crypto ipsec transform-set FirstSet esp-aes esp-sha-hmac
crypto dynamic-map dyn1 1 set transform-set FirstSet
crypto dynamic-map dyn1 1 set reverse-route
crypto map CMAP 1 ipsec-isakmp dynamic dyn1
crypto map CMAP interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
access-list 100 extended permit ip 10.0.0.0 255.0.0.0 any
group-policy tgroup1gp internal
group-policy tgroup1gp attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 100
username cisco password cisco
ip local pool TESTPOOL 192.168.0.1-192.168.0.254
tunnel-group tgroup1 type remote-access
tunnel-group tgroup1 general-attributes
address-pool TESTPOOL
default-group-policy tgroup1gp
tunnel-group tgroup1 ipsec-attributes
pre-shared-key cisco
on client
tgroup1 password cisco
then username cisco password cisco