!This is the running config of the router: 10.1.0.1
!----------------------------------------------------------------------------
!version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname 2811libera
!
boot-start-marker
boot system flash c2800nm-adventerprisek9-mz.124-13b.bin
boot-end-marker
!
security authentication failure rate 3 log
logging buffered 51200 warnings
logging monitor warnings
enable secret 5 XXXXXXXXXXXXXXXXXXXXXXX
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local 
!
!
aaa session-id common
no ip source-route
ip tcp synwait-time 10
!
!
ip cef
!
!
no ip bootp server
ip domain name yourdomain.com
ip name-server 10.1.0.10
ip name-server 66.28.0.45
ip name-server 66.28.0.61
ip name-server 80.58.0.33
!
multilink bundle-name authenticated
!
!
voice-card 0
 no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-1466972749
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1466972749
 revocation-check none
 rsakeypair TP-self-signed-1466972749
!
!
crypto pki certificate chain TP-self-signed-1466972749
 certificate self-signed 01
  quit
!
!
username admin privilege 15 secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXXXX
!
vlan internal allocation policy ascending
!
class-map type inspect match-all sdm-cls-VPNOutsideToInside-1
 match access-group 104
class-map type inspect match-any SDM_HTTPS
 match access-group name SDM_HTTPS
class-map type inspect match-any SDM_SSH
 match access-group name SDM_SSH
class-map type inspect match-any SDM_SHELL
 match access-group name SDM_SHELL
class-map type inspect match-any sdm-cls-access
 match class-map SDM_HTTPS
 match class-map SDM_SSH
 match class-map SDM_SHELL
class-map type inspect match-any SDM_AH
 match access-group name SDM_AH
class-map type inspect match-any L2TP
 match protocol l2tp
class-map type inspect match-all sdm-cls-trafico-entrada-politica-1
 match class-map L2TP
 match access-group name L2TP
class-map type inspect match-any sdm-cls-insp-traffic
 match protocol cuseeme
 match protocol dns
 match protocol ftp
 match protocol h323
 match protocol https
 match protocol icmp
 match protocol imap
 match protocol pop3
 match protocol netshow
 match protocol shell
 match protocol realmedia
 match protocol rtsp
 match protocol smtp extended
 match protocol sql-net
 match protocol streamworks
 match protocol tftp
 match protocol vdolive
 match protocol tcp
 match protocol udp
class-map type inspect match-all sdm-insp-traffic
 match class-map sdm-cls-insp-traffic
class-map type inspect match-any SDM_ESP
 match access-group name SDM_ESP
class-map type inspect match-any SDM_VPN_TRAFFIC
 match protocol isakmp
 match protocol ipsec-msft
 match class-map SDM_AH
 match class-map SDM_ESP
class-map type inspect match-all SDM_VPN_PT
 match access-group 103
 match class-map SDM_VPN_TRAFFIC
class-map type inspect match-any trafico-entrada
 match protocol syslog
class-map type inspect match-any sdm-cls-icmp-access
 match protocol icmp
 match protocol tcp
 match protocol udp
class-map type inspect match-all sdm-access
 match class-map sdm-cls-access
 match access-group 101
class-map type inspect match-all sdm-icmp-access
 match class-map sdm-cls-icmp-access
class-map type inspect match-all sdm-invalid-src
 match access-group 100
class-map type inspect match-all sdm-protocol-http
 match protocol http
!
!
policy-map type inspect sdm-permit-icmpreply
 class type inspect sdm-icmp-access
  inspect
 class class-default
  pass
policy-map type inspect trafico-entrada-politica
 class type inspect trafico-entrada
  inspect
 class type inspect sdm-cls-trafico-entrada-politica-1
  inspect
 class type inspect sdm-cls-VPNOutsideToInside-1
  pass
 class class-default
policy-map type inspect sdm-inspect
 class type inspect sdm-invalid-src
  drop log
 class type inspect sdm-insp-traffic
  inspect
 class type inspect sdm-protocol-http
  inspect
 class class-default
policy-map type inspect sdm-permit
 class type inspect SDM_VPN_PT
  pass
 class type inspect sdm-access
  drop log
 class class-default
  drop log
!
zone security out-zone
zone security in-zone
zone-pair security sdm-zp-self-out source self destination out-zone
 service-policy type inspect sdm-permit-icmpreply
zone-pair security sdm-zp-out-self source out-zone destination self
 service-policy type inspect sdm-permit
zone-pair security sdm-zp-in-out source in-zone destination out-zone
 service-policy type inspect sdm-inspect
zone-pair security zp-out-in source out-zone destination in-zone
 service-policy type inspect trafico-entrada-politica
! 
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
crypto isakmp key xxxxxxxxxxxxx 195.55.xx.xx
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
!
crypto map SDM_CMAP_1 1 ipsec-isakmp 
 description Tunnel to195.55.xx.xx
 set peer 195.55.xx.xx
 set transform-set ESP-3DES-SHA 
 match address 102
!
!
!
!
!
interface Null0
 no ip unreachables
!
interface FastEthernet0/0
 description $ETH-SW-LAUNCH$$INTF-INFO-FE 0/0$$ETH-LAN$$FW_OUTSIDE$
 ip address 89.140.45.194 255.255.255.240
 ip verify unicast reverse-path
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 ip virtual-reassembly
 zone-member security out-zone
 ip route-cache flow
 ip tcp adjust-mss 1412
 duplex auto
 speed auto
 no mop enabled
 crypto map SDM_CMAP_1
!
interface FastEthernet0/1
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/3/0
!
interface FastEthernet0/3/1
!
interface FastEthernet0/3/2
!
interface FastEthernet0/3/3
!
interface ATM0/2/0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 zone-member security out-zone
 ip route-cache flow
 no atm ilmi-keepalive
 dsl operating-mode auto 
!
interface ATM0/2/0.1 point-to-point
 no snmp trap link-status
 pvc 8/32 
  pppoe-client dial-pool-number 1
 !
!
interface Vlan1
 description $FW_INSIDE$
 ip address 10.1.0.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 zone-member security in-zone
 ip route-cache flow
 ip tcp adjust-mss 1412
!
interface Dialer0
 ip address negotiated
 ip mtu 1452
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname adslppp@telefonicanetpa
 ppp chap password 7 xxxxxxx
 ppp pap sent-username adslppp@telefonicanetpa password 7 xxxxxxxxx
!
ip route 0.0.0.0 0.0.0.0 89.140.45.193 permanent
ip route 0.0.0.0 0.0.0.0 Dialer0 100 permanent
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip http path flash:
ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0/0 overload
ip nat inside source route-map prueba interface Dialer0 overload
!
ip access-list extended L2TP
 remark SDM_ACL Category=128
 permit ip any host 10.1.0.10
ip access-list extended SDM_AH
 remark SDM_ACL Category=1
 permit ahp any any
ip access-list extended SDM_ESP
 remark SDM_ACL Category=1
 permit esp any any
ip access-list extended SDM_HTTPS
 remark SDM_ACL Category=1
 permit tcp any any eq 443
ip access-list extended SDM_SHELL
 remark SDM_ACL Category=1
 permit tcp any any eq cmd
ip access-list extended SDM_SSH
 remark SDM_ACL Category=1
 permit tcp any any eq 22
!
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.1.0.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark SDM_ACL Category=1
access-list 2 permit 10.1.0.0 0.0.0.255
access-list 2 deny   any
access-list 3 remark SDM_ACL Category=2
access-list 3 permit 10.1.0.0 0.0.0.255
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 100 remark SDM_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip 89.140.45.192 0.0.0.15 any
access-list 101 remark SDM_ACL Category=128
access-list 101 permit ip any any
access-list 102 remark SDM_ACL Category=4
access-list 102 remark IPSec Rule
access-list 102 permit ip 10.1.0.0 0.0.0.255 10.100.2.0 0.0.0.255
access-list 103 remark SDM_ACL Category=128
access-list 103 permit ip host 195.55.21.145 any
access-list 104 remark SDM_ACL Category=0
access-list 104 remark IPSec Rule
access-list 104 permit ip 10.100.2.0 0.0.0.255 10.1.0.0 0.0.0.255
access-list 105 remark SDM_ACL Category=2
access-list 105 remark IPSec Rule
access-list 105 deny   ip 10.1.0.0 0.0.0.255 10.100.2.0 0.0.0.255
access-list 105 permit ip 10.1.0.0 0.0.0.255 any
access-list 106 remark VTY Access-class list
access-list 106 remark SDM_ACL Category=1
access-list 106 permit ip 10.1.0.0 0.0.0.255 any
access-list 106 deny   ip any any
dialer-list 1 protocol ip permit
no cdp run
!
!
!
route-map prueba permit 1
 match ip address 105
!
route-map SDM_RMAP_1 permit 1
 match ip address 105
!
!
!
tftp-server flash:P00307020200.bin
tftp-server flash:P00307020200.loads
tftp-server flash:P00307020200.sb2
tftp-server flash:P00307020200.sbn
tftp-server flash:P00403020214.bin
tftp-server flash:/es-tc-sccp.jar alias Spanish_Spain/tc-sccp.jar
tftp-server flash:/g3-tones.xml alias Spain/g3-tones.xml
tftp-server flash:/es-td-sccp.jar alias Spanish_Spain/td-sccp.jar
!
control-plane
!
!
!
voice-port 0/0/0
!
voice-port 0/0/1
!
voice-port 0/1/0
!
voice-port 0/1/1
!
voice-port 0/1/2
!
voice-port 0/1/3
!
!
!
!
!
!
!
!
telephony-service
 load 7910 P00403020214
 load 7960-7940 P00307020200
 max-ephones 20
 max-dn 30
 ip source-address 10.1.0.1 port 2000
 auto assign 1 to 20
 url services http://10.1.0.154/index.asp
 user-locale ES
 user-locale 1 ES
 user-locale 2 ES
 user-locale 3 ES
 user-locale 4 ES
 network-locale ES
 network-locale 1 ES
 network-locale 2 ES
 network-locale 3 ES
 network-locale 4 ES
 time-zone 22
 max-conferences 8 gain -6
 dn-webedit 
 time-webedit 
 transfer-system full-consult
 create cnf-files version-stamp Jan 01 2002 00:00:00
!
!
ephone-dn  1  dual-line
 number 100
 name prueba
!
!
ephone-dn  2  dual-line
 number 101
!
!
ephone-dn  3  dual-line
 number 102
!
!
ephone-dn  4  dual-line
 number 103
!
!
ephone-dn  5  dual-line
 number 104
!
!
ephone-dn  6  dual-line
 number 105
!
!
ephone-dn  7  dual-line
 number 106
!
!
ephone-dn  8  dual-line
 number 107
!
!
ephone-dn  9  dual-line
 number 108
!
!
ephone-dn  10  dual-line
 number 109
!
!
ephone-dn  11  dual-line
 number 110
!
!
ephone-dn  12  dual-line
 number 111
!
!
ephone-dn  13  dual-line
 number 112
!
!
ephone-dn  14  dual-line
 number 113
!
!
ephone-dn  15  dual-line
 number 114
!
!
ephone-dn  16  dual-line
 number 115
!
!
ephone-dn  17  dual-line
 number 116
!
!
ephone-dn  18  dual-line
 number 117
!
!
ephone-dn  19  dual-line
 number 118
!
!
ephone-dn  20  dual-line
 number 119
!
!
ephone  1
 device-security-mode none
 mac-address 0019.306F.7A11
 type 7911
 button  1:1
!
!
!
ephone  2
 no multicast-moh
 device-security-mode none
 mac-address 001B.2A20.1F8B
 type 7970
 button  1:2
!
!
!
ephone  3
 no multicast-moh
 device-security-mode none
!
!
!
ephone  4
 no multicast-moh
 device-security-mode none
!
!
!
ephone  5
 no multicast-moh
 device-security-mode none
!
!
!
ephone  6
 no multicast-moh
 device-security-mode none
!
!
!
ephone  7
 no multicast-moh
 device-security-mode none
!
!
!
ephone  8
 no multicast-moh
 device-security-mode none
!
!
!
ephone  9
 no multicast-moh
 device-security-mode none
!
!
!
ephone  10
 no multicast-moh
 device-security-mode none
!
!
!
ephone  11
 no multicast-moh
 device-security-mode none
!
!
!
ephone  12
 no multicast-moh
 device-security-mode none
!
!
!
ephone  13
 no multicast-moh
 device-security-mode none
!
!
!
ephone  14
 no multicast-moh
 device-security-mode none
!
!
!
ephone  15
 no multicast-moh
 device-security-mode none
!
!
!
ephone  16
 no multicast-moh
 device-security-mode none
!
!
!
ephone  17
 no multicast-moh
 device-security-mode none
!
!
!
ephone  18
 no multicast-moh
 device-security-mode none
!
!
!
ephone  19
 no multicast-moh
 device-security-mode none
!
!
!
ephone  20
 no multicast-moh
 device-security-mode none
!
!
banner login ^CSolo acceso autorizado^C
!
line con 0
 password 7 xxxxxxxxxxx
 login authentication local_authen
 transport output telnet
line aux 0
 password 7 xxxxxxxxxxx
 login authentication local_authen
 transport output telnet
line vty 0 4
 authorization exec local_author
 login authentication local_authen
 transport input telnet ssh
line vty 5 15
 authorization exec local_author
 login authentication local_authen
 transport input telnet ssh
!
scheduler allocate 20000 1000
!
end