gateway#show runn
Building configuration...

Current configuration : 8560 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname gateway
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 ******
!
aaa new-model
!
!         
aaa authentication login local_authen local
aaa authorization exec local_author local 
!
aaa session-id common
!
resource policy
!
clock timezone PCTime 0
clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
ip subnet-zero
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.7.1
ip dhcp excluded-address 192.168.7.100 192.168.7.254
!
ip dhcp pool sdm-pool1
   import all
   network 192.168.7.0 255.255.255.0
   dns-server 195.74.113.58 195.74.113.62 
   default-router 192.168.7.1 
!
ip dhcp pool Webcam
   host 192.168.7.118 255.255.255.0
   hardware-address 0080.f08c.fa77
   client-name webcam
!
ip dhcp pool Asterisk
   host 192.168.7.114 255.255.255.0
   hardware-address 0019.2152.f303
   client-name pbx
!
!
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW dns
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW https
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW imap
ip inspect name SDM_LOW pop3
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW vdolive
ip inspect name SDM_LOW pptp
ip tcp synwait-time 10
no ip bootp server
no ip domain lookup
ip domain name greatwesternweb.co.uk
ip name-server 195.74.113.58
ip name-server 195.74.113.62
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
crypto pki trustpoint TP-self-signed-4222082659
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-4222082659
 revocation-check none
 rsakeypair TP-self-signed-4222082659
!         
!
crypto pki certificate chain TP-self-signed-4222082659
 certificate self-signed 01
  30820255 308201BE A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 34323232 30383236 3539301E 170D3038 30313234 31343334 
  34315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 32323230 
  38323635 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100D0E4 81EE7A75 55C90073 E9F38B91 B2737E33 2FD03946 D71CA417 F828B74C 
  B3127F43 E2CF8B86 6266B1A9 840A058E 41C603FA 2FD03946 FB8BCE18 FE27F7CB 
  EED66A69 C06116C3 3803D3D9 8436C20C 6A6DD940 D609D8B3 EB4EC8D3 4F5E40DD 
  642B9C65 7F796E37 C9254D84 9E601E00 2CA00B82 67B4FFD0 9F58A7B8 1ABCF5F6 
  83090203 010001A3 7D307B30 0F060355 1D130101 FF040530 030101FF 30280603 
  551D1104 21301F82 1D676174 65776179 2E677265 61747765 73746572 6E776562 
  2E636F2E 756B301F 0603551D 23041830 168014CD 045471B8 5D55629F 6C28D8E1 
  FF37B989 3AE2C530 1D060355 1D0E0416 0414CD04 5471B85D 55629F6C 28D8E1FF 
  37B9893A E2C5300D 06092A86 4886F70D 01010405 00038181 000F6F27 C04C07C8 
  E4F81683 2CA00B82 E1233A13 81030408 15A12862 E2956E3B CB0B9954 3D16F0CA 
  2544DCFC E752DA0B 73CFA1B8 315CB496 08B7C9EF F0B668F9 5E3FB015 AF0BB2C9 
  67431622 92CFAB0F 19B5A224 25CEE7AC C45015B1 01DB9B9C D92F49D6 1FBB14CF 
  405A257E A15238C8 EE2C01BB D9EF1C7F DAE7B687 22E577F5 B0
  quit    
username davidraw privilege 15 secret 5 ******
username support privilege 15 secret 5 ******
!
! 
!
bridge irb
!
!
interface Null0
 no ip unreachables
!
interface ATM0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 no atm ilmi-keepalive
 dsl operating-mode auto 
 dsl enable-training-log
!
interface ATM0.1 point-to-point
 description $FW_OUTSIDE$$ES_WAN$
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 pvc 0/38 
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
 no ip address
 !
 encryption mode ciphers tkip 
 !
 ssid GreatWesternWeb.net
    authentication open 
    authentication key-management wpa
    guest-mode
    wpa-psk ascii 7 ******
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
 no ip address
 ip tcp adjust-mss 1452
 bridge-group 1
!
interface Dialer0
 description $FW_OUTSIDE$
 ip address 78.32.54.113 255.255.255.248
 ip access-group 103 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip inspect SDM_LOW out
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap callin
 ppp chap hostname ******
 ppp chap password 7 ******
!
interface BVI1
 description $ES_LAN$$FW_INSIDE$
 ip address 192.168.7.1 255.255.255.0
 ip access-group 100 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 ip flow egress
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1412
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static network 192.168.7.114 78.32.54.114 /32
ip nat inside source static tcp 192.168.7.118 80 78.32.54.118 80 extendable
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.7.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark SDM_ACL Category=1
access-list 2 permit 192.168.7.0 0.0.0.255
access-list 2 deny   any
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny   ip 78.32.54.112 0.0.0.7 any
access-list 100 deny   ip host 255.255.255.255 any
access-list 100 deny   ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 103 permit tcp any host 78.32.54.118 eq www
access-list 103 permit gre any any
access-list 103 permit ip any host 78.32.54.114
access-list 103 permit udp host 195.74.113.62 eq domain host 78.32.54.113
access-list 103 permit udp host 195.74.113.58 eq domain host 78.32.54.113
access-list 103 deny   ip 192.168.7.0 0.0.0.255 any
access-list 103 permit icmp any host 78.32.54.113 echo-reply
access-list 103 permit icmp any host 78.32.54.113 time-exceeded
access-list 103 permit icmp any host 78.32.54.113 unreachable
access-list 103 permit tcp any host 78.32.54.113 eq 443
access-list 103 permit tcp any host 78.32.54.113 eq 22
access-list 103 permit tcp any host 78.32.54.113 eq cmd
access-list 103 deny   ip 10.0.0.0 0.255.255.255 any
access-list 103 deny   ip 172.16.0.0 0.15.255.255 any
access-list 103 deny   ip 192.168.0.0 0.0.255.255 any
access-list 103 deny   ip 127.0.0.0 0.255.255.255 any
access-list 103 deny   ip host 255.255.255.255 any
access-list 103 deny   ip host 0.0.0.0 any
access-list 103 deny   ip any any log
access-list 104 remark VTY Access-class list
access-list 104 remark SDM_ACL Category=1
access-list 104 permit ip 192.168.7.0 0.0.0.255 any
access-list 104 deny   ip any any
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner login ^CAuthorized access only!
 Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
 login authentication local_authen
 no modem enable
 transport output telnet
line aux 0
 login authentication local_authen
 transport output telnet
line vty 0 4
 access-class 104 in
 privilege level 15
 authorization exec local_author
 login authentication local_authen
 transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end