R223#show run 
Building configuration...

Current configuration : 2666 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R223
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip flow-cache timeout active 1
!
!
ip cef
no ip domain lookup
!         
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username cisco password 0 cisco
!
!
ip tcp synwait-time 5
!
class-map match-any VOIP
 match  dscp ef 
class-map match-any SITE_R223
 match  dscp ef 
 match access-group name VOIP_ACL
class-map match-any VOIP_DSCP_SET
 match access-group name VOIP_ACL
!
!
policy-map QUEUEING
 class VOIP
  priority percent 1
policy-map SET_DSCP
 class VOIP_DSCP_SET
  set dscp ef
policy-map SHAPING
 class SITE_R223
  shape average 10000000 100000 0
  service-policy QUEUEING
!
! 
!
crypto isakmp policy 1
 encr 3des
 hash md5 
 authentication pre-share
 group 2
crypto isakmp key firewall.cx address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set TS esp-3des esp-md5-hmac 
!
crypto ipsec profile protect-gre
 set security-association lifetime seconds 86400
 set transform-set TS 
!
!
!
!
!
interface Tunnel0
 ip address 172.16.0.3 255.255.255.0
 no ip redirects
 ip nhrp authentication firewall
 ip nhrp map multicast dynamic
 ip nhrp map 172.16.0.1 150.50.5.2
 ip nhrp network-id 1
 ip nhrp nhs 172.16.0.1
 tunnel source Ethernet1/0
 tunnel mode gre multipoint
 tunnel protection ipsec profile protect-gre
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Ethernet1/0
 description WAN-Network
 ip address 130.30.3.2 255.255.255.0
 ip flow ingress
 ip flow egress
 ip nbar protocol-discovery
 full-duplex
!
interface Ethernet1/1
 description LAN-Network
 ip address 192.168.1.1 255.255.255.0
 ip flow ingress
 ip flow egress
 ip nbar protocol-discovery
 half-duplex
!
interface Ethernet1/2
 no ip address
 shutdown
 half-duplex
!
interface Ethernet1/3
 no ip address
 shutdown
 half-duplex
!
router ospf 1
 log-adjacency-changes
 network 0.0.0.0 255.255.255.255 area 0
!         
no ip http server
no ip http secure-server
ip flow-export source Ethernet1/1
ip flow-export version 9
ip flow-export destination 10.1.1.2 2055
!
!
!
!
ip access-list extended VOIP_ACL
 permit udp any eq 1720 any
snmp-server community mynet RW
snmp-server ifindex persist
snmp-server chassis-id 3
!
!
!
!
control-plane
!
!
!
!         
!
!
!
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 password cisco
 login local
!
!
end

R223#term len 0                                                              
R223#show cry
R223#show crypto sa
R223#show crypto is
R223#show crypto isakmp ?
  key      Show ISAKMP preshared keys
  peers    Show ISAKMP peer structures
  policy   Show ISAKMP protection suite policy
  profile  Show ISAKMP profiles
  sa       Show ISAKMP Security Associations

R223#show crypto isakmp sa
R223#show crypto isakmp sa 
dst             src             state          conn-id slot status
150.50.5.2      130.30.3.2      QM_IDLE              2    0 ACTIVE

R223#show crypto isakmp sa ?
  detail  Show ISAKMP SA Detail
  nat     Show ISAKMP SA NAT Detail
  vrf     Show ISAKMP SA as per VRF
  |       Output modifiers
  <cr>

R223#show crypto isakmp sa detai
R223#show crypto isakmp sa detail 
Codes: C - IKE configuration mode, D - Dead Peer Detection
       K - Keepalives, N - NAT-traversal
       X - IKE Extended Authentication
       psk - Preshared key, rsig - RSA signature
       renc - RSA encryption

C-id  Local           Remote          I-VRF    Status Encr Hash Auth DH Lifetime Cap.
2     130.30.3.2      150.50.5.2               ACTIVE 3des md5  psk  2  23:04:58     
       Connection-id:Engine-id =  2:1(software)
R223#show cryp   
R223#show crypto ?
  ca               Show certification authority policy
  call             Show crypto call admission info
  debug-condition  Debug Condition filters
  dynamic-map      Crypto map templates
  engine           Show crypto engine info
  identity         Show crypto identity list
  ipsec            Show IPSEC policy
  isakmp           Show ISAKMP
  key              Show long term public keys
  map              Crypto maps
  mib              Show Crypto-related MIB Parameters
  optional         Optional Encryption Status
  pki              Show PKI
  session          Show crypto sessions (tunnels)
  sockets          Secure Socket Information

R223#show crypto engin
R223#show crypto engine connectio
R223#show crypto engine connections ac
R223#show crypto engine connections active 

  ID Interface            IP-Address      State  Algorithm           Encrypt  Decrypt
   2 Tunnel0              172.16.0.3      set    HMAC_MD5+3DES_56_C        0        0
2003 Tunnel0              130.30.3.2      set    3DES+MD5                  0      363
2004 Tunnel0              130.30.3.2      set    3DES+MD5                  9        0

R223#show cry
R223#show crypto is
R223#show crypto isakmp ?
  key      Show ISAKMP preshared keys
  peers    Show ISAKMP peer structures
  policy   Show ISAKMP protection suite policy
  profile  Show ISAKMP profiles
  sa       Show ISAKMP Security Associations

R223#show crypto isakmp peer
R223#show crypto isakmp peers 
Peer: 150.50.5.2 Port: 500 Local: 130.30.3.2
 Phase1 id: 150.50.5.2