TestSpoke_Ro1#sh run
Building configuration...

Current configuration : 4567 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname TestSpoke_Ro1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$R9X4$LsGNiVp/r84VYmiiH29/E/
enable password cisco
!
no aaa new-model
!
resource policy
!
!
!
ip cef
!         
!
no ip domain lookup
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW dns
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW https
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW imap
ip inspect name SDM_LOW pop3
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW vdolive
!
!         
!
!
! 
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp policy 2
 encr aes 192
 hash md5
 authentication pre-share
crypto isakmp key <yada yada> address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set DMVPN_Transformset esp-aes 192 esp-md5-hmac 
!
crypto ipsec profile SDM_Profile1
 set transform-set DMVPN_Transformset 
!
!
!         
!
!
interface Tunnel0
 bandwidth 1000
 ip address 176.8.254.150 255.255.255.0
 no ip redirects
 ip mtu 1400
 ip nhrp authentication 7xiIb7NK
 ip nhrp map 176.8.254.2 <backup hub public IP>
 ip nhrp map multicast <backup hub public IP>
 ip nhrp map 176.8.254.1 <primary hub public IP>
 ip nhrp map multicast <primary hub public IP>
 ip nhrp network-id 100000
 ip nhrp holdtime 360
 ip nhrp nhs 176.8.254.1
 ip nhrp nhs 176.8.254.2
 ip tcp adjust-mss 1360
 delay 1000
 tunnel source FastEthernet0
 tunnel mode gre multipoint
 tunnel key 100000
 tunnel protection ipsec profile SDM_Profile1
!         
interface FastEthernet0
 description $FW_OUTSIDE$
 ip address <public IP> 255.255.255.252
 ip access-group 101 in
 ip nat outside
 ip inspect SDM_LOW out
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2
 spanning-tree portfast
!
interface FastEthernet3
 spanning-tree portfast
!
interface FastEthernet4
 spanning-tree portfast
!
interface FastEthernet5
 spanning-tree portfast
!
interface FastEthernet6
 spanning-tree portfast
!
interface FastEthernet7
 spanning-tree portfast
!
interface FastEthernet8
 spanning-tree portfast
!
interface FastEthernet9
 spanning-tree portfast
!
interface Vlan1
 description $FW_INSIDE$
 ip address 176.8.150.2 255.255.255.0
 ip access-group 100 in
 ip nat inside
 ip virtual-reassembly
 standby 1 ip 176.8.150.1
 standby 1 priority 20
 standby 1 preempt
!
interface Async1
 no ip address
 encapsulation slip
!
router eigrp 254
 network 176.8.150.0 0.0.0.255
 network 176.8.254.0 0.0.0.255
 no auto-summary
!
ip default-gateway <ISP Default route>
ip route 0.0.0.0 0.0.0.0 <ISP Default route>
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0 overload
!
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 176.8.150.0 0.0.0.255
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny   ip host 255.255.255.255 any
access-list 100 deny   ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by SDM firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 permit udp any host <primary DMVPN Hub> eq non500-isakmp
access-list 101 permit udp any host <primary DMVPN Hub> eq isakmp
access-list 101 permit esp any host <primary DMVPN Hub> 
access-list 101 permit ahp any host <primary DMVPN Hub> 
access-list 101 permit gre any host <primary DMVPN Hub> 
access-list 101 permit udp any host <secondary DMVPN Hub> eq non500-isakmp
access-list 101 permit udp any host <secondary DMVPN Hub> eq isakmp
access-list 101 permit esp any host <secondary DMVPN Hub> 
access-list 101 permit ahp any host <secondary DMVPN Hub> 
access-list 101 permit gre any host <secondary DMVPN Hub> 
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 permit udp any any eq bootpc
access-list 101 permit udp any any eq bootps
access-list 101 deny   ip 10.0.0.0 0.255.255.255 any log
access-list 101 deny   ip 172.16.0.0 0.15.255.255 any log
access-list 101 deny   ip 192.168.0.0 0.0.255.255 any log
access-list 101 deny   ip 127.0.0.0 0.255.255.255 any log
access-list 101 deny   ip host 255.255.255.255 any log
access-list 101 deny   ip any any log
!
!
!
!
!
!
control-plane
!
!
line con 0
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 login
!
!
webvpn context Default_context
 ssl authenticate verify all
 !        
 no inservice
!
end