
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname OHNSORGTI
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$DB1.$y.jE.wi4f9pdKFlDx3Ziw0
!
no aaa new-model
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-717245652
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-717245652
 revocation-check none
 rsakeypair TP-self-signed-717245652
!
!
dot11 syslog
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.5.1 192.168.5.99
!
ip dhcp pool sdm-pool1
   import all
   network 192.168.5.0 255.255.255.0
   dns-server 195.186.4.111 195.186.1.111 
   default-router 192.168.5.1 
   domain-name ohnsorg-soehne-ag
!
!
ip inspect name DEFAULT100 cuseeme
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 netshow
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
no ip bootp server
no ip domain lookup
ip domain name ohnsorg-soehne-ag
ip name-server 195.186.4.111
ip name-server 195.186.1.111
!
!
!
username admin privilege 15 password 7 075D734A5C000A0618
! 
!
crypto isakmp policy 1
 encr 3des
 hash md5
 authentication pre-share
crypto isakmp key VPN2Ohnsorg2 address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set rtpset esp-3des esp-md5-hmac 
!
crypto map rtp 1 ipsec-isakmp 
 set peer 194.209.90.244
 set transform-set rtpset 
 match address 115
!
archive
 log config
  hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface BRI0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 encapsulation hdlc
 ip route-cache flow
 shutdown
 isdn point-to-point-setup
!
interface ATM0
 description $FW_OUTSIDE$
 no ip address
 no ip access-group 101 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1452
 ip inspect DEFAULT100 out
 ip nat outside
 ip virtual-reassembly
 ip route-cache flow
 no atm ilmi-keepalive
 pvc 8/35 
  pppoe-client dial-pool-number 1
 !
 dsl operating-mode auto 
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
 ip address 192.168.5.1 255.255.255.0
 no ip access-group 100 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1412
!
interface Dialer0
 description $FW_OUTSIDE$
 ip address negotiated
 no ip access-group 101 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1452
 ip inspect DEFAULT100 out
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname gaby.ettlin@bluewin.ch
 ppp chap password 7 132712445E0B05
 ppp pap sent-username gaby.ettlin@bluewin.ch password 7 03265E5D530820
 crypto map rtp
!
router rip
 redistribute connected
 network 192.168.5.0
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 115 permit ip 192.168.5.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 115 permit ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 115 deny   ip 192.168.5.0 0.0.0.255 any
access-list 120 deny   ip 192.168.5.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 120 permit ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 120 permit ip 192.168.5.0 0.0.0.255 any
dialer-list 1 protocol ip permit
snmp-server community public RO
no cdp run
!
!
!
control-plane
!
banner login thorized access only!
 Disconnect IMMEDI 
!
line con 0
 login local
 no modem enable
 transport o
!
line con 0
 exec-timeout 120 0
 login local
 no modem enable
 transport output telnet
 stopbits 1
line aux 0
 login local
 transport output telnet
line vty 0 4
 access-class 23 in
 exec-timeout 120 0
 privilege level 15
 password 7 050A02022842
 login local
 length 0
 transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end