Skip to content

Instantly share code, notes, and snippets.

@miio
Last active January 1, 2016 04:39
Show Gist options
  • Save miio/8093239 to your computer and use it in GitHub Desktop.
Save miio/8093239 to your computer and use it in GitHub Desktop.
GGJ用に仕込み中のIX2015コンフィグ(一部隠してますが
! NEC Portable Internetwork Core Operating System Software
! IX Series IX2010 (magellan-sec) Software, Version 8.3.47, RELEASE SOFTWARE
! Compiled Aug 27-Fri-2010 10:36:11 JST #1
! Last updated Dec 23-Mon-2013 15:57:03 JST
!
!
hostname sanjose
timezone +09 00
!
!
!
username admin password hash **************** administrator
!
!
!
!
!
!
logging buffered 8000000
logging subsystem all debug
!
!
ip ufs-cache enable
ip route default FastEthernet0/0.0
ip route default 192.168.2.1
ip route 192.168.222.0/24 Tunnel0.0
ip dhcp enable
ip access-list admin_console permit ip src any dest 172.16.24.0/24
ip access-list admin_console permit ip src any dest 192.168.2.0/24
ip access-list admin_console permit ip src any dest 192.168.222.0/24
ip access-list ipsec-list permit ip src any dest any
ip access-list management permit ip src 172.16.24.0/24 dest any
!
!
!
ike proposal ike-prop encryption 3des hash sha group 1024-bit
ike proposal ikeprop encryption aes hash sha group 1024-bit
!
ike suppress-dangling
!
ike policy ike-policy peer **.**.**.** key-type secret 1 key ******************************* ikeprop
ike keepalive ike-policy 30 6
!
ipsec autokey-proposal ipsec-prop esp-3des esp-sha
ipsec autokey-proposal secprop esp-aes esp-sha
!
ipsec autokey-map ipsec-policy ipsec-list peer **.**.**.** secproc
ipsec local-id ipsec-policy 172.16.24.0/24
ipsec remote-id ipsec-policy 192.168.222.1
!
!
!
!
!
!
proxy-dns ip enable
proxy-dns server 192.168.2.1
!
telnet-server ip enable
!
http-server username admin
http-server ip access-list admin_console
http-server ip enable
!
!
!
!
!
!
!
watch-group host 10
event 10 ip unreach-host 192.168.222.1 Tunnel0.0 source FastEthernet0/0.1
probe-timer restorer 60
probe-timer variance 60
!
network-monitor host enable
!
!
ip dhcp profile default-dhcp
assignable-range 172.16.24.2 172.16.24.254
default-gateway 172.16.24.1
dns-server 172.16.24.1
!
device FastEthernet0/0
!
device FastEthernet0/1
!
device FastEthernet1/0
!
device BRI1/0
isdn switch-type hsd128k
!
interface FastEthernet0/0.0
description upstream
ip address 192.168.2.2/24
ip napt enable
no shutdown
!
interface FastEthernet0/1.0
no ip address
shutdown
!
interface FastEthernet1/0.0
ip address 172.16.24.1/24
ip mtu 1454
ip tcp adjust-mss 1414
ip napt translation max-entries 65535
ip napt translation max-entries per-address 6553
ip dhcp binding default-dhcp
no shutdown
!
interface BRI1/0.0
encapsulation ppp
no auto-connect
no ip address
shutdown
!
interface FastEthernet0/0.1
encapsulation pppoe
auto-connect
ip address ipcp
ip tcp adjust-mss auto
ip napt enable
ip napt static FastEthernet0/0.1 50
no shutdown
!
interface Loopback0.0
no ip address
!
interface Null0.0
no ip address
!
interface Tunnel0.0
description vpn-gateway
tunnel mode ipsec
ip unnumbered FastEthernet0/0.1
ip tcp adjust-mss auto
ipsec policy tunnel ipsec-policy out
no shutdown
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment