!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RRight
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$hYAu$gSGXsHKvm6EYQ2JHdSyi10
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
 log config
  hidekeys
! 
!
crypto isakmp policy 1
 encr 3des
 hash md5
 authentication pre-share
 lifetime 3600
crypto isakmp key cryptopass address 172.16.10.1
!
!
crypto ipsec transform-set MYSET esp-3des esp-md5-hmac 
!
crypto map CRYPTOMAP1 1 ipsec-isakmp 
 set peer 172.16.10.1
 set transform-set MYSET 
 match address CRYPTO_ACL
!
!
!
!
!
!
!
interface Loopback0
 description Local network
 ip address 192.168.2.1 255.255.255.0
!
interface Loopback1
 description Tunnel termination
 ip address 172.16.20.3 255.255.255.255
!
interface Tunnel1
 ip address 192.168.3.2 255.255.255.252
 keepalive 5 3
 tunnel source 172.16.20.3
 tunnel destination 172.16.10.1
!
interface FastEthernet0/0
 description IC to NATRouter f0/1
 ip address 192.168.4.2 255.255.255.252
 speed 100
 full-duplex
 crypto map CRYPTOMAP1
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
router eigrp 100
 network 192.168.2.0
 network 192.168.3.0 0.0.0.3
 no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.4.1
!
!
ip http server
no ip http secure-server
!
ip access-list extended CRYPTO_ACL
 permit gre host 172.16.20.3 host 172.16.10.1
 deny   ip any any
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
line vty 5 15
 password cisco
 login
!
!
end