service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption ! hostname SHEPR1 ! boot-start-marker boot-end-marker ! enable secret 5 $1$qLdk$fpb9BQr4D6P4f5eaDVnuy. ! aaa new-model ! ! aaa group server radius ACS server 172.16.7.112 auth-port 1645 acct-port 1646 server 172.17.6.235 auth-port 1645 acct-port 1646 ! aaa authentication login default group ACS local aaa authentication login console local enable aaa authentication login TELNETCON group ACS local aaa authentication ppp default local aaa authorization exec default if-authenticated group ACS local aaa accounting exec default start-stop group ACS aaa accounting network default start-stop group ACS aaa accounting network userauthen start-stop group ACS ! aaa session-id common ! eip dhcp excluded-address 172.16.83.120 172.16.83.127 ! ip dhcp pool SHEP network 172.16.83.112 255.255.255.240 default-router 172.16.83.126 dns-server 172.16.5.228 172.16.6.232 domain-name simplot.com.au lease 3 resource policy ! clock timezone AU-wint 10 clock summer-time AU-Summ recurring last Sun Oct 2:00 last Sun Mar 2:00 ip subnet-zero no ip dhcp use vrf connected ! ip cef no ip ips deny-action ips-interface ! no ftp-server write-enable ! ! username 1am privilege 15 password ! ! ! crypto isakmp policy 20 encr 3des hash md5 authentication pre-share group 2 crypto isakmp key yyyyyyyyy address xxx.xxx.xxx.xxx no-xauth no crypto isakmp ccm ! ! crypto ipsec transform-set CHELTENHAM esp-3des esp-md5-hmac ! crypto dynamic-map dynmap 10 set transform-set CHELTENHAM ! ! crypto map IPSec-VPN1 20 ipsec-isakmp set peer xxx.xxx.xxx.xxx set transform-set CHELTENHAM match address SHEP ! ! ! interface Ethernet0 ip address 172.16.83.126 255.255.255.240 no shut ip nat inside ip virtual-reassembly hold-queue 100 out ! interface Ethernet2 no ip address shutdown hold-queue 100 out ! interface ATM0 no ip address no shut no atm ilmi-keepalive dsl operating-mode auto pvc 8/35 encapsulation aal5mux ppp dialer dialer pool-member 1 ! ! interface FastEthernet1 no ip address duplex auto speed auto ! interface FastEthernet2 no ip address duplex auto speed auto ! interface FastEthernet3 no ip address duplex auto speed auto ! interface FastEthernet4 no ip address duplex auto speed auto ! interface Dialer1 ip address negotiated ip nat outside no shut ip virtual-reassembly encapsulation ppp dialer pool 1 dialer-group 1 no keepalive ppp authentication chap callin ppp chap hostname simplo550@direct.telstra.net ppp chap password 99230 crypto map IPSec-VPN1 ! ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 ip http server no ip http secure-server ! ! ! ip access-list extended SHEP permit ip 172.16.83.112 0.0.0.15 172.16.0.0 0.1.255.255 logging source-interface Ethernet0 logging 172.16.6.219 access-list 20 permit 139.130.248.98 access-list 20 permit 139.130.248.46 access-list 20 permit 172.16.0.0 0.0.15.255 access-list 20 permit 172.16.83.0 0.0.0.255 access-list 20 permit 172.16.84.0 0.0.0.255 access-list 99 permit 172.17.7.200 snmp-server community OVSimplot RO 99 radius-server host 172.16.7.112 radius-server host 172.17.6.235 radius-server key WallsockeT radius-server timeout 10 radius-server deadtime 5 ! control-plane ! ! line con 0 exec-timeout 120 0 login authentication console no modem enable stopbits 1 line aux 0 line vty 0 4 access-class 20 in exec-timeout 0 0 password 7 032D551F141A3245410748 login authentication TELNETCON ! scheduler max-task-time 5000 sntp server 128.250.36.2 end shepr1#