Building configuration...

Current configuration : 5554 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname CXX-OFFICE
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
no logging monitor
enable secret 5 $1$jVqI$7y9FRgsddK8NFn0/MDlug.
!
aaa new-model
!
!
!
aaa session-id common
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.186.82.1
!
ip dhcp pool CSD
   network 10.186.82.0 255.255.255.0
   default-router 10.186.82.1
   dns-server 10.xxx.xxx.100
!
!
no ip domain lookup
ip domain name yourdomain.com
vpdn enable
!
vpdn-group pppoe
 request-dialin
  protocol pptp
!
!
!
crypto pki trustpoint TP-self-signed-494023030
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-494023030
 revocation-check none
 rsakeypair TP-self-signed-494023030
!
!
crypto pki certificate chain TP-self-signed-494023030
 certificate self-signed 01
  3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 34393430 32333033 30301E17 0D303630 32323130 37313533
  395A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3439 34303233
  30333030 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  B478FCAB 8C1F7B37 0B78BE82 3632E94F 2E3C7EB0 D6D12232 0880A4E6 1ADB2146
  272861F6 EFA01721 F2B5162E 368B97C0 73EA69B0 E414881D 4DA9DDA4 1B27966E
  4DAD48D9 710DEFAD 594EA3F9 54BF7A75 2619BE3C 4FCBC069 50591286 0C1B0A70
  89DFF2F5 72FEC15F ACADB4C8 FDCF75D7 4AD71B8E 97B8D391 F616FF33 D8682097
  02030100 01A37930 77300F06 03551D13 0101FF04 05300301 01FF3024 0603551D
  11041D30 1B821943 53442D4F 46464943 452E796F 7572646F 6D61696E 2E636F6D
  301F0603 551D2304 18301680 1478BAAE 042E1052 FD0102B8 519D31FD 22B9BC3A
  4F301D06 03551D0E 04160414 78BAAE04 2E1052FD 0102B851 9D31FD22 B9BC3A4F
  300D0609 2A864886 F70D0101 04050003 8181007C 10AFC9D5 5B756AD7 4075A820
  217B40A1 D6A70197 9052711E FE71DC85 8A2183F7 0609634B 8171B4BD 76909F3D
  75DFA859 6A2DC48E 6BCF0A79 B43FF8FF 18ECA262 08FD4707 4EBBBFFE 0532D43E
  BB371DB6 DB8D6C43 893F7EEB E02F1BBB 39BDCF3A E1A20E9C 5B327D56 4C951B83
  AAE2F18F 8A836C85 098A5DC7 763E6F6F 71C4B3
  quit
username luo privilege 15 password 7 1514031B17232E
username paul privilege 15 password 7 0709295B00050E1D28405B5C52
username ncc privilege 15 password 7 104A10120D1A1B0715
!
!
!
crypto isakmp policy 10
 authentication pre-share
crypto isakmp key fxxxkey address 61.144.200.20
!
!
crypto ipsec transform-set store esp-des esp-md5-hmac
!
crypto map vpn 10 ipsec-isakmp
 set peer 61.144.200.20
 set transform-set store
 match address 120
!
!
!
!
interface FastEthernet0
 description Link to LAN
 no ip address
 ip virtual-reassembly
 duplex auto
 speed auto
 no keepalive
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 0/35
  pppoe-client dial-pool-number 1
 !
 bundle-enable
 dsl operating-mode auto
 hold-queue 150 in
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-FE 1$
 ip address 10.186.82.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!
interface Dialer1
 ip address negotiated
 ip mtu 1492
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 no cdp enable
 ppp authentication pap callin
 ppp pap sent-username 200000073866 password 7 120D560D4A0E590C736B
 crypto map vpn
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat inside source route-map nonat interface Dialer1 overload
!
access-list 98 permit 10.100.100.29
access-list 98 permit 10.100.101.100
access-list 98 permit 10.100.101.105
access-list 99 permit 10.100.101.0 0.0.0.255
access-list 110 deny ip 10.186.82.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 110 permit ip 10.186.82.0 0.0.0.255 any
access-list 120 permit ip 10.186.82.0 0.0.0.255 10.0.0.0 0.255.255.255

no cdp run
!
route-map nonat permit 10
 match ip address 110
!

!
control-plane
!

!
line con 0
line aux 0
line vty 0 4
 privilege level 15
 password 7 121F0Dsd010209
 transport input telnet ssh
line vty 5 15
 privilege level 15
 transport input telnet ssh
!
end