Went through the Document but not able to see the other side. Am I missing something.

Unfortunatly I'm not familiar with the 881's

Below is the config

Thanks

Building configuration...

Current configuration : 33623 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot system flash c880data-universalk9-mz.124-24.5.T.bin
boot-end-marker
!
security passwords min-length 1
logging buffered 4096
enable secret 5 $1$tRc6$Pk3N1aDAx4E2rAYAJ90mH1
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authentication login ciscocp_vpn_xauth_ml_2 local
aaa authorization exec default local
aaa authorization network ciscocp_vpn_group_ml_1 local
!
!
aaa session-id common
clock timezone PCTime -5
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
!
crypto pki trustpoint TP-self-signed-3840840377
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3840840377
 revocation-check none
 rsakeypair TP-self-signed-3840840377
!
!
crypto pki certificate chain TP-self-signed-3840840377
 certificate self-signed 01
  3082024D 308201B6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33383430 38343033 3737301E 170D3134 30393132 31303431
  34395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 38343038
  34303337 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100E66E C34A4C46 E413B794 5FB510D3 A306C684 9ED25F03 4B850571 D8E7561B
  F66A4AA7 AE9E606C B440A785 3CE4A763 1C1A52FF 112D4CB9 CB755AA5 479F1508
  775EED5D EEE09429 6D62FA24 C2B053F8 B8A09A91 3B5EAD10 9B7E2B0A 5AA92137
  13DF18C1 4616B18C FD3662C1 A2813A66 2484E2B5 C56B607A 92E21E0F BD0D54CB
  01930203 010001A3 75307330 0F060355 1D130101 FF040530 030101FF 30200603
  551D1104 19301782 15526F75 7465722E 63617265 70617468 2E6C6F63 616C301F
  0603551D 23041830 168014D4 3B765BFE CE03F36B 9714FB7D 1E31015E 9B5D2830
  1D060355 1D0E0416 0414D43B 765BFECE 03F36B97 14FB7D1E 31015E9B 5D28300D
  06092A86 4886F70D 01010405 00038181 0081DE27 6994F293 40268BED F231747F
  A0FB4FE6 BAD884C8 D9395782 35FD0450 57E74E6E E8E3575E 8F08FC1D 2916A16D
  5DDBA88C 1299FF6C D7293908 DE3CFF1E 29B1BC43 48D68718 51ED7651 E032E50C
  B6DC8607 56D2E957 46DDC00F BF5B81AC 9AA2CB21 1E566639 10E207E3 21CB0127
  61C16AF4 CB1B5AEE 3559D0B2 3AC9603B E5
      quit
ip source-route
!
!
ip dhcp excluded-address 10.10.20.1 10.10.20.10
ip dhcp excluded-address 10.10.10.1 10.10.10.19
ip dhcp excluded-address 10.10.10.91 10.10.10.254
!
ip dhcp pool sdm-pool
   import all
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1
   dns-server 10.10.10.5
   lease 0 2
!
ip dhcp pool sdm-pool1
   network 10.10.20.0 255.255.255.0
   default-router 10.10.20.1
!
!
no ip cef
ip domain name carepath.local
ip name-server 10.10.10.5
no ipv6 cef
!
!
multilink bundle-name authenticated
parameter-map type protocol-info msn-servers
 server name messenger.hotmail.com
 server name gateway.messenger.hotmail.com
 server name webmessenger.msn.com

parameter-map type protocol-info aol-servers
 server name login.oscar.aol.com
 server name toc.oscar.aol.com
 server name oam-d09a.blue.aol.com

parameter-map type protocol-info yahoo-servers
 server name scs.msg.yahoo.com
 server name scsa.msg.yahoo.com
 server name scsb.msg.yahoo.com
 server name scsc.msg.yahoo.com
 server name scsd.msg.yahoo.com
 server name cs16.msg.dcn.yahoo.com
 server name cs19.msg.dcn.yahoo.com
 server name cs42.msg.dcn.yahoo.com
 server name cs53.msg.dcn.yahoo.com
 server name cs54.msg.dcn.yahoo.com
 server name ads1.vip.scd.yahoo.com
 server name radio1.launch.vip.dal.yahoo.com
 server name in1.msg.vip.re2.yahoo.com
 server name data1.my.vip.sc5.yahoo.com
 server name address1.pim.vip.mud.yahoo.com
 server name edit.messenger.yahoo.com
 server name messenger.yahoo.com
 server name http.pager.yahoo.com
 server name privacy.yahoo.com
 server name csa.yahoo.com
 server name csb.yahoo.com
 server name csc.yahoo.com

!
!
username forrestja secret 5 $1$0M.C$jSf2s6jBJc.BhOHEQz6Z7/
username Mckyedo secret 5 $1$.oVV$osTs3rwN6PDW1r1ratB/Y/
username kabaines secret 5 $1$05fS$aQmBAn5OPzemwHISAcjA91
username ecousineau secret 5 $1$chbt$y8i/cTvlKaoi7M6IK9XQz0
username danidepetrillo secret 5 $1$ClAB$cL.ISVieN3dtuXKYboyiO/
username ddepetrillo secret 5 $1$/8z2$zo9yhdXX0injN5sR.o.gc.
username dfulogsi secret 5 $1$7kTK$48wgcGO5ne4/p069y6hNX.
username whryniuk secret 5 $1$4K6u$hQkC7ZproSeYzXuF6C9z61
username lhryniuk secret 5 $1$XHHt$MFNNStOiC6dgfY93laFrU1
username amcgowan secret 5 $1$40Fm$O5QuPgLtQU0uq.9KbxW0M1
username dthomson secret 5 $1$CAZB$VF0qQbZ/zECKv3QfIDhuD.
username cshirley secret 5 $1$A395$0hL0DnNysybt51exyXWrN1
username smoore secret 5 $1$YFq4$j7UTBgdbQMikKGyDhAPCP.
username jzemaitis secret 5 $1$KiOv$Y22d.91YFkVaDcHc9JfL90
username wpowell secret 5 $1$ECmG$dQvMWSXWQqPSM/SWMm6Ja0
username vinadmin privilege 15 secret 5 $1$XJMD$kQLDFx1u5IKBNqtMtg4dL0
username Admin secret 5 $1$O3rB$H003Fl.KI7vNzSxRpsB5t.
username shirleyco secret 5 $1$aTod$A91adrDfFQrKx31aAe3/z0
username mferguson secret 5 $1$XISU$UjnnmGN22rzIf7xnX0CEc.
username kmcdonald secret 5 $1$cv4K$uuotKYnegG6.y4R7YRiyW1
username mstevelic secret 5 $1$.isq$wi/HGo0IkZWmoBY..QEeD/
username drorovan secret 5 $1$L799$Sz04d/XVM/g5Y62z5W.1/0
username jragaz secret 5 $1$hmK5$z/tvrdohCMiEprCW9p9Yq.
username pmajor secret 5 $1$CxxE$9hgS21SbVhVdOmUaRdvgs/
username borovan secret 5 $1$fsw9$ZIIUltJ9Cc7nBpmuswIDs.
username leedo secret 5 $1$xnMk$6IQf2FzK1L5QMgjfRx8.h.
username jgowing secret 5 $1$EVEP$YjxyE5Lw.hcivE.JqbH0Y/
username royst secret 5 $1$/wbP$W3daZVjU3bYAtR9x01nEh.
username rbergeron secret 5 $1$EeAx$ipFbCd0SwjTLUB/8pCMxR0
username rsimpson secret 5 $1$cvh6$0MVp4eSyhij0NCX6NUDGK1
username ssaraydarian secret 5 $1$YJV7$v14qULB7TFYsTEVcvyC8o.
username Leeke secret 5 $1$IH5i$.yJJW7mKF.sD7DIr53AXc0
username hooman secret 5 $1$eJ3J$OKcje0Q.K5o.IOJJ.it0D1
username cmills secret 5 $1$QH8Z$QZqY8kJEvpp/WBQIAl7yn0
username bannayar secret 5 $1$erc7$EhY2OUL2okAuJw6.VFwvW.
username alstiburek secret 5 $1$5FSX$5RJb1h0NBYyH6q93aXT3U.
username pcarter secret 5 $1$dVJI$EnovCDfEe3SakN15Q9kkW.
username dlinardos password 0 **********
username janarthans view root secret 5 $1$A5c8$x/d03.bT3e29fTJ2Iunt/1
username palmerb view root secret 5 $1$MlTf$szxQvyRJBzRnofARAWP0z0
username lrobichaud privilege 0 secret 5 $1$nztN$hieW9P/XYakZ8aDxvc/hc/
username jtriolo view root secret 5 $1$ZvQL$HdQRobkvBLjTRBvX2CpK/0
!
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp policy 2
 encr aes
 authentication pre-share
 group 14
 lifetime 28800
!
crypto isakmp policy 3
 encr 3des
 authentication pre-share
 group 2
crypto isakmp key ******* address 216.123.165.9
crypto isakmp key ********* address 38.111.102.2
!
crypto isakmp client configuration group VPNGroup
 key CpV1nA$$4
 dns 10.10.10.5
 domain Carepath.local
 pool SDM_POOL_1
 acl 100
 max-users 28
 netmask 255.255.255.0
crypto isakmp profile ciscocp-ike-profile-1
   match identity group VPNGroup
   client authentication list ciscocp_vpn_xauth_ml_1
   isakmp authorization list ciscocp_vpn_group_ml_1
   client configuration address respond
   virtual-template 1
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
crypto ipsec transform-set CP2BS esp-des
!
crypto ipsec profile CiscoCP_Profile1
 set transform-set ESP-3DES-SHA
 set pfs group14
 set isakmp-profile ciscocp-ike-profile-1
!
!
crypto map CMAP_BS 2 ipsec-isakmp
 set peer 38.111.102.2
 set transform-set CP2BS
 match address CP_to_BS
!
archive
 log config
  hidekeys
!
!
ip ftp username cisco
ip ftp password <removed>
!
class-map type inspect match-all sdm-cls-VPNOutsideToInside-1
 match access-group 107
class-map type inspect match-all sdm-cls-VPNOutsideToInside-3
 match access-group 109
class-map type inspect match-all sdm-cls-VPNOutsideToInside-2
 match access-group 108
class-map type inspect imap match-any ccp-app-imap
 match  invalid-command
class-map type inspect match-all sdm-cls-VPNOutsideToInside-5
class-map type inspect match-any ccp-cls-protocol-p2p
 match protocol edonkey signature
 match protocol gnutella signature
 match protocol kazaa2 signature
 match protocol fasttrack signature
 match protocol bittorrent signature
class-map type inspect match-all sdm-nat-http-1
 match access-group 103
 match protocol http
class-map type inspect match-all sdm-cls-VPNOutsideToInside-4
class-map type inspect match-any https
 match protocol https
class-map type inspect match-all sdm-cls-sdm-pol-NATOutsideToInside-1-1
 match class-map https
 match access-group name WANtoOWA
class-map type inspect match-all sdm-nat-http-2
 match access-group 104
 match protocol http
class-map type inspect match-all sdm-cls-VPNOutsideToInside-7
class-map type inspect match-all sdm-nat-smtp-1
 match access-group 102
 match protocol tcp
class-map type inspect match-all sdm-cls-VPNOutsideToInside-6
class-map type inspect match-all sdm-cls-VPNOutsideToInside-9
 match access-group 115
class-map type inspect match-all sdm-cls-VPNOutsideToInside-8
class-map type inspect match-any SDM_AH
 match access-group name SDM_AH
class-map type inspect match-any CCP-Voice-permit
 match protocol h323
 match protocol skinny
 match protocol sip
class-map type inspect match-any SDM_ESP
 match access-group name SDM_ESP
class-map type inspect match-any SDM_VPN_TRAFFIC
 match protocol isakmp
 match protocol ipsec-msft
 match class-map SDM_AH
 match class-map SDM_ESP
class-map type inspect match-all SDM_VPN_PT
 match access-group 106
 match class-map SDM_VPN_TRAFFIC
class-map type inspect match-any http
 match protocol dns
 match protocol http
 match protocol https
 match protocol icmp
 match protocol smtp
class-map type inspect match-any ccp-cls-insp-traffic
 match protocol cuseeme
 match protocol dns
 match protocol ftp
 match protocol h323
 match protocol https
 match protocol icmp
 match protocol imap
 match protocol pop3
 match protocol netshow
 match protocol shell
 match protocol realmedia
 match protocol rtsp
 match protocol smtp extended
 match protocol sql-net
 match protocol streamworks
 match protocol tftp
 match protocol vdolive
 match protocol tcp
 match protocol udp
class-map type inspect match-all ccp-insp-traffic
 match class-map ccp-cls-insp-traffic
class-map type inspect match-all sdm-cls--2
 match class-map http
 match access-group name DMZOutbound
class-map type inspect match-all sdm-cls--1
 match access-group name VPNZtoDMZ
class-map type inspect match-any SDM_IP
 match access-group name SDM_IP
class-map type inspect gnutella match-any ccp-app-gnutella
 match  file-transfer
class-map type inspect match-any SDM_EASY_VPN_SERVER_TRAFFIC
 match protocol isakmp
 match protocol ipsec-msft
 match class-map SDM_AH
 match class-map SDM_ESP
class-map type inspect match-all SDM_EASY_VPN_SERVER_PT
 match class-map SDM_EASY_VPN_SERVER_TRAFFIC
class-map type inspect msnmsgr match-any ccp-app-msn-otherservices
 match  service any
class-map type inspect ymsgr match-any ccp-app-yahoo-otherservices
 match  service any
class-map type inspect match-all ipsec-class
 match protocol isakmp
 match protocol ipsec-msft
class-map type inspect match-all sdm-cls-VPNOutsideToInside-10
 match access-group 116
class-map type inspect match-all sdm-cls-VPNOutsideToInside-11
 match access-group 119
class-map type inspect match-any ccp-cls-icmp-access
 match protocol icmp
 match protocol tcp
 match protocol udp
class-map type inspect match-all sdm-cls-VPNOutsideToInside-12
 match access-group 122
class-map type inspect match-any ccp-cls-protocol-im
 match protocol ymsgr yahoo-servers
 match protocol msnmsgr msn-servers
 match protocol aol aol-servers
class-map type inspect match-all sdm-cls-VPNOutsideToInside-13
 match access-group 123
class-map type inspect aol match-any ccp-app-aol-otherservices
 match  service any
class-map type inspect match-all webvpn-8081
 match access-group 150
class-map type inspect match-all ccp-protocol-pop3
 match protocol pop3
class-map type inspect match-any sdm-ssl-vpn-traffic
 match access-group 121
class-map type inspect pop3 match-any ccp-app-pop3
 match  invalid-command
class-map type inspect kazaa2 match-any ccp-app-kazaa2
 match  file-transfer
class-map type inspect match-all ccp-protocol-p2p
 match class-map ccp-cls-protocol-p2p
class-map type inspect msnmsgr match-any ccp-app-msn
 match  service text-chat
class-map type inspect ymsgr match-any ccp-app-yahoo
 match  service text-chat
class-map type inspect match-any WebsiteViewer
 match protocol smtp
 match protocol https
 match protocol http
 match protocol ftp
class-map type inspect match-all ccp-protocol-im
 match class-map ccp-cls-protocol-im
class-map type inspect match-all ccp-invalid-src
 match access-group 101
class-map type inspect match-all ccp-icmp-access
 match class-map ccp-cls-icmp-access
class-map type inspect http match-any ccp-app-httpmethods
 match  request method bcopy
 match  request method bdelete
 match  request method bmove
 match  request method bpropfind
 match  request method bproppatch
 match  request method connect
 match  request method copy
 match  request method delete
 match  request method edit
 match  request method getattribute
 match  request method getattributenames
 match  request method getproperties
 match  request method index
 match  request method lock
 match  request method mkcol
 match  request method mkdir
 match  request method move
 match  request method notify
 match  request method options
 match  request method poll
 match  request method propfind
 match  request method proppatch
 match  request method put
 match  request method revadd
 match  request method revlabel
 match  request method revlog
 match  request method revnum
 match  request method save
 match  request method search
 match  request method setattribute
 match  request method startrev
 match  request method stoprev
 match  request method subscribe
 match  request method trace
 match  request method unedit
 match  request method unlock
 match  request method unsubscribe
class-map type inspect match-any ccp-dmz-protocols
 match protocol http
class-map type inspect edonkey match-any ccp-app-edonkey
 match  file-transfer
 match  text-chat
 match  search-file-name
class-map type inspect http match-any ccp-http-blockparam
 match  request port-misuse im
 match  request port-misuse p2p
 match  req-resp protocol-violation
class-map type inspect match-all ccp-dmz-traffic
 match access-group name dmz-traffic
 match class-map ccp-dmz-protocols
class-map type inspect match-all sdm-cls-ccp-permit-dmzservice-2
 match access-group name VPNtoDMZ
class-map type inspect match-all sdm-cls-ccp-permit-dmzservice-3
 match class-map WebsiteViewer
 match access-group name WebsiteViewer
class-map type inspect edonkey match-any ccp-app-edonkeydownload
 match  file-transfer
class-map type inspect match-all ccp-protocol-imap
 match protocol imap
class-map type inspect aol match-any ccp-app-aol
 match  service text-chat
class-map type inspect match-all sdm-cls-ccp-permit-dmzservice-1
 match access-group name LANtoDMZ
class-map type inspect edonkey match-any ccp-app-edonkeychat
 match  search-file-name
 match  text-chat
class-map type inspect http match-any ccp-http-allowparam
 match  request port-misuse tunneling
class-map type inspect match-all ccp-protocol-http
 match protocol http
class-map type inspect fasttrack match-any ccp-app-fasttrack
 match  file-transfer
!
!
policy-map type inspect ccp-permit-icmpreply
 class type inspect ccp-icmp-access
  inspect
 class class-default
  pass
policy-map type inspect sdm-pol-VPNOutsideToInside-1
 class type inspect sdm-cls-VPNOutsideToInside-1
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-2
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-3
  inspect
 class class-default
  drop
policy-map type inspect p2p ccp-action-app-p2p
 class type inspect edonkey ccp-app-edonkeychat
  log
  allow
 class type inspect edonkey ccp-app-edonkeydownload
  log
  allow
 class type inspect fasttrack ccp-app-fasttrack
  log
  allow
 class type inspect gnutella ccp-app-gnutella
  log
  allow
 class type inspect kazaa2 ccp-app-kazaa2
  log
  allow
policy-map type inspect sdm-pol-NATOutsideToInside-1
 class type inspect sdm-cls-sdm-pol-NATOutsideToInside-1-1
  inspect
 class type inspect sdm-nat-smtp-1
  inspect
 class type inspect sdm-nat-http-1
  inspect
 class type inspect sdm-nat-http-2
  inspect
 class type inspect sdm-ssl-vpn-traffic
  inspect
 class type inspect ccp-icmp-access
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-1
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-2
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-3
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-4
  pass
 class type inspect sdm-cls-VPNOutsideToInside-5
  pass
 class type inspect sdm-cls-VPNOutsideToInside-6
  pass
 class type inspect sdm-cls-VPNOutsideToInside-7
  pass
 class type inspect sdm-cls-VPNOutsideToInside-8
  pass
 class type inspect sdm-cls-VPNOutsideToInside-9
  pass
 class type inspect sdm-cls-VPNOutsideToInside-10
  pass
 class type inspect sdm-cls-VPNOutsideToInside-11
  pass
 class type inspect sdm-cls-VPNOutsideToInside-12
  pass
 class type inspect sdm-cls-VPNOutsideToInside-13
  pass
 class class-default
  drop
policy-map type inspect im ccp-action-app-im
 class type inspect aol ccp-app-aol
  log
  allow
 class type inspect msnmsgr ccp-app-msn
  log
  allow
 class type inspect ymsgr ccp-app-yahoo
  log
  allow
 class type inspect aol ccp-app-aol-otherservices
  log
  reset
 class type inspect msnmsgr ccp-app-msn-otherservices
  log
  reset
 class type inspect ymsgr ccp-app-yahoo-otherservices
  log
  reset
policy-map type inspect imap ccp-action-imap
 class type inspect imap ccp-app-imap
  log
policy-map type inspect pop3 ccp-action-pop3
 class type inspect pop3 ccp-app-pop3
  log
policy-map type inspect ccp-inspect
 class type inspect ccp-invalid-src
  drop log
 class type inspect ccp-protocol-http
  inspect
 class type inspect ccp-protocol-imap
  inspect
  service-policy imap ccp-action-imap
 class type inspect ccp-protocol-pop3
  inspect
  service-policy pop3 ccp-action-pop3
 class type inspect ccp-protocol-p2p
  inspect
  service-policy p2p ccp-action-app-p2p
 class type inspect ccp-protocol-im
  inspect
  service-policy im ccp-action-app-im
 class type inspect ccp-insp-traffic
  inspect
 class class-default
  drop
policy-map type inspect http ccp-action-app-http
 class type inspect http ccp-http-blockparam
  log
  allow
 class type inspect http ccp-app-httpmethods
  log
  reset
 class type inspect http ccp-http-allowparam
  log
  allow
policy-map type inspect ccp-permit
 class type inspect SDM_EASY_VPN_SERVER_PT
  pass
 class class-default
  drop
policy-map global_policy
policy-map type inspect sdm-policy-sdm-cls--1
 class type inspect sdm-cls--1
  inspect
 class class-default
  drop
policy-map type inspect sdm-pol-Out-to-Self
 class type inspect SDM_VPN_PT
  pass
 class type inspect webvpn-8081
 class type inspect SDM_EASY_VPN_SERVER_TRAFFIC
  pass
 class class-default
  drop
policy-map type inspect sdm-pol-ssl-vpn-traffic
 class type inspect sdm-ssl-vpn-traffic
  inspect
 class class-default
  drop
policy-map type inspect sdm-policy-sdm-cls--2
 class type inspect sdm-cls--2
  inspect
 class class-default
  drop
policy-map type inspect ccp-permit-dmzservice
 class type inspect sdm-cls-ccp-permit-dmzservice-3
  inspect
 class type inspect sdm-cls-ccp-permit-dmzservice-2
  inspect
 class type inspect sdm-cls-ccp-permit-dmzservice-1
  inspect
 class type inspect ccp-dmz-traffic
  inspect
 class type inspect CCP-Voice-permit
  inspect
 class type inspect sdm-nat-smtp-1
  inspect
 class type inspect sdm-nat-http-1
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-1
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-2
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-3
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-4
  pass
 class type inspect sdm-cls-VPNOutsideToInside-5
  pass
 class type inspect sdm-cls-VPNOutsideToInside-6
  pass
 class type inspect sdm-cls-VPNOutsideToInside-7
  pass
 class type inspect sdm-cls-VPNOutsideToInside-8
  pass
 class type inspect sdm-cls-VPNOutsideToInside-9
  pass
 class type inspect sdm-cls-VPNOutsideToInside-10
  pass
 class type inspect sdm-cls-VPNOutsideToInside-11
  pass
 class type inspect sdm-cls-VPNOutsideToInside-12
  pass
 class type inspect sdm-cls-VPNOutsideToInside-13
  pass
 class class-default
  pass
policy-map type inspect sdm-permit-ip
 class type inspect SDM_IP
  pass
 class type inspect sdm-cls-VPNOutsideToInside-1
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-2
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-3
  inspect
 class class-default
  drop log
!
zone security dmz-zone
zone security out-zone
zone security in-zone
zone security ezvpn-zone
zone security ssl-zone
zone-pair security ccp-zp-self-out source self destination out-zone
 service-policy type inspect ccp-permit-icmpreply
zone-pair security sdm-zp-NATOutsideToInside-1 source out-zone destination in-zone
 service-policy type inspect sdm-pol-NATOutsideToInside-1
zone-pair security ccp-zp-in-dmz source in-zone destination dmz-zone
 service-policy type inspect ccp-permit-dmzservice
zone-pair security ccp-zp-in-out source in-zone destination out-zone
 service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-dmz source out-zone destination dmz-zone
 service-policy type inspect ccp-permit-dmzservice
zone-pair security ccp-zp-out-self source out-zone destination self
 service-policy type inspect sdm-pol-Out-to-Self
zone-pair security sdm-zp-ezvpn-out1 source ezvpn-zone destination out-zone
 service-policy type inspect sdm-permit-ip
zone-pair security sdm-zp-out-ezpn1 source out-zone destination ezvpn-zone
 service-policy type inspect sdm-permit-ip
zone-pair security sdm-zp-ezvpn-in1 source ezvpn-zone destination in-zone
 service-policy type inspect sdm-permit-ip
zone-pair security sdm-zp-in-ezvpn1 source in-zone destination ezvpn-zone
 service-policy type inspect sdm-permit-ip
zone-pair security sdm-zp-ezvpn-zone-dmz-zone source ezvpn-zone destination dmz-zone
 service-policy type inspect sdm-policy-sdm-cls--1
zone-pair security sdm-zp-sll-zone-in-zone source ssl-zone destination in-zone
 service-policy type inspect sdm-pol-ssl-vpn-traffic
zone-pair security sdm-zp-dmz-zone-out-zone source dmz-zone destination out-zone
 service-policy type inspect sdm-policy-sdm-cls--2
zone-pair security sdm-zp-VPNOutsideToInside-1 source out-zone destination ssl-zone
 service-policy type inspect sdm-pol-VPNOutsideToInside-1
!
!
!
interface Loopback0
 ip address 10.10.50.1 255.255.255.0
!
interface FastEthernet0
 switchport access vlan 2
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
 description $FW_OUTSIDE$$ETH-WAN$
 ip address 63.250.109.214 255.255.255.248
 ip nat outside
 ip virtual-reassembly
 zone-member security out-zone
 duplex auto
 speed auto
 crypto map CMAP_BS
!
interface Virtual-Template1 type tunnel
 ip unnumbered FastEthernet4
 zone-member security ezvpn-zone
 tunnel mode ipsec ipv4
 tunnel protection ipsec profile CiscoCP_Profile1
!
interface Virtual-Template5
 ip unnumbered FastEthernet4
 zone-member security ssl-zone
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 zone-member security in-zone
 ip tcp adjust-mss 1452
!
interface Vlan2
 description $FW_DMZ$
 ip address 10.10.20.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 zone-member security dmz-zone
!
ip local pool SDM_POOL_1 10.10.50.2 10.10.50.30
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet4 63.250.109.209
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source static tcp 10.10.10.5 25 interface FastEthernet4 25
ip nat inside source static tcp 10.10.20.100 80 interface FastEthernet4 80
ip nat inside source static tcp 10.10.20.100 443 interface FastEthernet4 443
ip nat inside source route-map SDM_RMAP_1 interface FastEthernet4 overload
ip nat inside source static tcp 10.10.10.5 9091 63.250.109.214 9091 extendable
!
ip access-list extended CP_to_BS
 remark CCP_ACL Category=4
 remark S2S
 permit ip 10.10.1.0 0.0.0.255 10.10.10.0 0.0.0.255
ip access-list extended DMZOutbound
 remark CCP_ACL Category=128
 permit ip host 10.10.20.4 any
 permit ip host 10.10.20.5 any
ip access-list extended LANtoDMZ
 remark CCP_ACL Category=128
 permit ip any host 10.10.20.5
 permit ip any host 10.10.20.4
 permit ip any host 10.10.20.100
ip access-list extended SDM_AH
 remark CCP_ACL Category=1
 permit ahp any any
ip access-list extended SDM_ESP
 remark CCP_ACL Category=1
 permit esp any any
ip access-list extended SDM_IP
 remark CCP_ACL Category=1
 permit ip any any
ip access-list extended SIP-Traffic
 remark CCP_ACL Category=1
 permit tcp host 204.101.238.132 any
 permit udp host 204.101.238.132 any eq 5060
 remark Sip Traffic Deny
 deny   tcp any any eq 5060
ip access-list extended VPNZtoDMZ
 remark CCP_ACL Category=128
 permit ip any host 10.10.20.5
 permit ip any host 10.10.20.4
ip access-list extended VPNtoDMZ
 remark CCP_ACL Category=128
 permit ip any host 10.10.20.5
ip access-list extended WANtoOWA
 remark CCP_ACL Category=128
 permit ip any host 10.10.10.5
ip access-list extended WebsiteViewer
 remark CCP_ACL Category=128
 permit ip host 10.10.20.5 any
 permit ip host 10.10.20.4 any
ip access-list extended dmz-traffic
 remark CCP_ACL Category=1
 permit ip any host 10.10.20.1
 permit ip any host 10.10.20.2
 permit ip any host 10.10.20.3
 permit ip any host 10.10.20.4
 permit ip any host 10.10.20.5
 permit ip any host 10.10.20.6
 permit ip any host 10.10.20.7
 permit ip any host 10.10.20.8
 permit ip any host 10.10.20.9
 permit ip any host 10.10.20.10
!
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 2 remark CCP_ACL Category=2
access-list 2 permit 10.10.20.0 0.0.0.255
access-list 23 remark CCP_ACL Category=17
access-list 23 permit 10.10.10.0 0.0.0.255
access-list 23 permit 10.10.20.0 0.0.0.255
access-list 23 permit 10.10.50.0 0.0.0.255
access-list 100 remark CCP_ACL Category=4
access-list 100 permit ip 10.10.10.0 0.0.0.255 any
access-list 100 permit ip 10.10.20.0 0.0.0.255 any
access-list 101 remark CCP_ACL Category=128
access-list 101 permit ip host 255.255.255.255 any
access-list 101 permit ip 127.0.0.0 0.255.255.255 any
access-list 101 permit ip 10.10.20.0 0.0.0.255 any
access-list 101 permit ip 207.164.203.24 0.0.0.7 any
access-list 102 remark CPP_ACL Category=0
access-list 102 permit tcp any host 192.168.1.111 eq smtp
access-list 103 remark CCP_ACL Category=0
access-list 103 permit ip any host 10.10.20.5
access-list 104 remark CCP_ACL Category=0
access-list 104 permit ip any host 10.10.20.100
access-list 105 remark CCP_ACL Category=4
access-list 105 permit ip host 10.10.10.0 any
access-list 105 permit ip host 10.10.20.0 any
access-list 105 permit ip host 10.10.50.0 any
access-list 106 remark CCP_ACL Category=128
access-list 106 permit ip host 216.123.165.9 any
access-list 106 permit ip host 38.111.102.2 any
access-list 107 remark CCP_ACL Category=0
access-list 107 permit ip 10.10.11.0 0.0.0.255 10.10.10.0 0.0.0.255
access-list 108 remark CCP_ACL Category=0
access-list 108 permit ip 10.10.11.0 0.0.0.255 10.10.10.0 0.0.0.255
access-list 109 remark CCP_ACL Category=0
access-list 109 permit ip 10.10.11.0 0.0.0.255 10.10.10.0 0.0.0.255
access-list 110 remark CCP_ACL Category=0
access-list 110 permit ip 0.0.0.0 255.255.255.0 0.0.0.0 255.255.255.0 log
access-list 111 remark CCP_ACL Category=0
access-list 111 permit ip 0.0.0.0 255.255.255.0 0.0.0.0 255.255.255.0 log
access-list 112 remark CCP_ACL Category=0
access-list 112 permit ip 0.0.0.0 255.255.255.0 0.0.0.0 255.255.255.0 log
access-list 113 remark CCP_ACL Category=0
access-list 113 permit ip 10.10.1.0 0.0.0.255 10.10.10.0 0.0.0.255 log
access-list 114 remark CCP_ACL Category=0
access-list 114 permit ip 10.10.1.0 0.0.0.255 10.10.10.0 0.0.0.255 log
access-list 115 remark CCP_ACL Category=0
access-list 115 permit ip 0.0.0.0 255.255.255.0 0.0.0.0 255.255.255.0
access-list 116 remark CCP_ACL Category=0
access-list 116 permit ip any 0.0.0.0 255.255.255.0
access-list 117 remark CCP_ACL Category=16
access-list 117 permit ip 10.10.10.0 0.0.0.255 10.10.1.0 0.0.0.255 log
access-list 118 remark CCP_ACL Category=16
access-list 118 permit ip 0.0.0.0 255.255.255.0 0.0.0.0 255.255.255.0
access-list 119 remark CCP_ACL Category=0
access-list 119 permit ip 0.0.0.0 255.255.255.0 0.0.0.0 255.255.255.0
access-list 120 remark CCP_ACL Category=18
access-list 120 remark S2S
access-list 120 deny   ip 10.10.1.0 0.0.0.255 10.10.10.0 0.0.0.255
access-list 120 deny   ip 10.10.10.0 0.0.0.255 10.10.50.0 0.0.0.255
access-list 120 deny   ip 10.10.20.0 0.0.0.255 10.10.50.0 0.0.0.255
access-list 120 deny   ip 10.10.10.0 0.0.0.255 10.10.11.0 0.0.0.255
access-list 120 permit ip 10.10.20.0 0.0.0.255 any
access-list 120 permit ip 10.10.10.0 0.0.0.255 any
access-list 121 permit ip 10.10.50.0 0.0.0.255 10.10.10.0 0.0.0.255
access-list 121 permit ip 10.10.50.0 0.0.0.255 10.10.20.0 0.0.0.255
access-list 122 remark CCP_ACL Category=0
access-list 122 permit ip 10.10.1.0 0.0.0.255 10.10.10.0 0.0.0.255
access-list 123 remark CCP_ACL Category=0
access-list 123 permit ip 10.10.10.0 0.0.0.255 10.10.1.0 0.0.0.255
access-list 150 permit tcp any any eq 8081
access-list 190 permit ip any host 10.10.10.7
access-list 190 permit ip host 10.10.10.7 any
no cdp run

!
!
!
!
route-map SDM_RMAP_1 permit 1
 match ip address 120
!
!
control-plane
!
banner exec ^CCCCCCCCCCCCCC

% Password expiration warning.

-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device

and it provides the default username "cisco" for  one-time use. If you have

already used the username "cisco" to login to the router and your IOS image

supports the "one-time" user option, then this username has already expired.

You will not be able to login to the router with this username after you exit

this session.

It is strongly suggested that you create a new username with a privilege level

of 15 using the following command.

username <myuser> privilege 15 secret 0 <mypassword>

Replace <myuser> and <mypassword> with the username and password you

want to use.

-----------------------------------------------------------------------

^C
banner login ^CCCCCCCCCCCCCC

-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device.

This feature requires the one-time use of the username "cisco" with the

password "cisco". These default credentials have a privilege level of 15.

YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE  

PUBLICLY-KNOWN CREDENTIALS

Here are the Cisco IOS commands.

username <myuser>  privilege 15 secret 0 <mypassword>

no username cisco

Replace <myuser> and <mypassword> with the username and password you want

to use.

IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL

NOT BE ABLE TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.

For more information about Cisco CP please follow the instructions in the

QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp

-----------------------------------------------------------------------

^C
!
line con 0
 no modem enable
line aux 0
line vty 0 4
 access-class 23 in
 transport input telnet ssh
!
scheduler max-task-time 5000
!
webvpn gateway gateway_1
 ip address 216.235.7.116 port 8081  
 ssl trustpoint TP-self-signed-3840840377
 inservice
 !
webvpn install svc flash:/webvpn/svc_1.pkg sequence 1
 !
webvpn install csd flash:/webvpn/sdesktop.pkg
 !
webvpn context WebVPN
 title "CarePath WebVPN"
 secondary-color white
 title-color #669999
 text-color black
 ssl authenticate verify all
 !
 url-list "CarePath"
   heading "CarePath Websites"
   url-text "CPNet" url-value "http://10.10.10.100/CPnet/"
   url-text "CarePath External Website" url-value "http://www.carepath.ca"
   url-text "Navigator" url-value "http://10.10.10.103"
 !
 !
 policy group policy_1
   url-list "CarePath"
   functions svc-enabled
   svc address-pool "SDM_POOL_1"
   svc msie-proxy option auto
   svc split include 10.10.0.0 255.255.0.0
   svc dns-server primary 10.10.10.5
 virtual-template 5
 default-group-policy policy_1
 aaa authentication list ciscocp_vpn_xauth_ml_2
 gateway gateway_1
 max-users 20
 inservice
!
end

Is your VPN tunnel up? and showing any traffic sent out or received (encap / decap)?

show cry isa sa

show cry ips sa peer <peer ip>

HTH

Abaji.