kudarisenmon/commufa_ar3050s.txt

## commufa_ar3050s.txt
!
clock timezone JST plus 9:00
!
zone ipv4-internal
 network dhcp
  ip subnet 0.0.0.0/0 interface vlan1
 network lan
  ip subnet 192.168.0.0/24 interface eth1
  ip subnet 192.168.100.0/24 interface vlan1
!
zone ipv4-internet
 network wan
  ip subnet 0.0.0.0/0 interface ppp0
  host ppp0
   ip address dynamic interface ppp0
!
zone ipv6-internal
 network lan
  ipv6 subnet ::/0 interface vlan1
  host vlan1
   ipv6 address dynamic interface vlan1
!
zone ipv6-internet
 network wan
  ipv6 subnet ::/0 interface ppp0
  host ppp0
   ipv6 address dynamic interface ppp0
!
application dhcp
 protocol udp
 dport 67 to 68
!
application dhcpv4
 protocol udp
 dport 67 to 68
!
application dhcpv6
 protocol udp
 dport 546 to 547
!
application icmpv6
 protocol ipv6-icmp
!
firewall
 rule 10 permit dhcpv4 from ipv4-internal.dhcp to ipv4-internal.dhcp
 rule 20 permit any from ipv4-internal.lan to ipv4-internal.lan
 rule 30 permit any from ipv4-internal.lan to ipv4-internet
 rule 40 permit any from ipv4-internet.wan.ppp0 to ipv4-internet
 rule 100 permit any from ipv6-internal to ipv6-internal
 rule 110 permit any from ipv6-internal to ipv6-internet
 rule 120 permit any from ipv6-internet.wan.ppp0 to ipv6-internet
 rule 130 permit icmpv6 from ipv6-internet to ipv6-internet.wan.ppp0
 rule 140 permit dhcpv6 from ipv6-internet to ipv6-internet.wan.ppp0
 protect
!
nat
 rule 10 masq any from ipv4-internal to ipv4-internet
 enable
!
ntp server ntp.jst.mfeed.ad.jp
!
ip domain-lookup
!
ip dhcp pool pool100
 network 192.168.100.0 255.255.255.0
 range 192.168.100.2 192.168.100.191
 dns-server 192.168.100.1
 default-router 192.168.100.1
 lease 0 2 0
!
service dhcp-server
!
interface port1.0.1-1.0.8
 switchport
 switchport mode access
!
interface eth1
 description HGW_access
 encapsulation ppp 0
 ip address 192.168.0.250/24
 ipv6 enable
!
interface vlan1
 ip address 192.168.100.1/24
 no ipv6 nd suppress-ra
 ipv6 nd other-config-flag
 ipv6 address Commufa ::1/64
!
interface ppp0
 description Commufa
 ppp ipcp dns request
 keepalive
 ip address negotiated
 ppp username *******@v6m00.commufa.jp
 ppp password ********
 ipv6 enable
 ipv6 dhcp client pd Commufa default-route-to-server
 ip tcp adjust-mss pmtu
 ipv6 tcp adjust-mss pmtu
!
ipv6 forwarding
!
ip route 0.0.0.0/0 ppp0
!
ipv6 route ::/0 ppp0
!
ip dns forwarding
ip dns forwarding cache size 10000 timeout 1800
!
end
	!
	clock timezone JST plus 9:00
	!
	zone ipv4-internal
	network dhcp
	ip subnet 0.0.0.0/0 interface vlan1
	network lan
	ip subnet 192.168.0.0/24 interface eth1
	ip subnet 192.168.100.0/24 interface vlan1
	!
	zone ipv4-internet
	network wan
	ip subnet 0.0.0.0/0 interface ppp0
	host ppp0
	ip address dynamic interface ppp0
	!
	zone ipv6-internal
	network lan
	ipv6 subnet ::/0 interface vlan1
	host vlan1
	ipv6 address dynamic interface vlan1
	!
	zone ipv6-internet
	network wan
	ipv6 subnet ::/0 interface ppp0
	host ppp0
	ipv6 address dynamic interface ppp0
	!
	application dhcp
	protocol udp
	dport 67 to 68
	!
	application dhcpv4
	protocol udp
	dport 67 to 68
	!
	application dhcpv6
	protocol udp
	dport 546 to 547
	!
	application icmpv6
	protocol ipv6-icmp
	!
	firewall
	rule 10 permit dhcpv4 from ipv4-internal.dhcp to ipv4-internal.dhcp
	rule 20 permit any from ipv4-internal.lan to ipv4-internal.lan
	rule 30 permit any from ipv4-internal.lan to ipv4-internet
	rule 40 permit any from ipv4-internet.wan.ppp0 to ipv4-internet
	rule 100 permit any from ipv6-internal to ipv6-internal
	rule 110 permit any from ipv6-internal to ipv6-internet
	rule 120 permit any from ipv6-internet.wan.ppp0 to ipv6-internet
	rule 130 permit icmpv6 from ipv6-internet to ipv6-internet.wan.ppp0
	rule 140 permit dhcpv6 from ipv6-internet to ipv6-internet.wan.ppp0
	protect
	!
	nat
	rule 10 masq any from ipv4-internal to ipv4-internet
	enable
	!
	ntp server ntp.jst.mfeed.ad.jp
	!
	ip domain-lookup
	!
	ip dhcp pool pool100
	network 192.168.100.0 255.255.255.0
	range 192.168.100.2 192.168.100.191
	dns-server 192.168.100.1
	default-router 192.168.100.1
	lease 0 2 0
	!
	service dhcp-server
	!
	interface port1.0.1-1.0.8
	switchport
	switchport mode access
	!
	interface eth1
	description HGW_access
	encapsulation ppp 0
	ip address 192.168.0.250/24
	ipv6 enable
	!
	interface vlan1
	ip address 192.168.100.1/24
	no ipv6 nd suppress-ra
	ipv6 nd other-config-flag
	ipv6 address Commufa ::1/64
	!
	interface ppp0
	description Commufa
	ppp ipcp dns request
	keepalive
	ip address negotiated
	ppp username *******@v6m00.commufa.jp
	ppp password ********
	ipv6 enable
	ipv6 dhcp client pd Commufa default-route-to-server
	ip tcp adjust-mss pmtu
	ipv6 tcp adjust-mss pmtu
	!
	ipv6 forwarding
	!
	ip route 0.0.0.0/0 ppp0
	!
	ipv6 route ::/0 ppp0
	!
	ip dns forwarding
	ip dns forwarding cache size 10000 timeout 1800
	!
	end