here, looks like you've helped plenty of other people...
this router has a bunch of stuff configured, inc port-forwarding to vncserver and http server (the ip nat source static lines), a vpn in (vpdn lines), the interfaces bridged together, etc., let me know if this is too much...
Code:
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname yourhost
!
boot-start-marker
boot-end-marker
!
enable secret 5 md5encryptedpassword
!
aaa new-model
!
!
aaa authentication ppp default local
!
!
aaa session-id common
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 172.17.5.170 172.17.5.174
!
ip dhcp pool yourpool
import all
network networkaddressofdhcppool masktothispool
default-router defaultgateway
!
!
ip domain name yourdomain.com
ip ssh authentication-retries 2
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group vpngroupname
! Default L2TP VPDN group
! Default PPTP VPDN group
accept-dialin
protocol any
virtual-template 1
l2tp tunnel password 7
!
!
!
!
!
username username privilege 15 password 7 cisco7encryptedpassword
username username2 privilege 15 password 7 cisco7encryptedpassword
username vpnuser password 7 7encpassword
!
!
!
bridge irb
!
!
!
interface FastEthernet0
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet1
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet2
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet3
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet4
ip address dhcp
ip nat outside
ip virtual-reassembly
ip tcp adjust-mss 1460
duplex auto
speed auto
!
interface Virtual-Template1
ip unnumbered BVI10
peer default ip address dhcp-pool poolforvpn
ppp encrypt mppe auto required
ppp authentication ms-chap ms-chap-v2 eap chap pap
!
interface Dot11Radio0
no ip address
!
encryption vlan 10 mode ciphers tkip
!
ssid SuperCoffee
vlan 10
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 cisco7encpasswordforwireless
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
no dot11 extension aironet
no cdp enable
!
interface Dot11Radio0.10
encapsulation dot1Q 10
no cdp enable
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 spanning-disabled
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
!
interface Vlan1
no ip address
!
interface Vlan10
no ip address
ip nat inside
ip virtual-reassembly
bridge-group 10
bridge-group 10 spanning-disabled
!
interface BVI10
ip address bridgegroupSVIaddress mask
ip nat inside
ip virtual-reassembly
!
ip local pool vpnpool 192.168.1.1 192.168.1.10
ip route 0.0.0.0 0.0.0.0 dhcp
!
!
no ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source static tcp serverip 5901 interface FastEthernet4 5901
ip nat inside source static udp serverip 5901 interface FastEthernet4 5901
ip nat inside source static tcp serverip 80 interface FastEthernet4 80
!
access-list 1 permit networkaddress wildcard(inverse)masktoyournetworkaddr
no cdp run
!
!
!
!
control-plane
!
bridge 10 route ip
!
line con 0
exec-timeout 5 0
logging synchronous
no modem enable
line aux 0
line vty 0 4
exec-timeout 5 0
password 7 cisco7encpasswd
logging synchronous
transport input ssh
!
scheduler max-task-time 5000
end
host#