! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname BR837 ! boot-start-marker boot-end-marker ! no logging buffered ! no aaa new-model ! resource policy ! clock timezone CEST 2 no ip source-route ! ! ! ! ip cef ip inspect name myfw cuseeme timeout 3600 ip inspect name myfw ftp timeout 3600 ip inspect name myfw rcmd timeout 3600 ip inspect name myfw realaudio timeout 3600 ip inspect name myfw smtp timeout 3600 ip inspect name myfw tftp timeout 30 ip inspect name myfw udp timeout 15 ip inspect name myfw tcp timeout 3600 ip inspect name myfw h323 timeout 3600 ! ! ! ! ! ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 crypto isakmp key ******* address X.X.X.X crypto isakmp keepalive 10 4 ! ! crypto ipsec transform-set SDASH esp-3des esp-sha-hmac ! crypto ipsec profile SDASH_Profile set transform-set SDASH ! ! ! ! interface Tunnel0 description DMVPN Connection bandwidth 1000 ip address 10.130.30.50 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip mtu 1500 ip nhrp authentication MLAVPN_1 ip nhrp map 10.130.30.1 X.X.X.X ip nhrp network-id 75021571 ip nhrp holdtime 360 ip nhrp nhs 10.130.30.1 ip route-cache flow delay 1000 tunnel source ATM0.1 tunnel destination X.X.X.X tunnel key 75021571 tunnel protection ipsec profile SDASH_Profile ! interface Ethernet0 description LAN ip address 10.50.30.3 255.255.0.0 ip access-group 122 out no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip virtual-reassembly no ip mroute-cache standby 50 ip 10.50.30.1 standby 50 priority 145 standby 50 preempt standby 50 track ATM0.1 hold-queue 100 out ! interface Ethernet2 description Wireless DMZ ip address 192.168.55.1 255.255.255.0 hold-queue 100 out ! interface ATM0 description DSL no ip address atm vc-per-vp 64 no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.1 point-to-point description DSL SubInterface ip address Y.Y.Y.Y 255.255.255.252 ip access-group 111 in no ip redirects no ip unreachables no ip proxy-arp ip nat outside ip inspect myfw out ip virtual-reassembly no snmp trap link-status pvc 8/35 encapsulation aal5snap ! ! interface FastEthernet1 duplex auto speed auto ! interface FastEthernet2 description CONNECTION TO BR2950 duplex auto speed auto ! interface FastEthernet3 duplex auto speed auto ! interface FastEthernet4 description WIRELESS DMZ duplex auto speed auto ! router eigrp 1 network 10.0.0.0 auto-summary ! ip route 0.0.0.0 0.0.0.0 ATM0.1 ! ip http server no ip http secure-server ! ip nat inside source list 1 interface ATM0.1 overload ! access-list 1 permit 10.50.0.0 0.0.255.255 access-list 111 permit tcp any any eq telnet access-list 111 permit icmp any any administratively-prohibited access-list 111 permit icmp any any echo access-list 111 permit icmp any any echo-reply access-list 111 permit icmp any any packet-too-big access-list 111 permit icmp any any time-exceeded access-list 111 permit icmp any any traceroute access-list 111 permit icmp any any unreachable access-list 111 permit udp any eq bootps any eq bootpc access-list 111 permit udp any eq bootps any eq bootps access-list 111 permit udp any eq domain any access-list 111 permit esp any any access-list 111 permit udp any any eq isakmp access-list 111 permit udp any any eq 10000 access-list 111 permit tcp any any eq 1723 access-list 111 permit tcp any any eq 139 access-list 111 permit udp any any eq netbios-ns access-list 111 permit udp any any eq netbios-dgm access-list 111 permit gre any any access-list 111 deny ip any any access-list 122 deny tcp any any eq telnet access-list 122 permit ip any any access-list 150 remark TELNET ACCESS access-list 150 permit ip 10.0.0.0 0.255.255.255 any access-list 150 deny ip any any ! ! control-plane ! alias exec ct config t alias exec sr show run alias exec wr write mem alias exec sir show ip route alias exec si show ip int brief alias exec crs copy run start ! line con 0 no modem enable line aux 0 line vty 0 4 exec-timeout 120 0 password login length 0 ! scheduler max-task-time 5000 end