 

<pre>
Current configuration : 2387 bytes
!
! Last configuration change at 07:08:09 CST Thu Jan 9 2003 by neil
! NVRAM config last updated at 07:09:56 CST Thu Jan 9 2003 by neil
!
version 12.1
no service single-slot-reload-enable
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname nnorman-hm
!
logging buffered 4096 debugging
logging rate-limit console 10 except errors
aaa new-model
aaa authentication login default local
enable password 7 <removed>
!
username neil password 7 <removed>
clock timezone CST -6
clock summer-time CDT recurring
ip subnet-zero
no ip finger
ip name-server 207.65.157.166
ip name-server 207.65.157.167
ip dhcp excluded-address 10.205.205.1 10.205.205.100
!
ip dhcp pool CLIENT
   network 10.205.205.0 255.255.255.0
   default-router 10.205.205.1 
   dns-server 12.153.1.3 207.65.157.166 207.65.157.167 
   lease infinite
!
ip cef
no ip dhcp-client network-discovery
!
!
!-- This crypto stuff is only needed if you are doing a vpn
!
crypto isakmp policy 1
 encr 3des
 hash md5
 authentication pre-share
crypto isakmp key <key removed> address 12.153.8.141
!
!         
crypto ipsec transform-set myset esp-des esp-md5-hmac
!
crypto map vpn local-address BVI1
crypto map vpn 10 ipsec-isakmp   
 set peer 12.153.8.141
 set transform-set myset 
 match address 101
!
bridge irb
!
!
!
interface Ethernet0
 ip address 10.205.205.1 255.255.255.0
 ip nat inside
 no ip mroute-cache
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 8/35 
  encapsulation aal5snap
 !
 bundle-enable
 dsl operating-mode ansi-dmt
 bridge-group 1
 hold-queue 224 in
!
interface BVI1
 mtu 1514
 ip address **put your ip address here** 255.255.255.0
 ip nat outside
 no ip route-cache
 no ip mroute-cache
 crypto map vpn
!
ip classless
ip route 0.0.0.0 0.0.0.0 BVI1
no ip http server
!
!-- You might want to leave these access lists out while troubleshooting the connection
!
ip nat inside source list 102 interface BVI1 overload
access-list 23 permit 206.151.223.105
access-list 23 permit 10.205.205.0 0.0.0.255
access-list 23 permit 12.153.0.0 0.0.7.255
access-list 101 permit ip 10.205.205.0 0.0.0.255 12.153.0.0 0.0.7.255
!-- You do not want traffic going through your IPSec tunnel to get NAT'ed
!-- traffic will source as 10.205.205.0/24 to 12.153.0.0/21 network
access-list 102 deny   ip any 12.153.0.0 0.0.7.255
access-list 102 permit ip 10.205.205.0 0.0.0.255 any
bridge 1 protocol ieee
 bridge 1 route ip
!
line con 0
 transport input none
 stopbits 1
line vty 0 4
 access-class 23 in
!
scheduler max-task-time 5000
sntp server 208.182.75.1
end

nnorman-hm#

</pre>