hostname WA1512-2
!
username admin password plain admin administrator
!
http-username admin password plain admin administrator
!
ip dhcp-server enable
ip dhcp-server profile default
  default-gateway auto
  dns-server auto
  subnet-mask auto
!
interface GigaEthernet1.0
  ip address 192.168.2.200/24
  ip dhcp-server binding default
  no shutdown
!
interface MobileEthernet0.0
  ip address dhcp
  ip tcp adjust-mss auto 
  ip napt enable
  ip napt reserve icmp
  ip napt reserve udp 500
  ip napt reserve esp
  ip napt reserve udp 4500
  mobile id IP example.net
  mobile username examplename
  mobile password plain example
  auto-connect
  no shutdown
!
interface Loopback0.0
  ip address 127.0.0.1/8
  no shutdown
!
interface IPsec0
  ip address unnumbered
  ip tcp adjust-mss auto
  ipsec map ipsecprof1
  no shutdown
!
ip route default MobileEthernet0.0
ip route 192.168.1.0/24 IPsec0
!
proxy-dns ip enable
proxy-dns server default MobileEthernet0.0 dhcp
!
ike proposal ikeprop1
  encryption-algorithm aes256-cbc
  authentication-algorithm hmac-sha2-256
  lifetime 28800
!
ike policy ikepol1
  mode aggressive
  dpd-keepalive enable ph1 20 3
  local-id key-id testkey
  proposal ikeprop1
  pre-shared-key plain secret
  nat-traversal enable keepalive 20
!
ipsec proposal ipsecprop1
  protocol esp enc-algo aes256-cbc auth-algo hmac-sha2-256
  lifetime 28800
!
ipsec policy ipsecpol1
  local-id 192.168.2.0/24
  remote-id 192.168.1.0/24
  rekey enable always
  proposal ipsecprop1
!
ipsec profile ipsecprof1
  mode tunnel
  ipsec policy ipsecpol1
  ike policy ikepol1
  source MobileEthernet0.0
  peer 100.100.100.100
!
https-server ip enable
https-server ip permit 192.168.2.0/24
https-server ip redirect enable
!
led vpn ipsec
!