Pre-Shared-Key: qGEtEaxKnXwqgwCKSWAP3LcazDG22omCEncryption-Set: AES-SHA es

1. Pre-Shared-Key: qGEtEaxKnXwqgwCKSWAP3LcazDG22omC
2. Encryption-Set: AES-SHA esp-aes esp-sha-hmac
3. IP Address Remote: 93.93.240.137
4. 1-on-1-NAT Source: 10.85.1.0/24 & 10.85.2.0/24
5. 1-on-1-NAT Translation: 10.14.0.0/24
6.  
7. Cisco Example:
8.  
9. crypto isakmp policy 1
10. encr 3des
11. authentication pre-share
12. group 2
13. crypto isakmp key qGEtEaxKnXwqgwCKSWAP3LcazDG22omC address 93.93.240.137
14. !
15. crypto ipsec transform-set 3DES-SHA esp-3des esp-sha-hmac
16. crypto ipsec transform-set AES-SHA esp-aes esp-sha-hmac
17. crypto ipsec transform-set 3DES-SHA-compression esp-3des esp-sha-hmac comp-lzs
18. crypto ipsec transform-set AES-SHA-compression esp-aes esp-sha-hmac comp-lzs
19. !
20. crypto map NIXXIS-VPN 10 ipsec-isakmp
21. set peer 93.93.240.137
22. set transform-set AES-SHA
23. set pfs group2
24. match address NIXXIS-ACL
25. !
26. interface OUTSIDE
27. ip nat outside
28. crypto map NIXXIS-VPN
29. !
30. interface INSIDE
31. ip nat inside
32. !
33. ip nat pool NIXXIS-NAT 10.100.0.1 10.100.0.254 prefix-length 24
34. ip nat inside source route-map NIXXIS-NAT pool NIXXIS-NAT
35. ip nat inside source route-map WORLD interface OUTSIDE overload
36. !
37. ip access-list extended NIXXIS-ACL
38. permit ip 10.100.0.0 0.0.0.255 93.93.240.224 0.0.0.15
39. permit ip 10.100.0.0 0.0.0.255 host 93.93.240.156
40. !
41. access-list 100 permit ip 10.85.2.0 0.0.0.255 93.93.240.224 0.0.0.15
42. access-list 100 permit ip 10.85.2.0 0.0.0.255 host 93.93.240.156
43. access-list 101 permit ip 10.85.2.0 0.0.0.255 any
44. !
45. route-map WORLD permit 10
46. match ip address 101
47. !
48. route-map NIXXIS-NAT permit 10
49. match ip address 100