! NVRAM config last updated at 09:04:46 UTC Thu Feb 15 2007 by admin ! version 12.

4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname cisco877ftc ! boot-start-marker boot-end-marker ! enable secret 5 $1$UIDN$pHyk1FAPMPCeRQVConb.h/ ! aaa new-model ! ! aaa authentication login default local aaa authorization network RemoteVPN local ! aaa session-id common ! resource policy ! ip cef ! ! ! ! ip domain name [removed].gov.uk ip inspect name ios-fw cuseeme timeout 3600 ip inspect name ios-fw ftp timeout 3600 ip inspect name ios-fw realaudio timeout 3600 ip inspect name ios-fw smtp timeout 3600 ip inspect name ios-fw udp timeout 15 ip inspect name ios-fw tcp timeout 3600 ip inspect name ios-fw h323 timeout 3600 ! ! ! username admin password 0 [removed] ! ! ! crypto isakmp policy 10 encr 3des hash md5 authentication pre-share group 2 ! crypto isakmp client configuration group RemoteVPN key [removed] dns 172.31.1.62 wins 172.31.1.62 domain [removed].gov.uk pool rvpnpool ! ! crypto ipsec transform-set TRANSFORM1 esp-3des esp-md5-hmac

! crypto dynamic-map dynmap 10 set transform-set TRANSFORM1 ! ! crypto map MYSET isakmp authorization list RemoteVPN crypto map MYSET client configuration address respond crypto map MYSET 101 ipsec-isakmp dynamic dynmap ! ! ! ! interface ATM0 no ip address no atm ilmi-keepalive pvc 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 ! dsl operating-mode auto ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 description VLAN2-WLAN-DMZ switchport access vlan 2 ! interface Vlan1 ip address 172.31.1.1 255.255.255.0 ip access-group 122 in ip nat inside ip inspect ios-fw in ip virtual-reassembly ! interface Vlan2 ip address 192.168.0.254 255.255.255.0 ip access-group 133 in ip nat inside ip inspect ios-fw in ip virtual-reassembly ! interface Dialer1 ip address negotiated ip access-group 111 in ip nat outside ip virtual-reassembly encapsulation ppp dialer pool 1 dialer-group 1 ppp authentication chap callin ppp chap hostname [removed]@hg40.btclick.com ppp chap password 0 [removed] crypto map MYSET ! ip local pool rvpnpool 172.16.1.1 172.16.1.254 ip route 0.0.0.0 0.0.0.0 Dialer1

! ! no ip http server no ip http secure-server ip nat inside source list 102 interface Dialer1 overload ip nat inside source static tcp 172.31.1.62 25 1.1.1.1 25 extendable ! access-list 102 deny ip 172.31.1.0 0.0.0.255 172.16.1.0 0.0.0.255 access-list 102 permit ip 172.31.1.0 0.0.0.255 any access-list 102 permit ip 192.168.0.0 0.0.0.255 any access-list 111 permit ip 172.16.1.0 0.0.0.255 172.31.1.0 0.0.0.255 access-list 111 permit tcp any host 1.1.1.1 eq smtp access-list 111 permit tcp any host 1.1.1.1 eq 22 access-list 111 permit icmp any any echo access-list 111 permit icmp any any echo-reply access-list 111 permit udp any any eq isakmp access-list 111 permit udp any any eq non500-isakmp access-list 111 permit esp any any access-list 111 deny ip any any access-list 122 permit ip 172.31.1.0 0.0.0.255 any access-list 133 permit ip 192.168.0.0 0.0.0.255 any dialer-list 1 protocol ip permit ! ! ! ! control-plane ! ! line con 0 no modem enable line aux 0 line vty 0 4 transport input ssh ! scheduler max-task-time 5000 ntp server 81.5.136.18 ! webvpn context Default_context ssl authenticate verify all ! no inservice ! end cisco877ftc#