! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname r12 ! boot-start-marker boot-end-marker ! logging buffered 51200 warnings ! no aaa new-model ! resource policy ! clock timezone PCTime -5 clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00 ip subnet-zero ip cef ! ! ip domain name my.domain.org ip name-server 5.4.3.2 vpdn enable ! ! ! username user1 privilege 15 password 0 pw archive log config hidekeys ! ! class-map match-all pri-app match access-group 101 ! ! policy-map mark-app class pri-app set precedence 5 ! ! ! crypto isakmp policy 1 authentication pre-share crypto isakmp key r12vpn address 1.2.3.4 ! ! crypto ipsec transform-set encrypt-des esp-3des ! crypto map r12vpn local-address Dialer1 crypto map r12vpn 10 ipsec-isakmp set peer 1.2.3.4 set transform-set encrypt-des match address 112 ! ! ! interface ATM0 no ip address no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.1 point-to-point pvc 0/35 pppoe-client dial-pool-number 1 ! ! interface FastEthernet0 no cdp enable ! interface FastEthernet1 no cdp enable ! interface FastEthernet2 no cdp enable ! interface FastEthernet3 no cdp enable ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$ ip address 192.168.55.1 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1400 service-policy input mark-app ! interface Dialer1 ip address negotiated ip nat outside ip virtual-reassembly encapsulation ppp dialer pool 1 no cdp enable ppp authentication pap callin ppp pap sent-username user password 0 pw crypto map r12vpn ! ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 600 life 86400 requests 10000 ip nat inside source list 110 interface Dialer1 overload ! access-list 101 permit udp any any eq 1194 access-list 101 permit udp any eq 1194 any access-list 110 deny ip 192.168.55.0 0.0.0.255 10.5.100.0 0.0.0.255 access-list 110 deny ip 192.168.55.0 0.0.0.255 10.3.0.0 0.0.255.255 access-list 110 permit ip 192.168.55.0 0.0.0.255 any access-list 111 permit ip 192.168.55.0 0.0.0.255 10.5.100.0 0.0.0.255 access-list 111 permit ip 192.168.55.0 0.0.0.255 10.3.140.0 0.0.0.255 access-list 112 permit ip 192.168.44.0 0.0.0.255 10.5.100.0 0.0.0.255 access-list 112 permit ip 192.168.44.0 0.0.0.255 10.3.140.0 0.0.0.255 no cdp run route-map sitevpn permit 10 match ip address 111 ! route-map sitevpn permit 20 match ip address 112 ! ! control-plane ! ! line con 0 login local no modem enable transport output all line aux 0 transport output all line vty 0 4 privilege level 15 login local transport input telnet ssh transport output all ! scheduler max-task-time 5000 end