!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 xxxxxxxxxxxxxxxx
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
username cisco password 0 xxxxxxxx
!
!
!
!
crypto isakmp policy 10
 encr 3des
 hash md5
 authentication pre-share
 group 2
crypto isakmp key ......... address xxx.xxx.xxx.xxx
!
crypto ipsec security-association lifetime seconds 28800
!
crypto ipsec transform-set xxx-l2l esp-3des esp-md5-hmac
!
crypto map dodo-map 10 ipsec-isakmp
 set peer xxx.xxx.xxx.xxx
 set transform-set xxx-l2l
 set pfs group2
 match address 120
!
!
!
interface FastEthernet0/0
 ip address 192.168.5.10 255.255.255.0
 no ip redirects
 no ip unreachables
 duplex auto
 speed auto
 crypto map dodo-map
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.5.254
!
!
access-list 120 permit ip 192.168.5.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 120 permit ip 192.168.5.0 0.0.0.255 172.16.0.0 0.15.255.255
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password ......
 login
!
!
end