version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname yourname ! boot-start-marker boot-end-marker ! security authentication failure rate 3 log security passwords min-length 6 logging buffered 51200 debugging logging console critical! no aaa new-model ! resource policy ! clock timezone PCTime -7 clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00 no ip source-route ! ! no ip cef no ip dhcp use vrf connected ip dhcp excluded-address 10.10.20.1 ! ip dhcp pool sdm-pool1 import all network 10.10.20.0 255.255.255.0 dns-server 209.94.172.166 209.94.172.167 192.168.2.1 default-router 10.10.20.1 ! ! ip tcp synwait-time 10 no ip bootp server ip domain name yourdomain.com ip name-server 10.10.20.1 ip ssh time-out 60 ip ssh authentication-retries 2 ! ! crypto pki trustpoint TP-self-signed-1524452252 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1524452252 revocation-check none rsakeypair TP-self-signed-1524452252 ! ! ! track 123 rtr 1 reachability ! ! bridge irb ! ! ! interface FastEthernet0 description primary-WAN mac-address 0014.22bb.5791 ip address 30.30.30.2 255.255.255.0 no ip proxy-arp ip nat outside ip virtual-reassembly ip route-cache flow duplex auto speed auto ! interface FastEthernet1 description backup-WAN ip address 192.168.2.2 255.255.255.0 no ip proxy-arp ip nat outside ip virtual-reassembly ip route-cache flow duplex auto speed auto ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 ! interface FastEthernet5 ! interface FastEthernet6 ! interface FastEthernet7 ! interface FastEthernet8 ! interface FastEthernet9 ! interface Dot11Radio0 no ip address ! speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 b asic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 station-role root bridge-group 1 bridge-group 1 spanning-disabled ! interface Dot11Radio1 no ip address ! encryption key 1 size 40bit 7 F2B103A277EB transmit-key encryption mode ciphers wep40 ! ssid SkyHook authentication open ! speed basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48. 0 basic-54.0 station-role root bridge-group 1 bridge-group 1 spanning-disabled ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$$FW_INSIDE$ no ip address ip tcp adjust-mss 1452 bridge-group 1 ! interface Async1 no ip address no ip redirects no ip unreachables no ip proxy-arp encapsulation slip ! interface BVI1 description $ES_LAN$ ip address 10.10.20.1 255.255.255.0 ip nat inside ip virtual-reassembly ! ip route 0.0.0.0 0.0.0.0 30.30.30.1 10 track 123 ip route 0.0.0.0 0.0.0.0 192.168.2.1 254 ip route 20.20.20.1 255.255.255.255 30.30.30.1 20 ! ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source route-map primary interface FastEthernet0 overload ip nat inside source route-map secondary interface FastEthernet1 overload ! ip sla 1 icmp-echo 20.20.20.1 timeout 1000 threshold 1000 frequency 10 ip sla schedule 1 life forever start-time now logging trap debugging access-list 1 remark INSIDE_IF=BVI1 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 10.10.20.0 0.0.0.255 access-list 2 permit 10.10.20.0 0.0.0.255 no cdp run ! ! ! route-map primary permit 10 match interface FastEthernet0 ! route-map secondary permit 10 match interface FastEthernet1 ! ! ! ! control-plane ! bridge 1 protocol ieee bridge 1 route ip banner login ^CAuthorized access only! Disconnect IMMEDIATELY if you are not an authorized user!^C ! line con 0 login local transport output telnet line 1 modem InOut stopbits 1 speed 115200 flowcontrol hardware line aux 0 login local transport output telnet line vty 0 4 privilege level 15 login local transport input telnet ssh line vty 5 15 privilege level 15 login local transport input telnet ssh ! scheduler allocate 4000 1000 scheduler interval 500 ! webvpn context Default_context ssl authenticate verify all ! no inservice ! end