hostname WA1512
!
username admin password plain admin administrator
!
http-username admin password plain admin administrator
!
ip dhcp-server enable
ip dhcp-server profile default
  default-gateway auto
  dns-server auto
  subnet-mask auto
!
interface GigaEthernet1.0
  ip address 192.168.1.1/24
  ip dhcp-server binding default
  no shutdown
!
interface Loopback0.0
  ip address 127.0.0.1/8
  no shutdown
!
interface MobileEthernet0.0
  ip address dhcp
  ip napt enable
  ip napt reserve icmp
  ip napt reserve udp 500
  ip napt reserve udp 4500
  ip napt reserve esp
  mobile id IP example.net
  mobile username examplename
  mobile password plain example
  auto-connect
  no shutdown
!
interface IPsec0
  ip address unnumbered
  ip tcp adjust-mss auto
  ipsec map ipsec-plof-netg
  no shutdown
!
ip route 10.1.1.0/24 IPsec0
ip route default MobileEthernet0.0
!
proxy-dns ip enable
proxy-dns server default MobileEthernet0.0 dhcp
!
ike proposal ike-pro-netg
  encryption-algorithm aes256-cbc
  authentication-algorithm hmac-sha1
  lifetime 28800
  dh-group 1024-bit
!
ike policy ike-pol-netg
  mode aggressive
  remote-id fqdn NEC
  dpd-keepalive enable ph1
  proposal ike-pro-netg
  pre-shared-key plain secret
  nat-traversal enable keepalive 20
!
ipsec proposal ipsec-pro-netg
  protocol esp enc-algo aes256-cbc auth-algo hmac-sha1-96
  lifetime 28800
!
ipsec policy ipsec-pol-netg
  local-id 192.168.1.0/24
  remote-id 10.1.1.1/32
  rekey enable always
  proposal ipsec-pro-netg
!
ipsec profile ipsec-plof-netg
  mode tunnel
  ipsec policy ipsec-pol-netg
  ike policy ike-pol-netg
  source MobileEthernet0.0
  peer any
!
https-server ip enable
https-server ip permit 192.168.1.0/24
https-server ip redirect enable
!
led vpn ipsec
!