var aaa_Data= ' \naaa group server radius client_authen_grp_aaa\nserver-private client_radius_aaa auth-port client_auth_port acct-port client_acct_port key client_radius_shared_aaa_key\nip radius source spoke_871_881\n\n\n\n';

var authproxy_Data= ' \n!!!\n!!!!!AUTH PROXY!!!!!\n!!!\naaa authentication login default local group client_authen_grp_aaa\naaa authorization auth-proxy default group client_authen_grp_aaa\nip admission max-login-attempts 6\n!\nip http server\nip http authentication aaa\nno ip http secure-server\nip admission name pxy proxy http inactivity-time 1440 list auth_proxy_acl\n!\nip radius source-interface spoke_871_881\nradius-server retransmit 3\nradius-server authorization permit missing Service-Type\n!\n! --- Auth-Proxy ACL -----------\nno ip access-list extended auth_proxy_acl\nip access-list extended auth_proxy_acl\n !!!Auth Proxy deny list\n !\n\n! --- Auth-Proxy Inbound ACL -----------\nno ip access-list extended auth_proxy_inbound_acl\nip access-list extended auth_proxy_inbound_acl\n! Allow access to certain protcols\n permit tcp 10.1.1.0 0.0.0.255 host 10.1.1.1\n permit udp any any eq bootps\n permit udp any any eq domain\n permit udp any any eq netbios-ns\n permit udp any any eq netbios-dgm\n permit udp any any eq 5445\n permit tcp any any eq 5060\n permit tcp any any eq 5061\n permit tcp any any eq 2000\n permit tcp any any eq 2443\n permit udp any any eq tftp\n !!!Auth Proxy inbound ACL\n';

var bottomEvents_Data= ' \nevent manager applet cert\nevent timer countdown time 12\n action a1 cli command "enable"\n action a2 cli command "config t"\n action a21 cli command "int vlan 1"\n action a22 cli command "no ip address"\n action a3 cli command "crypto pki enroll tti"\n action a4 cli command "int spoke_871_881"\n !!!Auth proxy action\n action a5 cli command "shut"\n exit\n \nevent manager applet tunnels\n event syslog pattern "Certificate received from Certificate Authority"\n action a1 cli command "enable"\n action a2 cli command "conf t"\n action a3 cli command "int spoke_wan_interface"\n action a4 cli command "crypto ipsec client ezvpn client_ipsec_mmgt_name"\n !!!Add EZVPN Primary hub cli command\n action a6 cli command "crypto pki trustpoint tti"\n action a7 cli command "auto-enroll 70"\n \nevent manager applet email-admin\n event syslog pattern "Line protocol on Interface Loopback10000, changed state to up"\n action a1 cli command "enable"\n action a11 cli command "config t"\n !!!Dot1x dependent configs for interfaces\n action a16 cli command "interface spoke_871_881"\n action a17 cli command "no shut"\n action a2 cli command "int ra f corpStart - guestEnd"\n action a21 cli command "shut"\n action a22 cli command "switchport voice vlan 11"\n !!!Dot1x action\n action a28 cli command "no shut"\n action a29 cli command "end"\n action a3 syslog msg "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"\n action a31 syslog msg "! Self-destructing EEM scripts !"\n action a32 syslog msg "!         Goodbye              !"\n action a33 syslog msg "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"\n action a4 cli command "conf t"\n action a41 cli command "no event manager applet cert"\n action a42 cli command "no event manager applet tunnels"\n action a5 cli command "kron policy-list test"\n action a51 cli command "cli write"\n action a52 cli command "kron occurrence test in 1"\n action a53 cli command "policy-list test"\n action a6 cli command "int spoke_wan_interface"\n action a61 cli command "shut"\n action a62 cli command "no shut"\n action a63 cli command "no event manager applet email-admin"\n exit';

var ce_Data= ' \n!! CE !!\nip host CE_Hostname CE_IP_Address\ncns trusted-server all-agents CE_Hostname\ncns event CE_Hostname source 10.1.1.1\ncns config partial CE_Hostname source 10.1.1.1\ncns exec source 10.1.1.1\ncns image server http://CE_Hostname/cns/HttpMsgDispatcher status http://CE_Hostname/cns/HttpDispatcher';

var client_Data= ' \nusername client_local_user privilege 15 secret 0 client_local_passwd\nenable secret client_enable_pwd\nvlan 20\nstate active\n!!!Spoke 881 off change 1\n\n\n\nvlan 11\nstate active\n!!!Create vlan 10 for 881\nint vlan20\nint vlan 1\n !!!Spoke 881 off change 2\nexit\n!!!Spoke 881 off change 3\n!\nservice password-encryption\npassword encryption aes\n!\nclock timezone CVOTime sdp_timezone_diff\nclock summer-time sdp_summer_time_zone recurring\n!\nip domain name sdp_domain_name\n!\nntp server sdp_wan_ip burst iburst\nntp server sdp_ntp burst iburst\n!!!Additional NTP Servers\n!\nno service password-recovery\nyes\n\n\nhostname $n\naaa new-model\n\n!!!AAA Data\naaa authentication login default local\naaa authorization exec default local\n\nno ip http access-class 23\n\ncrypto pki trustpoint $l\n enrollment url http://sdp_wan_ip:8000\n rsakeypair $k $s\n serial-number\n subject-name OU=sdp_isa_client_grp\n revocation-check none\n password none\n ip-address none\n \n$c\n\ncrypto isakmp keepalive 20 5\ncrypto isakmp nat keepalive 20\n\naaa session-id common\n\ninterface Virtual-Template1 type tunnel\n description Management Virtual-Tunnel\n no ip address\n tunnel mode ipsec ipv4\n\n \n!!!Add EZVPN Primary hub interface\n\nexit\n\ncrypto ipsec client ezvpn client_ipsec_mmgt_name\n connect auto\n mode client\n peer sdp_wan_ip\n virtual-interface 1\n \n!!!Add EZVPN Primary hub ipsec client \n\nip dhcp pool client_dhcp_pool_name\n import all\n network 10.1.1.0 255.255.255.0\n dns-server sdp_dns\n domain-name sdp_domain_name\n default-router 10.1.1.1\n !!!Add Call Manager IP\n \nip dhcp pool guest_pool\n   import all\n   network 192.168.20.0 255.255.255.0\n   dns-server 208.67.222.222\n   default-router 192.168.20.1\n\nip dhcp pool voice\n network 10.20.20.0 255.255.255.248\n domain-name sdp_domain_name\n dns-server sdp_dns\n default-router 10.20.20.1\n !!!Add Call Manager IP\n\nno ip dhcp pool sdm-pool\nno ip dhcp excluded-address 10.10.10.1\nip dhcp excluded-address 10.1.1.1\n \n!!! Firewall Rules\nno ip inspect name DEFAULT100\nip inspect name firewall tcp router-traffic\nip inspect name firewall udp router-traffic\nip inspect name firewall realaudio\nip inspect name firewall rtsp\nip inspect name firewall tftp\nip inspect name firewall ftp\nip inspect name firewall h323\nip inspect name firewall netshow\nip inspect name firewall streamworks\nip inspect name firewall esmtp\nip inspect name firewall skinny\nip inspect name firewall sip\nip inspect name firewall sip-tls\n!\nip access extended allow_skinny_acl\n permit udp any any range bootps bootpc\n permit icmp any host 10.20.20.1\n permit udp any any eq domain\n permit udp any any eq tftp\n permit tcp any any eq 2000\n permit udp any any range 24576 24656\n permit udp any any eq 5445\n permit udp any any range 2326 2373\n !!!Additional Voice Servers\n deny ip any any log\n \ncdp run\n!\ninterface range FastEthernet corpStart - guestEnd\n cdp enable\n spanning-tree portfast\n \nint spoke_wan_interface\n ip nat outside\n ip access-group client_fw_acl in\n ip virtual-reassembly\n duplex auto\n speed auto\n  \n!\nint Vlan1\n desc Corporate Access\n! no ip address\n no ip access in\n no autostate\n !!!Spoke 881 off change 4\n !!!Spoke 881 off change 5\n\ninterface Vlan20\n description Guest Access\n ip address 192.168.20.1 255.255.255.0\n ip inspect firewall in\n no ip access in\n no autostate\n ip nat inside\n \nip inspect name voice skinny\nip inspect name voice sip\nip inspect name voice sip-tls\nip inspect name voice h323\nip inspect name voice tft\nip inspect name voice dns\n\n! Adding a voice VLAN\n! The voice VLAN has an ACL that allows only skinny\nint Vlan11\n description Voice VLAN\n ip address 10.20.20.1 255.255.255.0\n ip access allow_skinny_acl in\n ip inspect voice in\n ip nbar protocol-discovery\n no autostate\n crypto ipsec client ezvpn client_ipsec_mmgt_name inside\n !!!Add EZVPN Primary hub ipsec nat\n\nint spoke_871_881\n description Corporate Access\n ip address 10.1.1.1 255.255.255.0\n no ip redirects\n no ip unreachables\n ip proxy-arp\n ip nbar protocol-discovery\n ip nat inside\n ip inspect firewall in\n ip tcp adjust-mss 1360\n crypto ipsec client ezvpn client_ipsec_mmgt_name inside\n !!!Add EZVPN Primary hub ipsec nat\n \n\n!\nno access 1\nno access 23\nno access 100\nno access 101\n\nip access-list extended client_nat_acl\n !!!Add 10 subnet\n permit ip 192.168.20.0 0.0.0.255 any\n \nno ip nat inside source list 1 interface spoke_wan_interface overload\n ip nat inside source list client_nat_acl interface spoke_wan_interface overload\n\nalias exec c config ter\nalias exec r sho runn\nalias exec rr sho runn brief\nalias exec i sh ip int brie\nalias exec ss sh cry isa sa\nalias exec scr sh run | beg crypto isakmp|ipsec\nalias exec v sh ver\n!\n!!!! WAN firewall\n!\nip access-list extended client_fw_acl\n permit esp any any\n permit udp any any eq isakmp\n permit udp any eq isakmp any\n permit udp any eq non500-isakmp any\n permit udp host sdp_ntp eq ntp any\n permit udp host sdp_wan_ip eq ntp any\n !!!Additional NTP Servers ACL\n !!!Allow SSH\n permit udp any any eq bootpc\n permit udp any any eq domain\n permit icmp any any\n permit tcp host sdp_wan_ip any\n deny  ip any any\n\n!!!\n!!!!!!QoS!!!!!!\n!!!\nip access-list extended isakmp_acl\n permit udp any any eq isakmp\n!\nip access-list extended voice_acl\n permit udp any any range 24576 24656\n!\nip access-list extended non_voip_traffic_acl\n permit ip any any\n!\nip access-list extended video_acl\n permit udp any any eq 5445\n permit udp any any range 2326 2373\n!\nclass-map match-any call-setup\n match ip dscp cs3\n match ip precedence 3\nclass-map match-any internetwork-control\n match access-group name isakmp_acl\n match ip precedence 6\n match ip precedence 7\nclass-map match-any voice\n match access-group name voice_acl\n match ip precedence 5\nclass-map match-any routing\n match protocol eigrp\nclass-map match-all discover_signaling\n match protocol skinny\nclass-map match-all discover_video\n match protocol rtp video\nclass-map match-all discover_voip\n match protocol rtp audio\nclass-map match-any video\n match access-group name video_acl\n match ip dscp af41\n match ip precedence 4\nclass-map match-all non_voip\n match access-group name non_voip_traffic_acl\n\n policy-map mark_incoming_traffic\n class discover_signaling\n  set dscp cs3\n class discover_video\n  set dscp af41\n class discover_voip\n  set dscp ef\n class non_voip\n  set dscp default\n!\npolicy-map voice_and_video\n class voice\n  bandwidth 128\n class call-setup\n  priority percent 5\n class internetwork-control\n  priority percent 5\n class routing\n  priority percent 5\n class video\n  priority 384\n class class-default\n  fair-queue\n  random-detect\npolicy-map shaper\n  class class-default\n    shape average 750000 7500\n     service-policy voice_and_video\n!\nint spoke_871_881\n ip nbar protocol-discovery\n service-policy input mark_incoming_traffic\n \n interface vlan11\n service-policy input mark_incoming_traffic\n!\ninterface virtual-template1\n service-policy output shaper\n!!!Add EZVPN Primary hub virtual interface 2 qos command\n!!!Policy based routing\n\nip tftp source-interface spoke_871_881';

var dot1x_Data= ' \n!!!\n!!!!!!802.1x!!!!!\n!!!\naaa authentication dot1x default group client_authen_grp_aaa\naaa authorization network default group client_authen_grp_aaa\n!\n! Enable dot1x feature globally\ndot1x system-auth-control\n!\n \n';

var dot1x_dependent_Data= ' \n action a12 cli command "int range fa corpStart - corpEnd"\n action a13 cli command "!!!Spoke 881 on change"\n action a14 cli command "int range fa guestStart - guestEnd"\n action a15 cli command "switchport access vlan 20"';

var ezvpn_Data= ' \n\nenable\nconf t\nclock timezone CVOTime sdp_timezone_diff\nclock summer-time sdp_summer_time_zone recurring\nend\n!!!Clock set\nconfigure terminal\n!\ninterface ezvpn_router\n ip address ezvpn_wan_ip ezvpn_wan_netmask\n ip virtual-reassembly\n duplex auto\n speed auto\n no shut\n!\nip route 0.0.0.0 0.0.0.0 ezvpn_default_gw\n!\n\n!\nhostname ezvpn_hostname\n!\nenable secret ezvpn_enable\n!\naaa new-model\n!\n!\naaa authentication login default local\naaa authorization network default local\n!\n!\nntp server sdp_ntp burst iburst\n!\nip domain name sdp_domain_name\n!\ncrypto pki trustpoint ezvpn_pki_trustpt_name\n enrollment url http://sdp_wan_ip:8000\n serial-number\n ip-address none\n password none\n auto-enroll 70\n!\nusername ezvpn_local_username privilege 15 password ezvpn_local_passwd\n!\nservice password-encryption\npassword encryption aes\n!\ncrypto isakmp policy 1\n encr ezvpn_isakmp_encr ezvpn_isakmp_key_len\n group ezvpn_isakmp_key_grp\ncrypto isakmp keepalive 10\n!\ncrypto isakmp client configuration group sdp_isa_client_grp\n dns sdp_dns\n domain sdp_domain_name\n pool ezvpn_dhcp_pool_name\n !!!EZVPN Management ACL Ref\n \n !\ncrypto isakmp profile ezvpn_isa_prof_name\n   ca trust-point ezvpn_pki_trustpt_name\n   match identity group sdp_isa_client_grp\n   isakmp authorization list default\n   client configuration address respond\n   virtual-template 1\n!\n!\ncrypto ipsec transform-set ezvpn_ipsec_xform_set ezvpn_ipsec_encr ezvpn_ipsec_key_len ezvpn_ipsec_hash\n!\ncrypto ipsec profile ezvpn_ipsec_prof_name\n set transform-set ezvpn_ipsec_xform_set\n!\n!\ninterface Virtual-Template1 type tunnel\n description Corporate data-traffic Virtual-Tunnel\n ip unnumbered ezvpn_router\n ip virtual-reassembly\n tunnel mode ipsec ipv4\n tunnel protection ipsec profile ezvpn_ipsec_prof_name\n!\nip local pool ezvpn_dhcp_pool_name ezvpn_tunnel_start ezvpn_tunnel_end\n!\n!!!EZVPN Mmgt ACL Content\n!\n!!!Additional NTP Servers\n!\n\ncrypto pki authenticate ezvpn_pki_trustpt_name\nyes\n!\n!\n!\ncrypto pki enroll ezvpn_pki_trustpt_name\nend\nwr mem\n';

var policyBased_Data= ' \n!!! Policy-based routing is configured to support guest vlan\ntrack 100 interface spoke_wan_interface ip routing\ninterface spoke_wan_interface\nip dhcp client route track 100\n\nip access-list extended guest_acl\n  permit ip 192.168.20.0 0.0.0.255 any\n\nroute-map policy_route_map permit 10\n match ip address guest_acl\n set ip next-hop dynamic dhcp\n\nint vlan 20\n ip policy route-map policy_route_map';

var qos_Data= ' \n!!!\n!!!!!!QoS!!!!!!\n!!!\nip access-list extended isakmp_acl\n permit udp any any eq isakmp\n!\nip access-list extended voice_acl\n permit udp any any range 24576 24656\n!\nip access-list extended non_voip_traffic_acl\n permit ip any any\n!\nip access-list extended video_acl\n permit udp any any eq 5445\n permit udp any any range 2326 2373\n!\nclass-map match-any call-setup\n match ip dscp cs3\n match ip precedence 3\nclass-map match-any internetwork-control\n match access-group name isakmp_acl\n match ip precedence 6\n match ip precedence 7\nclass-map match-any voice\n match access-group name voice_acl\n match ip precedence 5\nclass-map match-any routing\n match protocol eigrp\nclass-map match-all discover_signaling\n match protocol skinny\nclass-map match-all discover_video\n match protocol rtp video\nclass-map match-all discover_voip\n match protocol rtp audio\nclass-map match-any video\n match access-group name video_acl\n match ip dscp af41\n match ip precedence 4\nclass-map match-all non_voip\n match access-group name non_voip_traffic_acl\n!\n policy-map mark_incoming_traffic\n class discover_signaling\n  set dscp cs3\n class discover_video\n  set dscp af41\n class discover_voip\n  set dscp ef\n class non_voip\n  set dscp default\n!\npolicy-map voice_and_video\n class voice\n  bandwidth 128\n class call-setup\n  priority percent 5\n class internetwork-control\n  priority percent 5\n class routing\n  priority percent 5\n class video\n  priority 384\n class class-default\n  fair-queue\n  random-detect\npolicy-map shaper\n  class class-default\n    shape average 750000 7500\n     service-policy voice_and_video\n!\n interface spoke_871_881\n ip nbar protocol-discovery\n service-policy input mark_incoming_traffic\n!\ninterface FastEthernet4\n service-policy output shaper\n';

var sdp_Data= ' \n\nenable\n!!!Make cert directory\nconf t\nclock timezone CVOTime sdp_timezone_diff\nclock summer-time sdp_summer_time_zone recurring\nend\n!!!Clock set\nconfigure terminal\n!\n!\nhostname sdp_hostname\n!\nenable secret sdp_enable\n!\nip http server\n!\naaa new-model\n!\n!\naaa authentication login default local\naaa authorization network default local\n!\ninterface sdp_router\n ip address sdp_wan_ip sdp_wan_netmask\n ip virtual-reassembly\n duplex auto\n speed auto\n no ip access-group in\n no shut\n!\nip route 0.0.0.0 0.0.0.0 sdp_default_gw\nno ip http access-class\n!\n!\n!\nntp server sdp_ntp burst iburst\n! Setting the server as a temporary NTP server at a low stratum so that it\n! gets updated when it is connected to the internet\nntp master 3\n!\nip domain name sdp_domain_name\n!\ncrypto pki trustpoint sdp_pki_trustpt_name\n enrollment url http://sdp_wan_ip:8000\n serial-number\n password none\n ip-address none\n rsakeypair sdp_pki_server_name 1024\n auto-enroll 70\n!\n!\nusername sdp_local_username privilege 15 password 0 sdp_local_password\n!\nservice password-encryption\npassword encryption aes\n!\ncrypto provisioning registrar\n pki-server sdp_pki_server_name\n template http welcome sdp_otherTemplates2-sdp_welcome.html\n template http completion sdp_otherTemplates4-sdp_completion.html\n template http introduction sdp_otherTemplates3-sdp_introduction.html\n template http start sdp_otherTemplates1-sdp_start.html\n template http error sdp_otherTemplatessdp_error.html\n template config sdp_tftp_path\n !!!Template config credentials\n authentication list default\n authorization list default\n!\n!\ncrypto isakmp policy 1\n encr sdp_isakmp_encr sdp_isakmp_key_len\n group sdp_isakmp_key_grp\ncrypto isakmp keepalive 10\n!\ncrypto isakmp client configuration group sdp_isa_client_grp\n dns sdp_dns\n domain sdp_domain_name\n pool sdp_dpool\n !!!SDP Management ACL\n \n !\ncrypto isakmp profile sdp_isa_prof_name\n   ca trust-point sdp_pki_trustpt_name\n   match identity group sdp_isa_client_grp\n   isakmp authorization list default\n   client configuration address respond\n   virtual-template 1\n!\n!\ncrypto ipsec transform-set sdp_ipsec_xform_set sdp_ipsec_xform_encr sdp_ipsec_key_len sdp_ipsec_hash\n!\ncrypto ipsec profile sdp_ipsec_prof_name\n set transform-set sdp_ipsec_xform_set\n!\ninterface Virtual-Template1 type tunnel\n description Corporate data-traffic Virtual-Tunnel\n ip unnumbered sdp_router\n ip virtual-reassembly\n tunnel mode ipsec ipv4\n tunnel protection ipsec profile sdp_ipsec_prof_name\n!\n!!!Database access credentials\nip local pool sdp_dpool sdp_tunnel_start sdp_tunnel_end\n!\n!\n!!!SDP Mmgt ACL Content\n!!!Additional NTP Servers\n!\n\nevent manager applet enroll\n event syslog pattern "Certificate server now enabled."\n action a1 cli command "enable"\n action a2 cli command "config t"\n action a3 cli command "ip http secure-server"\n action a4 cli command "ip http port 8000"\n action a5 cli command "ip http secure-trustpoint sdp_pki_trustpt_name"\n action a6 cli command "crypto pki authenticate sdp_pki_trustpt_name" pattern "yes/no"\n action a7 cli command "yes"\n action a8 cli command "crypto pki enroll sdp_pki_trustpt_name"\n ac a81 cl com "crypto pki server sdp_pki_server_name"\n ac a82 cl com "shut"\n ac a83 cl com " no grant auto"\n ac a84 cl com "grant auto trustpoint sdp_pki_trustpt_name"\n ac a85 cl com "no shut"\n action a87 cli command "no event manager applet enroll"\n action a9 cli command "end"\n \ncrypto pki server sdp_pki_server_name\n database archive pkcs12 password sdp_pki_passwd\n grant auto\n database level complete \n auto-rollover 3\n database url sdp_cert_path\n \n issuer-name cn=sdp_pki_cert_orgzn,o=sdp_pki_cert_orgzn\n no shut\n\n\n\nend\n\nwr mem\n\n';

var second_bvi1_Data= ' \ncrypto ipsec client ezvpn client_ipsec_crprt_name inside';

var second_eem_Data= ' \naction a5 cli command "crypto ipsec client ezvpn client_ipsec_crprt_name"';

var second_ipsecClient_Data= ' \ncrypto ipsec client ezvpn client_ipsec_crprt_name\n connect auto\n mode client\n peer ezvpn_wan_ip\n virtual-interface 2\n\n';

var second_VI_QOS_Data= ' \ninterface virtual-template2\n  service-policty output shaper';

var secondVI_Data= ' \ninterface Virtual-Template2 type tunnel\n description Corporate data-traffic Virtual-Tunnel\n no ip address\n tunnel mode ipsec ipv4\n\n';

var split_tunnel_Data= ' \n deny ip any client_authp_corp_block_nw client_authp_corp_block_nmask\n! if split tunneling is enabled\n permit ip any any ';

var wireless_Data= ' \n!!!\n!!!!!!Wireless!!!!!!\n!!!\naaa authentication login corp group client_authen_grp_aaa\n\ndot11 ssid wireless_ssid\n    vlan 1\n    authentication open eap corp\n	authentication key-management wpa\n	  \ninterface Dot11Radio0.1\n encapsulation dot1Q 1 native\n bridge-group 1\n bridge-group 1 subscriber-loop-control\n bridge-group 1 spanning-disabled\n bridge-group 1 block-unknown-source\n no bridge-group 1 source-learning\n no bridge-group 1 unicast-flooding\n\ninterface Dot11Radio0\n no ip address\n broadcast-key vlan 1 change 30\n encryption vlan 1 mode ciphers tkip\n no ip redirects\n no ip unreachables\n no ip proxy-arp\n ssid wireless_ssid\n no shutdown';