hostname WA1512
!
username admin password plain admin administrator
!
http-username admin password plain admin administrator
!
ip dhcp-server enable
ip dhcp-server profile default
  default-gateway auto
  dns-server auto
  subnet-mask auto
!
interface GigaEthernet1.0
  ip address 192.168.2.200/24
  ip dhcp-server binding default
  no shutdown
!
interface MobileEthernet0.0
  ip address dhcp
  ip tcp adjust-mss auto
  ip napt enable
  ip napt reserve icmp
  ip napt reserve esp
  ip napt reserve udp 500
  ip napt reserve udp 4500
  mobile id IP example.net
  mobile username examplename
  mobile password plain example
  auto-connect
  no shutdown
!
interface Loopback0.0
  ip address 127.0.0.1/8
  no shutdown
!
interface IPsec0
  ip address unnumbered
  ip tcp adjust-mss auto
  ipsec map ipsec_prof1
  no shutdown
!
ip route 192.168.1.0/24 IPsec0
ip route default MobileEthernet0.0
!
proxy-dns ip enable
proxy-dns server default MobileEthernet0.0 dhcp
!
ike proposal ike_prop1
  encryption-algorithm aes256-cbc
  authentication-algorithm hmac-sha2-256
  lifetime 28800
!
ike policy ike_pol1
  mode main
  dpd-keepalive enable ph1 20 3
  proposal ike_prop1
  pre-shared-key plain secret
!
ipsec proposal ipsec_prop1
  protocol esp enc-algo aes256-cbc auth-algo hmac-sha2-256
  lifetime 28800
!
ipsec policy ipsec_pol1
  rekey enable always
  proposal ipsec_prop1
!
ipsec profile ipsec_prof1
  mode tunnel
  ipsec policy ipsec_pol1
  ike policy ike_pol1
  peer 100.100.100.100
!
https-server ip enable
https-server ip permit 192.168.2.0/24
https-server ip redirect enable
!
led vpn ipsec
!