Working NZ Fibre UFB Cisco Router Configuration

This config is based on SNAP as the ISP and Cisco IOS version 15.1
You will need to update anything with "###REMOVED###" and create your own access lists.

version 15.1
service nagle
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service password-encryption
service sequence-numbers
no service dhcp
!
hostname ###REMOVED###
!
boot-start-marker
warm-reboot
boot-end-marker
!
!
logging buffered 2048000
logging rate-limit 200 except notifications
no logging console
no logging monitor
enable secret ###REMOVED###
!
!
!
clock timezone NZST 12 0
clock summer-time NZDT recurring last Sun Sep 2:00 1 Sun Apr 3:00
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause rootguard
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery interval 30
!
dot11 syslog
no ip source-route
!
!
ip cef
!
!
!
no ip bootp server
ip domain name ###REMOVED###
ip name-server ###REMOVED###
ip inspect name firewall tcp router-traffic
ip inspect name firewall udp router-traffic
ip inspect name firewall h323
ip inspect name firewall rcmd
ip inspect name firewall realaudio
ip inspect name firewall streamworks
ip inspect name firewall vdolive
ip inspect name firewall sqlnet
ip inspect name firewall tftp
ip inspect name firewall ftp
ip inspect name firewall icmp
ip inspect name firewall sip
ip inspect name firewall fragment maximum 256 timeout 1
ip inspect name firewall rtsp
ip inspect name firewall pptp
ip inspect name firewall ntp
ip inspect name firewall dns
ip inspect name firewall sip-tls
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
voice-card 0
!
!
!
!
!
license udi pid CISCO2821 sn ###REMOVED###
archive
 log config
  logging enable
  logging size 200
  notify syslog contenttype plaintext
  hidekeys
 path flash:archived-config
 write-memory
file verify auto
!
no spanning-tree vlan 1
no spanning-tree vlan 10
!
username ###REMOVED### privilege 15 secret ###REMOVED###
!
redundancy
!
!
ip tcp selective-ack
ip tcp timestamp
ip tcp synwait-time 15
ip tcp path-mtu-discovery
ip ssh version 2
!
!
interface GigabitEthernet0/0
 description $Firewall_INSIDE$
 ip address ###REMOVED### ###REMOVED###
 ip access-group 102 in
 ip flow ingress
 ip nat inside
 ip inspect firewall out
 ip virtual-reassembly in
 ip tcp adjust-mss 1452
 load-interval 30
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 description TO:ChorusONT
 bandwidth inherit 100000
 no ip address
 load-interval 30
 duplex auto
 speed auto
 no cdp enable
!
interface GigabitEthernet0/1.10
 description UFB-VLAN10
 encapsulation dot1Q 10
 pppoe enable group global
 pppoe-client dial-pool-number 1
 no cdp enable
!
interface FastEthernet0/0/0
 description SHUTDOWN
 no ip address
 shutdown
!
interface FastEthernet0/0/1
 description SHUTDOWN
 no ip address
 shutdown
!
interface FastEthernet0/0/2
 description SHUTDOWN
 no ip address
 shutdown
!
interface FastEthernet0/0/3
 description SHUTDOWN
 no ip address
 shutdown
!
interface Vlan1
 no ip address
!
interface Dialer0
 mtu 1492
 bandwidth inherit 100000
 ip address negotiated
 ip access-group 101 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 ip inspect firewall out
 ip virtual-reassembly in
 encapsulation ppp
 load-interval 30
 dialer pool 1
 dialer idle-timeout 0
 dialer persistent
 dialer-group 1
 ppp authentication pap callin
 ppp eap refuse
 ppp chap refuse
 ppp ms-chap refuse
 ppp ms-chap-v2 refuse
 ppp pap sent-username ###REMOVED###@snap.net.nz password ###REMOVED###
 ppp ipcp dns request
 ppp ipcp route default
 no cdp enable
!
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip flow-top-talkers
 top 50
 sort-by bytes
 cache-timeout 3600000
!
ip nat inside source route-map NONAT interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 10.0.0.0 255.0.0.0 Null0
ip route 127.0.0.0 255.255.255.0 Null0
ip route 169.254.0.0 255.255.0.0 Null0
ip route 172.16.0.0 255.240.0.0 Null0
ip route 192.0.2.0 255.255.255.0 Null0
ip route 192.168.0.0 255.255.0.0 Null0
ip route 198.18.0.0 255.254.0.0 Null0
!
ip access-list logging interval 10
access-list 101 ###REMOVED###
access-list 102 ###REMOVED###
access-list 105 deny   ip 10.0.0.0 0.255.255.255 10.0.0.0 0.255.255.255
access-list 105 permit ip 10.0.0.0 0.255.255.255 any
dialer-list 1 protocol ip permit
!
!
!
!
route-map NONAT permit 10
 match ip address 105
!
!
control-plane
!
!
!
mgcp profile default
!
!
banner exec ^

HOSTNAME: $(hostname).$(domain)
VTY LINE: $(line)
+----------------------------------------------------------------------+
|                                                                      |
|                            |            |                            |
|                           |||          |||                           |
|                         .|||||.      .|||||.                         |
|                      .:|||||||||:..:|||||||||:.                      |
|                       C i s c o  S y s t e m s                       |
|                                                                      |
|                                                                      |
| Site:       ###REMOVED###                                            |
| Model:      ###REMOVED###                                            |
| Installed:  ###REMOVED###                                            |
|                                                                      |
+----------------------------------------------------------------------+

^
banner login ^
!

+----------------------------------------------------------------------+
|                                                                      |
|                      THIS DEVICE IS MONITORED!!!                     |
|                                                                      |
|            This Device is managed by ###REMOVED###                   |
|                                                                      |
|     ** Access to this system is PROHIBITED unless AUTHORISED **      |
|          If you are not authorised please disconnect now.            |
|    If you fail to disconnect now you may be prosecuted under the     |
|     Crimes Amendment Act 2003 section 252 under New Zealand law.     |
|                                                                      |
+----------------------------------------------------------------------+

^
!
line con 0
 logging synchronous
 login authentication LOGIN
 width 200
 international
 stopbits 1
line aux 0
line vty 0 4
 access-class 2 in
 exec-timeout 60 0
 logging synchronous
 login authentication LOGIN
 length 0
 width 200
 international
 transport input ssh
!
scheduler allocate 20000 1000
ntp logging
ntp update-calendar
ntp server ###REMOVED###
end