do sh run Building configuration... Current configuration : 32033 bytes ! version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname nldc-router-01 ! boot-start-marker boot-end-marker ! logging buffered 51200 debugging logging console critical enable secret 5 $1$7ZR3$6i3w8xa6AqVIG49ro9XxT1 ! aaa new-model ! aaa authentication login default local aaa authentication login sdm_vpn_xauth_ml_1 local aaa authentication login sdm_vpn_xauth_ml_2 local aaa authorization exec default local aaa authorization network sdm_vpn_group_ml_1 local aaa authorization network sdm_vpn_group_ml_2 local ! aaa session-id common ! resource policy ! clock timezone PCTime -7 clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00 no ip source-route ip cef no ip dhcp use vrf connected ip dhcp excluded-address 192.168.100.1 192.168.100.50 ! ip dhcp pool sdm-pool1 import all network 192.168.100.0 255.255.255.0 dns-server 192.168.100.26 default-router 192.168.100.1 ! ip dhcp pool wsjstein01 host 192.168.100.53 255.255.255.0 client-identifier 0100.1372.2bd0.59 ! ip dhcp pool wsjjohar01 host 192.168.100.56 255.255.255.0 client-identifier 0100.1372.2cf3.94 ! ip dhcp pool wsrgarag01 host 192.168.100.57 255.255.255.0 client-identifier 0100.1372.2cf4.03 ! ip dhcp pool wsmkraem01 host 192.168.100.55 255.255.255.0 client-identifier 0100.1372.2cf4.22 ! ip dhcp pool wskkilto01 host 192.168.100.54 255.255.255.0 client-identifier 0100.1372.2cf3.9a ! ip dhcp pool wsrlosek01 host 192.168.100.51 255.255.255.0 client-identifier 0100.1372.2cf3.eb ! ! ip inspect name DEFAULT100 ftp ip inspect name DEFAULT100 h323 ip inspect name DEFAULT100 icmp ip inspect name DEFAULT100 rcmd ip inspect name DEFAULT100 esmtp ip inspect name DEFAULT100 sqlnet ip inspect name DEFAULT100 tftp ip inspect name DEFAULT100 tcp ip inspect name DEFAULT100 udp ip tcp synwait-time 10 no ip bootp server ip domain name nldc.local ip name-server 192.168.100.26 ip ssh time-out 60 ip ssh authentication-retries 2 ! ! crypto pki trustpoint TP-self-signed-3302651577 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3302651577 revocation-check none rsakeypair TP-self-signed-3302651577 ! ! crypto pki certificate chain TP-self-signed-3302651577 certificate self-signed 01 30820251 308201BA A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 33333032 36353135 3737301E 170D3036 30393236 31343536 33375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 33303236 35313537 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100B418 BD52049E 3FB6F0D3 7B7EC055 DCF55EA6 033A79A0 207B2202 9A2E6A1E 3BA7CFA4 33163D64 4F3E342A 295AE4DF FFA8B9F4 D34FB5AC B92D4818 549FD801 56589674 4836F18D 33A3C54D 1B318615 97B4875C 7CE53D41 47CE22A7 EE23D9AC 8A4E3234 ECDB1C65 31879E9D 0BF8CA47 1E238CE6 C7B0EF07 76BCC5BF 53D9DFBA 7A810203 010001A3 79307730 0F060355 1D130101 FF040530 030101FF 30240603 551D1104 1D301B82 196E6C64 632D726F 75746572 2D30312E 6E6C6463 2E6C6F63 616C301F 0603551D 23041830 168014AC 89762977 F97DFD68 2D99C84C 6BD132F3 ADE64730 1D060355 1D0E0416 0414AC89 762977F9 7DFD682D 99C84C6B D132F3AD E647300D 06092A86 4886F70D 01010405 00038181 003281E6 DEE7A410 4D2F8FD3 D7141DF9 0F6A1E13 964B7CA5 50EA2533 FDCE708B B4A2D631 C9FF480E 018827FF FD70EF84 0AD44F65 7ADDAED4 37ED39AE 68FFF469 E890BB77 542439CF 727DD129 B63E3F76 E466DE26 C487954C 5A71FF62 908207A5 4257B795 3776FAFC CB31E8AB 30BC4908 EE9F6885 55B45277 1571EC62 24B7CDC7 CF quit ! ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 ! crypto isakmp policy 21 hash md5 authentication pre-share ! crypto isakmp policy 31 authentication pre-share crypto isakmp key encrypted address 65.107.8.66 no-xauth crypto isakmp key cleartext address 74.92.97.166 ! crypto isakmp client configuration group NLDC key tolls dns 192.168.100.26 domain nldc.local pool SDM_POOL_1 save-password ! ! crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA3 esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA4 esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA5 esp-3des esp-sha-hmac crypto ipsec transform-set Transcore esp-3des esp-sha-hmac crypto dynamic-map SDM_DYNMAP_1 1 set transform-set ESP-3DES-SHA reverse-route ! crypto dynamic-map SDM_DYNMAP_2 1 set transform-set ESP-3DES-SHA5 reverse-route ! ! crypto map PHA client authentication list sdm_vpn_xauth_ml_2 crypto map PHA isakmp authorization list sdm_vpn_group_ml_2 crypto map PHA client configuration address respond crypto map PHA 1 ipsec-isakmp set peer 74.92.97.166 set transform-set Transcore match address 130 crypto map PHA 21 ipsec-isakmp set peer 65.107.8.66 set transform-set ESP-3DES-SHA match address 120 crypto map PHA 65535 ipsec-isakmp dynamic SDM_DYNMAP_2 ! crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_1 crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_1 crypto map SDM_CMAP_1 client configuration address respond crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1 ! crypto map SDM_CMAP_2 1 ipsec-isakmp description Tunnel to65.107.8.66 set peer 65.107.8.66 set transform-set ESP-3DES-SHA3 match address 105 ! ! ! interface Null0 no ip unreachables ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 interface FastEthernet4 description $ES_WAN$$ETH-WAN$$FW_OUTSIDE$ ip address 71.33.245.25 255.255.255.248 ip access-group 101 in ip verify unicast reverse-path no ip redirects no ip unreachables no ip proxy-arp ip inspect DEFAULT100 out ip nat outside ip virtual-reassembly ip route-cache flow duplex auto speed auto crypto map PHA ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$ ip address 192.168.100.1 255.255.255.0 ip access-group 100 in no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip virtual-reassembly ip route-cache flow ip tcp adjust-mss 1452 ! ip local pool SDM_POOL_1 192.168.200.1 192.168.200.254 ip route 0.0.0.0 0.0.0.0 71.33.245.30 permanent ! ip http server ip http access-class 2 ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source route-map SDM_RMAP_1 interface FastEthernet4 overload ! logging trap debugging access-list 1 remark INSIDE_IF=Vlan1 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 192.168.100.0 0.0.0.255 access-list 2 remark HTTP Access-class list access-list 2 remark SDM_ACL Category=1 access-list 2 permit 192.168.100.0 0.0.0.255 access-list 2 deny any access-list 100 remark auto generated by Cisco SDM Express firewall configuration access-list 100 remark SDM_ACL Category=1 access-list 100 permit tcp host 192.168.100.27 eq smtp any eq smtp access-list 100 remark IPSec Rule access-list 100 permit ip 10.1.0.0 0.0.255.255 192.168.100.0 0.0.0.255 access-list 100 permit ip 192.168.100.0 0.0.0.255 10.1.0.0 0.0.255.255 access-list 100 permit udp host 65.107.8.66 host 192.168.100.1 eq non500-isakmp access-list 100 permit udp host 65.107.8.66 host 192.168.100.1 eq isakmp access-list 100 permit esp host 65.107.8.66 host 192.168.100.1 access-list 100 permit ahp host 65.107.8.66 host 192.168.100.1 access-list 100 deny ip host 255.255.255.255 any access-list 100 deny ip 127.0.0.0 0.255.255.255 any access-list 100 permit ip any any access-list 101 remark auto generated by Cisco SDM Express firewall configuration access-list 101 remark SDM_ACL Category=1 access-list 101 remark IPSec Rule access-list 101 permit ip 10.4.1.0 0.0.0.255 192.168.100.0 0.0.0.255 access-list 101 permit udp host 74.92.97.166 host 71.33.245.25 eq non500-isakmp access-list 101 permit udp host 74.92.97.166 host 71.33.245.25 eq isakmp access-list 101 permit esp host 74.92.97.166 host 71.33.245.25 access-list 101 permit ahp host 74.92.97.166 host 71.33.245.25 access-list 101 remark wsrgarage01 to RDevJaspal access-list 101 permit tcp host 10.1.28.8 eq 3389 host 192.168.100.57 log access-list 101 remark wsrgarage01 to RDevJaspal access-list 101 permit ip host 10.1.28.8 host 192.168.100.57 log access-list 101 remark wsrgarage01 to K2Dev11 access-list 101 permit tcp host 10.1.28.249 eq 3389 host 192.168.100.57 log access-list 101 remark wsrgarage01 to K2Dev11 access-list 101 permit ip host 10.1.28.249 host 192.168.100.57 log access-list 101 remark wsrgarage01 to DevGaraga access-list 101 permit tcp host 10.1.28.74 eq 3389 host 192.168.100.57 log access-list 101 remark wsrgarage01 to DevGaraga access-list 101 permit ip host 10.1.28.74 host 192.168.100.57 log access-list 101 remark wsrgarage01 to DevMike access-list 101 permit tcp host 10.1.28.44 eq 3389 host 192.168.100.57 log access-list 101 remark wsrgarage01 to DevMike access-list 101 permit ip host 10.1.28.44 host 192.168.100.57 log access-list 101 remark wsrgarage01 to DevKris access-list 101 permit tcp host 10.1.28.36 eq 3389 host 192.168.100.57 log access-list 101 remark wsrgarage01 to DevKris access-list 101 permit ip host 10.1.28.36 host 192.168.100.57 log access-list 101 remark wsrgarage01 to RickP2000 access-list 101 permit tcp host 10.1.1.3 eq 3389 host 192.168.100.57 log access-list 101 remark wsrgarage01 to RickP2000 access-list 101 permit ip host 10.1.1.3 host 192.168.100.57 log access-list 101 remark wsjjohar01 to RDevJaspal access-list 101 permit tcp host 10.1.28.8 eq 3389 host 192.168.100.56 log access-list 101 remark wsjjohar01 to RDevJaspal access-list 101 permit ip host 10.1.28.8 host 192.168.100.56 log access-list 101 remark wsjjohar01 to K2Dev11 access-list 101 permit tcp host 10.1.28.249 eq 3389 host 192.168.100.56 log access-list 101 remark wsjjohar01 to K2Dev11 access-list 101 permit ip host 10.1.28.249 host 192.168.100.56 log access-list 101 remark wsjjohar01 to DevGaraga access-list 101 permit tcp host 10.1.28.74 eq 3389 host 192.168.100.56 log access-list 101 remark wsjjohar01 to DevGaraga access-list 101 permit ip host 10.1.28.74 host 192.168.100.56 log access-list 101 remark wsjjohar01 to DevMike access-list 101 permit tcp host 10.1.28.44 eq 3389 host 192.168.100.56 log access-list 101 remark wsjjohar01 to DevMike access-list 101 permit ip host 10.1.28.44 host 192.168.100.56 log access-list 101 remark wsjjohar01 to DevKris access-list 101 permit tcp host 10.1.28.36 eq 3389 host 192.168.100.56 log access-list 101 remark wsjjohar01 to DevKris access-list 101 permit ip host 10.1.28.36 host 192.168.100.56 log access-list 101 remark wsjjohar01 to RickP2000 access-list 101 permit tcp host 10.1.1.3 eq 3389 host 192.168.100.56 log access-list 101 remark wsjjohar01 to RickP2000 access-list 101 permit ip host 10.1.1.3 host 192.168.100.56 log access-list 101 remark wsmkraemer01 to RDevJaspal access-list 101 permit tcp host 10.1.28.8 eq 3389 host 192.168.100.55 log access-list 101 remark wsmkraemer01 to RDevJaspal access-list 101 permit ip host 10.1.28.8 host 192.168.100.55 log access-list 101 remark wsmkraemer01 to K2Dev11 access-list 101 permit tcp host 10.1.28.249 eq 3389 host 192.168.100.55 log access-list 101 remark wsmkraemer01 to K2Dev11 access-list 101 permit ip host 10.1.28.249 host 192.168.100.55 log access-list 101 remark wsmkraemer01 to DevGaraga access-list 101 permit tcp host 10.1.28.74 eq 3389 host 192.168.100.55 log access-list 101 remark wsmkraemer01 to DevGaraga access-list 101 permit ip host 10.1.28.74 host 192.168.100.55 log access-list 101 remark wsmkraemer01 to DevMike access-list 101 permit tcp host 10.1.28.44 eq 3389 host 192.168.100.55 log access-list 101 remark wsmkraemer01 to DevMike access-list 101 permit ip host 10.1.28.44 host 192.168.100.55 log access-list 101 remark wsmkraemer01 to DevKris access-list 101 permit tcp host 10.1.28.36 eq 3389 host 192.168.100.55 log access-list 101 remark wsmkraemer01 to DevKris access-list 101 permit ip host 10.1.28.36 host 192.168.100.55 log access-list 101 remark wsmkraemer01 to RickP2000 access-list 101 permit tcp host 10.1.1.3 eq 3389 host 192.168.100.55 log access-list 101 remark wsmkraemer01 to RickP2000 access-list 101 permit ip host 10.1.1.3 host 192.168.100.55 log access-list 101 remark wsjstein01 to RDevJaspal access-list 101 permit tcp host 10.1.28.8 eq 3389 host 192.168.100.53 log access-list 101 remark wsjstein01 to RDevJaspal access-list 101 permit ip host 10.1.28.8 host 192.168.100.53 log access-list 101 remark wsjstein01 to K2Dev11 access-list 101 permit tcp host 10.1.28.249 eq 3389 host 192.168.100.53 log access-list 101 remark wsjstein01 to K2Dev11 access-list 101 permit ip host 10.1.28.249 host 192.168.100.53 log access-list 101 remark wsjstein01 to DevGaraga access-list 101 permit tcp host 10.1.28.74 eq 3389 host 192.168.100.53 log access-list 101 remark wsjstein01 to DevGaraga access-list 101 permit ip host 10.1.28.74 host 192.168.100.53 log access-list 101 remark wsjstein01 to DevMike access-list 101 permit tcp host 10.1.28.44 eq 3389 host 192.168.100.53 log access-list 101 remark wsjstein01 to DevMike access-list 101 permit ip host 10.1.28.44 host 192.168.100.53 log access-list 101 remark wsjstein01 to DevKris access-list 101 permit tcp host 10.1.28.36 eq 3389 host 192.168.100.53 log access-list 101 remark wsjstein01 to DevKris access-list 101 permit ip host 10.1.28.36 host 192.168.100.53 log access-list 101 remark wsjstein01 to RickP2000 access-list 101 permit tcp host 10.1.1.3 eq 3389 host 192.168.100.53 log access-list 101 remark wsjstein01 to RickP2000 access-list 101 permit ip host 10.1.1.3 host 192.168.100.53 log access-list 101 remark wsrloseke01 to RDevJaspal access-list 101 permit tcp host 10.1.28.8 eq 3389 host 192.168.100.51 log access-list 101 remark wsrloseke01 to RDevJaspal access-list 101 permit ip host 10.1.28.8 host 192.168.100.51 log access-list 101 remark wsrloseke01 to K2Dev11 access-list 101 permit tcp host 10.1.28.249 eq 3389 host 192.168.100.51 log access-list 101 remark wsrloseke01 to K2Dev11 access-list 101 permit ip host 10.1.28.249 host 192.168.100.51 log access-list 101 remark wsrloseke01 to DevGaraga access-list 101 permit tcp host 10.1.28.74 eq 3389 host 192.168.100.51 log access-list 101 remark wsrloseke01 to DevGaraga access-list 101 permit ip host 10.1.28.74 host 192.168.100.51 log access-list 101 remark wsrloseke01 to DevMike access-list 101 permit tcp host 10.1.28.44 eq 3389 host 192.168.100.51 log access-list 101 remark wsrloseke01 to DevMike access-list 101 permit ip host 10.1.28.44 host 192.168.100.51 log access-list 101 remark wsrloseke01 to DevKris access-list 101 permit tcp host 10.1.28.36 eq 3389 host 192.168.100.51 log access-list 101 remark wsrloseke01 to DevKris access-list 101 permit ip host 10.1.28.36 host 192.168.100.51 log access-list 101 remark wsrloseke01 to RickP2000 access-list 101 permit tcp host 10.1.1.3 eq 3389 host 192.168.100.51 log access-list 101 remark wsrloseke01 to RickP2000 access-list 101 permit ip host 10.1.1.3 host 192.168.100.51 log access-list 101 permit udp host 65.107.8.66 host 71.33.245.25 eq non500-isakmp access-list 101 permit udp host 65.107.8.66 host 71.33.245.25 eq isakmp access-list 101 permit esp host 65.107.8.66 host 71.33.245.25 access-list 101 permit ahp host 65.107.8.66 host 71.33.245.25 access-list 101 permit ip 192.168.200.0 0.0.0.255 any access-list 101 permit udp any host 71.33.245.25 eq non500-isakmp access-list 101 permit udp any host 71.33.245.25 eq isakmp access-list 101 permit esp any host 71.33.245.25 access-list 101 permit ahp any host 71.33.245.25 access-list 101 permit udp host 192.168.100.26 eq domain any access-list 101 permit tcp host 192.168.100.27 eq smtp any eq smtp access-list 101 deny ip 192.168.100.0 0.0.0.255 any access-list 101 permit icmp any any echo-reply access-list 101 permit icmp any any time-exceeded access-list 101 permit icmp any any unreachable access-list 101 deny ip 10.0.0.0 0.255.255.255 any access-list 101 deny ip 172.16.0.0 0.15.255.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip host 255.255.255.255 any access-list 101 deny ip any any access-list 102 remark SDM_ACL Category=2 access-list 102 remark wsrgarage01 to RDevJaspal access-list 102 deny ip host 192.168.100.57 host 10.1.28.8 log access-list 102 remark wsrgarage01 to K2Dev11 access-list 102 deny ip host 192.168.100.57 host 10.1.28.249 log access-list 102 remark wsrgarage01 to DevGaraga access-list 102 deny ip host 192.168.100.57 host 10.1.28.74 log access-list 102 remark wsrgarage01 to DevMike access-list 102 deny ip host 192.168.100.57 host 10.1.28.44 log access-list 102 remark wsrgarage01 to DevKris access-list 102 deny ip host 192.168.100.57 host 10.1.28.36 log access-list 102 remark wsrgarage01 to RickP2000 access-list 102 deny ip host 192.168.100.57 host 10.1.1.3 log access-list 102 remark wsjjohar01 to RDevJaspal access-list 102 deny ip host 192.168.100.56 host 10.1.28.8 log access-list 102 remark wsjjohar01 to K2Dev11 access-list 102 deny ip host 192.168.100.56 host 10.1.28.249 log access-list 102 remark wsjjohar01 to DevGaraga access-list 102 deny ip host 192.168.100.56 host 10.1.28.74 log access-list 102 remark wsjjohar01 to DevMike access-list 102 deny ip host 192.168.100.56 host 10.1.28.44 log access-list 102 remark wsjjohar01 to DevKris access-list 102 deny ip host 192.168.100.56 host 10.1.28.36 log access-list 102 remark wsjjohar01 to RickP2000 access-list 102 deny ip host 192.168.100.56 host 10.1.1.3 log access-list 102 remark wsmkraemer01 to RDevJaspal access-list 102 deny ip host 192.168.100.55 host 10.1.28.8 log access-list 102 remark wsmkraemer01 to K2Dev11 access-list 102 deny ip host 192.168.100.55 host 10.1.28.249 log access-list 102 remark wsmkraemer01 to DevGaraga access-list 102 deny ip host 192.168.100.55 host 10.1.28.74 log access-list 102 remark wsmkraemer01 to DevMike access-list 102 deny ip host 192.168.100.55 host 10.1.28.44 log access-list 102 remark wsmkraemer01 to DevKris access-list 102 deny ip host 192.168.100.55 host 10.1.28.36 log access-list 102 remark wsmkraemer01 to RickP2000 access-list 102 deny ip host 192.168.100.55 host 10.1.1.3 log access-list 102 remark wsjstein01 to RDevJaspal access-list 102 deny ip host 192.168.100.53 host 10.1.28.8 log access-list 102 remark wsjstein01 to K2Dev11 access-list 102 deny ip host 192.168.100.53 host 10.1.28.249 log access-list 102 remark wsjstein01 to DevGaraga access-list 102 deny ip host 192.168.100.53 host 10.1.28.74 log access-list 102 remark wsjstein01 to DevMike access-list 102 deny ip host 192.168.100.53 host 10.1.28.44 log access-list 102 remark wsjstein01 to DevKris access-list 102 deny ip host 192.168.100.53 host 10.1.28.36 log access-list 102 remark wsjstein01 to RickP2000 access-list 102 deny ip host 192.168.100.53 host 10.1.1.3 log access-list 102 remark wsrloseke01 to RDevJaspal access-list 102 deny ip host 192.168.100.51 host 10.1.28.8 log access-list 102 remark wsrloseke01 to K2Dev11 access-list 102 deny ip host 192.168.100.51 host 10.1.28.249 log access-list 102 remark wsrloseke01 to DevGaraga access-list 102 deny ip host 192.168.100.51 host 10.1.28.74 log access-list 102 remark wsrloseke01 to DevMike access-list 102 deny ip host 192.168.100.51 host 10.1.28.44 log access-list 102 remark wsrloseke01 to DevKris access-list 102 deny ip host 192.168.100.51 host 10.1.28.36 log access-list 102 remark wsrloseke01 to RickP2000 access-list 102 deny ip host 192.168.100.51 host 10.1.1.3 log access-list 102 remark wsrgarage01 to RDevJaspal access-list 102 deny tcp host 192.168.100.57 host 10.1.28.8 eq 3389 log access-list 102 deny tcp host 192.168.100.57 eq 3389 host 10.1.28.8 log access-list 102 remark wsrgarage01 to K2Dev11 access-list 102 deny tcp host 192.168.100.57 host 10.1.28.249 eq 3389 log access-list 102 deny tcp host 192.168.100.57 eq 3389 host 10.1.28.249 log access-list 102 remark wsrgarage01 to DevGaraga access-list 102 deny tcp host 192.168.100.57 host 10.1.28.74 eq 3389 log access-list 102 deny tcp host 192.168.100.57 eq 3389 host 10.1.28.74 log access-list 102 remark wsrgarage01 to DevMike access-list 102 deny tcp host 192.168.100.57 host 10.1.28.44 eq 3389 log access-list 102 deny tcp host 192.168.100.57 eq 3389 host 10.1.28.44 log access-list 102 remark wsrgarage01 to DevKris access-list 102 deny tcp host 192.168.100.57 host 10.1.28.36 eq 3389 log access-list 102 deny tcp host 192.168.100.57 eq 3389 host 10.1.28.36 log access-list 102 remark wsrgarage01 to RickP2000 access-list 102 deny tcp host 192.168.100.57 host 10.1.1.3 eq 3389 log access-list 102 deny tcp host 192.168.100.57 eq 3389 host 10.1.1.3 log access-list 102 remark wsjjohar01 to RDevJaspal access-list 102 deny tcp host 192.168.100.56 host 10.1.28.8 eq 3389 log access-list 102 deny tcp host 192.168.100.56 eq 3389 host 10.1.28.8 log access-list 102 remark wsjjohar01 to K2Dev11 access-list 102 deny tcp host 192.168.100.56 host 10.1.28.249 eq 3389 log access-list 102 deny tcp host 192.168.100.56 eq 3389 host 10.1.28.249 log access-list 102 remark wsjjohar01 to DevGaraga access-list 102 deny tcp host 192.168.100.56 host 10.1.28.74 eq 3389 log access-list 102 deny tcp host 192.168.100.56 eq 3389 host 10.1.28.74 log access-list 102 remark wsjjohar01 to DevMike access-list 102 deny tcp host 192.168.100.56 host 10.1.28.44 eq 3389 log access-list 102 deny tcp host 192.168.100.56 eq 3389 host 10.1.28.44 log access-list 102 remark wsjjohar01 to DevKris access-list 102 deny tcp host 192.168.100.56 host 10.1.28.36 eq 3389 log access-list 102 deny tcp host 192.168.100.56 eq 3389 host 10.1.28.36 log access-list 102 remark wsjjohar01 to RickP2000 access-list 102 deny tcp host 192.168.100.56 host 10.1.1.3 eq 3389 log access-list 102 deny tcp host 192.168.100.56 eq 3389 host 10.1.1.3 log access-list 102 remark wsmkraemer01 to RDevJaspal access-list 102 deny tcp host 192.168.100.55 host 10.1.28.8 eq 3389 log access-list 102 deny tcp host 192.168.100.55 eq 3389 host 10.1.28.8 log access-list 102 remark wsmkraemer01 to K2Dev11 access-list 102 deny tcp host 192.168.100.55 host 10.1.28.249 eq 3389 log access-list 102 deny tcp host 192.168.100.55 eq 3389 host 10.1.28.249 log access-list 102 remark wsmkraemer01 to DevGaraga access-list 102 deny tcp host 192.168.100.55 host 10.1.28.74 eq 3389 log access-list 102 deny tcp host 192.168.100.55 eq 3389 host 10.1.28.74 log access-list 102 remark wsmkraemer01 to DevMike access-list 102 deny tcp host 192.168.100.55 host 10.1.28.44 eq 3389 log access-list 102 deny tcp host 192.168.100.55 eq 3389 host 10.1.28.44 log access-list 102 remark wsmkraemer01 to DevKris access-list 102 deny tcp host 192.168.100.55 host 10.1.28.36 eq 3389 log access-list 102 deny tcp host 192.168.100.55 eq 3389 host 10.1.28.36 log access-list 102 remark wsmkraemer01 to RickP2000 access-list 102 deny tcp host 192.168.100.55 host 10.1.1.3 eq 3389 log access-list 102 deny tcp host 192.168.100.55 eq 3389 host 10.1.1.3 log access-list 102 remark wsjstein01 to RDevJaspal access-list 102 deny tcp host 192.168.100.53 host 10.1.28.8 eq 3389 log access-list 102 deny tcp host 192.168.100.53 eq 3389 host 10.1.28.8 log access-list 102 remark wsjstein01 to K2Dev11 access-list 102 deny tcp host 192.168.100.53 host 10.1.28.249 eq 3389 log access-list 102 deny tcp host 192.168.100.53 eq 3389 host 10.1.28.249 log access-list 102 remark wsjstein01 to DevGaraga access-list 102 deny tcp host 192.168.100.53 host 10.1.28.74 eq 3389 log access-list 102 deny tcp host 192.168.100.53 eq 3389 host 10.1.28.74 log access-list 102 remark wsjstein01 to DevMike access-list 102 deny tcp host 192.168.100.53 host 10.1.28.44 eq 3389 log access-list 102 deny tcp host 192.168.100.53 eq 3389 host 10.1.28.44 log access-list 102 remark wsjstein01 to DevKris access-list 102 deny tcp host 192.168.100.53 host 10.1.28.36 eq 3389 log access-list 102 deny tcp host 192.168.100.53 eq 3389 host 10.1.28.36 log access-list 102 remark wsjstein01 to RickP2000 access-list 102 deny tcp host 192.168.100.53 host 10.1.1.3 eq 3389 log access-list 102 deny tcp host 192.168.100.53 eq 3389 host 10.1.1.3 log access-list 102 remark wsrloseke01 to RDevJaspal access-list 102 deny tcp host 192.168.100.51 host 10.1.28.8 eq 3389 log access-list 102 deny tcp host 192.168.100.51 eq 3389 host 10.1.28.8 log access-list 102 remark wsrloseke01 to K2Dev11 access-list 102 deny tcp host 192.168.100.51 host 10.1.28.249 eq 3389 log access-list 102 deny tcp host 192.168.100.51 eq 3389 host 10.1.28.249 log access-list 102 remark wsrloseke01 to DevGaraga access-list 102 deny tcp host 192.168.100.51 host 10.1.28.74 eq 3389 log access-list 102 deny tcp host 192.168.100.51 eq 3389 host 10.1.28.74 log access-list 102 remark wsrloseke01 to DevMike access-list 102 deny tcp host 192.168.100.51 host 10.1.28.44 eq 3389 log access-list 102 deny tcp host 192.168.100.51 eq 3389 host 10.1.28.44 log access-list 102 remark wsrloseke01 to DevKris access-list 102 deny tcp host 192.168.100.51 host 10.1.28.36 eq 3389 log access-list 102 deny tcp host 192.168.100.51 eq 3389 host 10.1.28.36 log access-list 102 remark wsrloseke01 to RickP2000 access-list 102 deny tcp host 192.168.100.51 host 10.1.1.3 eq 3389 log access-list 102 deny tcp host 192.168.100.51 eq 3389 host 10.1.1.3 log access-list 102 deny ip any 192.168.200.0 0.0.0.255 access-list 102 permit ip 192.168.100.0 0.0.0.255 any access-list 103 remark SDM_ACL Category=4 access-list 103 remark IPSec Rule access-list 103 permit ip 192.168.100.0 0.0.0.255 10.1.0.0 0.0.255.255 access-list 104 remark SDM_ACL Category=4 access-list 104 remark IPSec Rule access-list 104 permit ip 192.168.100.0 0.0.0.255 10.1.0.0 0.0.255.255 access-list 105 remark SDM_ACL Category=4 access-list 105 remark IPSec Rule access-list 105 permit ip 192.168.100.0 0.0.0.255 10.1.0.0 0.0.255.255 access-list 106 remark SDM_ACL Category=4 access-list 106 remark IPSec Rule access-list 106 permit ip 192.168.100.0 0.0.0.255 10.1.0.0 0.0.255.255 access-list 107 remark SDM_ACL Category=4 access-list 107 remark IPSec Rule access-list 107 permit ip 192.168.100.0 0.0.0.255 10.1.0.0 0.0.255.255 access-list 108 remark VTY Access-class list access-list 108 remark SDM_ACL Category=1 access-list 108 permit ip 192.168.100.0 0.0.0.255 any access-list 108 remark VPN Access to VTY access-list 108 permit ip 192.168.200.0 0.0.0.255 any access-list 108 deny ip any any access-list 109 remark SDM_ACL Category=4 access-list 109 remark IPSec Rule access-list 109 permit ip 192.168.100.0 0.0.0.255 10.4.1.0 0.0.0.255 access-list 110 remark SDM_ACL Category=4 access-list 110 remark IPSec Rule access-list 110 permit ip 192.168.100.0 0.0.0.255 10.4.1.0 0.0.0.255 access-list 120 remark VPN Connection to E-470 access-list 120 remark SDM_ACL Category=4 access-list 120 remark wsrloseke01 to RickP2000 access-list 120 permit ip host 192.168.100.51 host 10.1.1.3 log access-list 120 remark wsrloseke01 to DevKris access-list 120 permit ip host 192.168.100.51 host 10.1.28.36 log access-list 120 remark wsrloseke01 to DevMike access-list 120 permit ip host 192.168.100.51 host 10.1.28.44 log access-list 120 remark wsrloseke01 to DevGaraga access-list 120 permit ip host 192.168.100.51 host 10.1.28.74 log access-list 120 remark wsrloseke01 to K2Dev11 access-list 120 permit ip host 192.168.100.51 host 10.1.28.249 log access-list 120 remark wsrloseke01 to RDevJaspal access-list 120 permit ip host 192.168.100.51 host 10.1.28.8 log access-list 120 remark wsjstein01 to RickP2000 access-list 120 permit ip host 192.168.100.53 host 10.1.1.3 log access-list 120 remark wsjstein01 to DevKris access-list 120 permit ip host 192.168.100.53 host 10.1.28.36 log access-list 120 remark wsjstein01 to DevMike access-list 120 permit ip host 192.168.100.53 host 10.1.28.44 log access-list 120 remark wsjstein01 to DevGaraga access-list 120 permit ip host 192.168.100.53 host 10.1.28.74 log access-list 120 remark wsjstein01 to K2Dev11 access-list 120 permit ip host 192.168.100.53 host 10.1.28.249 log access-list 120 remark wsjstein01 to RDevJaspal access-list 120 permit ip host 192.168.100.53 host 10.1.28.8 log access-list 120 remark wsmkraemer01 to RickP2000 access-list 120 permit ip host 192.168.100.55 host 10.1.1.3 log access-list 120 remark wsmkraemer01 to DevKris access-list 120 permit ip host 192.168.100.55 host 10.1.28.36 log access-list 120 remark wsmkraemer01 to DevMike access-list 120 permit ip host 192.168.100.55 host 10.1.28.44 log access-list 120 remark wsmkraemer01 to DevGaraga access-list 120 permit ip host 192.168.100.55 host 10.1.28.74 log access-list 120 remark wsmkraemer01 to K2Dev11 access-list 120 permit ip host 192.168.100.55 host 10.1.28.249 log access-list 120 remark wsmkraemer01 to RDevJaspal access-list 120 permit ip host 192.168.100.55 host 10.1.28.8 log access-list 120 remark wsjjohar01 to RickP2000 access-list 120 permit ip host 192.168.100.56 host 10.1.1.3 log access-list 120 remark wsjjohar01 to DevKris access-list 120 permit ip host 192.168.100.56 host 10.1.28.36 log access-list 120 remark wsjjohar01 to DevMike access-list 120 permit ip host 192.168.100.56 host 10.1.28.44 log access-list 120 remark wsjjohar01 to DevGaraga access-list 120 permit ip host 192.168.100.56 host 10.1.28.74 log access-list 120 remark wsjjohar01 to K2Dev11 access-list 120 permit ip host 192.168.100.56 host 10.1.28.249 log access-list 120 remark wsjjohar01 to RDevJaspal access-list 120 permit ip host 192.168.100.56 host 10.1.28.8 log access-list 120 remark wsrgarage01 to RickP2000 access-list 120 permit ip host 192.168.100.57 host 10.1.1.3 log access-list 120 remark wsrgarage01 to DevKris access-list 120 permit ip host 192.168.100.57 host 10.1.28.36 log access-list 120 remark wsrgarage01 to DevMike access-list 120 permit ip host 192.168.100.57 host 10.1.28.44 log access-list 120 remark wsrgarage01 to DevGaraga access-list 120 permit ip host 192.168.100.57 host 10.1.28.74 log access-list 120 remark wsrgarage01 to K2Dev11 access-list 120 permit ip host 192.168.100.57 host 10.1.28.249 log access-list 120 remark wsrgarage01 to RDevJaspal access-list 120 permit ip host 192.168.100.57 host 10.1.28.8 log access-list 130 permit ip 192.168.100.0 0.0.0.255 10.4.1.0 0.0.0.255 no cdp run ! ! route-map SDM_RMAP_1 permit 1 match ip address 102 ! control-plane ! banner login ^CAuthorized access only! Disconnect IMMEDIATELY if you are not an authorized user!^C ! line con 0 no modem enable transport output telnet line aux 0 transport output telnet line vty 0 4 access-class 108 in transport input telnet ssh ! scheduler max-task-time 5000 scheduler allocate 4000 1000 scheduler interval 500 ! webvpn context Default_context ssl authenticate verify all ! no inservice end nldc-router-01(config)#