access-list VPN-ACL extended permit ip 192.168.0.0 255.255.0.0 10.1.0.0 255.255.0.0
crypto ipsec ikev2 ipsec-proposal my-proposal
 protocol esp encryption aes
 protocol esp integrity sha-1
crypto ipsec security-association pmtu-aging infinite
crypto map mymap 1 match address VPN-ACL
crypto map mymap 1 set peer 333.333.333.333
crypto map mymap 1 set ikev2 ipsec-proposal my-proposal
crypto map mymap interface OUTSIDE
crypto ca trustpool policy
crypto ikev2 policy 10
 encryption aes
 integrity md5
 group 5
 prf sha
 lifetime seconds 86400
crypto ikev2 enable OUTSIDE
tunnel-group 333.333.333.333 type ipsec-l2l
tunnel-group 333.333.333.333 ipsec-attributes
 ikev2 remote-authentication pre-shared-key *****
 ikev2 local-authentication pre-shared-key *****