NetVolanteDDNS+IPSecVPN
プロバイダ:SB光
PPPoE+IPoE
# RTX810 Rev.11.01.34 (Tue Nov 26 18:39:12 2019)
# MAC Address : , # Memory 128Mbytes, 2LAN # main: RTX810 ver=00 serial= MAC-Address= MAC-Address= # Reporting Date: May 26 17:15:24 2022 login password * administrator password * login user admin * ip route default gateway pp 2 filter 500000 gateway pp 2 ipv6 route default gateway dhcp lan2 ipv6 prefix 1 dhcp-prefix@lan2::/64 ip lan1 address 172.16.0.1/16 ip lan1 proxyarp on ipv6 lan1 address dhcp-prefix@pp2::1/64 ipv6 lan1 address dhcp-prefix@pp2::/48 ipv6 lan1 address dhcp-prefix@lan2::1/64 ipv6 lan1 rtadv send 1 o_flag=on ipv6 lan1 dhcp service server ipv6 lan1 mld router switch control use lan1 on ip lan2 address 192.168.1.254/24 ipv6 lan2 address dhcp ipv6 lan2 secure filter in 1010 1011 1012 2000 ipv6 lan2 secure filter out 3000 dynamic 100 101 102 103 104 105 106 ipv6 lan2 dhcp service client ngn type lan2 ntt provider type isdn-terminal provider filter routing connection provider lan1 name LAN: provider lan2 name PPPoE/0/1/5/0/0/0: provider ntpdate ntp.nict.jp pp select 2 pp name PRV/1/1/5/0/0/1: pp keepalive interval 30 retry-interval=30 count=12 pppoe use lan2 pppoe auto disconnect off pp auth accept pap chap pp auth myname bxxxxxxxxxxx@sbb.ne.jp xccccc ppp lcp mru on 1454 ppp ipcp ipaddress on ppp ccp type none ip pp secure filter in 201003 201020 201021 201022 201023 201024 201025 201030 201032 201080 201081 201082 201083 201084 ip pp secure filter out 201013 201020 201021 201022 201023 201024 201025 201026 201027 201099 dynamic 201080 201081 201082 201083 201084 201085 201098 201099 ip pp nat descriptor 1100 ipv6 pp rip send off ipv6 pp rip receive off ipv6 pp secure filter out dynamic 201080 201081 201082 201083 201084 201085 201098 201099 ipv6 pp dhcp service client ipv6 pp mld host netvolante-dns hostname host pp server=1 xxxxxxc.aa0.netvolante.jp pp enable 2 provider set 2 provider dns server 2 8.8.8.8 8.8.4.4 2400:2653:54a0:da00:xxxxxxxxxx provider ipv6 connect pp 2 on provider select 2 pp select anonymous pp bind tunnel2 pp auth request chap-pap pp auth username xxxxx xxxxx ppp ipcp ipaddress on ppp ipcp msext on ip pp remote address pool dhcp ip pp mtu 1258 pp enable anonymous tunnel select 2 tunnel encapsulation l2tp ipsec tunnel 2 ipsec sa policy 2 2 esp aes-cbc sha-hmac ipsec ike keepalive log 2 off ipsec ike keepalive use 2 off ipsec ike nat-traversal 2 on ipsec ike pre-shared-key 2 text somvpn ipsec ike remote address 2 any l2tp tunnel auth off l2tp tunnel disconnect time 600 l2tp keepalive use on ip tunnel tcp mss limit auto tunnel enable 2 ip filter 201000 reject 10.0.0.0/8 * * * * ip filter 201001 reject 172.16.0.0/12 * * * * ip filter 201002 reject 192.168.0.0/16 * * * * ip filter 201003 reject 172.16.0.0/16 * * * * ip filter 201010 reject * 10.0.0.0/8 * * * ip filter 201011 reject * 172.16.0.0/12 * * * ip filter 201012 reject * 192.168.0.0/16 * * * ip filter 201013 reject * 172.16.0.0/16 * * * ip filter 201020 reject * * udp,tcp 135 * ip filter 201021 reject * * udp,tcp * 135 ip filter 201022 reject * * udp,tcp netbios_ns-netbios_ssn * ip filter 201023 reject * * udp,tcp * netbios_ns-netbios_ssn ip filter 201024 reject * * udp,tcp 445 * ip filter 201025 reject * * udp,tcp * 445 ip filter 201026 restrict * * tcpfin * www,21,nntp ip filter 201027 restrict * * tcprst * www,21,nntp ip filter 201030 pass * 172.16.0.0/16 icmp * * ip filter 201031 pass * 172.16.0.0/16 established * * ip filter 201032 pass * 172.16.0.0/16 tcp * ident ip filter 201033 pass * 172.16.0.0/16 tcp ftpdata * ip filter 201034 pass * 172.16.0.0/16 tcp,udp * domain ip filter 201035 pass * 172.16.0.0/16 udp domain * ip filter 201036 pass * 172.16.0.0/16 udp * ntp ip filter 201037 pass * 172.16.0.0/16 udp ntp * ip filter 201080 pass * 172.16.0.1 udp * 1701 ip filter 201081 pass * 172.16.0.1 udp * 500 ip filter 201082 pass * 172.16.0.1 esp * * ip filter 201083 pass * 172.16.0.1 udp * 4500 ip filter 201084 pass * 172.16.100.1 tcp * https ip filter 201098 reject-nolog * * established ip filter 201099 pass * * * * * ip filter 500000 restrict * * * * * ip filter dynamic 201080 * * ftp ip filter dynamic 201081 * * domain ip filter dynamic 201082 * * www ip filter dynamic 201083 * * smtp ip filter dynamic 201084 * * pop3 ip filter dynamic 201085 * * submission ip filter dynamic 201098 * * tcp ip filter dynamic 201099 * * udp nat descriptor type 1100 masquerade nat descriptor masquerade static 1100 1 172.16.0.1 udp 1701 nat descriptor masquerade static 1100 2 172.16.0.1 udp 500 nat descriptor masquerade static 1100 3 172.16.0.1 esp nat descriptor masquerade static 1100 4 172.16.0.1 udp 4500 nat descriptor masquerade static 1100 5 172.16.100.1 tcp https ipsec auto refresh on ipsec transport 2 2 udp 1701 ipv6 filter 1010 pass * * icmp6 * * ipv6 filter 1011 pass * * tcp * ident ipv6 filter 1012 pass * * udp * 546 ipv6 filter 2000 reject * * * * * ipv6 filter 3000 pass * * * * * ipv6 filter dynamic 100 * * ftp ipv6 filter dynamic 101 * * domain ipv6 filter dynamic 102 * * www ipv6 filter dynamic 103 * * smtp ipv6 filter dynamic 104 * * pop3 ipv6 filter dynamic 105 * * tcp ipv6 filter dynamic 106 * * udp ipv6 filter dynamic 201080 * * ftp ipv6 filter dynamic 201081 * * domain ipv6 filter dynamic 201082 * * www ipv6 filter dynamic 201083 * * smtp ipv6 filter dynamic 201084 * * pop3 ipv6 filter dynamic 201085 * * submission ipv6 filter dynamic 201098 * * tcp ipv6 filter dynamic 201099 * * udp syslog notice on telnetd host lan dhcp service server dhcp server rfc2131 compliant except remain-silent dhcp scope 1 172.16.0.3-172.16.255.253/16 dns server 8.8.8.8 8.8.4.4 2400:2653:54a0:da00:xxxxxxxxxxxxx dns server select 500002 8.8.8.8 8.8.4.4 any . restrict pp 2 dns private address spoof on dns static a madoka.local 172.16.100.1 dns static a router 172.16.0.1 schedule at 1 */* 01:53 * ntpdate ntp.nict.jp l2tp service on httpd host any upnp use on alarm entire off #
コメント
コメントを投稿