Here's the config...
Edge#sh run
Building configuration...
Current configuration : 6914 bytes
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname Edge
boot-start-marker
boot-end-marker
security authentication failure rate 2 log
security passwords min-length 6
logging count
logging userinfo
logging buffered 64000 debugging
enable secret 5 $1$PG24$m5c0/VGE18Jm886VHOP77/
aaa new-model
aaa authentication login my_vpn_xauth local
aaa authorization network my_vpn_group local
aaa session-id common
resource policy
clock timezone cst -6
clock summer-time cst recurring 1 Sun Apr 2:00 1 Sun Nov 2:00
no network-clock-participate slot 1
no network-clock-participate wic 0
no ip source-route
ip cef
ip tcp synwait-time 10
ip tcp intercept list 151
no ip dhcp use vrf connected
no ip bootp server
ip domain name directly_connected.com
ip host BigSwitch 10.7.8.5
ip host TAS 192.168.3.2
ip host BAS 192.168.2.2
ip host IPPlus 192.168.69.2
ip host printer 10.0.0.2
ip host ftp 10.69.69.1
ip host vpn1 192.168.4.98
ip host vpn2 192.168.4.99
ip host comp 192.168.5.2
ip ddns update method xxxxx
HTTP
add
interval maximum 28 0 0 0
username xxxxxxxxxx privilege 15 secret 5 $1$ljnu$dGj873pY4XnIBJY1RtcU2.
username xxxxxxxxxx privilege 0 secret 5 $1$kgI6$fDw.Hxfjq5CdEh1fc8tdb/
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp client configuration group xxxxxxxx
key xxxxxxxxxxxxx
pool vpn_pool_1
max-users 2
netmask 255.255.255.0
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map vpn_dynmap_1 1
set transform-set ESP-3DES-SHA
reverse-route
crypto map vpn_cmap_1 client authentication list my_vpn_xauth
crypto map vpn_cmap_1 isakmp authorization list my_vpn_group
crypto map vpn_cmap_1 client configuration address respond
crypto map vpn_cmap_1 65535 ipsec-isakmp dynamic vpn_dynmap_1
interface Null0
no ip unreachables
interface Loopback0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
interface ATM0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
interface ATM0/0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
pvc 0/35
oam-pvc manage
pppoe-client dial-pool-number 1
interface FastEthernet0/0
description $FW_INSIDE$
no ip address
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat inside
ip virtual-reassembly
ip route-cache flow
shutdown
duplex auto
speed auto
no mop enabled
interface Serial0/1
description Frame Relay$FW_INSIDE$
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
encapsulation frame-relay
ip route-cache flow
no fair-queue
interface Serial0/1.1 point-to-point
ip address 192.168.3.1 255.255.255.252
ip nat inside
ip virtual-reassembly
frame-relay interface-dlci 102 IETF
interface Dialer0
description $FW_OUTSIDE$
ip ddns update xxxxx
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
rate-limit input access-group 110 256000 1500 2000 conform-action transmit exceed-action drop
encapsulation ppp
ip route-cache flow
ip tcp adjust-mss 1452
no ip mroute-cache
dialer pool 1
dialer-group 1
ppp authentication pap chap callin
ppp chap hostname xxxxxxxxxxxxxxxx
ppp chap password xxxxxxxxxxxxxxxx
ppp pap sent-username xxxxxxxxxxxxxx password xxxxxxxxxxxxxxxxx
ppp ipcp dns request
ppp ipcp wins request
crypto map vpn_cmap_1
interface Dialer1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
ip local pool vpn_pool_1 192.168.4.98 192.168.4.99
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 10.0.0.0 255.0.0.0 192.168.3.2
ip route 192.168.2.0 255.255.255.252 192.168.3.2
ip route 192.168.5.0 255.255.255.0 192.168.3.2
ip route 192.168.68.0 255.255.255.0 192.168.3.2
ip route 192.168.69.0 255.255.255.252 192.168.3.2
ip http server
ip http authentication local
no ip http secure-server
ip nat inside source route-map vpn_map_shit interface Dialer0 overload
ip nat inside source static tcp 10.69.69.1 21 interface Dialer0 21
logging dmvpn
logging history warnings
logging trap debugging
logging 10.12.16.67
access-list 1 permit 10.0.0.0 0.255.255.255
access-list 101 permit ip 192.168.3.0 0.0.0.3 any
access-list 101 permit ip 192.168.2.0 0.0.0.3 any
access-list 101 permit ip 192.168.69.0 0.0.0.3 any
access-list 101 permit ip 192.168.5.0 0.0.0.255 any
access-list 101 permit ip 10.0.0.0 0.255.255.255 any
access-list 102 deny ip 10.0.0.0 0.255.255.255 any
access-list 102 deny ip 172.16.0.0 0.15.255.255 any
access-list 102 deny ip 192.168.0.0 0.0.255.255 any
access-list 102 remark prevent_RFC1918_as_source
access-list 102 permit ip any any
access-list 112 remark rate_limit_ftp
access-list 112 permit tcp any host 10.69.69.1 eq ftp
access-list 113 remark prevent_ftp_to_LAN
access-list 151 permit ip any host 192.168.5.2
dialer-list 1 protocol ip permit
no cdp run
route-map vpn_map_shit permit 1
match ip address 101
control-plane
banner motd ^C _________-----_____
_____------ __ ----_
___---- ___------ \
----________ ---- \
-----__ | _____)
__- / \
_______----- ___-- \ /)\
------_______ ---____ \__/ /
-----__ \ -- _ /\
--__--__ \_____/ \_/\
----| / |
| |___________|
| | ((_(_)| )_)
| \_((_(_)|/(_)
\ (
\_____________)
!!!!!Uh oh...better turn back around there, boy...I log all hacking attempts!!!!!! ^C
line con 0
password xxxxxxxxxxxxxxxxxxxxx
logging synchronous
line aux 0
line vty 0 4
password xxxxxxxxxxxxxxxxxxxxx
transport input ssh
scheduler allocate 4000 1000
ntp clock-period 17180367
ntp server 64.113.32.5 source Dialer0
end
sh ip route...
Edge>sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
69.x.x.x/32 is subnetted, 1 subnets
C 69.x.x.x is directly connected, Dialer0
S 192.168.5.0/24 [1/0] via 192.168.3.2
S 10.0.0.0/8 [1/0] via 192.168.3.2
S 192.168.68.0/24 [1/0] via 192.168.3.2
192.168.69.0/30 is subnetted, 1 subnets
S 192.168.69.0 [1/0] via 192.168.3.2
192.168.2.0/30 is subnetted, 1 subnets
S 192.168.2.0 [1/0] via 192.168.3.2
151.x.x.x/32 is subnetted, 1 subnets
C 151.x.x.x is directly connected, Dialer0
192.168.3.0/30 is subnetted, 1 subnets
C 192.168.3.0 is directly connected, Serial0/1.1
S* 0.0.0.0/0 is directly connected, Dialer0
Any clues??? Thanks.
Burt