!*******************************************
!modificeret 10-08-2000 af Jesper Skriver <jesper@skriver.dk>
!modificeret 17-06-2001 af Jesper Skriver <jesper@skriver.dk>
!*******************************************
!
no service finger
no service pad
service password-encryption
no service udp-small-servers
no service tcp-small-servers
no cdp run
!
enable secret XXXX
!
ip subnet-zero
no ip source-route
ip name-server 194.239.134.83
ip name-server 193.162.153.164
!
! DHCP server, only in IOS 12.0T, 12.1 or later
!
ip dhcp excluded-address 192.168.1.1 192.168.1.5
!
ip dhcp pool rfc1918
   network 192.168.1.1 255.255.255.0
   default-router 192.168.1.1
   dns-server 194.239.134.83 193.162.153.164
!
ip nat inside source list 40 interface Loopback0 overload
!
ip nat inside source static tcp 192.168.1.4 21 <Customer IP> 21 extendable
ip nat inside source static tcp 192.168.1.4 53 <Customer IP> 53 extendable
ip nat inside source static udp 192.168.1.4 53 <Customer IP> 53 extendable
ip nat inside source static tcp 192.168.1.2 25 <Customer IP> 25 extendable
ip nat inside source static tcp 192.168.1.3 80 <Customer IP> 80 extendable
!
! Default mapping, unknown traffic mapped to 192.168.1.5, can be
! used for services on non-standard ports, eg. netgames etc.
!
ip nat inside source static 192.168.1.5 <Customer IP> extendable
!
interface Loopback0
 ip address <Customer IP> 255.255.255.255
 ip nat outside
!
interface Ethernet0
 no shutdown
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip access-group 101 in
 no ip directed-broadcast
 no ip proxy-arp
 no ip redirect
 ntp disable
!
interface ATM0
 no shutdown
!
interface ATM0.101 point
 no shutdown
 ip unnumbered Loopback0
 ip nat outside
 ip access-group 121 in
 ntp disable
 pvc 0/101 
  encapsulation aal5mux ip
!
ip classless
!
ip route 0.0.0.0 0.0.0.0 atm0.101
!
access-list 40 permit 192.168.1.0 0.0.0.255
!
access-list 121 deny ip 0.0.0.0 0.255.255.255 any
access-list 121 deny ip 127.0.0.0 0.255.255.255 any
access-list 121 deny ip 255.0.0.0 0.255.255.255 any
access-list 121 deny ip host <Customer IP> any
access-list 121 permit ip any any
!
access-list 101 permit udp host 0.0.0.0 any eq bootps
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
!
access-list 10 permit 192.168.1.0 0.0.0.255
!
line con 0
 password XXXX
line vty 0 4
 access-class 10 in
 password XXXX
!
end