UC520#sh run Building configuration... Current configuration : 70152 bytes ! ! Last configuration change at 23:16:38 AEST Wed Jun 24 2009 by cisco ! NVRAM config last updated at 18:02:49 AEST Wed Jun 24 2009 ! version 12.4 parser config cache interface no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption service internal service compress-config service sequence-numbers ! hostname UC520 ! boot-start-marker boot system flash uc500-advipservicesk9-mz.124-24.T.bin boot-end-marker ! card type e1 0 3 logging message-counter syslog logging buffered 100000 logging console informational ! aaa new-model ! ! aaa group server radius uccserver server 192.168.6.3 auth-port 1645 acct-port 1646 ! aaa authentication login default local aaa authentication login sdm_vpn_xauth_ml_1 local aaa authorization exec default local aaa authorization network sdm_vpn_group_ml_1 local aaa accounting update newinfo aaa accounting connection h323 action-type start-stop broadcast group uccserver ! ! ! aaa session-id common clock timezone AEST 10 clock summer-time AEST recurring 1 Sun Oct 2:00 1 Sun Apr 3:00 network-clock-participate wic 3 network-clock-select 1 E1 0/3/0 ! crypto pki trustpoint TP-self-signed-1341401272 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1341401272 revocation-check none rsakeypair TP-self-signed-1341401272 ! ! crypto pki certificate chain TP-self-signed-1341401272 certificate self-signed 01 3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 31333431 34303132 3732301E 170D3038 30393137 30383338 33375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33343134 30313237 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100C950 EB0E77DF C4177D41 C039C8D9 1283D21B 3CF3C580 834F52A3 DCDA3097 CADDA742 2DD4FD65 C3FC6BC7 673F24B8 9DEA0C02 3811156F DC9D2628 7743CB98 8C2B2BA7 05F649F5 0A612D4B ACF0215E 06C04E91 9B85E9B6 BE9F6109 AC4D810F 8CF49583 3A05CBA6 B4326638 79813B9C A9E30DE9 33F797AD FDA39A62 3D77EBEC F1B90203 010001A3 72307030 0F060355 1D130101 FF040530 030101FF 301D0603 551D1104 16301482 12554335 32302E61 64636F6E 2E636F6D 2E617530 1F060355 1D230418 30168014 726FBFA3 F9853629 FFB20B20 959A4A78 760D91EC 301D0603 551D0E04 16041472 6FBFA3F9 853629FF B20B2095 9A4A7876 0D91EC30 0D06092A 864886F7 0D010104 05000381 8100A552 91089D6F 95438BB5 E63DE328 8B58DCD4 DCE8E2BA F4658FF7 95652469 69C358BE AEE94B07 4DAF7F56 06F67DD3 1CB9666E 2D6EFE25 7B3E7E07 A38FD374 39E2A640 11918999 5E1E0A90 E57B3934 75B4A890 F26073E1 DE1FE125 126BE4B5 9BF40B81 68BEE528 E7524D96 59E4648B A180A0EA 17FAC508 0102F1DA 89703E28 EF1E quit dot11 syslog ip source-route ip cef ! ! ip dhcp relay information trust-all ip dhcp excluded-address 10.1.1.1 10.1.1.10 ip dhcp excluded-address 192.168.6.1 192.168.6.10 ip dhcp excluded-address 192.168.3.1 192.168.3.10 ip dhcp excluded-address 192.168.4.1 192.168.4.10 ip dhcp excluded-address 192.168.5.1 192.168.5.10 ! ip dhcp pool phone network 10.1.1.0 255.255.255.0 default-router 10.1.1.1 option 150 ip 10.1.1.1 ! ip dhcp pool data import all network 192.168.6.0 255.255.255.0 default-router 192.168.6.10 dns-server 192.168.6.1 192.231.203.132 192.231.203.3 ! ip dhcp pool cvadhcp network 192.168.3.0 255.255.255.0 domain-name cva.local dns-server 192.168.3.1 192.168.3.1 default-router 192.168.3.1 ! ip dhcp pool cvaall network 192.168.4.0 255.255.255.0 domain-name cva.local default-router 192.168.3.1 dns-server 192.168.3.1 ! ip dhcp pool acsall network 192.168.5.0 255.255.255.0 domain-name acs.local dns-server 192.168.6.1 default-router 192.168.6.10 ! ! ip domain name adcon.com.au ip name-server 192.231.203.132 ip name-server 192.231.203.3 ip inspect name SDM_LOW cuseeme ip inspect name SDM_LOW dns ip inspect name SDM_LOW ftp ip inspect name SDM_LOW h323 ip inspect name SDM_LOW https ip inspect name SDM_LOW icmp ip inspect name SDM_LOW imap ip inspect name SDM_LOW pop3 ip inspect name SDM_LOW netshow ip inspect name SDM_LOW rcmd ip inspect name SDM_LOW realaudio ip inspect name SDM_LOW rtsp ip inspect name SDM_LOW esmtp ip inspect name SDM_LOW sqlnet ip inspect name SDM_LOW streamworks ip inspect name SDM_LOW tftp ip inspect name SDM_LOW tcp ip inspect name SDM_LOW udp router-traffic timeout 300 ip inspect name SDM_LOW vdolive no ipv6 cef ntp master ntp server 192.231.203.132 ! ! stcapp ccm-group 1 stcapp ! stcapp feature access-code ! ! ! voice-card 0 ! fax interface-type fax-mail mta send server 192.168.6.1 port 25 mta send subject Fax from UC500 mta send with-subject both mta send postmaster administrator@adcon.com.au mta send mail-from hostname uc520.adcon.com.au mta send mail-from username $s$ mta send return-receipt-to hostname adcon.com.au mta send return-receipt-to username administrator mta receive aliases adcon.com.au mta receive aliases srv01.adcon.com.au mta receive aliases mail.adcon.com.au mta receive aliases 192.168.6.1 mta receive maximum-recipients 10 mta receive generate permanent-error ! application service onramp flash:app_faxmail_onramp.2.0.1.3.tcl ! ! ! ! ! ! crypto isakmp policy 1 encr aes 256 authentication pre-share group 2 ! crypto isakmp policy 2 encr 3des authentication pre-share group 2 ! crypto isakmp client configuration group EZVPN_GROUP_1 pool EZVPN_POOL_1 max-users 10 ! ! crypto ipsec transform-set ESP_AES_SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP_3DES_SHA esp-3des esp-sha-hmac ! crypto dynamic-map SDM_DYNMAP_1 1 set transform-set ESP_AES_SHA ESP_3DES_SHA reverse-route ! ! crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_1 crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_1 crypto map SDM_CMAP_1 client configuration address respond crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1 ! archive log config logging enable logging size 600 hidekeys ! ! controller E1 0/3/0 pri-group timeslots 1-31 process-max-time 50 ! ip tftp source-interface Loopback0 ! translation-rule 1500 Rule 1 96232500 405 ! gw-accounting aaa ! gw-accounting syslog ! ! ! interface Loopback0 description $FW_INSIDE$ ip address 10.1.10.2 255.255.255.252 ip access-group 101 in ip nat inside ip virtual-reassembly ! interface FastEthernet0/0 description $ETH-WAN$ no ip address ip virtual-reassembly duplex auto speed auto pppoe enable group global pppoe-client dial-pool-number 1 ! interface Integrated-Service-Engine0/0 ip unnumbered Loopback0 ip nat inside ip virtual-reassembly service-module ip address 10.1.10.1 255.255.255.252 service-module ip default-gateway 10.1.10.2 ! interface FastEthernet0/1/0 switchport voice vlan 100 macro description cisco-phone spanning-tree portfast ! interface FastEthernet0/1/1 switchport voice vlan 100 macro description cisco-phone spanning-tree portfast ! interface FastEthernet0/1/2 switchport voice vlan 100 macro description cisco-phone spanning-tree portfast ! interface FastEthernet0/1/3 switchport voice vlan 100 macro description cisco-phone spanning-tree portfast ! interface FastEthernet0/1/4 switchport mode trunk macro description cisco-switch ! interface FastEthernet0/1/5 switchport voice vlan 100 macro description cisco-phone spanning-tree portfast ! interface FastEthernet0/1/6 switchport voice vlan 100 macro description cisco-phone spanning-tree portfast ! interface FastEthernet0/1/7 switchport voice vlan 100 macro description cisco-phone spanning-tree portfast ! interface FastEthernet0/1/8 switchport mode trunk macro description cisco-switch ! interface Serial0/3/0:15 no ip address ip nat inside ip virtual-reassembly encapsulation hdlc isdn switch-type primary-net5 isdn incoming-voice voice isdn bchan-number-order ascending trunk-group isdn_out no cdp enable ! interface Vlan1 description $FW_INSIDE$ ip address 192.168.6.10 255.255.255.0 ip access-group 102 in ip nat inside ip virtual-reassembly ip tcp adjust-mss 1412 ! interface Vlan2 description $FW_INSIDE$ ip address 192.168.5.10 255.255.255.0 ip access-group 104 in ip nat inside ip virtual-reassembly ip tcp adjust-mss 1412 ! interface Vlan3 description $FW_INSIDE$ ip address 192.168.3.10 255.255.255.0 ip access-group 107 in ip nat inside ip virtual-reassembly ip tcp adjust-mss 1412 ! interface Vlan4 description $FW_INSIDE$ ip address 192.168.4.10 255.255.255.0 ip access-group 108 in ip nat inside ip virtual-reassembly ip tcp adjust-mss 1412 ! interface Vlan100 description $FW_INSIDE$ ip address 10.1.1.1 255.255.255.0 ip access-group 103 in ip nat inside ip virtual-reassembly ip tcp adjust-mss 1412 ! interface Dialer0 description $FW_OUTSIDE$ ip address negotiated ip access-group 109 in ip mtu 1452 ip flow ingress ip nat outside ip inspect SDM_LOW out ip virtual-reassembly encapsulation ppp dialer pool 1 dialer-group 1 ppp authentication chap pap callin ppp chap hostname adcon@internode.on.net ppp chap password 0 zvmbcd5sb ppp pap sent-username adcon@internode.on.net password 0 zvmbcd5sb crypto map SDM_CMAP_1 ! ip local pool EZVPN_POOL_1 192.168.7.10 192.168.7.20 ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 Dialer0 ip route 10.1.10.1 255.255.255.255 Integrated-Service-Engine0/0 ip flow-cache timeout active 1 ip flow-export source Dialer0 ip flow-export version 5 ip flow-export destination 150.101.157.97 2055 ! ! ! ! line con 0 no modem enable line aux 0 line 2 no activation-character no exec transport preferred none transport input all line vty 5 100 ! end