hostname Router ! boot-start-marker boot system flash c1700-k9o3sy7-mz.123-18.bin boot-end-marker ! logging buffered 8000000 debugging enable secret blablabla ! mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 no aaa new-model ip subnet-zero ! ! no ip domain lookup ! ip cef ip audit po max-events 100 ! ! ! ! ! crypto isakmp policy 1 encr 3des hash md5 authentication pre-share group 2 crypto isakmp key passw address 10.10.0.1 ! ! crypto ipsec transform-set VPN-foo-TS esp-aes 256 esp-md5-hmac crypto ipsec nat-transparency spi-matching ! crypto map hrokVPN local-address FastEthernet0.2 crypto map hrokVPN 10 ipsec-isakmp set peer 10.10.0.1 set security-association lifetime kilobytes 10000 set security-association lifetime seconds 86400 set transform-set VPN-foo-TS match address 120 ! ! ! ! interface FastEthernet0 no ip address speed auto ! interface FastEthernet0.1 encapsulation dot1Q 67 native ip address 10.10.20.2 255.255.255.240 no snmp trap link-status crypto map hrokVPN ! interface FastEthernet0.2 encapsulation dot1Q 2 ip address 10.253.241.2 255.255.255.0 no snmp trap link-status ! ip default-gateway 10.10.20.1 ip classless ip route 0.0.0.0 0.0.0.0 10.10.20.1 no ip http server no ip http secure-server ! ! access-list 120 remark IPSEC traffic access-list 120 permit ip 10.253.241.0 0.0.0.255 10.240.241.0 0.0.0.255 ! ! line con 0 line aux 0 line vty 0 4 password blabla2 login ! end