############################
# For RTX1200 Rev.10.01.34
############################
#
# < グローバル IPv4 >
# グローバル IPv4 Network ID = 203.0.113.0
# グローバルIPv4 CIDR = /28
# インターネット境界ルーター = 203.0.113.1
# LAN境界ルーター = 203.0.113.15
# ファイアウォール = 203.0.113.3
#
# < ローカルIPv4 >
# LAN IPv4 = 192.168.0.0/23
# NAPT = 192.168.0.1-192.168.0.254 192.168.1.1-192.168.1.254
#
# < IPv6 >
# GUA Prefix = 2001:db8:1234
# ULA Prefix = fd01:2345:6789
# DMZ サブネットID = fffe
#
# < その他 >
# syslog server = log.hogehoge.co.jp
# DNS1 = 192.168.0.1
# DNS2 = 192.168.0.2
# Domain Name = hogehoge.co.jp
# ルーターパスワード = PassWord
#
# < PPPoE >
# IPv4 PPPoE ID = pppoe4id@hogehoge.gonyogonyo.ne.jp
# IPv4 PPPoE Password = ipv4pppoepass
# IPv6 PPPoE ID = pppoe6id@hogehoge.gonyogonyo.ne.jp
# IPv6 PPPoE Password = ipv6pppoepass
#
#
############################
# default 設定の削除
no ip lan1 address
no dhcp service server
no dhcp server rfc2131 compliant except remain-silent
no dhcp scope 1
############################
login password
PassWord
PassWord
administrator password
PassWord
PassWord
console columns 200
console lines infinity
ip route default gateway pp 1
ip route 192.168.0.0/23 gateway 203.0.113.15
ip filter source-route on
ip filter directed-broadcast on
ipv6 route 2001:db8:1234::/48 gateway fe80::2%1
ipv6 route default gateway pp 2
ipv6 route fd01:2345:6789::/48 gateway fe80::2%1
ip lan1 address 203.0.113.1/28
ipv6 lan1 address 2001:db8:1234:fffe::1/64
ipv6 lan1 address fe80::1/10
pp select 1
pp always-on on
pppoe use lan2
pppoe auto connect on
pppoe auto disconnect off
pp auth accept pap chap
pp auth myname pppoe4id@hogehoge.gonyogonyo.ne.jp ipv4pppoepass
ppp lcp mru on 1454
ppp ccp type none
ip pp mtu 1454
ip pp rip send off
ip pp rip receive off
ip pp secure filter name PPPoEv4
ip pp nat descriptor 1
ip pp tcp mss limit auto
pp enable 1
pp select 2
pp always-on on
pppoe use lan2
pppoe auto connect on
pppoe auto disconnect off
pp auth accept pap chap
pp auth myname pppoe6id@hogehoge.gonyogonyo.ne.jp ipv4pppoepass
ppp ccp type none
ppp ipv6cp use on
ipv6 pp rip send off
ipv6 pp rip receive off
ipv6 pp secure filter in 1000 1010 1020 1030 1040 2000 2010 2020 3000 3010 9000
9010
ipv6 pp secure filter out 1001 1011 1021 1031 1041 2001 2011 2021 3001 3011 9001
9011
ipv6 pp dhcp service client
ipv6 pp tcp mss limit auto
pp enable 2
ip filter 10 pass * 203.0.113.3 *
ip filter 11 pass 203.0.113.3 * *
ip filter 1000 reject * * tcp * telnet,22,netbios_ns-netbios_ssn,445,514,3389
ip filter 1001 reject * * tcp telnet,22,netbios_ns-netbios_ssn,445,514,3389 *
ip filter 1010 reject * * udp * telnet,22,netbios_ns-netbios_ssn,445,syslog,3389
ip filter 1011 reject * * udp telnet,22,netbios_ns-netbios_ssn,445,syslog,3389 *
ip filter 1020 reject * * tcp netbios_ns-netbios_ssn,445,514 *
ip filter 1021 reject * * tcp * netbios_ns-netbios_ssn,445,514
ip filter 1030 reject * * udp netbios_ns-netbios_ssn,445,syslog *
ip filter 1031 reject * * udp * netbios_ns-netbios_ssn,445,syslog
ip filter 1040 reject 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,203.0.113.0/28 * *
ip filter 1041 reject * 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,203.0.113.0/28 *
ip filter 2000 pass * * icmp
ip filter 2001 pass * * icmp
ip filter 2100 pass * 192.168.0.0/23,203.0.113.0/28 * * *
ip filter 2101 pass 192.168.0.0/23,203.0.113.0/28 * * * *
ip filter 3000 reject * 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 *
ip filter 3001 reject 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 * *
ip filter 3010 reject 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 *
ip filter 3011 reject * 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 *
ip filter set PPPoEv4 in 10 1000 1010 1020 1030 1040 2000 2100 3000 3010
ip filter set PPPoEv4 out 11 1001 1011 1021 1031 1041 2001 2101 3001 3011
nat descriptor type 1 nat-masquerade
nat descriptor address outer 1 203.0.113.1
nat descriptor address inner 1 203.0.113.1 192.168.0.1-192.168.0.254
192.168.1.1-192.168.1.254
ipv6 filter 1000 reject * * tcp * telnet,22,netbios_ns-netbios_ssn,445,514,3389
ipv6 filter 1001 reject * * tcp telnet,22,netbios_ns-netbios_ssn,445,514,3389 *
ipv6 filter 1010 reject * * udp *
telnet,22,netbios_ns-netbios_ssn,445,syslog,3389
ipv6 filter 1011 reject * * udp telnet,22,netbios_ns-netbios_ssn,445,syslog,3389
*
ipv6 filter 1020 reject * * tcp netbios_ns-netbios_ssn,445,514 *
ipv6 filter 1021 reject * * tcp * netbios_ns-netbios_ssn,445,514
ipv6 filter 1030 reject * * udp netbios_ns-netbios_ssn,445,syslog *
ipv6 filter 1031 reject * * udp * netbios_ns-netbios_ssn,445,syslog
ipv6 filter 1040 reject fc00::/7,ff05::/16,2001:db8::/32,2001:db8:1234::/48 * *
ipv6 filter 1041 reject * fc00::/7,ff05::/16,2001:db8::/32,2001:db8:1234::/48 *
ipv6 filter 2000 pass * * icmp6
ipv6 filter 2001 pass * * icmp6
ipv6 filter 2010 pass * 2001:db8:1234::/48,fe80::/10 *
ipv6 filter 2011 pass 2001:db8:1234::/48,fe80::/10 * *
ipv6 filter 2020 pass fe80::/10 * *
ipv6 filter 2021 pass * fe80::/10 *
ipv6 filter 3000 reject * fc00::/7,ff05::/16,2001:db8::/32,fec0::/10 * * *
ipv6 filter 3001 reject fc00::/7,ff05::/16,2001:db8::/32,fec0::/10 * * * *
ipv6 filter 3010 reject fc00::/7,ff05::/16,2001:db8::/32,fec0::/10 * * *
ipv6 filter 3011 reject * fc00::/7,ff05::/16,2001:db8::/32,fec0::/10 * * *
ipv6 filter 9000 pass * ff00::/8 * * *
ipv6 filter 9001 pass ff00::/8 * * * *
ipv6 filter 9010 pass ff00::/8 * * * *
ipv6 filter 9011 pass * ff00::/8 * * *
syslog host log.hogehoge.co.jp
syslog notice on
syslog info on
dns server 192.168.0.1 192.168.0.2
dns domain hogehoge.co.jp
dns host none
schedule at 1 */* *:01 * ntpdate ntp.nict.jp syslog
httpd service off
httpd host none
operation http revision-up permit on
Copyright © MURA All rights reserved.