version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PIA-GATEWAY
!
boot-start-marker
boot-end-marker
!
logging buffered 524288 notifications
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization console
aaa authorization exec default local if-authenticated 
!
!
!
aaa session-id common
!
!
!
!
dot11 syslog
ip source-route
!
!
ip cef
!
!
ip domain name PIA.LOCAL
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO2811 sn FTX1050A2A1
username cisco privilege 15 secret 5 $1$gRnO$HnHoNUxUslZI2HZS.M8Ke1
!
redundancy
!
!
pseudowire-class PIA_L2TP
 encapsulation l2tpv2
 ip local interface FastEthernet0/0
!
! 
!         
crypto isakmp policy 10
 encr aes 256
 authentication pre-share
 group 5
crypto isakmp key mysafety address 108.61.152.251
!
!
crypto ipsec transform-set ESP-AES256-SHA1 esp-aes 256 esp-sha-hmac 
 mode transport
!
crypto map PIA_VPN 10 ipsec-isakmp 
 set peer 108.61.152.251
 set transform-set ESP-AES256-SHA1 
 match address PIA_EAST_US
!
!
interface FastEthernet0/0
 description ### PUBLIC OUTSIDE FACING INTERFACE ###
 ip address 73.41.232.21 255.255.255.0
 duplex auto
 speed auto
 crypto map PIA_VPN
!
!
interface FastEthernet0/1
 description ### PRIVATE INSIDE FACING INTERFACE ###
 ip address 192.168.0.250 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
!
interface Virtual-PPP1
 description Tunnel to PIA EAST US
 ip address negotiated
 ip nat outside
 ip virtual-reassembly
 ppp eap refuse
 ppp chap hostname x4108222
 ppp chap password 0 8Mz1wHg1C3
 ppp ipcp address accept
 no cdp enable
 pseudowire 108.61.152.251 1 pw-class PIA_L2TP
!
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list NAT interface Virtual-PPP1 overload
ip route 0.0.0.0 0.0.0.0 Virtual-PPP1
ip route 108.61.152.251 255.255.255.255 73.41.232.1
!
ip access-list standard NAT
 permit 172.0.0.0 0.31.255.255
!
ip access-list extended PIA_EAST_US
 permit udp host 73.41.232.21 eq 1701 host 108.61.152.251 eq 1701
!
ip access-list extended VTY_ACCESS
 permit tcp 192.168.0.0 0.0.255.255 any eq 22
!
!
!
!
control-plane
 !
!
!
line con 0
line aux 0
line vty 0 4
 access-class VTY_ACCESS in
 transport input ssh
!
scheduler allocate 20000 1000
end