Using 4348 out of 131072 bytes ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname ATIAM06-RTNC ! boot-start-marker boot-end-marker ! logging buffered 52000 ! no aaa new-model ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 ! crypto isakmp policy 2 encr aes authentication pre-share group 2 crypto isakmp key 1A347283EF54A295E8R7C address 83.167.156.106 ! crypto ipsec security-association lifetime seconds 86400 ! crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-AES-MD5 esp-aes esp-md5-hmac ! crypto map SDM_CMAP_1 1 ipsec-isakmp description Tunnel to83.167.156.106 set peer 83.167.xxx.xxx set transform-set ESP-3DES-SHA ESP-AES-MD5 match address 100 ! ! crypto pki trustpoint tti revocation-check crl rsakeypair tti ! crypto pki trustpoint TP-self-signed-3190170283 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3190170283 revocation-check none rsakeypair TP-self-signed-3190170283 ! ! crypto pki certificate chain tti crypto pki certificate chain TP-self-signed-3190170283 certificate self-signed 01 nvram:IOS-Self-Sig#8.cer ip cef ! ! ip domain name atiam06.atiam.local ip name-server 217.15.80.4 ip name-server 217.15.88.4 ! ! ! username neopix privilege 15 secret 5 $1$7Dw2$nM4luii/0azv4Iz21Ggp41 archive log config hidekeys ! ! ! ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 description $ETH-WAN$ ip address 83.167.xxx.xxx 255.255.255.248 ip nat outside ip virtual-reassembly ip tcp adjust-mss 1460 duplex auto speed auto crypto map SDM_CMAP_1 ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$ ip address 192.168.4.254 255.255.255.0 ip helper-address 192.168.6.1 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1460 ! ip route 0.0.0.0 0.0.0.0 83.167.156.113 permanent ! ip http server ip http access-class 23 ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source route-map SDM_RMAP_1 interface FastEthernet4 overload ! access-list 1 remark INSIDE_IF=Vlan1 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 192.168.4.0 0.0.0.255 access-list 100 remark SDM_ACL Category=4 access-list 100 remark IPSec Rule access-list 100 permit ip 192.168.4.0 0.0.0.255 192.168.6.0 0.0.0.255 access-list 100 permit icmp 192.168.4.0 0.0.0.255 192.168.6.0 0.0.0.255 access-list 100 permit icmp any any echo access-list 100 permit icmp any any echo-reply access-list 100 permit icmp any any traceroute access-list 100 permit icmp any any packet-too-big access-list 100 permit icmp any any parameter-problem access-list 100 permit icmp any any source-quench access-list 101 remark SDM_ACL Category=2 access-list 101 deny icmp 192.168.4.0 0.0.0.255 192.168.6.0 0.0.0.255 access-list 101 remark IPSec Rule access-list 101 deny ip 192.168.4.0 0.0.0.255 192.168.6.0 0.0.0.255 access-list 101 permit ip 192.168.4.0 0.0.0.255 any access-list 101 permit icmp any any unreachable access-list 101 permit icmp any any time-exceeded access-list 101 deny icmp any any access-list 101 permit ip any any no cdp run ! ! route-map SDM_RMAP_1 permit 1 match ip address 101 ! ! control-plane ! banner login ^CCC ----------------------------------------------------------------------- Cisco Router and Security Device Manager (SDM) is installed on this device. This feature requires the one-time use of the username "cisco" with the password "cisco". The default username and password have a privilege le vel of 15. Please change these publicly known initial credentials using SDM or the IOS CLI. Here are the Cisco IOS commands. username privilege 15 secret 0 no username cisco Replace and with the username and password you want to use . For more information about SDM please follow the instructions in the QUICK START GUIDE for your router or go to http://www.cisco.com/go/sdm ----------------------------------------------------------------------- ^C ! line con 0 login local no modem enable line aux 0 line vty 0 4 privilege level 15 login local transport input telnet ssh ! scheduler max-task-time 5000 ! webvpn cef end