtu 1500 current outbound spi: 0xFC501B0A(4233108234) inbound esp sas: spi: 0xC4627AB2(3294788274) transform: esp-3des , in use settings ={Tunnel, } conn id: 2005, flow_id: C1700_EM:5, crypto map: HOffice sa timing: remaining key lifetime (k/sec): (4384464/2843) IV size: 8 bytes replay detection support: N Status: ACTIVE inbound ah sas: inbound pcp sas: outbound esp sas: spi: 0xFC501B0A(4233108234) transform: esp-3des , in use settings ={Tunnel, } conn id: 2006, flow_id: C1700_EM:6, crypto map: HOffice sa timing: remaining key lifetime (k/sec): (4384464/2843) IV size: 8 bytes replay detection support: N Status: ACTIVE outbound ah sas: outbound pcp sas: protected vrf: (none) local ident (addr/mask/prot/port): (10.170.4.0/255.255.255.0/0/0) remote ident (addr/mask/prot/port): (204.4.0.0/255.255.0.0/0/0) current_peer 10.170.40.254 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 10.170.40.253, remote crypto endpt.: 10.170.40.254 path mtu 1500, ip mtu 1500 current outbound spi: 0x0(0) inbound esp sas: inbound ah sas: inbound pcp sas: outbound esp sas: outbound ah sas: outbound pcp sas: protected vrf: (none) local ident (addr/mask/prot/port): (10.170.40.0/255.255.255.0/0/0) remote ident (addr/mask/prot/port): (10.170.0.0/255.255.0.0/0/0) current_peer 10.170.40.254 port 500 PERMIT, flags={} #pkts encaps: 287, #pkts encrypt: 287, #pkts digest: 287 #pkts decaps: 370, #pkts decrypt: 370, #pkts verify: 370 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 10.170.40.253, remote crypto endpt.: 10.170.40.254 path mtu 1500, ip mtu 1500 current outbound spi: 0x63A7F483(1671951491) inbound esp sas: spi: 0x4254B17D(1112846717) transform: esp-3des , in use settings ={Tunnel, } conn id: 2004, flow_id: C1700_EM:4, crypto map: HOffice sa timing: remaining key lifetime (k/sec): (4571681/2749) IV size: 8 bytes replay detection support: N Status: ACTIVE inbound ah sas: inbound pcp sas: outbound esp sas: spi: 0x63A7F483(1671951491) transform: esp-3des , in use settings ={Tunnel, } conn id: 2003, flow_id: C1700_EM:3, crypto map: HOffice sa timing: remaining key lifetime (k/sec): (4571657/2748) IV size: 8 bytes replay detection support: N Status: ACTIVE outbound ah sas: outbound pcp sas: