Building configuration...

Current configuration : 5707 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
service sequence-numbers
!
hostname router851
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
!
no aaa new-model
!
resource policy
!
clock timezone PCTime 2
ip subnet-zero
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1 192.168.0.9
ip dhcp excluded-address 192.168.0.150 192.168.0.254
!
ip dhcp pool sdm-pool1
   import all
   network 192.168.0.0 255.255.255.0
   dns-server 195.14.130.170 195.14.130.220 
   default-router 192.168.0.1 
   domain-name MYCOMPANY.com
!
!
ip cef
ip tcp synwait-time 10
no ip bootp server
ip domain name MYCOMPANY.com
ip name-server 195.14.130.170
ip name-server 195.14.130.220
ip ssh time-out 60
ip ssh authentication-retries 2
!
username xxxxx  privilege 15 secret yyyyyyyyyyy
!
! 
!
crypto isakmp policy 10
 encr 3des
 authentication pre-share
 group 2
crypto isakmp key MYPRIVATEKEY address BB.BB.BB.BB
!
!
crypto ipsec transform-set myset esp-3des esp-sha-hmac 
!
crypto map mymap 10 ipsec-isakmp 
 set peer BB.BB.BB.BB
 set transform-set myset 
 match address vpn-control-list
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
 ip address AA.AA.AA.AC 255.255.255.240
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 ip virtual-reassembly
 ip route-cache flow
 duplex auto
 speed auto
 crypto map mymap
!
interface Vlan1
 ip address 192.168.0.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1452
!
ip classless
ip route 0.0.0.0 0.0.0.0 AA.AA.AA.AD
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list natted-traffic interface FastEthernet4 overload
ip nat inside source static tcp 192.168.0.160 6017 AA.AA.AA.AB 6017 extendable
ip nat inside source static tcp 192.168.0.160 10061 AA.AA.AA.AB 10061 extendable
!
ip access-list extended natted-traffic
 deny   ip host AA.AA.AA.AB host BB.BB.BB.BD
 deny   ip host AA.AA.AA.AB host BB.BB.BB.BE
 permit ip 192.168.0.0 0.0.0.255 any
ip access-list extended vpn-control-list
 permit ip host AA.AA.AA.AB host BB.BB.BB.BD
 permit ip host AA.AA.AA.AB host BB.BB.BB.BE
!
logging trap debugging
no cdp run
!
control-plane
!
line con 0
 login local
 no modem enable
 transport output telnet
line aux 0
 login local
 transport output telnet
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end