hostname wa1510
!
username admin password plain admin administrator
!
http-username admin password plain admin administrator
!
ip access-list sec-list permit ip src any dest any
!
bridge ieee enable
!
ppp profile pppoeprof
    authentication username user@example.net
    authentication password plain example
!
ip dhcp-server enable
ip dhcp-server profile default
  assignable-range 192.168.1.10 50
  default-gateway auto
  dns-server auto
  subnet-mask auto
!
interface GigaEthernet1.0
  ip address 192.168.1.100/24
  bridge ieee 1
  ip dhcp-server binding default
  no shutdown
!
interface L2TP0
  l2tp encapsulation l2tpv3
  l2tp source Loopback0.0
  l2tp peer 10.0.0.2
  bridge ieee 1
  no shutdown
!
interface Loopback0.0
  ip address 10.0.0.1/32
  no shutdown
!
interface GigaEthernet0.0
  no ip address
  encapsulation PPPoE0
  no shutdown
!
interface PPPoE0
  ip address ipcp
  ip tcp adjust-mss auto
  ppp profile pppoeprof
  auto-connect
  ip napt enable
  ip napt reserve icmp
  ip napt reserve esp
  ip napt reserve udp 500
  ip napt reserve udp 4500
  no shutdown
!
interface IPsec0
  ip address unnumbered
  ipsec map ipsecprof1
  ip tcp adjust-mss auto
  no shutdown
!
ip route 10.0.0.2/32 IPsec0
ip route default PPPoE0
!
proxy-dns ip enable
proxy-dns server default PPPoE0 ipcp
!
ike proposal ikeprop
  encryption-algorithm aes256-cbc
  authentication-algorithm hmac-sha2-256
!
ike policy ikepol1
  mode main
  dpd-keepalive enable ph1 20 3
  proposal ikeprop
  pre-shared-key plain secret
!
ipsec proposal ipsecprop
  protocol esp enc-algo aes256-cbc auth-algo hmac-sha2-256
  lifetime 28800
!
ipsec policy ipsecpol
  match sec-list
  rekey enable always
  proposal ipsecprop
!
ipsec profile ipsecprof1
  mode tunnel
  ipsec policy ipsecpol
  ike policy ikepol1
  source PPPoE0
  peer 200.200.200.200
!