config ! !!!!! NORMAL CONFIGURATION ! hostname VPN1 timezone PST 8 PDT ! int e 0 ip address 45.210.16.1 255.255.255.0 ip mtu 1500 mode red bandwidth 10 int e 1 ip address 45.210.50.116 255.255.255.0 ip mtu 1500 mode black bandwidth 10 int a 0 shutdown ip address 0.0.0.0 0.0.0.0 encapsulation ppp ip mtu 1500 mtu 2048 mode red bandwidth 115200 keepalive 0 chat "" idle-timeout 10 chat-timeout 30 compression off ppp-authentication pap bridge 0.0.0.0 0.0.0.0 ! ip route 45.210.15.0 255.255.255.0 45.210.50.115 ip route 45.210.5.0 255.255.255.0 45.210.50.105 ip route 45.210.20.0 255.255.255.0 45.210.50.120 ip route 45.210.17.0 255.255.255.0 45.210.50.117 ip route 45.210.19.0 255.255.255.0 45.210.50.119 ip route 45.210.2.0 255.255.255.0 45.210.50.102 ip route 45.210.9.80 255.255.255.255 45.210.50.109 ip route 45.210.14.0 255.255.255.0 45.210.50.114 ip route 45.210.4.80 255.255.255.255 45.210.50.104 ip route 45.210.18.80 255.255.255.255 45.210.50.118 ip route 45.210.11.0 255.255.255.0 45.210.50.111 ip default-gateway 45.210.50.1 ! key-pair-life 365 secure-profile freeswan encapsulation v2-esp authentication key ike-group 1 aggressive-mode off perfect-forward-secrecy off esp-authentication hmac-md5 ah none algorithm 3des crypto-period 720 kbyte-limit 0 compression off secure-profile cisco encapsulation v2-esp authentication key ike-group 1 aggressive-mode off perfect-forward-secrecy off esp-authentication hmac-md5 ah none algorithm des crypto-period 720 kbyte-limit 20480 compression off secure-profile ipsecphrase encapsulation v2-esp authentication key ike-group 1 aggressive-mode off perfect-forward-secrecy off esp-authentication hmac-md5 ah none algorithm des crypto-period 720 kbyte-limit 0 compression off secure-profile interdyn encapsulation v2-esp authentication key ike-group 1 aggressive-mode off perfect-forward-secrecy off esp-authentication hmac-sha1 ah none algorithm des crypto-period 720 kbyte-limit 0 compression off ! encryptor 45.210.50.120 negotiation master no mode red profile freeswan net-include 45.210.16.0 255.255.255.0 auth-key ******** encryptor 45.210.50.111 negotiation master no mode red profile ipsecphrase net-include 45.210.16.0 255.255.255.0 auth-key ******** encryptor 45.210.50.102 negotiation master no mode red profile ipsecphrase net-include 45.210.16.0 255.255.255.0 auth-key ******** encryptor 45.210.50.114 negotiation master no mode red profile ipsecphrase net-include 45.210.16.0 255.255.255.0 auth-key ******** encryptor 45.210.50.115 negotiation master no mode red profile ipsecphrase net-include 45.210.16.0 255.255.255.0 auth-key ******** encryptor 45.210.50.104 negotiation master no mode red profile ipsecphrase net-include 45.210.16.80 255.255.255.255 auth-key ******** encryptor 45.210.50.105 negotiation master no mode red profile cisco net-include 45.210.16.0 255.255.255.0 auth-key ******** encryptor 45.210.50.117 negotiation master no mode red profile ipsecphrase net-include 45.210.16.0 255.255.255.0 auth-key ******** encryptor 45.210.50.118 negotiation master no mode red profile ipsecphrase net-include 45.210.16.80 255.255.255.255 auth-key ******** encryptor 45.210.50.119 negotiation master no mode red profile ipsecphrase net-include 45.210.16.0 255.255.255.0 auth-key ******** encryptor 45.210.50.109 negotiation master no mode red profile ipsecphrase net-include 45.210.16.80 255.255.255.255 auth-key ******** ! filter allowout destination 0.0.0.0 0.0.0.0 all source 45.210.16.0 255.255.255.0 all protocol all action permit min-proxy-timeout 5 max-proxy-timeout 240 ! ! ca 0.0.0.0 10027 certificate vpn1512 512 certificate vpn11024 1024 certificate vpn12048 2048 renew-cert 21 update-crl 24 caname Shiva-CA ca-auth-key ******** ! ace-master 0.0.0.0 5500 ace-slave 0.0.0.0 5500 ! radius-prim-auth-ip 0.0.0.0 1645 radius-prim-auth-key ********** radius-sec-auth-ip 0.0.0.0 1645 radius-prim-acct-ip 0.0.0.0 1646 radius-sec-acct-ip 0.0.0.0 1646 ! syslog destination host syslog facility 4 syslog priority all 7 ! entrust-manager 0.0.0.0 709 entrust-directory 0.0.0.0 389 entrust-refnum 0 entrust-auth-code ! manager admin ******** full manager-allow red max-telnet 2 console-timeout 20 telnet-timeout 5 ! end