access-list inside_outbound_nat0_acl permit ip any 10.15.20.200 255.255.255.248

access-list outside_access_in permit tcp any host 68.213.241.238 eq www

access-list outside_access_in permit tcp any host 68.213.241.238 eq https

access-list outside_access_in permit tcp any host 68.213.241.238 eq 3389

access-list outside_access_in permit tcp any host 68.213.241.238 eq ftp

access-list outside_access_in permit udp any host 68.213.241.228 eq domain

access-list outside_access_in permit udp any host 68.213.241.238 eq domain

access-list outside_access_in permit tcp any host 68.213.241.227 eq 3389

access-list outside_access_in permit icmp any any echo-reply

access-list outside_access_in permit tcp any host 68.213.241.237 eq www

access-list outside_access_in permit tcp any host 68.213.241.237 eq smtp

access-list outside_access_in permit tcp any host 68.213.241.237 eq https

access-list outside_access_in permit tcp any host 68.213.241.237 eq imap4

access-list inside_access_in permit ip any any

access-list inside_access_in permit tcp any any

access-list inside_access_in permit udp any any

access-list inside_access_in permit icmp any any

access-list 101 permit ip 10.107.1.0 255.255.255.0 10.15.20.0 255.255.255.0

pager lines 24

mtu outside 1500

mtu inside 1500

ip address outside 68.213.241.226 255.255.255.240

ip address inside 10.15.20.1 255.255.255.0

ip verify reverse-path interface outside

ip audit info action alarm

ip audit attack action alarm

ip local pool DialUp 10.15.20.200-10.15.20.205

pdm history enable

arp timeout 14400

global (outside) 1 interface

nat (inside) 0 access-list inside_outbound_nat0_acl

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

access-group outside_access_in in interface outside

access-group inside_access_in in interface inside

route outside 0.0.0.0 0.0.0.0 68.213.241.225 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

no floodguard enable

sysopt connection permit-ipsec

sysopt connection permit-pptp

service resetinbound

crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac

crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac

crypto ipsec transform-set mine esp-des esp-sha-hmac

crypto map nsmap 10 ipsec-isakmp

crypto map nsmap 10 match address 101

crypto map nsmap 10 set peer 12.153.125.76

crypto map nsmap 10 set transform-set mine

crypto map nsmap interface outside

isakmp enable outside

isakmp key ******** address 12.153.125.76 netmask 255.255.255.255

isakmp identity address

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash sha

isakmp policy 10 group 1

isakmp policy 10 lifetime 28800

isakmp policy 20 authentication pre-share

isakmp policy 20 encryption des

isakmp policy 20 hash md5

isakmp policy 20 group 2

isakmp policy 20 lifetime 86400

isakmp policy 40 authentication pre-share

isakmp policy 40 encryption des

isakmp policy 40 hash sha

isakmp policy 40 group 2

isakmp policy 40 lifetime 86400

telnet 10.15.20.0 255.255.255.0 inside

telnet timeout 5

ssh timeout 5

console timeout 0

vpdn group PPTP-VPDN-GROUP accept dialin pptp

vpdn group PPTP-VPDN-GROUP ppp authentication pap

vpdn group PPTP-VPDN-GROUP ppp authentication chap

vpdn group PPTP-VPDN-GROUP ppp authentication mschap

vpdn group PPTP-VPDN-GROUP ppp encryption mppe 40

vpdn group PPTP-VPDN-GROUP client configuration address local DialUp

vpdn group PPTP-VPDN-GROUP client configuration dns MAIL FILESVR

vpdn group PPTP-VPDN-GROUP client authentication aaa RADIUS

vpdn group PPTP-VPDN-GROUP pptp echo 60

It doesn not work and the device on the other side is a netscreen.....and netscreen says its set up right....