hostname WA1512-2
!
username admin password plain admin administrator
!
http-username admin password plain admin administrator
!
ip dhcp-server enable
ip dhcp-server profile default
  default-gateway auto
  dns-server auto
  subnet-mask auto
!
interface GigaEthernet1.0
  ip address 192.168.2.200/24
  ip dhcp-server binding default
  no shutdown
!
interface MobileEthernet0.0
  ip address dhcp
  ip tcp adjust-mss auto
  ip napt enable
  ip napt reserve icmp
  ip napt reserve esp
  ip napt reserve udp 500
  ip napt reserve udp 4500
  mobile id IP example.jp
  mobile username user@example.com
  mobile password plain example
  auto-connect
  no shutdown
!
interface Loopback0.0
  ip address 127.0.0.1/8
  no shutdown
!
interface IPsec0
  ip address unnumbered
  ipsec map ipsecprof1
  ip tcp adjust-mss
  no shutdown
!
ip route default MobileEthernet0.0
ip route 192.168.1.0/24 IPsec0
!
proxy-dns ip enable
proxy-dns server default MobileEthernet0.0 dhcp
!
ike proposal ikeprop1
  encryption-algorithm aes256-cbc
  authentication-algorithm hmac-sha2-256
  lifetime 28800 
!
ike policy ikepol1
  mode aggressive
  local-id key-id testkey
  proposal ikeprop1
  pre-shared-key plain secret
  nat-traversal enable keepalive 20
!
ipsec proposal ipsecprop1
  protocol esp enc-algo aes256-cbc auth-algo hmac-sha2-256
  lifetime 28800
!
ipsec policy ipsecpol1
  local-id 192.168.2.0/24
  remote-id 192.168.1.0/24
  rekey enable always
  proposal ipsecprop1 
!
ipsec profile ipsecprof1
  mode tunnel
  ipsec policy ipsecpol1
  ike policy ikepol1
  source MobileEthernet0.0
  peer ix2106.example.nmddns.jp
!
https-server ip enable
https-server ip permit 192.168.2.0/24
https-server ip redirect enable
!
led vpn ipsec
!