MR1000　コマンド設定事例集

Size: px

Start display at page:

Download "MR1000　コマンド設定事例集"

ゆきさいまいだ
9 years ago
Views:

3 V LAN CATV LAN IPv4 IPv PPPoE LAN ISDN LAN LAN IPv6 LAN ISDN IPv6 LAN IPv LAN IP-VPN ADSL IP-VPN IP-VPN NAT IP VPN NAT IP VPN NAT IP VPN RIP IPv RIP IPv OSPFv2 IPv OSPF IPv OSPF LSA AS OSPF LSA

15 NAT IP VPN... 53 2... 59 2.1 RIP IPv4... 62 2.1.1... 64 2.1.2... 65 2.1.3... 66 2.1.4... 67 2.1.5... 68 2.1.6... 69 2.2 RIP IPv6... 70 2.2.1... 72 2.2.2... 73 2.2.3... 74 2.

4 V BGP IPv AS IP-VPN IP-VPN MPLS MPLS LSP MPLS LSP MPLS 2VPN EoMPLS MPLS 3VPN BGP/MPLS VPN MPLS LAN MPLS PIM-DM PIM-SM VLAN IP SPI IPv ping IPsec IPv4 over IPv4 IP VPN IPv4 over IPv6 IP VPN IPv4 over IPv6 IP VPN IPv6 over IPv4 IP VPN IPv6 over IPv4 IP VPN IPv6 over IPv6 IP VPN IPv6 over IPv6 IP VPN IPv4 over IPv4 1 IKE IPsec VPN IPsec NAT LAN PPPoE LAN NAT IPsec IPsec VoIP NAT TOS/Traffic Class VLAN WFQ

12.3 SPI... 145 2.12.4 IPv6... 149 2.12.5... 153 2.12.6... 155 2.12.7... 156 2.12.8 ping... 157 2.13 IPsec... 159 2.13.1 IPv4 over IPv4 IP VPN... 161 2.13.2 IPv4 over IPv6 IP VPN... 165 2.13.3 IPv4 over IPv6 IP VPN.

5 V DHCP DHCP DHCP DHCP DHCP IPv6 DHCP DNS ProxyDNS DNS DNS DNS DNS DNS URL URL SNMP ECMP VRRP STP FNA STP IP Ethernet over IP LAN HUB ISDN PIAFS

28... 251 2.29... 252 2.29.1... 253 2.29.2... 253 2.30... 254 2.30.1... 254 2.30.2... 255 2.30.3... 256 2.31... 257 2.31.1... 258 2.31.2... 259 2.32 STP... 260 2.

6 V21 CD-ROM README 1 2 Microsoft Windows Windows NT Microsoft Corporation Microsoft Windows 2000 Server Network operating system Microsoft Windows 2000 Professional operating system Windows 2000 NTT NTT ADSL NTT NTT 6

Network operating system Microsoft Windows 2000

7 LAN CATV LAN IPv4 IPv PPPoE LAN ISDN LAN LAN IPv6 LAN ISDN IPv6 LAN IPv LAN IP-VPN ADSL IP-VPN IP-VPN NAT IP VPN NAT IP VPN NAT IP VPN

8 LAN.......................................................21 1.9 LAN...........................................24 1.10 IPv6 LAN ISDN..................................................26 1.

8 V LAN LAN MR P.42 LAN LAN0 IP DHCP NAT DHCP IP 1 5 LAN LAN1 IP / /24 DHCP IP DNS LAN

LAN LAN1 IP / 192.168.1.1/24 DHCP IP 192.

9 V A Z a z < > & % MR P.18 IP LAN # delete lan 0 # lan 0 mode auto # lan 0 ip dhcp service client # lan 0 ip rip use off v1 0 off # lan 0 ip nat mode multi any 1 LAN # lan 1 mode auto # lan 1 ip address /24 3 # lan 1 ip dhcp service server # lan 1 ip dhcp info dns # lan 1 ip dhcp info address / # lan 1 ip dhcp info time 1d # lan 1 ip dhcp info gateway # lan 1 ip rip use v1 v1 0 off # enable LAN DHCP DHCP LAN IP IP IP IP DHCP P.220 IP MAC 9 LAN

multi any 1 LAN # lan 1 mode auto # lan 1 ip address 192.168.1.1/24 3 # lan 1 ip dhcp service server # lan 1 ip dhcp info dns 192.

10 V CATV CATV CATV CATV 2 CATV CATV CATV CATV CATV CATV LAN LAN CATV CATV CATV CATV LAN CATV LAN CATV LAN LAN IP MR P CATV

11 V21 1 CATV LAN0 IP / / DNS LAN IP / /24 DHCP CATV CATV IP CATV # delete lan # lan 0 ip address /24 3 # lan 0 ip dhcp info time 1d # lan 0 ip route 0 default # lan 0 ip rip use off v1 0 off # lan 0 ip nat mode multi any 1 5m LAN # lan 1 ip address /24 3 # lan 1 ip dhcp service server # lan 1 ip dhcp info dns # lan 1 ip dhcp info address / # lan 1 ip dhcp info time 1d # lan 1 ip dhcp info gateway # lan 1 ip rip use v1 v1 0 off ProxyDNS # proxydns domain 0 any * any static # proxydns address 0 any static # reset 11 CATV

168.1.1/24 3 # lan 1 ip dhcp service server # lan 1 ip dhcp info dns 192.10.10.10 # lan 1 ip dhcp info address 192.168.1.2/24 253 # lan 1 ip dhcp info time 1d # lan 1 ip dhcp info gateway 192.

12 V LAN LAN-B LAN-A MR P.42 LAN-A LAN1 IP / /24 DHCP NAT LAN-B LAN0 IP / /24 DHCP RIP-V IP IP LAN-C / /24 NAT 12 LAN

168.0.1 / 192.168.0.0/24 DHCP RIP-V1 1 2 1 IP 192.168.0.5 2 IP 192.

13 V21 1 TIME TIME SNTP TIME RFC868 SNTP Simple Network Time Protocol RFC1361 RFC1769 NTP Network Time Protocol IP LAN0 # lan 0 ip address /24 3 # lan 0 ip dhcp service off # lan 0 ip route / # lan 0 ip route 0 default # lan 0 ip rip use v1 v1 0 off LAN1 # lan 1 ip address /24 3 # lan 1 ip dhcp service server # lan 1 ip dhcp info dns # lan 1 ip dhcp info address / # lan 1 ip dhcp info time 1d # lan 1 ip dhcp info gateway # lan 1 ip rip use v1 v1 0 off # time auto server time # time auto interval start # enable 13 LAN

168.1.1 # lan 1 ip dhcp info address 192.168.1.2/24 253 # lan 1 ip dhcp info time 1d # lan 1 ip dhcp info gateway 192.168.1.1 # lan 1 ip rip use v1 v1 0 off # time auto server 192.

14 V IPv4 IPv6 IPv4 IPv6 LAN-A / 2001:db8:1111:1001::/64 LAN-B / 2001:db8:1111:1000::/64 LAN0 # lan 0 ip6 use on # lan 0 ip6 address :db8:1111:1000::/64 30d 7d c0 # lan 0 ip6 ra mode send # lan 0 ip6 rip use on on 0 # lan 0 ip6 rip site-local on LAN1 # lan 1 ip6 use on # lan 1 ip6 address :db8:1111:1001::/64 30d 7d c0 # lan 1 ip6 ra mode send # lan 1 ip6 rip use on on 0 # lan 1 ip6 rip site-local on # enable 14 IPv4 IPv6

# lan 0 ip6 address 0 2001:db8:1111:1000::/64 30d 7d c0 # lan 0 ip6 ra mode send # lan 0 ip6 rip use on on 0 #

15 V MR P.42 ISDN OCN 128Kbps LAN0 LAN OCN DNS OCN domain.ocn.ne.jp OCN IP IP / / LAN IP internet 0 9 A Z a z < > & % MR P.18 IP 15

ocn.ne.jp OCN IP IP / 172.16.184.32/29 172.16.184.33 172.

16 V21 1 # wan 0 line hsd 128k IP # lan 0 ip address /29 3 DHCP # lan 0 ip dhcp info dns # lan 0 ip dhcp info address /29 6 # lan 0 ip dhcp info gateway # lan 0 ip dhcp info domain domain.ocn.ne.jp # lan 0 ip dhcp service server # remote 0 name internet # remote 0 ip route 0 default 1 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind wan 0 # remote 0 ap 0 ip dns # reset 16

17 V PPPoE PPPoE ADSL MR P.42 ID userid userpass LAN0 LAN IP / / A Z a z < > & % MR P.18 IP PPPoE MTU MTU 1454 PPPoE LAN lan mode lan mode lan LAN 17 PPPoE

168.1.0/24 0 9 A Z a z < > & % MR1000 1.4 P.

18 V21 1 ADSL # delete lan 0 # lan 0 mode auto IP # lan 1 ip address /24 3 DHCP # lan 1 ip dhcp info dns # lan 1 ip dhcp info address / # lan 1 ip dhcp info time 1d # lan 1 ip dhcp info gateway # lan 1 ip dhcp service server # lan 1 ip nat mode off # remote 0 name internet # remote 0 mtu 1454 # remote 0 autodial enable # remote 0 ppp ipcp vjcomp disable # remote 0 ip route 0 default 1 # remote 0 ip rip use off off 0 off # remote 0 ip nat mode multi any 1 5m # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass ProxyDNS # proxydns domain 0 any * any to 0 # proxydns address 0 any to 0 # reset 18 PPPoE

route 0 default 1 # remote 0 ip rip use off off 0 off # remote 0 ip nat mode multi any 1 5m # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0

19 V LAN ISDN ISDN 2 MR P.42 ISDN ISDN 64Kbps intranet 1 IP / / ID tokyo tokyopass kawasaki kawapass IP / / ID kawasaki kawapass tokyo tokyopass IP 19 LAN ISDN

20 V21 1 # wan 0 line isdn IP # lan 0 ip address /24 3 # remote 0 name intranet # remote 0 ip route /24 1 # remote 0 ap 0 name kawasaki # remote 0 ap 0 datalink bind wan 0 # remote 0 ap 0 dial 0 number # remote 0 ap 0 dial 0 speed 64K # remote 0 ap 0 ppp auth type any # remote 0 ap 0 ppp auth send tokyo tokyopass # remote 0 ap 0 ppp auth receive kawasaki kawapass # remote 0 ap 0 idle 1m # reset # wan 0 line isdn IP # lan 0 ip address /24 3 # remote 0 name intranet # remote 0 ip route /24 1 # remote 0 ap 0 name tokyo # remote 0 ap 0 datalink bind wan 0 # remote 0 ap 0 dial 0 number # remote 0 ap 0 dial 0 speed 64K # remote 0 ap 0 ppp auth type any # remote 0 ap 0 ppp auth send kawasaki kawapass # remote 0 ap 0 ppp auth receive tokyo tokyopass # remote 0 ap 0 idle 1m # reset 20 LAN ISDN

21 V LAN 2 MR P.42 ISDN BRI 128Mbps DHCP honsya honsya-1 / /24 LAN IP DNS IP shisya1 shisya-1 / /24 LAN IP DNS IP DHCP 21 LAN

22 V A Z a z < > & % MR P.18 IP # wan 0 line hsd 128k LAN # lan 0 ip address /24 3 # lan 0 ip route 0 default # remote 0 name shisya1 # remote 0 ip route /24 1 # remote 0 ap 0 name shisya-1 # remote 0 ap 0 datalink bind wan 0 # reset 22 LAN

23 V21 1 # wan 0 line hsd 128k LAN # lan 0 ip address /24 3 # remote 0 name honsya # remote 0 ap 0 name honsya-1 # remote 0 ap 0 datalink bind wan 0 # remote 0 ip route 0 default 1 # reset 1.5 P.15 DHCP DHCP 23 LAN

24 V LAN LAN MR P.42 ISDN 128Kbps RIPv1 LAN IP / /24 1 center1 ap1 WAN IP WAN IP DLCI 16 CIR 64Kbps 2 center2 ap2 24 LAN

25 V21 1 WAN IP WAN IP DLCI 17 CIR 64Kbps IP # wan 0 line fr 128k LAN IP # lan 0 ip address /24 3 RIP # lan 0 ip rip use v1 v1 0 off 1 # remote 0 name center1 # remote 0 ip address local # remote 0 ip address remote # remote 0 ip rip use v1 v1 0 off # remote 0 ap 0 name ap1 # remote 0 ap 0 datalink bind wan 0 # remote 0 ap 0 fr dlci 16 # remote 0 ap 0 fr cir 64 2 # remote 1 name center2 # remote 1 ip address local # remote 1 ip address remote # remote 1 ip rip use v1 v1 0 off # remote 1 ap 0 name ap2 # remote 1 ap 0 datalink bind wan 0 # remote 1 ap 0 fr dlci 17 # remote 1 ap 0 fr cir 64 # reset 25 LAN

26 V IPv6 LAN ISDN ISDN 2 IPv6 MR P.42 ISDN ISDN 64Kbps IPv6 kaisya 1 / 2001:db8:1111:1000::/64 tokyo ID tokyo tokyopass kawasaki kawapass / 2001:db8:1111:1001::/64 kawasaki ID kawasaki kawapass tokyo tokyopass 26 IPv6 LAN ISDN

27 V A Z a z < > & % MR P.18 # wan 0 line isdn LAN # lan 0 ip6 use on # lan 0 ip6 address :db8:1111:1000::/64 30d 7d # lan 0 ip6 ra mode send # remote 0 name kaisya # remote 0 ap 0 name kawasaki # remote 0 ap 0 datalink bind wan 0 # remote 0 ap 0 dial 0 number # remote 0 ap 0 dial 0 speed 64K # remote 0 ap 0 ppp auth type any # remote 0 ap 0 ppp auth send tokyo tokyopass # remote 0 ap 0 ppp auth receive kawasaki kawapass # remote 0 ap 0 idle 1m # remote 0 ip6 use on # remote 0 ip6 route :db8:1111:1001::/64 1 # reset ISDN RIP IPv6 RIP IPv6 27 IPv6 LAN ISDN

28 V21 1 # wan 0 line isdn LAN # lan 0 ip6 use on # lan 0 ip6 address :db8:1111:1001::/64 30d 7d # lan 0 ip6 ra mode send # remote 0 name kaisya # remote 0 ap 0 name tokyo # remote 0 ap 0 datalink bind wan 0 # remote 0 ap 0 dial 0 number # remote 0 ap 0 dial 0 speed 64K # remote 0 ap 0 ppp auth type any # remote 0 ap 0 ppp auth send kawasaki kawapass # remote 0 ap 0 ppp auth receive tokyo tokyopass # remote 0 ap 0 idle 1m # remote 0 ip6 use on # remote 0 ip6 route :db8:1111:1000::/64 1 # reset 28 IPv6 LAN ISDN

29 V IPv6 LAN IPv6 IPv4 2 IPv6 LAN0 IPv LAN1 IPv LAN1 IPv6 / 2001:db8:1111:10b9::/64 LAN0 IPv LAN1 IPv LAN1 IPv6 / 2001:db8:1111:1016::/64 IPv4 IPv6 0 9 A Z a z < > & % MR P.18 IPv6 over IPv4 IPv4 MTU 1280 IP 29 IPv6 LAN IPv6

30 V21 1 IPv4 # lan 0 ip address /24 3 # lan 0 ip rip use v1 v1 0 # lan 0 ip dhcp service off # lan 0 ip nat mode off # lan 1 ip address /24 3 # lan 1 ip rip use v1 v1 0 # lan 1 ip dhcp service off # lan 1 ip nat mode off IPv6 # lan 1 ip6 use on # lan 1 ip6 ifid auto # lan 1 ip6 address :db8:1111:10b9::/64 30d 7d c0 # lan 1 ip6 ra mode send IP # remote 0 name v6kawasa # remote 0 mtu 1280 # remote 0 ap 0 name tun-kawa # remote 0 ap 0 datalink type ip # remote 0 ap 0 tunnel local # remote 0 ap 0 tunnel remote # remote 0 ip6 use on # remote 0 ip6 route :db8:1111:1016::/64 1 # reset 30 IPv6 LAN IPv6

31 V21 1 IPv4 # lan 0 ip address /24 3 # lan 0 ip rip use v1 v1 0 # lan 0 ip dhcp service off # lan 0 ip nat mode off # lan 1 ip address /24 3 # lan 1 ip rip use v1 v1 0 # lan 1 ip dhcp service off # lan 1 ip nat mode off IPv6 # lan 1 ip6 use on # lan 1 ip6 ifid auto # lan 1 ip6 address :db8:1111:1016::/64 30d 7d c0 # lan 1 ip6 ra mode send IP # remote 0 name v6tokyo # remote 0 mtu 1280 # remote 0 ap 0 name tun-tkyo # remote 0 ap 0 datalink type ip # remote 0 ap 0 tunnel local # remote 0 ap 0 tunnel remote # remote 0 ip6 use on # remote 0 ip 6 route :db8:1111:10b9::/64 1 # reset 31 IPv6 LAN IPv6

32 V21 1 NAT IPv6 over IPv4 IPv4 NAT IPv6 over IPv4 IPv6 IPv4 NAT IPv4 IPv6 over IPv4 NAT IP LAN IP IP remote ip address local IP PPP IP NAT GW IP IPv6 over IPv4 GW NAT IP IP IP IP GW IPv6 over IPv4 NAT LAN GW IP IPv6 over IPv remote 0 ap 0 tunnel local remote 0 ap 0 tunnel remote NAT lan 0 ip nat static any any 41 GW GW NAT remote 0 ap 0 tunnel local remote 0 ap 0 tunnel remote IPv6 LAN IPv6

33 V LAN IP-VPN BGP4 IP-VPN MR P A Z a z < > & % MR P.18 NAT 4 BGP BGP MR P.19 BGP BGP BGP BGP enable IP 33 LAN IP-VPN

34 V ADSL IP-VPN LAN0 ADSL IP-VPN IP IP IP AS 1 IP-VPN LAN0 LAN0 IP LAN0 / /24 LAN1 IP LAN1 / /24 AS RIPv2 IP-VPN LAN0 LAN0 IP LAN0 / /24 LAN1 IP LAN1 / /24 AS LAN IP-VPN

35 V21 1 IP-VPN LAN0 LAN0 IP LAN0 / /24 LAN1 IP LAN1 / /24 AS LAN # lan 0 ip address /24 3 # lan 0 ip nat mode off # lan 0 ip dhcp service off # lan 0 ip route / # lan 1 ip address /24 3 # lan 1 ip rip use v2m v2 0 off # routemanage ip redist rip bgp on # routemanage ip redist bgp rip on # bgp as # bgp network route /24 # bgp neighbor 0 address # bgp neighbor 0 as 1 # bgp neighbor 0 ebgp-multihop 2 # reset 35 LAN IP-VPN

36 V21 1 LAN # lan 0 ip address /24 3 # lan 0 ip nat mode off # lan 0 ip dhcp service off # lan 0 ip route / # lan 1 ip address /24 3 # bgp as # bgp network route /24 # bgp neighbor 0 address # bgp neighbor 0 as 1 # bgp neighbor 0 ebgp-multihop 2 # reset LAN # lan 0 ip address /24 3 # lan 0 ip nat mode off # lan 0 ip dhcp service off # lan 0 ip route / # lan 1 ip address /24 3 # bgp as # bgp network route /24 # bgp neighbor 0 address # bgp neighbor 0 as 1 # bgp neighbor 0 ebgp-multihop 2 # reset 36 LAN IP-VPN

37 V IP-VPN ISDN IP-VPN IP IP IP AS 1 LAN IP LAN / /24 LAN / /24 LAN RIPv2 WAN IP AS LAN IP LAN / /24 WAN IP AS LAN IP LAN / /24 WAN IP AS LAN IP-VPN

38 V21 1 # wan 0 line hsd 128k LAN # lan 0 ip address /24 3 # lan 0 ip rip use v2m v2 0 off # remote 0 name IP-VPN # remote 0 ap 0 name ip-vpn # remote 0 ap 0 datalink bind wan 0 # remote 0 ip address local # remote 0 ip address remote # routemanage ip redist rip bgp on # routemanage ip redist bgp rip on # bgp as # bgp network route /24 # bgp neighbor 0 address # bgp neighbor 0 as 1 # reset 38 LAN IP-VPN

39 V21 1 # wan 0 line hsd 128k LAN # lan 0 ip address /24 3 # remote 0 name IP-VPN # remote 0 ap 0 name ip-vpn # remote 0 ap 0 datalink bind wan 0 # remote 0 ip address local # remote 0 ip address remote # bgp as # bgp network route /24 # bgp neighbor 0 address # bgp neighbor 0 as 1 # reset # wan 0 line hsd 128k LAN # lan 0 ip address /24 3 # remote 0 name IP-VPN # remote 0 ap 0 name ip-vpn # remote 0 ap 0 datalink bind wan 0 # remote 0 ip address local # remote 0 ip address remote # bgp as # bgp network route /24 # bgp neighbor 0 address # bgp neighbor 0 as 1 # reset 39 LAN IP-VPN

40 V21 1 BGP4 BGP4 BGP WAN BGP BGP BGP BGP - BGP BGP - BGP BGP 40 LAN IP-VPN

41 V NAT IP VPN IPsec VPN A B PPPoE VPN A PPPoE IP /24 IP /24 PPPoE ID userid1 PPPoE userpass1 PPPoE LAN LAN0 B PPPoE IP /24 IP /24 PPPoE ID userid3 PPPoE userpass3 PPPoE LAN LAN0 IP /24 IP /24 IP A PPPoE # delete lan 0 # lan 0 mode auto # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid1 userpass1 # remote 0 ap 0 keep connect # remote 0 ip address local # remote 0 ip route 0 default 1 0 # remote 0 ip msschange NAT IP VPN

42 V21 1 B PPPoE # delete lan 0 # lan 0 mode auto # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid3 userpass3 # remote 0 ap 0 keep connect # remote 0 ip address local # remote 0 ip route 0 default 1 0 # remote 0 ip msschange 1414 # lan 0 ip address /24 3 # lan 0 ip route 0 default # lan 1 ip address / NAT IP VPN

43 V21 1 A vpn-hon honsya IPsec/IKE IPsec /24-any4 B vpn-hon honsya IPsec/IKE IPsec /24-any4 vpn-shia shisyaa IPsec/IKE IPsec any4-i /24 vpn-shib shisyab IPsec/IKE IPsec any4-i /24 A Main Mode IPsec esp IPsec des-cbc IPsec hmac-md5 IPsec DH IKE abcdefghijklmnopqrstuvwxyz IKE shared IKE des-cbc IKE hmac-md5 IKE DH modp768 B Main Mode IPsec esp IPsec 3des-cbc IPsec hmac-sha1 IPsec DH IKE ABCDEFGHIJKLMNOPQRSTUVWXYZ IKE shared IKE 3des-cbc IKE hmac-sha1 IKE DH modp NAT IP VPN

44 V21 1 DH IKE A VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range /24 any4 # remote 1 ap 0 ipsec ike encrypt des-cbc # remote 1 ap 0 ipsec ike auth hmac-md5 # remote 1 ap 0 ike mode main # remote 1 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 1 ap 0 ike proposal encrypt des-cbc # enable 44 NAT IP VPN

45 V21 1 B VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range /24 any4 # remote 1 ap 0 ipsec ike encrypt 3des-cbc # remote 1 ap 0 ipsec ike auth hmac-sha1 # remote 1 ap 0 ike mode main # remote 1 ap 0 ike shared key text ABCDEFGHIJKLMNOPQRSTUVWXYZ # remote 1 ap 0 ike proposal encrypt 3des-cbc # remote 1 ap 0 ike proposal hash hmac-sha1 # remote 1 ap 0 ike proposal pfs modp1024 # enable 45 NAT IP VPN

46 V21 1 VPN # remote 0 name vpn-shia # remote 0 ip route / # remote 0 ap 0 name shisyaa # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local # remote 0 ap 0 tunnel remote # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike range any /24 # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ike mode main # remote 0 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 0 ap 0 ike proposal encrypt des-cbc # remote 1 name vpn-shib # remote 1 ip route / # remote 1 ap 0 name shisyab # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range any /24 # remote 1 ap 0 ipsec ike encrypt 3des-cbc # remote 1 ap 0 ipsec ike auth hmac-sha1 # remote 1 ap 0 ike mode main # remote 1 ap 0 ike shared key text ABCDEFGHIJKLMNOPQRSTUVWXYZ # remote 1 ap 0 ike proposal encrypt 3des-cbc # remote 1 ap 0 ike proposal hash hmac-sha1 # remote 1 ap 0 ike proposal pfs modp1024 # enable 46 NAT IP VPN

47 V NAT IP VPN IPsec VPN A B PPPoE VPN A PPPoE IP /24 IP /24 IP /24 PPPoE ID userid1 PPPoE userpass1 PPPoE LAN LAN0 B PPPoE IP /24 IP /24 IP /24 PPPoE ID userid3 PPPoE userpass3 PPPoE LAN LAN0 IP /24 IP /24 IP A PPPoE # delete lan 0 # lan 0 mode auto # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid1 userpass1 # remote 0 ap 0 keep connect # remote 0 ip address local # remote 0 ip route 0 default 1 0 # remote 0 ip msschange NAT IP VPN

48 V21 1 B PPPoE # delete lan 0 # lan 0 mode auto # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid3 userpass3 # remote 0 ap 0 keep connect # remote 0 ip address local # remote 0 ip route 0 default 1 0 # remote 0 ip msschange 1414 # lan 0 ip address /24 3 # lan 0 ip route 0 default # lan 1 ip address / NAT IP VPN

49 V21 1 A vpn-hon honsya IPsec/IKE IPsec /24-any4 B vpn-hon honsya IPsec/IKE IPsec /24-any4 vpn-shia shisyaa IPsec/IKE IPsec any4-i /24 vpn-shib shisyab IPsec/IKE IPsec any4-i /24 A Main Mode IPsec esp IPsec des-cbc IPsec hmac-md5 IPsec DH IKE abcdefghijklmnopqrstuvwxyz IKE shared IKE des-cbc IKE hmac-md5 IKE DH modp768 B Main Mode IPsec esp IPsec 3des-cbc IPsec hmac-sha1 IPsec DH IKE ABCDEFGHIJKLMNOPQRSTUVWXYZ IKE shared IKE 3des-cbc IKE hmac-sha1 IKE DH modp NAT IP VPN

50 V21 1 DH IKE A IPsec/IKE # remote 0 ip nat static # remote 0 ip nat static any any any 50 VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range /24 any4 # remote 1 ap 0 ipsec ike encrypt des-cbc # remote 1 ap 0 ipsec ike auth hmac-md5 # remote 1 ap 0 ike mode main # remote 1 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 1 ap 0 ike proposal encrypt des-cbc # enable 50 NAT IP VPN

51 V21 1 B IPsec/IKE # remote 0 ip nat static # remote 0 ip nat static any any any 50 VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range /24 any4 # remote 1 ap 0 ipsec ike encrypt 3des-cbc # remote 1 ap 0 ipsec ike auth hmac-sha1 # remote 1 ap 0 ike mode main # remote 1 ap 0 ike shared key text ABCDEFGHIJKLMNOPQRSTUVWXYZ # remote 1 ap 0 ike proposal encrypt 3des-cbc # remote 1 ap 0 ike proposal hash hmac-sha1 # remote 1 ap 0 ike proposal pfs modp1024 # enable 51 NAT IP VPN

52 V21 1 VPN # remote 0 name vpn-shia # remote 0 ip route / # remote 0 ap 0 name shisyaa # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local # remote 0 ap 0 tunnel remote # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike range any /24 # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ike mode main # remote 0 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 0 ap 0 ike proposal encrypt des-cbc # remote 1 name vpn-shib # remote 1 ip route / # remote 1 ap 0 name shisyab # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range any /24 # remote 1 ap 0 ipsec ike encrypt 3des-cbc # remote 1 ap 0 ipsec ike auth hmac-sha1 # remote 1 ap 0 ike mode main # remote 1 ap 0 ike shared key text ABCDEFGHIJKLMNOPQRSTUVWXYZ # remote 1 ap 0 ike proposal encrypt 3des-cbc # remote 1 ap 0 ike proposal hash hmac-sha1 # remote 1 ap 0 ike proposal pfs modp1024 # enable 52 NAT IP VPN

53 V NAT IP VPN IP VPN A B PPPoE VPN A PPPoE IP /24 PPPoE ID userid1 PPPoE userpass1 PPPoE LAN LAN0 B PPPoE IP /24 PPPoE ID userid3 PPPoE userpass3 PPPoE LAN LAN0 IP /24 IP /24 IP A PPPoE # delete lan 0 # lan 0 mode auto # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 0 # remote 0 ip nat mode multi any 1 5m # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid1 userpass1 B PPPoE # delete lan 0 # lan 0 mode auto # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 0 # remote 0 ip nat mode multi any 1 5m # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid3 userpass3 53 NAT IP VPN

54 V21 1 # lan 0 ip address /24 3 # lan 0 ip route 0 default # lan 1 ip address /24 3 A Initiator vpn-hon honsya IPsec/IKE A IPsec /24-any4 IKE UDP ESP B Initiator vpn-hon honsya IPsec/IKE B IPsec /24-any4 IKE UDP NAT IP VPN

55 V21 1 ESP vpn-shia shisyaa IPsec/IKE A IPsec any /24 vpn-shib shisyab IPsec/IKE B IPsec any /24 A Aggressive Mode IPsec esp IPsec des-cbc IPsec hmac-md5 IPsec DH IKE A ID ID shisyaa FQDN IKE abcdefghijklmnopqrstuvwxyz IKE shared IKE des-cbc IKE hmac-md5 IKE DH modp768 B Aggressive Mode IPsec esp IPsec 3des-cbc IPsec hmac-sha1 IPsec DH IKE B ID ID shisyab FQDN IKE ABCDEFGHIJKLMNOPQRSTUVWXYZ IKE shared IKE 3des-cbc IKE hmac-sha1 IKE DH modp NAT IP VPN

56 V21 1 DH IKE ID Aggressive Mode ID VPN IP VPN IP IP IKE NAT A Initiator IPsec/IKE # remote 0 ip nat static any # remote 0 ip nat static any any any 50 VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range /24 any4 # remote 1 ap 0 ipsec ike encrypt des-cbc # remote 1 ap 0 ipsec ike auth hmac-md5 # remote 1 ap 0 ike mode aggressive # remote 1 ap 0 ike name local shisyaa # remote 1 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 1 ap 0 ike proposal encrypt des-cbc # enable 56 NAT IP VPN

57 V21 1 B Initiator IPsec/IKE # remote 0 ip nat static any # remote 0 ip nat static any any any 50 VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range /24 any4 # remote 1 ap 0 ipsec ike encrypt 3des-cbc # remote 1 ap 0 ipsec ike auth hmac-sha1 # remote 1 ap 0 ike mode aggressive # remote 1 ap 0 ike name local shisyab # remote 1 ap 0 ike shared key text ABCDEFGHIJKLMNOPQRSTUVWXYZ # remote 1 ap 0 ike proposal encrypt 3des-cbc # remote 1 ap 0 ike proposal hash hmac-sha1 # remote 1 ap 0 ike proposal pfs modp1024 # enable 57 NAT IP VPN

58 V21 1 Responder VPN # remote 0 name vpn-shia # remote 0 ip route / # remote 0 ap 0 name shisyaa # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike range any /24 # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ike mode aggressive # remote 0 ap 0 ike name remote shisyaa # remote 0 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 0 ap 0 ike proposal encrypt des-cbc # remote 1 name vpn-shib # remote 1 ip route / # remote 1 ap 0 name shisyab # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range any /24 # remote 1 ap 0 ipsec ike encrypt 3des-cbc # remote 1 ap 0 ipsec ike auth hmac-sha1 # remote 1 ap 0 ike mode aggressive # remote 1 ap 0 ike name remote shisyab # remote 1 ap 0 ike shared key text ABCDEFGHIJKLMNOPQRSTUVWXYZ # remote 1 ap 0 ike proposal encrypt 3des-cbc # remote 1 ap 0 ike proposal hash hmac-sha1 # remote 1 ap 0 ike proposal pfs modp1024 # enable 58 NAT IP VPN

59 RIP IPv RIP IPv OSPFv2 IPv OSPF IPv OSPF LSA AS OSPF LSA BGP IPv AS IP-VPN IP-VPN MPLS MPLS LSP MPLS LSP MPLS 2VPN EoMPLS MPLS 3VPN BGP/MPLS VPN

60 2.8.1 MPLS LAN MPLS PIM-DM PIM-SM VLAN IP SPI IPv ping IPsec IPv4 over IPv4 IP VPN IPv4 over IPv6 IP VPN IPv4 over IPv6 IP VPN IPv6 over IPv4 IP VPN IPv6 over IPv4 IP VPN IPv6 over IPv6 IP VPN IPv6 over IPv6 IP VPN IPv4 over IPv4 1 IKE IPsec VPN IPsec NAT LAN PPPoE LAN NAT IPsec IPsec VoIP NAT TOS/Traffic Class VLAN WFQ DHCP DHCP DHCP DHCP DHCP

61 IPv6 DHCP DNS ProxyDNS DNS DNS DNS DNS DNS URL URL SNMP ECMP VRRP STP FNA STP IP Ethernet over IP LAN HUB ISDN PIAFS

62 V RIP IPv4 IP RIP IP 0 any 1 16 RIP IP IP IP IP / / /24 IP IP / / /24 RIPv1 lan 0 ip address / /8 62 RIP IPv4

63 V A. B. A B RIP RIP RIP RIP 63 RIP IPv4

64 V # lan 0 ip rip filter 0 act pass out # lan 0 ip rip filter 0 route default # lan 0 ip rip filter 1 act reject out # lan 0 ip rip filter 1 route any # enable 64 RIP IPv4

65 V / / / / / /24 1 # lan 1 ip rip filter 0 act pass out # lan 1 ip rip filter 0 route /24 # lan 1 ip rip filter 0 set metric 1 # lan 1 ip rip filter 1 act pass out # lan 1 ip rip filter 1 route any # enable RIP RIP IPv4

66 V # lan 0 ip rip filter 0 act pass in # lan 0 ip rip filter 0 route default # lan 0 ip rip filter 1 act reject in # lan 0 ip rip filter 1 route any # enable 66 RIP IPv4

67 V / / /24 5 LAN /24 1 # lan 0 ip rip filter 0 act pass in # lan 0 ip rip filter 0 route /24 # lan 0 ip rip filter 0 set metric 1 LAN0 # lan 0 ip rip filter 1 act pass in # lan 0 ip rip filter 1 route any lan /24 5 # lan 1 ip rip filter 0 act pass in # lan 1 ip rip filter 0 route /24 # lan 1 ip rip filter 0 set metric 5 lan1 # lan 1 ip rip filter 1 act pass in # lan 1 ip rip filter 1 route any # enable RIP IPv4

68 V / / /24 # lan 0 ip rip filter 0 act reject out # lan 0 ip rip filter 0 route /24 # lan 0 ip rip filter 1 act pass out # lan 0 ip rip filter 1 route any # enable 68 RIP IPv4

69 V / / /24 # lan 0 ip rip filter 0 act reject in # lan 0 ip rip filter 0 route /24 # lan 0 ip rip filter 1 act pass in # lan 0 ip rip filter 1 route any # enable 69 RIP IPv4

70 V RIP IPv6 RIP IPv6 0 any 1 16 RIP 2001:db8:1111::/ :db8:1111::/ :db8:1111::/ :db8::/ :db8::/ :db8:1111::/32 70 RIP IPv6

71 V A. B. A B RIP RIP RIP RIP 71 RIP IPv6

72 V # lan 0 ip6 rip filter 0 act pass out # lan 0 ip6 rip filter 0 route default # lan 0 ip6 rip filter 1 act reject out # lan 0 ip6 rip filter 1 route any # enable 72 RIP IPv6

73 V :db8:1111::/ :db8:1111::/ :db8:2222::/ :db8:1111::/ :db8:1111::/ :db8:1111::/64 1 # lan 1 ip6 rip filter 0 act pass out # lan 1 ip6 rip filter 0 route 2001:db8:1111::/64 # lan 1 ip6 rip filter 0 set metric 1 # lan 1 ip6 rip filter 1 act pass out # lan 1 ip6 rip filter 1 route any # enable RIP RIP IPv6

74 V # lan 0 ip6 rip filter 0 act pass in # lan 0 ip6 rip filter 0 route default # lan 0 ip6 rip filter 1 act reject in # lan 0 ip6 rip filter 1 route any # enable 74 RIP IPv6

75 V :db8:1111::/ :db8:1111::/ :db8:1111::/64 5 LAN0 2001:db8:1111::/64 1 # lan 0 ip6 rip filter 0 act pass in # lan 0 ip6 rip filter 0 route 2001:db8:1111::/64 # lan 0 ip6 rip filter 0 set metric 1 LAN0 # lan 0 ip6 rip filter 1 act pass in # lan 0 ip6 rip filter 1 route any lan1 2001:db8:1111::/64 5 # lan 1 ip6 rip filter 0 act pass in # lan 1 ip6 rip filter 0 route 2001:db8:1111::/64 # lan 1 ip6 rip filter 0 set metric 5 lan1 # lan 1 ip6 rip filter 1 act pass in # lan 1 ip6 rip filter 1 route any # enable RIP IPv6

76 V :db8:1111::/ :db8:1111::/ :db8:1111::/64 # lan 0 ip6 rip filter 0 act reject out # lan 0 ip6 rip filter 0 route 2001:db8:1111::/64 # lan 0 ip6 rip filter 1 act pass out # lan 0 ip6 rip filter 1 route any # enable 76 RIP IPv6

77 V :db8:1111::/ :db8:1111::/ :db8:1111::/64 # lan 0 ip6 rip filter 0 act reject in # lan 0 ip6 rip filter 0 route 2001:db8:1111::/64 # lan 0 ip6 rip filter 1 act pass in # lan 0 ip6 rip filter 1 route any # enable 77 RIP IPv6

78 V OSPFv2 IPv4 OSPFv2 OSPF ID ID ID MR OSPF P.33 NAT OSPF IP IP OSPF 50 2 Designated Router OSPF MTU OSPF OSPF LSA LSDB LSA LSA enable/reset 60 OSPF enable LSA MaxAge OSPF OSPF LSA 15Kbps 5 6 remote 78 OSPFv2 IPv4

79 V IP 1 6 NAT DHCP 5 6 ISDN 1 LAN0 OSPF LAN1 OSPF LAN0 OSPF ID LAN1 OSPF ID LAN /16 2 LAN0 OSPF LAN1 OSPF LAN0 OSPF ID LAN1 OSPF ID LAN0 1 LAN1 passive-interface 3 LAN0 OSPF LAN1 OSPF LAN0 OSPF ID LAN1 OSPF ID LAN0 255 LAN1 passive-interface 4 LAN0 OSPF LAN1 OSPF LAN0 OSPF ID LAN1 OSPF ID LAN1 passive-interface LAN0 1 5 LAN0 OSPF remote0 OSPF LAN0 OSPF ID remote0 OSPF ID /16 6 LAN0 OSPF 79 OSPFv2 IPv4

80 V21 2 remote0 OSPF LAN0 OSPF ID remote0 OSPF ID LAN0 passive-interface 1 LAN # lan 0 ip ospf use on 0 # lan 1 ip ospf use on 1 # lan 1 ip ospf priority 0 OSPF # ospf ip area 0 id # ospf ip area 1 id # ospf ip area 1 range /16 # reset 2 LAN # lan 0 ip ospf use on 0 # lan 0 ip ospf priority 1 # lan 1 ip ospf use on 0 # lan 1 ip ospf passive on OSPF # ospf ip area 0 id # reset 80 OSPFv2 IPv4

81 V LAN # lan 0 ip ospf use on 0 # lan 0 ip ospf priority 255 # lan 1 ip ospf use on 0 # lan 1 ip ospf passive on OSPF # ospf ip area 0 id # reset 4 LAN # lan 0 ip ospf use on 0 # lan 0 ip ospf priority 1 # lan 1 ip ospf use on 0 # lan 1 ip ospf passive on OSPF # ospf ip area 0 id # reset 5 LAN # lan 0 ip ospf use on 0 # remote 0 ip ospf use on 1 OSPF # ospf ip area 0 id # ospf ip area 1 id # ospf ip area 1 range /16 # reset 81 OSPFv2 IPv4

82 V LAN # lan 0 ip ospf use on 0 # lan 0 ip ospf passive on # remote 0 ip ospf use on 0 OSPF # ospf ip area 0 id # reset WAN WAN IP OSPF OSPF 82 OSPFv2 IPv4

83 V OSPF ID OSPF ID 4 5 remote 1 5 IP 1 5 NAT DHCP 4 5 ISDN 1 LAN0 OSPF LAN1 OSPF LAN0 OSPF ID LAN1 OSPF ID LAN0 OSPF LAN1 OSPF LAN0 OSPF ID OSPFv2 IPv4

84 V21 2 LAN1 OSPF ID LAN0 OSPF LAN1 OSPF LAN0 OSPF ID LAN1 OSPF ID OSPF ID OSPF ID LAN0 OSPF remote0 OSPF LAN0 OSPF ID remote0 OSPF ID OSPF ID OSPF ID LAN0 OSPF remote0 OSPF LAN0 OSPF ID remote0 OSPF ID LAN # lan 0 ip ospf use on 0 # lan 1 ip ospf use on 1 OSPF # ospf ip area 0 id # ospf ip area 1 id # reset 84 OSPFv2 IPv4

85 V LAN # lan 0 ip ospf use on 0 # lan 1 ip ospf use on 0 OSPF # ospf ip area 0 id # reset 3 LAN # lan 0 ip ospf use on 0 # lan 1 ip ospf use on 1 OSPF # ospf ip id # ospf ip area 0 id # ospf ip area 1 id # ospf ip area 1 vlink 0 id # reset 4 LAN # lan 0 ip ospf use on 0 5 # remote 0 ip ospf use on 1 OSPF # ospf ip id # ospf ip area 0 id # ospf ip area 0 vlink 0 id # ospf ip area 1 id # reset 85 OSPFv2 IPv4

86 V LAN # lan 0 ip ospf use on 0 4 # remote 0 ip ospf use on 0 OSPF # ospf ip area 0 id # reset 86 OSPFv2 IPv4

87 V OSPF OSPF RIP BGP OSPF OSPF RIP BGP OSPF OSPF OSPF NSSA OSPF OSPF OSPF 5 6 remote IP-VPN 1 6 IP 1 6 NAT DHCP 5 6 ISDN 87 OSPFv2 IPv4

88 V LAN0 OSPF LAN1 OSPF LAN0 OSPF ID LAN1 OSPF ID ID stub 2 LAN0 OSPF LAN1 OSPF LAN0 OSPF ID LAN1 OSPF ID ID stub 3 LAN0 OSPF LAN1 OSPF LAN0 OSPF ID LAN1 OSPF ID ID nssa 4 LAN0 OSPF LAN1 RIP V2,OSPF LAN0 OSPF ID LAN1 passive-interface ID nssa OSPF RIP RIP OSPF 5 LAN0 OSPF remote0 BGP LAN0 OSPF ID BGP OSPF BGP AS BGP IGP BGP /24 BGP /8 AS /16 6 BGP AS BGP IGP 88 OSPFv2 IPv4

89 V21 2 BGP / /24 1 LAN # lan 0 ip ospf use on 0 # lan 1 ip ospf use on 1 OSPF # ospf ip area 0 id # ospf ip area 1 id # ospf ip area 1 type stub # reset 2 LAN # lan 0 ip ospf use on 0 # lan 1 ip ospf use on 0 OSPF # ospf ip area 0 id # ospf ip area 0 type stub # reset 89 OSPFv2 IPv4

90 V LAN # lan 0 ip ospf use on 0 # lan 1 ip ospf use on 1 OSPF # ospf ip area 0 id # ospf ip area 1 id # ospf ip area 1 type nssa # reset 4 LAN # lan 0 ip ospf use on 0 # lan 1 ip rip use v2m v2 0 off # lan 1 ip ospf use on 0 # lan 1 ip ospf passive on # routemanage ip redist ospf rip on # routemanage ip redist rip ospf on OSPF # ospf ip area 0 id # ospf ip area 0 type nssa # reset 90 OSPFv2 IPv4

91 V LAN # lan 0 ip ospf use on 0 # routemanage ip redist ospf bgp on BGP # bgp as # bgp neighbor 0 address # bgp neighbor 0 as 1 # bgp network igp on # bgp network route /24 # bgp aggregate /8 summary-only OSPF # ospf ip area 0 id # ospf ip summary /16 # reset 6 BGP # bgp as # bgp neighbor 0 address # bgp neighbor 0 as 1 # bgp network igp on # bgp network route /24 # bgp network route /24 # reset 91 OSPFv2 IPv4

92 V OSPF IPv4 LSA OSPF LSA LSA LSA LAN0 OSPF LAN1 OSPF LAN0 ID LAN1 ID /16 OSPF # lan 0 ip ospf use on 0 # lan 1 ip ospf use on 1 # ospf ip area 0 id # ospf ip area 1 id # ospf ip area 1 range /16 # enable 92 OSPF IPv4

93 V AS OSPF AS OSPF AS AS AS OSPF AS LAN0 OSPF remote0 BGP LAN0 ID /16 OSPF # lan 0 ip ospf use on 0 # ospf ip area 0 id OSPF AS # routemanage ip redist ospf bgp on # ospf ip summary /16 AS # ospf ip redist 0 pass /16 inexact # ospf ip redist 1 reject any # enable 93 OSPF IPv4

94 V LSA TYPE3 LSA / /8 LAN0 OSPF remote0 OSPF LAN0 ID remote0 ID /8 LSA OSPF # lan 0 ip ospf use on 0 # remote 0 ip ospf use on 1 # ospf ip area 0 id # ospf ip area 1 id # ospf ip area 1 type3-lsa 0 reject /8 in exact # ospf ip area 1 type3-lsa 1 pass any in # enable 94 OSPF IPv4

95 V BGP IPv4 MR BGP4 P / /8 # bgp neighbor 0 filter 0 act pass in # bgp neighbor 0 filter 0 route /8 # bgp neighbor 0 filter 1 act pass in # bgp neighbor 0 filter 1 route /8 # bgp neighbor 0 filter 2 act reject in # bgp neighbor 0 filter 2 route any # enable 95 BGP IPv4

96 V AS AS4 # bgp neighbor 0 filter 0 act reject in # bgp neighbor 0 filter 0 as 4 # bgp neighbor 0 filter 1 act pass in # bgp neighbor 0 filter 1 route any # enable 96 BGP IPv4

97 V IP-VPN IP-VPN IP-VPN IP-VPN 1 IP-VPN 2 IP-VPN 2 IP-VPN 1 AS2 AS3 AS3 AS2 IP-VPN 1 # bgp neighbor 0 filter 0 act reject out # bgp neighbor 0 filter 0 as 3 # bgp neighbor 0 filter 1 act pass out # bgp neighbor 0 filter 1 route any IP-VPN 2 # bgp neighbor 1 filter 0 act reject out # bgp neighbor 1 filter 0 as 2 # bgp neighbor 1 filter 1 act pass out # bgp neighbor 1 filter 1 route any # enable 97 BGP IPv4

98 V IP-VPN 2 OSPF AS1 IP-VPN AS2 10/8 1 11/8 2 MED AS1 OSPF BGP AS2 1 MED # bgp neighbor 0 filter 0 act pass out # bgp neighbor 0 filter 0 route /8 # bgp neighbor 0 filter 0 set medmetric 0 # bgp neighbor 0 filter 1 act pass out # bgp neighbor 0 filter 1 route /8 # bgp neighbor 0 filter 1 set medmetric 10 # bgp neighbor 0 filter 2 act pass out # bgp neighbor 0 filter 2 route any BGP OSPF # routemanage ip redist bgp ospf on # enable 98 BGP IPv4

99 V MED # bgp neighbor 0 filter 0 act pass out # bgp neighbor 0 filter 0 route /8 # bgp neighbor 0 filter 0 set medmetric 10 # bgp neighbor 0 filter 1 act pass out # bgp neighbor 0 filter 1 route /8 # bgp neighbor 0 filter 1 set medmetric 0 # bgp neighbor 0 filter 2 act pass out # bgp neighbor 0 filter 2 route any BGP OSPF # routemanage ip redist bgp ospf on # enable BGP/MPLS VPN BGP MED AS MED AS BGP enable 99 BGP IPv4

100 V MPLS MPLS LSP label Switching Path LSP MPLS LSP MPLS MPLS MPLS LSP LSR MPLS LSP MPLS LSP MPLS LSP IPv4 IPv6 MPLS LSP BGP/MPLS VPN LDP over LDP MPLS LSP MPLS MPLS LSP IPv6 2 IPv6 Explicit NULL MPLS TTL TTL MPLS LSP LSP LSP IP TOS NAT RIP OSPF MPLS LSP MPLS LSP MPLS LSP MPLS EXP MPLS LSP 100 MPLS

101 V MPLS LSP 1 LAN0 MPLS LAN1 LAN MPLS LSR MPLS 1 2 EBGP 2 LAN0 MPLS LAN1 LAN MPLS LSR MPLS 2 1 EBGP 1 LAN0 MPLS IP MPLS LSR IP LAN1 IP IP AS AS LAN0 MPLS IP MPLS LSR IP LAN1 IP IP AS AS MPLS

102 V MPLS # lan 0 ip address /24 3 # lan 0 mpls use on # mpls ip propagate-ttl off # mpls ldp router-id # mpls ldp ip transport # routemanage ip redist ldp connected off # routemanage ip redist ldp rip off # routemanage ip redist ldp ospf off MPLS # remote 0 name tokyo # remote 0 ap 0 name lsp1 # remote 0 ap 0 datalink type mpls # remote 0 ap 0 mpls to lan 0 # remote 0 ap 0 mpls nexthop # remote 0 ap 0 tunnel local # remote 0 ap 0 tunnel remote # loopback ip address LAN1 # lan 1 ip address / # bgp as 101 # bgp neighbor 0 address # bgp neighbor 0 as 201 # bgp neighbor 0 enforce-multihop on # bgp neighbor 0 source # bgp network igp on # bgp network route /24 # remote 0 ip route /32 # enable 102 MPLS

103 V MPLS # lan 0 ip address /24 3 # lan 0 mpls use on # mpls ip propagate-ttl off # mpls ldp router-id # mpls ldp ip transport # routemanage ip redist ldp connected off # routemanage ip redist ldp rip off # routemanage ip redist ldp ospf off MPLS # remote 0 name kawasaki # remote 0 ap 0 name lsp1 # remote 0 ap 0 datalink type mpls # remote 0 ap 0 mpls to lan 0 # remote 0 ap 0 mpls nexthop # remote 0 ap 0 tunnel local # remote 0 ap 0 tunnel remote # loopback ip address LAN1 # lan 1 ip address / # bgp as 201 # bgp neighbor 0 address # bgp neighbor 0 as 101 # bgp neighbor 0 enforce-multihop on # bgp neighbor 0 source # bgp network igp on # bgp network route /24 # remote 0 ip route /32 # enable 103 MPLS

104 V MPLS LSP 1 LAN0 MPLS LAN1 LAN MPLS LSR MPLS 1 2 LSP OSPF MPLS LSP 5Mbps LSP 2 LAN0 MPLS LAN1 LAN MPLS LSR MPLS 1 2 LSP OSPF MPLS LSP 5Mbps LSP 1 LAN0 MPLS IP MPLS LSR IP LAN1 IP MPLS IP MPLS IP LAN0 MPLS IP MPLS LSR IP LAN1 IP MPLS IP MPLS IP MPLS

105 V MPLS # lan 0 ip address /24 3 # lan 0 mpls use on # mpls ip propagate-ttl off # mpls ldp router-id # mpls ldp ip transport # routemanage ip redist ldp connected off # routemanage ip redist ldp rip off # routemanage ip redist ldp ospf off MPLS # remote 0 name tokyo # remote 0 ap 0 name lsp1 # remote 0 ap 0 datalink type mpls # remote 0 ap 0 mpls to lan 0 # remote 0 ap 0 mpls nexthop # remote 0 ap 0 tunnel local # remote 0 ap 0 tunnel remote # remote 0 ip address local # remote 0 ip address remote MPLS # remote 0 shaping 5m on MPLS # remote 0 ap 0 sessionwatch s 1m 5s 1s 1 LAN1 # lan 1 ip address / # remote 0 ip ospf use on 0 # lan 1 ip ospf use on 0 # lan 1 ip ospf passive on # ospf ip area 0 id # enable 105 MPLS

106 V MPLS # lan 0 ip address /24 3 # lan 0 mpls use on # mpls ip propagate-ttl off # mpls ldp router-id # mpls ldp ip transport # routemanage ip redist ldp connected off # routemanage ip redist ldp rip off # routemanage ip redist ldp ospf off MPLS # remote 0 name kawasaki # remote 0 ap 0 name lsp1 # remote 0 ap 0 datalink type mpls # remote 0 ap 0 mpls to lan 0 # remote 0 ap 0 mpls nexthop # remote 0 ap 0 tunnel local # remote 0 ap 0 tunnel remote # remote 0 ip address local # remote 0 ip address remote MPLS # remote 0 shaping 5m on MPLS # remote 0 ap 0 sessionwatch s 1m 5s 1s 1 LAN1 # lan 1 ip address / # remote 0 ip ospf use on 0 # lan 1 ip ospf use on 0 # lan 1 ip ospf passive on # ospf ip area 0 id # enable 106 MPLS

107 V MPLS 2VPN EoMPLS MPLS MR MPLS 2VPN EoMPLS P.39 MPLS MPLS MPLS LSP 2VPN EoMPLS VC LSP MPLS VC LAN VLAN IP IPv6 MAC VRRP EoMPLS MAC STP Ethernet EoMPLS LAN STP Ethernet VLAN Tag VLAN VC LAN STP VLAN Tag 107 MPLS 2VPN EoMPLS

108 V LAN0 MPLS LAN1 LAN2 LAN MPLS LSR MPLS 2 LAN0 MPLS LAN1 LAN MPLS LSR MPLS 3 LAN0 MPLS LAN1 LAN MPLS LSR MPLS 1 LAN0 MPLS IP IP LAN1 VC 10 LAN2 VC 20 2 LAN0 MPLS IP IP LAN1 VC 10 3 LAN0 MPLS IP IP LAN1 VC MPLS 2VPN EoMPLS

109 V MPLS # lan 0 ip address /24 3 # lan 0 ip route / # lan 0 ip route / # lan 0 mpls use on # mpls ldp ip transport # mpls ldp router-id # loopback ip address # loopback mpls ldp interface-label on VC # lan 1 mpls l2-circuit vc # lan 2 mpls l2-circuit vc # enable 2 MPLS # lan 0 ip address /24 3 # lan 0 ip route / # lan 0 mpls use on # mpls ldp ip transport # mpls ldp router-id # loopback ip address # loopback mpls ldp interface-label on VC # lan 1 mpls l2-circuit vc # enable 109 MPLS 2VPN EoMPLS

110 V MPLS # lan 0 ip address /24 3 # lan 0 ip route / # lan 0 mpls use on # mpls ldp ip transport # mpls ldp router-id # loopback ip address # loopback mpls ldp interface-label on VC # lan 1 mpls l2-circuit vc # enable MPLS LSP REMOTE EoMPLS REMOTE MPLS LDP Multicast Hello 110 MPLS 2VPN EoMPLS

111 V MPLS 3VPN BGP/MPLS VPN MPLS MR MPLS 3VPN BGP/MPLS VPN P.41 MPLS VPN MPLS VPN 1 2 BGP/MPLS VPN IPv4 IPv6 BGP 1 IP-VPN BGP BGP BGP BGP/MPLS VPN NAT LER BGP/MPLS VPN VPN EBGP OSPF RIP VPN VPN IP VPN MPLS RIP VPN RIP MPLS LER IP IP IP TOS VPN VPN IPsec WFQ IP VRRP VPN BGP/MPLS VPN LER MTU IP MTU VoIP IP BGP IP IP MPLS MPLS LDP BRI LDP LDP Hello 30 MPLS Ethernet Ethernet Ethernet MPLS MTU VPN MPLS IP / /24 VPN VPN SNMP VPN BGP LSP 111 MPLS 3VPN BGP/MPLS VPN

112 V MPLS LAN 1 VLAN HUB VLAN ID VLAN ID : /24 VLAN ID : /24 LAN1 VLAN LAN LAN2 LAN3 VLAN LAN1 LAN0 IP LAN2 IP LAN3 IP LAN0 3 NAT DHCP 2 VLAN HUB VLAN ID VLAN ID : /24 VLAN ID : /24 LAN1 VLAN LAN LAN2 LAN3 VLAN LAN1 LAN0 IP LAN2 IP LAN3 IP LAN0 3 NAT DHCP MPLS BGP AS 10 RR IP MPLS 3VPN BGP/MPLS VPN

113 V21 2 MPLS IPv4 OSPF VPN-A 10: / / /24 VPN-B 10: / / /24 1 IP OSPF OSPF ID LAN0 OSPF LAN0 OSPF ID LAN2 VPN VPN-A LAN3 VPN VPN-B 2 IP OSPF OSPF ID LAN0 OSPF LAN0 OSPF ID LAN2 VPN VPN-A LAN2 BGP/MPLS VPN IP / LAN3 VPN VPN-B LAN3 BGP/MPLS VPN IP / MPLS 3VPN BGP/MPLS VPN

114 V # loopback ip address MPLS # lan 0 mpls use on # mpls ldp router-id # mpls ldp ip transport # lan 0 ip ospf use on 0 # ospf ip area 0 id # loopback ip ospf use on 0 RR # bgp as 10 # bgp id # bgp neighbor 0 address # bgp neighbor 0 as 10 # bgp neighbor 0 family vpnv4 # bgp neighbor 0 source VPN-A VRF0 # bgp vrf 0 rd 10 1 # routemanage ip redist bgp vrf 0 connected on VPN-B VRF1 # bgp vrf 1 rd 10 2 # routemanage ip redist bgp vrf 1 connected on LAN2 VPN-A VRF0 # lan 2 ip vrf use on 0 LAN3 VPN-B VRF1 # lan 3 ip vrf use on 1 # enable 114 MPLS 3VPN BGP/MPLS VPN

115 V # loopback ip address MPLS # lan 0 mpls use on # mpls ldp router-id # mpls ldp ip transport # lan 0 ip ospf use on 0 # ospf ip area 0 id # loopback ip ospf use on 0 RR # bgp as 10 # bgp id # bgp neighbor 0 address # bgp neighbor 0 as 10 # bgp neighbor 0 family vpnv4 # bgp neighbor 0 source VPN-A VRF0 # bgp vrf 0 rd 10 1 # routemanage ip redist bgp vrf 0 static on # routemanage ip redist bgp vrf 0 connected on VPN-B VRF1 # bgp vrf 1 rd 10 2 # routemanage ip redist bgp vrf 1 static on # routemanage ip redist bgp vrf 1 connected on LAN2 VPN-A VRF0 # lan 2 ip vrf use on 0 # lan 2 ip vrf route / LAN3 VPN-B VRF1 # lan 3 ip vrf use on 1 # lan 3 ip vrf route / # enable 115 MPLS 3VPN BGP/MPLS VPN

116 V MPLS IP NAT DHCP MPLS BGP AS 10 RR IP MPLS IPv4 OSPF VPN-A 10: / / /24 VPN-B 10: / / / MPLS 3VPN BGP/MPLS VPN

117 V IP OSPF OSPF ID rmt0 OSPF rmt0 OSPF ID LAN0 VPN VPN-A LAN1 VPN VPN-B 2 IP OSPF OSPF ID rmt0 OSPF rmt0 OSPF ID LAN0 VPN VPN-A LAN0 BGP/MPLS VPN IP / LAN1 VPN VPN-B LAN1 BGP/MPLS VPN IP / MPLS 3VPN BGP/MPLS VPN

118 V # loopback ip address MPLS # remote 0 mpls use on # mpls ldp router-id # mpls ldp ip transport # remote 0 ip ospf use on 0 # ospf ip area 0 id # loopback ip ospf use on 0 RR # bgp as 10 # bgp id # bgp neighbor 0 address # bgp neighbor 0 as 10 # bgp neighbor 0 family vpnv4 # bgp neighbor 0 source VPN-A VRF0 # bgp vrf 0 rd 10 1 # routemanage ip redist bgp vrf 0 connected on VPN-B VRF1 # bgp vrf 1 rd 10 2 # routemanage ip redist bgp vrf 1 connected on LAN0 VPN-A VRF0 # lan 0 ip vrf use on 0 # lan 0 ip address /24 3 LAN1 VPN-B VRF1 # lan 1 ip vrf use on 1 # lan 1 ip address /24 3 # enable 118 MPLS 3VPN BGP/MPLS VPN

119 V # loopback ip address MPLS # remote 0 mpls use on # mpls ldp router-id # mpls ldp ip transport # remote 0 ip ospf use on 0 # ospf ip area 0 id # loopback ip ospf use on 0 RR # bgp as 10 # bgp id # bgp neighbor 0 address # bgp neighbor 0 as 10 # bgp neighbor 0 family vpnv4 # bgp neighbor 0 source VPN-A VRF0 # bgp vrf 0 rd 10 1 # routemanage ip redist bgp vrf 0 static on # routemanage ip redist bgp vrf 0 connected on VPN-B VRF1 # bgp vrf 1 rd 10 2 # routemanage ip redist bgp vrf 1 static on # routemanage ip redist bgp vrf 1 connected on LAN0 VPN-A VRF0 # lan 0 ip vrf use on 0 # lan 0 ip address /24 3 # lan 0 ip vrf route / LAN1 VPN-B VRF1 # lan 1 ip vrf use on 1 # lan 1 ip address /24 3 # lan 1 ip vrf route / # enable BRI ISDN HSD LAN FR MPLS BGP OSPF RIP BGP/MPLS VPN 119 MPLS 3VPN BGP/MPLS VPN

120 V ISDN B 64Kbps 2 128Kbps BAP/ BACP MR P.44 ISDN 0 remote 0 0 remote 0 ISDN 2 90% 60 40% 10 MP # remote 0 ap 0 ppp mp use on 2 # remote 0 ppp mp start 2 # remote 0 ppp mp traffic use on # remote 0 ppp mp traffic increase 90 60s # remote 0 ppp mp traffic decrease 40 10s # remote 0 ppp mp order on # enable 120

121 V PIM-DM PIM-SM MR P PIM-DM PIM-DM LAN PIM-DM IP IP IP 121

122 V21 2 PIM-DM VLAN HUB VLAN ID VLAN ID /24 VLAN ID /24 PIM-DM 1 LAN1 LAN2 LAN3 LAN0 VLAN LAN LAN2 LAN3 VLAN LAN0 RIP LAN1 IP /24 LAN2 IP /24 LAN3 IP /24 2 LAN1 LAN2 LAN0 VLAN LAN LAN2 VLAN LAN0 RIP LAN1 IP /24 LAN2 IP /24 3 LAN1 LAN2 LAN0 VLAN LAN LAN2 VLAN LAN0 RIP LAN1 IP /24 LAN2 IP /24 122

123 V LAN0 # delete lan 0 LAN 0 # lan 0 mode auto /24 # lan 1 ip address /24 3 # lan 1 ip multicast mode pimdm /24 # lan 2 ip address /24 3 # lan 2 ip rip use v2 v2 0 on # lan 2 ip multicast mode pimdm # lan 2 vlan bind 0 # lan 2 vlan tag vid /24 # lan 3 ip address /24 3 # lan 3 ip rip use v2 v2 0 on # lan 3 ip multicast mode pimdm # lan 3 vlan bind 0 # lan 3 vlan tag vid 3 # enable 2 LAN0 # delete lan 0 LAN 0 # lan 0 mode auto /24 # lan 1 ip address /24 3 # lan 1 ip multicast mode pimdm /24 # lan 2 ip address /24 3 # lan 2 ip rip use v2 v2 0 on # lan 2 ip multicast mode pimdm # lan 2 vlan bind 0 # lan 2 vlan tag vid 2 # enable 123

124 V LAN0 # delete lan 0 LAN 0 # lan 0 mode auto /24 # lan 1 ip address /24 3 # lan 1 ip multicast mode pimdm /24 # lan 2 ip address /24 3 # lan 2 ip rip use v2 v2 0 on # lan 2 ip multicast mode pimdm # lan 2 vlan bind 0 # lan 2 vlan tag vid 3 # enable 124

125 V PIM-SM PIM-SM PIM-SM IP IP IP BSR Bootstrap Router 1 BSR RP Rendezvous Point RP 1 RP SPT Shortest Path Tree PIM-SM RP RP SPT lasthop router lasthop router SPT 125

126 V21 2 PIM-SM VLAN RP SPT VLAN ID VLAN ID /24 VLAN ID /24 VLAN ID : /24 VLAN ID : /24 VLAN ID : /24 PIM-SM RIP RP BSR SPT 1 LAN1 LAN2 LAN3 LAN0 VLAN LAN LAN2 LAN3 VLAN LAN0 LAN1 IP /24 LAN2 IP /24 LAN3 IP /24 2 LAN1 LAN2 LAN0 VLAN LAN LAN1 LAN2 VLAN LAN0 LAN1 IP /24 LAN2 IP /24 RP BSR LAN2 LAN3 LAN4 LAN5 LAN0 LAN1 VLAN LAN LAN2 LAN3 VLAN LAN0 LAN4 LAN5 VLAN LAN1 LAN2 IP /24 LAN3 IP /24 LAN4 IP /24 LAN5 IP /24 126

127 V LAN1 LAN2 LAN0 VLAN LAN LAN2 VLAN LAN0 LAN1 IP /24 LAN2 IP /24 5 LAN1 LAN2 LAN0 VLAN LAN LAN2 VLAN LAN0 LAN1 IP /24 LAN2 IP /24 1 LAN0 # delete lan 0 LAN 0 # lan 0 mode auto /24 # lan 1 ip address /24 3 # lan 1 ip multicast mode pimsm /24 # lan 2 ip address /24 3 # lan 2 ip rip use v2 v2 0 on # lan 2 ip multicast mode pimsm # lan 2 vlan bind 0 # lan 2 vlan tag vid /24 # lan 3 ip address /24 3 # lan 3 ip rip use v2 v2 0 on # lan 3 ip multicast mode pimsm # lan 3 vlan bind 0 # lan 3 vlan tag vid 12 # enable 127

128 V LAN0 # delete lan 0 LAN 0 # lan 0 mode auto /24 # lan 1 ip address /24 3 # lan 1 ip rip use v2 v2 0 on # lan 1 ip multicast mode pimsm # lan 1 vlan bind 0 # lan 1 vlan tag vid /24 # lan 2 ip address /24 3 # lan 2 ip rip use v2 v2 0 on # lan 2 ip multicast mode pimsm # lan 2 vlan bind 0 # lan 2 vlan tag vid 13 # multicast ip pimsm candrp mode on # multicast ip pimsm candrp address # multicast ip pimsm candbsr mode on # multicast ip pimsm candbsr address # enable 128

129 V LAN0 LAN1 # delete lan 0 LAN 0 LAN 1 # lan 0 mode auto # lan 1 mode auto /24 # lan 2 ip address /24 3 # lan 2 ip rip use v2 v2 0 on # lan 2 ip multicast mode pimsm # lan 2 vlan bind 0 # lan 2 vlan tag vid /24 # lan 3 ip address /24 3 # lan 3 ip rip use v2 v2 0 on # lan 3 ip multicast mode pimsm # lan 3 vlan bind 0 # lan 3 vlan tag vid /24 # lan 4 ip address /24 3 # lan 4 ip rip use v2 v2 0 on # lan 4 ip multicast mode pimsm # lan 4 vlan bind 1 # lan 4 vlan tag vid /24 # lan 5 ip address /24 3 # lan 5 ip rip use v2 v2 0 on # lan 5 ip multicast mode pimsm # lan 5 vlan bind 1 # lan 5 vlan tag vid 3 # enable 129

130 V LAN0 # delete lan 0 LAN 0 # lan 0 mode auto /24 # lan 1 ip address /24 3 # lan 1 ip multicast mode pimsm /24 # lan 2 ip address /24 3 # lan 2 ip rip use v2 v2 0 on # lan 2 ip multicast mode pimsm # lan 2 vlan bind 0 # lan 2 vlan tag vid 2 # enable 5 LAN0 # delete lan 0 LAN 0 # lan 0 mode auto /24 # lan 1 ip address /24 3 # lan 1 ip multicast mode pimsm /24 # lan 2 ip address /24 3 # lan 2 ip rip use v2 v2 0 on # lan 2 ip multicast mode pimsm # lan 2 vlan bind 0 # lan 2 vlan tag vid 3 # enable 130

131 V VLAN VLAN 1 3 MR VLAN P.48 LAN0 VLAN ID VLAN HUB VLAN ID VLAN ID /24 VLAN ID /24 VLAN ID / VLAN

132 V21 2 LAN0 # delete lan # lan 0 mode auto VLAN ID 2 # lan 1 ip address /24 3 # lan 1 ip rip use v1 v1 0 off # lan 1 vlan bind 0 # lan 1 vlan tag vid 2 VLAN ID 3 # lan 2 ip address /24 3 # lan 2 ip rip use v1 v1 0 off # lan 2 vlan bind 0 # lan 2 vlan tag vid 3 VLAN ID 4 # lan 3 ip address /24 3 # lan 3 ip rip use v1 v1 0 off # lan 3 vlan bind 0 # lan 3 vlan tag vid 4 # reset VLAN Ethernet 4 VLAN 1522 Ethernet Ethernet VLAN MTU 1496 VLAN WFQ VLAN VLAN VLAN VLAN ID VLAN HUB VLAN LAN VLAN HUB VLAN VLAN PC arp arp enable VLAN LAN lan mode lan mode LAN LAN 132 VLAN

133 V IP MR IP P.49 IP IP IP IP TCP TOS 133 IP

134 V21 2 TCP TCP TCP TCP TCP TCP SYN ACK 2 TCP SYN ACK TCP SYN 1 ACK 0 TCP IP IP TCP/IP telnet 23 IP IP IP IP IP 134 IP

135 V21 2 IP IP reverse IP IP IP NAT NAT IP NAT IP LAN LAN IP LAN LAN IP IP IP 135 IP

136 V21 2 IP IP 2 A. B. A SPI IPv6 B TCP TCP IP WWW 80 WWW IP DHCP DHCP IP PPPoE remote IP reverse - IP IP IP

137 V LAN LAN LAN FTP WWW FTP DNS ftp DNS DNS DNS ftp DNS FTP DNS DNS ftp-data LAN /24 LAN FTP LAN /24 LAN DNS ICMP ICMP IP ICMP ICMP 137 IP

138 V21 2 FTP /24 FTP 21 ftp TCP 2 1 DNS /24 DNS 53 domain UDP 2 1 ICMP 1 ICMP 1 FTP 21 TCP # lan 0 ip filter 0 pass /24 any any 21 6 yes any any FTP # lan 0 ip filter 1 pass any /24 any 6 no any any DNS 53 UDP # lan 0 ip filter 2 pass /24 any / yes any any DNS # lan 0 ip filter 3 pass / /24 any 17 yes any any ICMP # lan 0 ip filter 4 pass any any any any 1 yes any any # lan 0 ip filter 5 reject any any any any 0 yes any any # enable 138 IP

139 V21 2 LAN FTP WWW FTP DNS ftp DNS DNS DNS ftp DNS FTP DNS DNS ftp-data LAN /24 FTP LAN /24 WAN DNS ICMP ICMP IP ICMP ICMP 139 IP

140 V21 2 FTP /24 FTP 21 ftp TCP 2 1 DNS /24 DNS 53 domain UDP 2 1 ICMP 1 ICMP 1 FTP 21 TCP # remote 0 ip filter 0 pass /24 any any 21 6 yes any any FTP # remote 0 ip filter 1 pass any /24 any 6 no any any DNS 53 UDP # remote 0 ip filter 2 pass /24 any any yes any any DNS # remote 0 ip filter 3 pass any /24 any 17 yes any any ICMP # remote 0 ip filter 4 pass any any any any 1 yes any any # remote 0 ip filter 5 reject any any any any 0 yes any any # enable 140 IP

141 V LAN LAN FTP DNS ftp DNS DNS DNS ftp DNS ftp DNS DNS ftp-data LAN /32 FTP LAN DNS ICMP ICMP IP ICMP ICMP 141 IP

142 V21 2 LAN FTP /32 21 ftp TCP 2 1 DNS /24 DNS 53 domain UDP 2 1 ICMP 1 ICMP 1 LAN 21 TCP # lan 0 ip filter 0 pass /24 any / yes any any LAN # lan 0 ip filter 1 pass / /24 any 6 no any any DNS 53 UDP # lan 0 ip filter 2 pass /24 any / yes any any DNS # lan 0 ip filter 3 pass / /24 any 17 yes any any ICMP # lan 0 ip filter 4 pass any any any any 1 yes any any # lan 0 ip filter 5 reject any any any any 0 yes any any # enable 142 IP

143 V21 2 LAN WWW LAN LAN WWW LAN /32 WWW LAN /32 WWW LAN /24 WAN DNS ICMP ICMP IP ICMP ICMP LAN WWW /32 80 www-http 2 1 WWW /32 WWW 80 www-http 2 1 DNS /24 DNS 53 domain UDP 2 1 ICMP 1 ICMP IP

144 V21 2 LAN 80 # remote 0 ip filter 0 pass any any / yes any any LAN # remote 0 ip filter 1 pass /32 80 any any 6 yes any any WWW 80 # remote 0 ip filter 2 pass /32 any any 80 6 yes any any WWW # remote 0 ip filter 3 pass any /32 any 6 yes any any DNS 53 UDP # remote 0 ip filter 4 pass /24 any any yes any any DNS # remote 0 ip filter 5 pass any /24 any 17 yes any any ICMP # remote 0 ip filter 6 pass any any any any 1 yes any any # remote 0 ip filter 7 reject any any any any 0 yes any any # enable 144 IP

145 V SPI LAN LAN SPI FTP DNS ftp DNS DNS DNS ftp DNS ftp DNS DNS ftp-data LAN /32 FTP LAN DNS ICMP LAN ICMP IP ICMP ICMP 145 IP

146 V21 2 LAN FTP /32 21 ftp TCP 2 1 DNS /24 DNS 53 domain UDP 2 1 ICMP 1 ICMP LAN 1 SPI IP LAN 21 TCP # lan 0 ip filter 0 pass /24 any / yes any any LAN # lan 0 ip filter 1 pass / /24 any 6 no any any DNS 53 UDP # lan 0 ip filter 2 pass /24 any / yes DNS # lan 0 ip filter 3 pass / /24 any 17 yes ICMP # lan 0 ip filter 4 pass any any any any 1 yes SPI IP # lan 0 ip filter default spi # enable 146 IP

147 V21 2 LAN WWW LAN LAN SPI IP LAN /32 WWW ICMP LAN ICMP IP ICMP ICMP LAN WWW /32 80 www-http TCP 2 (1) ICMP 1 ICMP LAN 1 SPI IP 147 IP

148 V21 2 LAN 80 # remote 0 ip filter 0 pass any any / yes any any LAN # remote 0 ip filter 1 pass /32 80 any any 6 no any any ICMP # remote 0 ip filter 2 pass any any any any 1 yes SPI IP # remote 0 ip filter default spi # enable 148 IP

149 V IPv6 LAN IPv6 LAN LAN FTP WWW FTP DNS ftp DNS DNS DNS ftp DNS ftp-data LAN 2001:db8:1111:1000::/64 FTP LAN 2001:db8:1111:1000::/64 LAN DNS ICMPv6 ICMPv6 IPv6 ICMPv6 ICMPv6 149 IP

150 V21 2 FTP :db8:1111:1000::/64 21 ftp TCP 2 1 DNS :db8:1111:1000::/64 DNS 53 domain UDP 2 1 ICMPv6 1 ICMPv6 1 FTP 21 TCP # lan 0 ip6 filter 0 pass 2001:db8:1111:1000::/64 any any 21 6 yes any any any any FTP # lan 0 ip6 filter 1 pass any :db8:1111:1000::/64 any 6 no any any any any DNS 53 UDP # lan 0 ip6 filter 2 pass 2001:db8:1111:1000::/64 any any yes any any any any DNS # lan 0 ip6 filter 3 pass any :db8:1111:1000::/64 any 17 yes any any any any ICMPv6 # lan 0 ip6 filter 4 pass any any any any 58 yes any any any any # lan 0 ip6 filter 5 reject any any any any any yes any any any any # enable 150 IP

151 V21 2 IPv6 LAN FTP WWW FTP DNS ftp DNS DNS DNS ftp DNS ftp-data LAN 2001:db8:1111:1000::/64 FTP LAN 2001:db8:1111:1000::/64 WAN DNS ICMPv6 ICMPv6 IPv6 ICMPv6 ICMPv6 151 IP

152 V21 2 FTP :db8:1111:1000::/64 FTP 21 ftp TCP 2 1 DNS :db8:1111:1000::/64 DNS 53 domain UDP 2 1 ICMPv6 1 ICMPv6 1 FTP 21 TCP # remote 0 ip6 filter 0 pass 2001:db8:1111:1000::/64 any any 21 6 yes any any any any FTP # remote 0 ip6 filter 1 pass any :db8:1111:1000::/64 any 6 yes any any any any DNS 53 UDP # remote 0 ip6 filter 2 pass 2001:db8:1111:1000::/64 any any yes any any any any DNS # remote 0 ip6 filter 3 pass any :db8:1111:1000::/64 any 17 yes any any any any ICMPv6 # remote 0 ip6 filter 4 pass any any any any 58 yes any any any any # remote 0 ip6 filter 5 reject any any any any any yes any any any any # enable 152 IP

153 V LAN LAN FTP LAN /24 LAN FTP FTP / ftp TCP LAN FTP # lan 0 ip filter 0 reject /24 any / yes any any # enable 153 IP

154 V21 2 LAN / / # remote 0 ip filter 0 reject /24 any /32 any 0 yes any any # enable 154 IP

155 V LAN NetBIOS NetBIOS Windows TCP NetBIOS # remote 0 ip filter 0 reject any any any yes any any # remote 0 ip filter 1 reject any any any 0 yes any any # enable 155 IP

156 V PING PPPoE ISDN ICMP PING ICMP IP DNS PING PING 1 ICMP ICMP # remote 0 ip filter 0 restrict any any any any 1 yes any any # enable 156 IP

157 V ping LAN LAN ping ICMP ECHO ICMP LAN /32 ping ICMP ECHO LAN /32 ping ICMP ECHO /32 ICMP TYPE 8 ICMP /32 ICMP TYPE 8 ICMP # lan 0 ip filter 0 reject any any /32 any 1 yes any any 8 any # lan 0 ip filter 1 pass any any any any any yes any any any any # enable 157 IP

158 V21 2 LAN ping ICMP ECHO ICMP LAN /32 ping ICMP ECHO LAN /32 ping ICMP ECHO /32 ICMP TYPE 8 ICMP /32 ICMP TYPE 8 ICMP # remote 0 ip filter 0 reject any any /32 any 1 yes any any 8 any # remote 0 ip filter 1 pass any any any any any yes any any any any # enable 158 IP

159 V IPsec VPN Virtual Private Network LAN LAN LAN VPN IPsec IP VPN IP IP VPN IP VPN IP IP VPN IP VPN IP IP VPN 1 IKE IPsec VPN IPsec IPsec any IKE 1 VPN IPsec IPsec MR IPsec P.58 IPsec IPv4 IPv6 NAT IPsec IPsec IPsec IPsec remote ip nat IPsec remote ip nat VPN VPN VPN IP NAT NAT NAT IP VPN IPsec IPv4 IPv6 IPv4 IPv6 VPN IPsec NAT NAT IPsec NAT NAT IPsec/IKE VPN IPsec IKE IPsec IPsec IPsec IPsec any IKE IPsec IPsec SA IPsec any IKE IPsec AES IPsec

160 V21 2 VPN VPN IPsec NAT IPsec IPsec NAT IPsec NAT IPsec NAT LAN remote NAT IP VPN IP VPN ESP IP IP IP IP VPN IP ESP IKE IP IP 500 IP IP VPN IP 500 UDP ESP IP IP IP IP VPN IP ESP WAN IP IPsec/IKE IPsec/IKE NAT IP IP IP VPN Initiator IKE IP IP LAN IP 500 IP IP 500 UDP 160 IPsec

161 V21 2 IP VPN Initiator ESP IP IP LAN IP IP IP ESP IPv4 over IPv4 IP VPN IPsec VPN PPPoE VPN PPPoE IP /24 IP /24 PPPoE ID userid PPPoE userpass PPPoE LAN LAN0 IP /24 IP /24 IP PPPoE # delete lan 0 # lan 0 mode auto # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 # remote 0 ip address local # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass # remote 0 ap 0 keep connect # lan 0 ip address /24 3 # lan 0 ip route 0 default # lan 1 ip address / IPsec

162 V21 2 IPsec IPsec IPsec IPsec esp IPsec SPI IPsec SA des-cbc IPsec SA hmac-md a 16 IPsec SPI IPsec SA des-cbc ab 16 IPsec SA hmac-md abc 16 IPsec IPsec IPsec IPsec esp IPsec SPI IPsec SA des-cbc ab 16 IPsec SA hmac-md abc 16 IPsec SPI IPsec SA des-cbc IPsec SA hmac-md a IPsec

163 V21 2 SPI SPI SPI des-cbc 3des-cbc des-cbc F1F 1F1F E0E0 E0E0 E0E0 E0E0 1F1F 1F1F FEFE FEFE FEFE FEFE 01FE 01FE 01FE 01FE 1FE0 1FE0 0EF1 0EF1 01E0 01E0 01F1 01F1 FE01 FE01 FE01 FE01 E01F E01F F10E F10E E001 E001 F101 F101 1FFE 1FFE 0EFE 0EFE 011F 011F 010E 010E E0FE E0FE F1FE F1FE FE1F FE1F FE0E FE0E 1F01 1F01 0E01 0E01 FEE0 FEE0 FEF1 FEF1 3des : aabbccddeeff des-cbc IPsec

164 V21 2 VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ap 0 name honten # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type manual SA # remote 1 ap 0 ipsec send protocol esp # remote 1 ap 0 ipsec send spi 100 # remote 1 ap 0 ipsec send encrypt des-cbc hex # remote 1 ap 0 ipsec send auth hmac-md5 hex a SA # remote 1 ap 0 ipsec receive protocol esp # remote 1 ap 0 ipsec receive spi 101 # remote 1 ap 0 ipsec receive encrypt des-cbc hex ab # remote 1 ap 0 ipsec receive auth hmac-md5 hex abc # enable VPN # remote 0 name vpn-shi # remote 0 ip route / # remote 0 ap 0 name shiten # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local # remote 0 ap 0 tunnel remote # remote 0 ap 0 ipsec type manual SA # remote 0 ap 0 ipsec send protocol esp # remote 0 ap 0 ipsec send spi 101 # remote 0 ap 0 ipsec send encrypt des-cbc hex ab # remote 0 ap 0 ipsec send auth hmac-md5 hex abc SA # remote 0 ap 0 ipsec receive protocol esp # remote 0 ap 0 ipsec receive spi 100 # remote 0 ap 0 ipsec receive encrypt des-cbc hex # remote 0 ap 0 ipsec receive auth hmac-md5 hex a # enable 164 IPsec

165 V IPv4 over IPv6 IP VPN IPsec IPv4 IPv6 VPN PPPoE VPN PPPoE IPv /24 IPv /24 IPv6 2001:db8:1111:1::66/64 PPPoE ID userid PPPoE userpass PPPoE LAN LAN0 IPv /24 IPv /24 IPv6 2001:db8:1111:2::66/64 IPv IPv6 2001:db8:1111:2::65 PPPoE # delete lan 0 # lan 0 mode auto # lan 0 ip6 use on # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip address local # remote 0 ip route 0 default 1 0 # remote 0 ip6 use on # remote 0 ip6 address :db8:1111:1::66/64 infinity infinity c0 # remote 0 ip6 route 0 default 1 # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass # remote 0 ap 0 keep connect # lan 0 ip address /24 3 # lan 0 ip route 0 default # lan 0 ip6 use on # lan 0 ip6 address :db8:1111:2::66/64 infinity infinity c0 # lan 0 ip6 route 0 default 2001:db8:1111:2::65 1 # lan 1 ip address / IPsec

166 V21 2 vpn-hon honsya IPsec/IKE 2001:db8:1111:1:: :db8:1111:2::66 IPsec IPsec vpn-shi shisya IPsec/IKE 2001:db8:1111:2:: :db8:1111:1::66 IPsec IPsec Main Mode IPsec esp IPsec des-cbc IPsec hmac-md5 IPsec DH IKE abcdefghijklmnopqrstuvwxyz IKE shared IKE des-cbc IKE hmac-md5 IKE DH modp IPsec

167 V21 2 DH IKE VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local 2001:db8:1111:1::66 # remote 1 ap 0 tunnel remote 2001:db8:1111:2::66 # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike encrypt des-cbc # remote 1 ap 0 ipsec ike auth hmac-md5 # remote 1 ap 0 ike mode main # remote 1 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 1 ap 0 ike proposal encrypt des-cbc # enable VPN # remote 0 name vpn-shi # remote 0 ip route / # remote 0 ap 0 name shisya # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local 2001:db8:1111:2::66 # remote 0 ap 0 tunnel remote 2001:db8:1111:1::66 # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ike mode main # remote 0 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 0 ap 0 ike proposal encrypt des-cbc # enable 167 IPsec

168 V IPv4 over IPv6 IP VPN IP VPN IPv4 IPv6 IPsec PPPoE VPN PPPoE IPv /24 PPPoE ID userid PPPoE userpass PPPoE LAN LAN0 IPv /24 IPv /24 IPv6 2001:db8:1111:2::66/64 IPv IPv6 2001:db8:1111:2::65 PPPoE # delete lan 0 # lan 0 mode auto # lan 0 ip6 use on # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 0 # remote 0 ip6 use on # remote 0 ip6 route 0 default 1 # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass # remote 0 ap 0 keep connect # lan 0 ip address /24 3 # lan 0 ip route 0 default # lan 0 ip6 use on # lan 0 ip6 route 0 default 2001:db8:1111:2::65 1 # lan 0 ip6 address :db8:1111:2::66/64 infinity infinity c0 # lan 1 ip address / IPsec

169 V21 2 Initiator vpn-hon honsya IPsec/IKE -2001:db8:1111:2::66 IPsec IPsec IKE UDP: :db8:1111:1::66 IPv6 ESP 2001:db8:1111:1::66 IPv6 vpn-shi shisya IPsec/IKE 2001:db8:1111:2::66- IPsec IPsec Aggressive Mode IPsec esp IPsec des-cbc IPsec hmac-md5 IPsec DH IKE ID/ID shisya /FQDN 169 IPsec

170 V21 2 IKE abcdefghijklmnopqrstuvwxyz IKE shared IKE des-cbc IKE hmac-md5 IKE DH modp768 DH IKE ID Aggressive Mode ID VPN Initiator VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel remote 2001:db8:1111:2::66 # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike encrypt des-cbc # remote 1 ap 0 ipsec ike auth hmac-md5 # remote 1 ap 0 ike mode aggressive # remote 1 ap 0 ike name local shisya # remote 1 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 1 ap 0 ike proposal encrypt des-cbc # enable 170 IPsec

171 V21 2 Responder VPN # remote 0 name vpn-shi # remote 0 ip route / # remote 0 ap 0 name shisya # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local 2001:db8:1111:2::66 # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ike mode aggressive # remote 0 ap 0 ike name remote shisya # remote 0 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 0 ap 0 ike proposal encrypt des-cbc # enable 171 IPsec

172 V IPv6 over IPv4 IP VPN IPsec IPv6 IPv4 VPN PPPoE VPN PPPoE IPv /24 IPv6 2001:db8:1111:1::1/64 IPv /24 PPPoE ID userid PPPoE userpass PPPoE LAN LAN0 IPv /24 IPv6 2001:db8:1111:2::1/64 IPv /24 IPv PPPoE # delete lan 0 # lan 0 mode auto # lan 1 ip address /24 3 # lan 1 ip6 use on # lan 1 ip6 address :db8:1111:1::1/64 infinity infinity c0 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 0 # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass # remote 0 ap 0 keep connect # lan 0 ip address /24 3 # lan 0 ip route 0 default # lan 1 ip address /24 3 # lan 1 ip6 use on # lan 1 ip6 address :db8:1111:2::1/64 infinity infinity c0 172 IPsec

173 V21 2 vpn-hon honsya IPsec/IKE IPsec IPsec vpn-shi shisya IPsec/IKE IPsec IPsec Main Mode IPsec esp IPsec des-cbc IPsec hmac-md5 IPsec DH IKE abcdefghijklmnopqrstuvwxyz IKE shared IKE des-cbc IKE hmac-md5 IKE DH modp IPsec

174 V21 2 DH IKE Initiator VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ip6 use on # remote 1 ip6 route :db8:1111:2::/64 1 # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range any6 any6 # remote 1 ap 0 ipsec ike encrypt des-cbc # remote 1 ap 0 ipsec ike auth hmac-md5 # remote 1 ap 0 ike mode main # remote 1 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 1 ap 0 ike proposal encrypt des-cbc # enable 174 IPsec

175 V21 2 VPN # remote 0 name vpn-shi # remote 0 ip route / # remote 0 ip6 use on # remote 0 ip6 route :db8:1111:1::/64 1 # remote 0 ap 0 name shisya # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local # remote 0 ap 0 tunnel remote # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike range any6 any6 # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ike mode main # remote 0 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 0 ap 0 ike proposal encrypt des-cbc # enable 175 IPsec

176 V IPv6 over IPv4 IP VPN IP VPN IPv6 IPv4 IPsec PPPoE VPN PPPoE IPv /24 IPv6 2001:db8:1111:1::1/64 PPPoE ID userid PPPoE userpass PPPoE LAN LAN0 IPv /24 IPv6 2001:db8:1111:2::1/64 IPv /24 IPv PPPoE # delete lan 0 # lan 0 mode auto # lan 1 ip address /24 3 # lan 1 ip6 use on # lan 1 ip6 address :db8:1111:1::1/64 infinity infinity c0 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 0 # remote 0 ip nat mode multi any 1 5m # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass # lan 0 ip address /24 3 # lan 0 ip route 0 default # lan 1 ip address /24 3 # lan 1 ip6 use on # lan 1 ip6 address :db8:1111:2::1/64 infinity infinity c0 176 IPsec

177 V21 2 Initiator vpn-hon honsya IPsec/IKE IPsec IPsec IKE UDP: ESP vpn-shi shisya IPsec/IKE IPsec IPsec Aggressive Mode IPsec esp IPsec des-cbc IPsec hmac-md5 IPsec DH IKE ID/ID shisya /FQDN IKE abcdefghijklmnopqrstuvwxyz IKE shared 177 IPsec

178 V21 2 IKE des-cbc IKE hmac-md5 IKE DH modp768 DH IKE ID Aggressive Mode ID VPN Initiator IPsec/IKE # remote 0 ip nat static any # remote 0 ip nat static any any any 50 VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ip6 use on # remote 1 ip6 route :db8:1111:2::/64 1 # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range any6 any6 # remote 1 ap 0 ipsec ike encrypt des-cbc # remote 1 ap 0 ipsec ike auth hmac-md5 # remote 1 ap 0 ike mode aggressive # remote 1 ap 0 ike name local shisya # remote 1 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 1 ap 0 ike proposal encrypt des-cbc # enable 178 IPsec

179 V21 2 Responder VPN # remote 0 name vpn-shi # remote 0 ip route / # remote 0 ip6 use on # remote 0 ip6 route :db8:1111:1::/64 1 # remote 0 ap 0 name shisya # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike range any6 any6 # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ike mode aggressive # remote 0 ap 0 ike name remote shisya # remote 0 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 0 ap 0 ike proposal encrypt des-cbc # enable 179 IPsec

180 V IPv6 over IPv6 IP VPN IPsec IPv6 VPN PPPoE VPN PPPoE IPv /24 IPv6 2001:db8:1111:3::1/64 IPv /24 IPv6 2001:db8:1111:1::66/64 PPPoE ID userid PPPoE userpass PPPoE LAN LAN0 IPv /24 IPv6 2001:db8:1111:4::1/64 IPv /24 IPv6 2001:db8:1111:2::66/64 IPv IPv6 2001:db8:1111:2::65 PPPoE # delete lan 0 # lan 0 mode auto # lan 0 ip6 use on # lan 1 ip address /24 3 # lan 1 ip6 use on # lan 1 ip6 address :db8:1111:3::1/64 infinity infinity c0 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 0 # remote 0 ip6 use on # remote 0 ip6 route 0 default 1 # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass # remote 0 ap 0 keep connect # lan 0 ip address /24 3 # lan 0 ip route 0 default # lan 0 ip6 use on # lan 0 ip6 address :db8:1111:2::66/64 infinity infinity c0 # lan 0 ip6 route 0 default 2001:db8:1111:2::65 1 # lan 1 ip address /24 3 # lan 1 ip6 use on # lan 1 ip6 address :db8:1111:4::1/64 infinity infinity c0 180 IPsec

181 V21 2 vpn-hon honsya IPsec/IKE 2001:db8:1111:1:: :db8:1111:2::66 IPsec IPsec vpn-shi shisya IPsec/IKE 2001:db8:1111:2:: :db8:1111:1::66 IPsec IPsec Main Mode IPsec esp IPsec des-cbc IPsec hmac-md5 IPsec DH IKE abcdefghijklmnopqrstuvwxyz IKE shared IKE des-cbc IKE hmac-md5 IKE DH modp IPsec

182 V21 2 DH IKE VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ip6 use on # remote 1 ip6 route :db8:1111:4::/64 1 # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local 2001:db8:1111:1::66 # remote 1 ap 0 tunnel remote 2001:db8:1111:2::66 # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range any6 any6 # remote 1 ap 0 ipsec ike encrypt des-cbc # remote 1 ap 0 ipsec ike auth hmac-md5 # remote 1 ap 0 ike mode main # remote 1 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 1 ap 0 ike proposal encrypt des-cbc # enable 182 IPsec

183 V21 2 VPN # remote 0 name vpn-shi # remote 0 ip route / # remote 0 ip6 use on # remote 0 ip6 route :db8:1111:3::0/64 1 # remote 0 ap 0 name shisya # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local 2001:db8:1111:2::66 # remote 0 ap 0 tunnel remote 2001:db8:1111:1::66 # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike range any6 any6 # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ike mode main # remote 0 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 0 ap 0 ike proposal encrypt des-cbc # enable 183 IPsec

184 V IPv6 over IPv6 IP VPN IPv6 VPN PPPoE VPN PPPoE IPv /24 IPv6 2001:db8:1111:3::1/64 PPPoE ID userid PPPoE userpass PPPoE LAN LAN0 IPv /24 IPv6 2001:db8:1111:4::1/64 IPv /24 IPv6 2001:db8:1111:2::66/64 IPv IPv6 2001:db8:1111:2::65 PPPoE # delete lan 0 # lan 0 mode auto # lan 0 ip6 use on # lan 1 ip address /24 3 # lan 1 ip6 use on # lan 1 ip6 address :db8:1111:3::1/64 infinity infinity c0 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 0 # remote 0 ip6 use on # remote 0 ip6 route 0 default 1 # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass # remote 0 ap 0 keep connect # lan 0 ip address /24 3 # lan 0 ip route 0 default # lan 0 ip6 use on # lan 0 ip6 route 0 default 2001:db8:1111:2::65 1 # lan 0 ip6 address :db8:1111:2::66/64 infinity infinity c0 # lan 1 ip address /24 3 # lan 1 ip6 use on # lan 1 ip6 address :db8:1111:4::1/64 infinity infinity c0 184 IPsec

185 V21 2 Initiator vpn-hon honsya IPsec/IKE -2001:db8:1111:2::66 IPsec IPsec IKE UDP: :db8:1111:1::66 IPv6 ESP 2001:db8:1111:1::66 IPv6 vpn-shi shisya IPsec/IKE 2001:db8:1111:2::66- IPsec IPsec Aggressive Mode IPsec esp IPsec des-cbc IPsec hmac-md5 IPsec DH 185 IPsec

186 V21 2 IKE ID/ID shisya /FQDN IKE abcdefghijklmnopqrstuvwxyz IKE shared IKE des-cbc IKE hmac-md5 IKE DH modp768 DH IKE ID Aggressive Mode ID VPN Initiator VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ip6 use on # remote 1 ip6 route :db8:1111:4::/64 1 # remote 1 ap 0 name honsya # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel remote 2001:db8:1111:2::66 # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range any6 any6 # remote 1 ap 0 ipsec ike encrypt des-cbc # remote 1 ap 0 ipsec ike auth hmac-md5 # remote 1 ap 0 ike mode aggressive # remote 1 ap 0 ike name local shisya # remote 1 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 1 ap 0 ike proposal encrypt des-cbc # enable 186 IPsec

187 V21 2 Responder VPN # remote 0 name vpn-shi # remote 0 ip route / # remote 0 ip6 use on # remote 0 ip6 route :db8:1111:3::/64 1 # remote 0 ap 0 name shisya # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local 2001:db8:1111:2::66 # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike range any6 any6 # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ike mode aggressive # remote 0 ap 0 ike name remote shisya # remote 0 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 0 ap 0 ike proposal encrypt des-cbc # enable 187 IPsec

188 V IPv4 over IPv4 1 IKE IPsec VPN IPsec IPsec SA IP PPPoE VPN PPPoE IP /24 IP /24 PPPoE ID userid PPPoE userpass PPPoE LAN LAN0 IP 1 LAN0 IP /24 IP /24 IP PPPoE # delete lan 0 # lan 0 mode auto # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 # remote 0 ip address local # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass # remote 0 ap 0 keep connect # lan 0 ip address /24 3 # lan 0 ip route 0 default # lan 1 ip address /24 3 # lan 1 ip route / IPsec

189 V21 2 IPsec/IKE IPsec 1 any /24 IPsec 2 any /24 IPsec/IKE IPsec /24 - any IPsec /24 - any Main Mode IPsec esp IPsec des-cbc IPsec PFS DH IKE abcdefghijklmnopqrstuvwxyz IKE shared IKE des-cbc IKE hmac-md5 IKE DH modp IPsec

190 V21 2 VPN # remote 1 name vpn-hon # remote 1 ip route / # remote 1 ip route / # remote 1 ap 0 name honten1 # remote 1 ap 0 multiroute pattern 0 use any any /24 any 0 any # remote 1 ap 0 datalink type ipsec # remote 1 ap 0 tunnel local # remote 1 ap 0 tunnel remote # remote 1 ap 0 ipsec type ike # remote 1 ap 0 ipsec ike protocol esp # remote 1 ap 0 ipsec ike range any /24 # remote 1 ap 0 ipsec ike encrypt des-cbc # remote 1 ap 0 ipsec ike auth hmac-md5 # remote 1 ap 0 ike bind self # remote 1 ap 0 ike mode main # remote 1 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 1 ap 0 ike proposal encrypt des-cbc # remote 1 ap 1 datalink type ipsec # remote 1 ap 1 ipsec type ike # remote 1 ap 1 ipsec ike protocol esp # remote 1 ap 1 ipsec ike range any /24 # remote 1 ap 1 ipsec ike encrypt des-cbc # remote 1 ap 1 ipsec ike auth hmac-md5 # remote 1 ap 1 ike bind ap 0 # enable 190 IPsec

191 V21 2 VPN # remote 0 name vpn-shi # remote 0 ip route / # remote 0 ap 0 name shiten # remote 0 ap 0 multiroute pattern 0 use /24 any any any 0 any # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local # remote 0 ap 0 tunnel remote # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike range /24 any4 # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ike bind self # remote 0 ap 0 ike mode main # remote 0 ap 0 ike shared key text abcdefghijklmnopqrstuvwxyz # remote 0 ap 0 ike proposal encrypt des-cbc # remote 0 ap 1 datalink type ipsec # remote 0 ap 1 ipsec type ike # remote 0 ap 1 ipsec ike protocol esp # remote 0 ap 1 ipsec ike range /24 any4 # remote 0 ap 1 ipsec ike encrypt des-cbc # remote 0 ap 1 ipsec ike auth hmac-md5 # remote 0 ap 1 ike bind ap 0 # enable 191 IPsec

192 V IPsec IPsec IPv4 over IPv4 IP VPN IPv4 over IPv4 IP VPN IPsec NAT IP TOS IPsec WFQ IPsec MSS IPsec MTU IKE RIP IPv6 IPsec NAT IKE IPsec NAT IP TOS NAT NAT IP - telnet ftp TOS ftp 0xa0 IP - telnet ftp TOS ftp 0xa0 # remote 1 ip nat mode multi # remote 1 ip filter 0 pass /24 any /24 21,23 6 yes any any # remote 1 ip filter 1 pass /24 21, /24 any 6 no any any # remote 1 ip filter 2 reject any any any any 0 yes any any # remote 1 ip tos 0 any any /24 20,21 6 any a0 192 IPsec

193 V21 2 # remote 0 ip filter 0 pass /24 any /24 21,23 6 yes any any # remote 0 ip filter 1 pass /24 21, /24 any 6 no any any # remote 0 ip filter 2 reject any any any any 0 yes any any # remote 0 ip tos /24 20, /24 20,21 6 any a0 IPsec WFQ 2Mbps IP /24 IP /24 TCP TOS # remote 0 shaping on 2m # remote 0 ip priority /24 any /24 any 6 any express IPsec WFQ IPsec IPsec remote IPsec remote remote IPsec IPsec MSS MSS 1414Byte # remote 1 ip msschange IPsec

194 V21 2 # remote 0 ip msschange 1414 IPsec MTU MTU 1460Byte # remote 1 mtu 1460 # remote 0 mtu 1460 IP IP VPN # remote 1 ap 0 sessionwatch s 1m 5s 194 IPsec

195 V21 2 IKE IP VPN # remote 1 ap 0 ike sessionwatch s 1m 5s IKE IP remote ap ipsec ike range IPsec IP IKE IP IPsec IP IKE IP IKE IPsec/IKE SA RIP RIP v1 RIP v1 RIP 0 # delete remote 1 ip route # remote 1 ip rip use v1 v1 0 off # delete remote 1 ip route # remote 0 ip rip use v1 v1 0 off 195 IPsec

196 V PPP IP URL NAT DHCP IPv4 IPv6 - LOG_ERROR - LOG_WARNING - LOG_NOTICE - LOG_INFO - IP - NAT - PPP - DHCP - Proxy DNS IP

197 V21 2 # syslog server # syslog pri error,warn,notice,info # syslog security ipfilter,nat,ppp,dhcp,proxydns # enable MR P

198 V NAT NAT NAT NAT IP Web MR NAT P.63 NAT IP NAT NAT IP NAT 1024 NAT 64 IP IP 0 9 A Z a z < > & % MR P NAT

199 V LAN NAT FTP A LAN0 NAT LAN IP / /24 FTP IP IP # lan 0 ip address /24 3 # lan 1 ip address /24 3 NAT # lan 0 ip nat mode multi any 1 5m # lan 0 ip nat static # enable NAT FTP DNS NAT # lan 0 ip nat rule 0 ftp any 21 off # lan 0 ip nat rule 1 dns global 53 off 199 NAT

200 V PPPoE PPPoE PPPoE NAT LAN ID userid userpass / / NAT

201 V21 2 PPPoE # delete lan 0 # lan 0 mode auto # lan 1 ip address /24 3 # lan 1 ip dhcp service server # lan 1 ip dhcp info dns # lan 1 ip dhcp info address / # lan 1 ip dhcp info time 1d # lan 1 ip dhcp info gateway # remote 0 name internet # remote 0 mtu 1454 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass # remote 0 ppp ipcp vjcomp disable # remote 0 ip route 0 default 1 0 # remote 0 ip nat mode multi any 1 5m # remote 0 ip msschange 1414 # proxydns domain 0 any * any to 0 # proxydns address 0 any to 0 NAT # remote 0 ip nat static any 80 any # remote 0 ip nat static any 21 any # enable NAT NAT NAT NAT IP NAT IP NAT FTP DNS NAT # remote 0 ip nat rule 0 ftp any 21 off # remote 0 ip nat rule 1 dns global 53 off 201 NAT

202 V NAT ISDN ISDN ISDN ID userid userpass LAN /29 www IP ftp IP NAT IP / / NAT

203 V21 2 # wan 0 line isdn IP # lan 0 ip address /24 3 # remote 0 name internet # remote 0 ip route 0 default 1 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind wan 0 # remote 0 ap 0 dial 0 number # remote 0 ap 0 ppp auth send userid userpass NAT # remote 0 ip nat mode multi m # remote 0 ip nat static any # remote 0 ip nat static any # reset NAT FTP DNS NAT # remote 0 ip nat rule 0 ftp any 21 off # remote 0 ip nat rule 1 dns global 53 off 203 NAT

204 V LAN NAT FTP A LAN0 NAT LAN IP / /24 FTP IP IP # lan 0 ip address /24 3 # lan 1 ip address /24 3 NAT # lan 0 ip nat mode multi any 1 5m # lan 0 ip nat static # enable NAT FTP DNS NAT # lan 0 ip nat rule 0 ftp any 21 off # lan 0 ip nat rule 1 dns global 53 off 204 NAT

205 V NAT IPsec IPsec NAT NAT IPsec IPsec IPsec LAN0 NAT IP # lan 0 ip address /24 3 # lan 1 ip address /24 3 NAT # lan 0 ip nat mode multi any 1 5m # lan 0 ip nat wellknown off # enable NAT FTP DNS NAT # lan 0 ip nat rule 0 ftp any 21 off # lan 0 ip nat rule 1 dns global 53 off 205 NAT

206 V VoIP NAT NAT VoIP UPnP VoIP NAT UPnP NAT MR VoIP NAT P.66 UPnP VoIP UPnP LAN LAN0 IP DHCP NAT IP 1 5 UPnP LAN LAN1 IP /24 DHCP DNS VoIP NAT

207 V A Z a z < > & % MR P.18 LAN # delete lan 0 # lan 0 mode auto # lan 0 ip dhcp service client # lan 0 ip rip use off v1 0 off # lan 0 ip nat mode multi any 1 UPnP LAN # lan 1 mode auto # lan 1 ip address /24 3 # lan 1 ip dhcp service server # lan 1 ip dhcp info address / # lan 1 ip dhcp info time 1d # lan 1 ip dhcp info gateway # lan 1 ip dhcp info dns # lan 1 ip rip use v1 v1 0 off UPnP # upnp use on # enable LAN UPnP 207 VoIP NAT

208 V TOS/Traffic Class IP TOS/Traffic Class MR TOS/Traffic Class P.69 TOS/Traffic Class TOS/Traffic Class IP IP IP TOS IPv6 Traffic Class TOS Traffic Class FTP TOS a0 208 TOS/Traffic Class

209 V21 2 IP / /24 IP / 20 ftp-data 21 ftp TCP TOS 00 TOS a0 FTP TOS 00 a0 # remote 0 ip tos /24 any any 20, a0 # enable 209 TOS/Traffic Class

210 V VLAN VLAN 2 QoS VLAN VLAN IP TOS IPv6 MR VLAN P.71 VLAN TOS/Traffic Class IP TOS a0 7 0 IP TOS a0 7 TOS a0 7 # lan 0 vlan tag primap 0 ip a0 7 # enable 210 VLAN

211 V LAN WAN Ethernet Ethernet Ethernet 5Mbps LAN1 5Mbps # lan 1 shaping on 5m # enable 211

212 V Ethernet L2-VPN A 3Mbps B 3Mbps A B 5Mbps LAN # lan1 shaping on 5m A # remote 0 name kyotena # remote 0 ip route / # remote 0 shaping on 3m # remote 0 ap 0 name OV-A # remote 0 ap 0 datalink type overlap # remote 0 ap 0 overlap to lan 1 # remote 0 ap 0 overlap nexthop B # remote 1 name kyotenb # remote 1 ip route / # remote 1 shaping on 3m # remote 1 ap 0 name OV-B # remote 1 ap 0 datalink type overlap # remote 1 ap 0 overlap to lan 1 # remote 1 ap 0 overlap nexthop # enable 212

213 V PPP ISDN - LZS - VJ VJ RFC IPHC IP RFC2507/RFC2508 RFC2509 PPPoE 0 remote 0 0 remote 0 PPPoE # remote 0 ppp ipcp vjcomp enable # remote 0 ppp ipcp iphc enable # enable 213

214 V21 2 ISDN ISDN 0 remote 0 0 remote 0 ISDN # remote 0 ppp compress on # remote 0 ppp ipcp vjcomp enable # remote 0 ppp ipcp iphc enable # enable MP # remote 0 ppp mp order on 214

215 V WFQ WFQ IP MR WFQ P.73 WFQ IP IP TOS IPv6 Traffic Class Ethernet LAN0 Ethernet Ethernet 1Mbps TOS a0 215 WFQ

216 V21 2 # lan 0 shaping on 1m WFQ # lan 0 ip priority 0 any any any any any a0 express # enable # lan 0 shaping on 1m WFQ # lan 0 ip priority 0 any any any any any a0 express # enable 216 WFQ

217 V DHCP IPv4 DHCP DHCP DHCP DHCP DHCP MR IPv4 DHCP P.76 DHCP 1 1 DHCP IPv6 DHCP IPv6 DHCP IPv6 DHCP IPv6 DHCP MR IPv6 DHCP P DHCP

218 V DHCP DHCP IP IP DHCP IP DHCP IP IP DNS IP DHCP DHCP DHCP DHCP IP 253 IP IP IP 32 / /24 DHCP 218 DHCP

219 V21 2 DHCP # lan 1 ip address /24 3 # lan 1 ip dhcp info dns # lan 1 ip dhcp info address /24 32 # lan 1 ip dhcp info time 1d # lan 1 ip dhcp info gateway # lan 1 ip dhcp service server # enable 219 DHCP

220 V DHCP DHCP IP IP IP IP IP MAC DHCP IP DHCP DHCP IP MAC MAC LAN IP IP DHCP DHCP DHCP DHCP DNS DHCP 64 / /24 IP MAC 00:00:0e:12:34:56 IP DHCP DHCP DHCP 220 DHCP

221 V21 2 DHCP # lan 1 ip address /24 3 # lan 1 ip dhcp info dns # lan 1 ip dhcp info address /24 32 # lan 1 ip dhcp info time 1d # lan 1 ip dhcp info gateway # lan 1 ip dhcp service server DHCP # host 0 ip address # host 0 mac 00:00:0e:12:34:56 # enable 221 DHCP

222 V DHCP DHCP DHCP IP DHCP LAN IP DHCP IP IP DNS IP TIME IP NTP IP DHCP IP DHCP DHCP # lan 0 ip dhcp service client NAT # lan 0 ip nat mode multi any 1 LAN1 # lan 1 ip address /24 3 # enable 222 DHCP

223 V DHCP DHCP IP DHCP DHCP DHCP DHCP DHCP LAN LAN IP DHCP LAN IP DHCP DHCP NAT IP # lan 0 ip address /24 3 # lan 1 ip address /24 3 DHCP # lan 1 ip dhcp service relay # enable 223 DHCP

224 V21 2 DHCP DHCP DHCP IP / /24 DHCP IP IP / / LAN P DHCP

225 V21 2 LAN # wan 0 line hsd 128k # lan 0 ip address /24 3 # remote 0 name kaisya # remote 0 ap 0 name shisya # remote 0 ap 0 datalink bind wan 0 # remote 0 ip route /24 1 # reset DHCP # lan 0 ip dhcp service relay # enable 225 DHCP

226 V IPv6 DHCP IPv6 DHCP IPv6 DHCP IPv6 IPv6 Router Advertisement Message RA 64 IPv6 PPPoE IPv6 DHCP PPPoE LAN LAN0 ID userid userpass IPv6 DHCP IPv6 48 IPv6 LAN LAN1 RA IPv6 ID DHCP

227 V21 2 ADSL #delete lan 0 #lan 0 mode auto #remote 0 name internet #remote 0 mtu 1454 #remote 0 ap 0 name ISP-1 #remote 0 ap 0 keep connect #remote 0 ap 0 datalink bind lan 0 #remote 0 ap 0 ppp auth send userid userpass #remote 0 ip6 use on IPv6 DHCP #remote 0 ip6 dhcp service client ProxyDNS #proxydns domain 0 any * any on 0 #proxydns address 0 any on 0 LAN #lan 1 ip6 use on #lan 1 ip6 address 0 dhcp@rmt0:1::/64 infinity infinity #lan 1 ip6 ra mode send #save #reset 227 DHCP

228 V DNS ProxyDNS ProxyDNS DNS DNS DNS DNS MR DNS P DNS ProxyDNS IP DNS IP DNS DNS honsya.co.jp DNS IP DNS honsya.co.jp DNS IP DNS # proxydns domain 0 any *.honsya.co.jp any static # proxydns domain 1 any * any static # enable 228 DNS ProxyDNS

229 V DHCP DHCP 0 9 A Z a z < > & % MR P DNS ProxyDNS

230 V DNS ProxyDNS IP DNS DNS DNS IP DNS DNS IP A Z a z < > & % MR P.18 DNS # proxydns address /24 static # proxydns address 1 any static # enable 230 DNS ProxyDNS

231 V DHCP DHCP DNS ProxyDNS DNS DNS DNS RFC1877 DNS 0 9 A Z a z < > & % MR P.18 DNS # proxydns domain 0 any * any on 0 off # enable 231 DNS ProxyDNS

232 V21 2 Windows TCP/IP DNS 6. DNS IP 7. OK 8. DHCP DNS IP ProxyDNS DHCP DHCP DNS IP IP ProxyDNS DNS DNS # proxydns domain 0 any * any on 0 on DNS DNS DNS DNS DNS DNS 232 DNS ProxyDNS

233 V DNS DNS QTYPE Windows 2000 DNS SOA 6 SRV 33 ProxyDNS A 1 DNS SOA A Z a z < > & % MR P.18 DNS # proxydns domain 0 6 * any reject # enable DNS P DNS ProxyDNS

234 V DNS IP DNS ProxyDNS DNS LAN LAN DNS host.com IPv IPv6 2001:db8::2 0 9 A Z a z < > & % MR P.18 # host 0 name host.com # host 0 ip address # host 0 ip6 address 2001:db8::2 # enable DHCP DNS DNS P DNS ProxyDNS

235 V URL URL URL URL ProxyDNS URL MR DNS P.80 ProxyDNS URL LAN IP DNS IP 0 9 A Z a z < > & % MR P.18 XXX.danger.com URL.danger.com 235 URL URL

236 V21 2 URL # proxydns domain 0 any any reject # proxydns domain 1 any * any on 0 # enable 236 URL URL

237 V SNMP SNMP Simple Network Management Protocol SNMP MIB MR SNMP P.82 SNMP SNMP Simple Network Management Protocol SNMP SNMP MIB Management Information Base trap Trap MR MIB P Trap P.35 SNMP suzuki MR F IP SNMP public 237 SNMP

238 V21 2 SNMP # snmp agent contact suzuki # snmp agent sysname MR1000 # snmp agent location 1F # snmp agent address # snmp manager public off disable # snmp service on # enable IP IP SNMP 238 SNMP

239 V ECMP ECMP ADSL ADSL 2 MR ECMP P ECMP

240 V ISP A 2 ISP B LAN0 # lan 0 ip address /24 3 # lan 0 vrrp use on # lan 0 vrrp group 0 id # lan 0 vrrp group 0 trigger 0 ifdown rmt0 LAN1 # lan 1 ip address /24 3 # lan 1 ip route 0 default # lan 1 ip filter 0 pass any / yes # lan 1 ip filter 1 pass / any yes # lan 1 ip filter 2 pass any any /32 any 50 yes # lan 1 ip filter 3 pass /32 any any any 50 yes # lan 1 ip filter 4 reject any any any any 0 yes # remote 0 name RMTbyA # remote 0 ip route / # remote 0 ip msschange 1360 # remote 0 mtu 1400 # remote 0 ap 0 name IPsecbyA # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike range any4 any4 # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ipsec ike pfs modp768 # remote 0 ap 0 ike name remote RMTbyA # remote 0 ap 0 ike shared key text A # remote 0 ap 0 ike proposal 0 encrypt des-cbc # remote 0 ap 0 sessionwatch s 1m 5s # enable 240 ECMP

241 V21 2 LAN0 # lan 0 ip address /24 3 # lan 0 vrrp use on # lan 0 vrrp group 0 id # lan 0 vrrp group 0 trigger 0 ifdown rmt0 LAN1 # lan 1 ip address /24 3 # lan 1 ip route 0 default # lan 1 ip filter 0 pass any / yes # lan 1 ip filter 1 pass / any yes # lan 1 ip filter 2 pass any any /32 any 50 yes # lan 1 ip filter 3 pass /32 any any any 50 yes # lan 1 ip filter 4 reject any any any any 0 yes # remote 0 name RMTbyB # remote 0 ip route / # remote 0 ip msschange 1360 # remote 0 mtu 1400 # remote 0 ap 0 name IPsecbyB # remote 0 ap 0 datalink type ipsec # remote 0 ap 0 tunnel local # remote 0 ap 0 ipsec type ike # remote 0 ap 0 ipsec ike protocol esp # remote 0 ap 0 ipsec ike range any4 any4 # remote 0 ap 0 ipsec ike encrypt des-cbc # remote 0 ap 0 ipsec ike auth hmac-md5 # remote 0 ap 0 ipsec ike pfs modp768 # remote 0 ap 0 ike name remote RMTbyB # remote 0 ap 0 ike shared key text B # remote 0 ap 0 ike proposal 0 encrypt des-cbc # remote 0 ap 0 sessionwatch s 1m 5s # enable 241 ECMP

242 V21 2 LAN # lan 0 ip address /24 3 PPPoE LAN # lan 1 mode auto # lan 2 vlan bind 1 # lan 2 vlan tag vid 10 # lan 3 vlan bind 1 # lan 3 vlan tag vid 20 A PPPoE # remote 0 name INTER-A # remote 0 ip route / # remote 0 ip filter 0 pass any / yes # remote 0 ip filter 1 pass / any yes # remote 0 ip filter 2 pass any any /32 any 50 yes # remote 0 ip filter 3 pass /32 any any any 50 yes # remote 0 ip filter 4 reject any any any any 0 yes # remote 0 ip msschange 1414 # remote 0 mtu 1454 # remote 0 ap 0 name ISP-A # remote 0 ap 0 datalink bind lan 2 # remote 0 ap 0 ppp auth send UIDtoA PASStoA # remote 0 ap 0 keep connect # remote 0 ip nat mode multi any 1 5m # remote 0 ip nat static any # remote 0 ip nat static any any any 50 B PPPoE # remote 1 name INTER-B # remote 1 ip route / # remote 1 ip filter 0 pass any / yes # remote 1 ip filter 1 pass / any yes # remote 1 ip filter 2 pass any any /32 any 50 yes # remote 1 ip filter 3 pass /32 any any any 50 yes # remote 1 ip filter 4 reject any any any any 0 yes # remote 1 ip msschange 1414 # remote 1 mtu 1454 # remote 1 ap 0 name ISP-B # remote 1 ap 0 datalink bind lan 3 # remote 1 ap 0 ppp auth send UIDtoB PASStoB # remote 1 ap 0 keep connect # remote 1 ip nat mode multi any 1 5m # remote 1 ip nat static any # remote 1 ip nat static any any any 50 # remote 2 name CENTER-A # remote 2 ip route / # remote 2 ip msschange 1360 # remote 2 mtu 1400 # remote 2 ap 0 name IPsecbyA # remote 2 ap 0 datalink type ipsec # remote 2 ap 0 tunnel remote # remote 2 ap 0 ipsec type ike # remote 2 ap 0 ipsec ike protocol esp # remote 2 ap 0 ipsec ike range any4 any4 # remote 2 ap 0 ipsec ike encrypt des-cbc # remote 2 ap 0 ipsec ike auth hmac-md5 # remote 2 ap 0 ipsec ike pfs modp768 # remote 2 ap 0 ike name local RMTbyA 242 ECMP

243 V21 2 # remote 2 ap 0 ike shared key text A # remote 2 ap 0 ike proposal 0 encrypt des-cbc # remote 2 ap 0 sessionwatch s 1m 5s # remote 3 name CENTER-B # remote 3 ip route / # remote 3 ip msschange 1360 # remote 3 mtu 1400 # remote 3 ap 0 name IPsecbyB # remote 3 ap 0 datalink type ipsec # remote 3 ap 0 tunnel remote # remote 3 ap 0 ipsec type ike # remote 3 ap 0 ipsec ike protocol esp # remote 3 ap 0 ipsec ike range any4 any4 # remote 3 ap 0 ipsec ike encrypt des-cbc # remote 3 ap 0 ipsec ike auth hmac-md5 # remote 3 ap 0 ipsec ike pfs modp768 # remote 3 ap 0 ike name local RMTbyB # remote 3 ap 0 ike shared key text B # remote 3 ap 0 ike proposal 0 encrypt des-cbc # remote 3 ap 0 sessionwatch s 1m 5s ECMP # routemanage ip ecmp mode hash # enable 243 ECMP

244 V VRRP VRRP 2 1 VRRP RIP VRRP 2 MR VRRP P.86 on off vrrpctl LAN IP IP IP IP IP IP VRRP VRRP master VRRP "master" IP VRRP VRRP-AD IP IP VRRP

245 V PPPoE WAN PPPoE LAN LAN0 IP / /24 ID userid userpass IP DNS PPPoE LAN LAN0 IP / /24 ID userid2 userpass2 245 VRRP

246 V21 2 ADSL # delete lan # lan 0 ip address /0 3 # lan 0 mode auto IP # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 # remote 0 ip nat mode multi any 1 5m # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass VRRP # lan 1 vrrp use on # lan 1 vrrp group 0 id # lan 1 vrrp group 0 preempt off # lan 1 vrrp group 0 trigger 0 node any # reset 246 VRRP

247 V21 2 ADSL # delete lan # lan 0 ip address /0 3 # lan 0 mode auto IP # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 # remote 0 ip nat mode multi any 1 5m # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid2 userpass2 VRRP # lan 1 vrrp use on # lan 1 vrrp group 0 id # lan 1 vrrp group 0 preempt on # reset WAN PPPoE # lan 1 vrrp 0 trigger 0 ifdown rmt0 247 VRRP

248 V ID 2 PPPoE PPPoE A ID 10 IP B ID 11 IP PPPoE LAN LAN0 IP / /24 ID userid userpass PPPoE LAN LAN0 IP / /24 ID userid2 userpass2 PC PC 248 VRRP

249 V21 2 ADSL # delete lan # lan 0 ip address /0 3 # lan 0 mode auto IP # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 # remote 0 ip nat mode multi any 1 5m # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid userpass VRRP # lan 1 vrrp use on # lan 1 vrrp group 0 id # lan 1 vrrp group 0 preempt off # lan 1 vrrp group 0 trigger 0 ifdown rmt0 254 # lan 1 vrrp group 1 id # reset 249 VRRP

250 V21 2 ADSL # delete lan # lan 0 ip address /0 3 # lan 0 mode auto IP # lan 1 ip address /24 3 # remote 0 name internet # remote 0 mtu 1454 # remote 0 ip route 0 default 1 # remote 0 ip nat mode multi any 1 5m # remote 0 ip msschange 1414 # remote 0 ap 0 name ISP-1 # remote 0 ap 0 datalink bind lan 0 # remote 0 ap 0 ppp auth send userid2 userpass2 VRRP # lan 1 vrrp use on # lan 1 vrrp group 0 id # lan 1 vrrp group 1 id # lan 1 vrrp group 1 preempt off # lan 1 vrrp group 1 trigger 0 ifdown rmt0 254 # reset 250 VRRP

251 V IPsec VPN remote 0 ap IPv4 over IPv4 IP VPN P.161 BRI:128Kbps TOS a0 IP-VPN IP-VPN IP-VPN # wan 0 line hsd 128k IP-VPN # remote 0 ap 0 multiroute pattern 0 backup any any any any 0 a0 # remote 0 ap 0 multiroute pattern 1 use any any any any 0 any # remote 0 ap 1 name hsd # remote 0 ap 1 datalink bind wan 0 # reset 251

252 V Wakeup on LAN 1 6 host1 MAC 00:00:0e:12:34:56 Wakeup on LAN AMD OFF Magic Packet Wakeup on LAN OFF OFF Wakeup on LAN Wakeup on LAN 0 9 A Z a z < > & % MR P.18 DHCP DNS 252

253 V # host 0 name host1 # host 0 mac 00:00:0e:12:34:56 # enable telnet 2. Wakeup on LAN # rpon all Magic Packet OS 253

254 V MR P :00 08:00 # schedule 0 in any diallock # enable 254

255 V :00 # schedule 0 at any 0800 rpon all # enable host rpon off 2.29 P # dnconvinfo 0 date # dnconvinfo 0 dial # enable 255

256 V # addact reset config2 # enable 256

257 V ISDN MR P

258 V remote0 ap :00 19:00 19:00 23:00 23:00 08: # remote 0 ap 0 idle 1m # remote 0 ap 0 step 1800 # remote 0 ap 0 step # remote 0 ap 0 step # enable 258

259 V , ,000 # wan 0 isdn limit time 50h yes # wan 0 isdn limit charge yes # enable wan <number> isdn limit diallock no INS 64 - INS - 259

260 V STP FNA STP IP 0 9 A Z a z < > & % MR P.18 STP 0 VLAN STP WAN 1 remote 1 ap SNMP IPv4 IP IPv4 IP IPv6 LAN IPv4 IP VLAN MAC VLAN MAC VLAN SVL Shared VLAN Learning VLAN VLAN MAC WAN LAN FNA STP LAN 1 STP MR P STP

261 V21 2 LAN LAN FNA FNA STP IP # lan 0 bridge use on # lan 0 bridge stp use on # lan 1 bridge use on # lan 1 bridge stp use on FNA # lan 0 bridge filter 0 pass any 00:00:0e:0a:12:34 llc 8080 FNA # lan 0 bridge filter 1 pass 00:00:0e:0a:12:34 any llc 8080 STP # lan 0 bridge filter 2 pass any 01:80:c0:00:00:00 llc 4242 # lan 0 bridge filter 3 reject any any any # enable 261 STP

262 V21 2 LAN FNA WAN WAN WAN ISDN 128kbps FNA STP ISDN STP 1.8 LAN P STP

263 V21 2 LAN # wan 0 line hsd 128k # lan 0 ip address /24 3 # lan 0 ip dhcp service off # remote 0 name Siten1 # remote 0 ip route /24 1 # remote 0 ap 0 name shisya-1 # remote 0 ap 0 datalink bind wan 0 # reset # lan 0 bridge use on # lan 0 bridge stp use on # remote 0 bridge use on # remote 0 bridge stp use on FNA # remote 0 bridge filter 0 pass any 00:00:0e:0a:12:34 llc 8080 FNA # remote 0 bridge filter 1 pass 00:00:0e:0a:12:34 any llc 8080 STP # remote 0 bridge filter 2 pass any 01:80:c0:00:00:00 llc 4242 # remote 0 bridge filter 3 reject any any any # reset 263 STP

264 V VLAN 1 VLAN IP IP LAN IP LAN - FTP - telnet - Web - syslog - SNMP Trap - IP loose IP STP STP IP WAN WAN Ethernet IP IP IP LAN IP WAN IP Loose WAN LAN LAN LAN WAN LAN WAN 264 STP

265 V21 2 LAN0 LAN0 A LAN1 LAN1 B IP A A-gyomu A FR-16 A DLCI 16 A CIR 64Kbps B B-gyomu B FR-17 B DLCI 17 B CIR 64Kbps LAN0 IPv /24 LAN1 IPv /24 LAN0 IPv /24 LAN1 IPv /24 2 A B IPv4 strict IPv4 265 STP

266 V WAN WAN 0 # lan 0 bridge use on # lan 0 ip address /24 3 # lan 0 bridge group 0 # remote 0 bridge use on # remote 0 bridge group 0 0 # bridge 0 ip routing off # bridge 0 ip policy strict 1 # lan 1 bridge use on # lan 1 ip address /24 3 # lan 1 bridge group 1 # remote 1 bridge use on # remote 1 bridge group 1 1 # bridge 1 ip routing off # bridge 1 ip policy strict WAN # wan 0 line fr 128k # remote 0 name A-gyomu # remote 0 ap 0 name FR-16 # remote 0 ap 0 fr dlci 16 # remote 0 ap 0 fr cir 64 # remote 1 name B-gyomu # remote 1 ap 0 name FR-17 # remote 1 ap 0 fr dlci 17 # remote 1 ap 0 fr cir 64 # reset 266 STP

267 V WAN WAN 0 # lan 0 bridge use on # lan 0 ip address /24 3 # lan 0 bridge group 0 # remote 0 bridge use on # remote 0 bridge group 0 0 # bridge 0 ip routing off # bridge 0 ip policy strict 1 # lan 1 bridge use on # lan 1 ip address /24 3 # lan 1 bridge group 1 # remote 1 bridge use on # remote 1 bridge group 1 1 # bridge 1 ip routing off # bridge 1 ip policy strict WAN # wan 0 line fr 128k # remote 0 name A-gyomu # remote 0 ap 0 name FR-16 # remote 0 ap 0 fr dlci 16 # remote 0 ap 0 fr cir 64 # remote 1 name B-gyomu # remote 1 ap 0 name FR-17 # remote 1 ap 0 fr dlci 17 # remote 1 ap 0 fr cir 64 # reset 267 STP

268 V IP Ethernet over IP IP IP 0 VLAN 1 VLAN IP IP LAN IP LAN - FTP - telnet - Web - syslog - SNMP Trap - IP loose IP STP STP IP WAN WAN Ethernet IP IP IP LAN IP WAN IP Loose WAN LAN LAN LAN WAN LAN WAN Ethernet over IP 268 STP

269 V21 2 IP IPv4 IP PPPoE LAN CUG Closed Users Group PPPoE IPv4 LAN /24 PPPoE ID userid1@groupname PPPoE userpass1 PPPoE LAN LAN1 NAT PPPoE IPv4 LAN /24 PPPoE ID userid2@groupname PPPoE userpass2 PPPoE LAN LAN1 NAT LAN0 IP IPv4 IPv6 269 STP

270 V # delete lan CUG PPPoE # lan 1 mode auto # remote 0 name CUG # remote 0 mtu 1454 # remote 0 ap 0 name user1 # remote 0 ap 0 datalink bind lan 1 # remote 0 ap 0 ppp auth send userid1@groupname userpass1 # remote 0 ap 0 keep connect # remote 0 ppp ipcp vjcomp disable # remote 0 ip route 0 default 1 0 # remote 0 ip msschange 1414 LAN0 IP # lan 0 ip address /24 3 IPv4 # remote 1 name EtherIP # remote 1 ap 0 name EtherIP # remote 1 ap 0 datalink type ip # remote 1 ap 0 tunnel local # remote 1 ap 0 tunnel remote # remote 1 bridge use on # lan 0 bridge use on # bridge 0 ip routing on # bridge 0 ip6 routing off # enable 270 STP

271 V # delete lan CUG PPPoE # lan 1 mode auto # remote 0 name CUG # remote 0 mtu 1454 # remote 0 ap 0 name user2 # remote 0 ap 0 datalink bind lan 1 # remote 0 ap 0 ppp auth send userid2@groupname userpass2 # remote 0 ap 0 keep connect # remote 0 ppp ipcp vjcomp disable # remote 0 ip route 0 default 1 0 # remote 0 ip msschange 1414 LAN0 IP # lan 0 ip address /24 3 IPv4 # remote 1 name EtherIP # remote 1 ap 0 name EtherIP # remote 1 ap 0 datalink type ip # remote 1 ap 0 tunnel local # remote 1 ap 0 tunnel remote # remote 1 bridge use on # lan 0 bridge use on # bridge 0 ip routing on # bridge 0 ip6 routing off # enable 271 STP

272 V LAN HUB 1 LAN PPPoE LAN HUB LAN MR P.91 LAN LAN IPv4 IPv6 IP LAN LAN OSPF VRRP LAN 1.6 PPPoE P.17 MR P.91 LAN /24 3 LAN1 LAN1 LAN2 LAN3 HUB LAN IPv4 LAN 272 LAN HUB

273 V21 2 HUB LAN # lan 1 bridge use on # lan 1 bridge group 0 # lan 2 bridge use on # lan 2 bridge group 0 # lan 3 bridge use on # lan 3 bridge group 0 # bridge 0 ip routing off # bridge 0 ip policy loose # bridge 0 ip6 routing off # bridge 0 ip6 policy loose # reset 273 LAN HUB

274 V ISDN ISDN /24 ISDN ISDN BRI # wan 0 line isdn # wan 0 isdn autodial disable LAN # lan 0 ip address /24 3 # lan 0 ip rip use v2m v2 0 off # remote 0 name kyoten # remote 0 ip route / # remote 0 ap 0 name kyoten # remote 0 ap 0 dial 0 number 1234 # remote 0 ap 0 ppp auth receive kyoten kyotenpass # reset 274 ISDN

275 V21 2 # remote 0 name center # remote 0 ip route 0 default 1 1 # remote 0 ap 0 name center # remote 0 ap 0 dial 0 number 5678 # remote 0 ap 0 ppp auth send kyoten kyotenpass # remote 0 ap 0 idle 1m send # enable 275 ISDN

276 V PIAFS PIAFS PHS PIAFS PIAFS 1.0/2.0/2.1 MR P A Z a z < > & % MR P.18 LAN Proxy ARP ISDN LAN Proxy ARP Ethernet MAC IP MAC ARP Address Resolution Protocol ARP LAN IP ARP MAC Proxy ARP ARP ISDN U ISDN LAN / PIAFS

277 V21 2 PC0 PHS - pc0 - phs0 - IP ID mobileid - mobilepass PC1 PHS - pc1 - phs1 - IP ID mobileid - mobilepass ISDN # wan 0 line isdn LAN # lan 0 ip address /24 3 PC0 # remote 0 name pc0 # remote 0 autodial disable # remote 0 ap 0 name phs0 # remote 0 ap 0 ppp auth receive mobileid mobilepass # remote 0 ap 0 dial 0 number # remote 0 ip address local # remote 0 ip address remote PC1 # remote 1 name pc1 # remote 1 autodial disable # remote 1 ap 0 name phs1 # remote 1 ap 0 ppp auth receive mobileid mobilepass # remote 1 ap 0 dial 0 number # remote 1 ip address local # remote 1 ip address remote # reset 277 PIAFS

278 V COM IP-VPN IP-VPN BGP IP-VPN BGP BGP COM 9600/19200/38400/57600/115200/230400bps RS/CS `+++` COM AT CONNECT DCE ATZ ATV1 ATE0 ATW2 ATH ATA AT ATD P T X3 X4 278

279 V21 2 OFF M0 ON ON ON LOW Midium High M1 M2 M3 L0 L2 L3 OK CONNECT < > ERROR +FCERROR +FCON +F4 FAX DATA VOICE NO CARRIER NO DIALTONE NO DIAL TONE BUSY PHONE IN USE HAND SET IN USE NO ANSWER RING : ME5614E2 COM IPv4 IPv6 56Kbps 279

280 V21 2 IP-VPN 1.12 LAN IP-VPN P.33 ADSL IP-VPN backup yokohama WAN IP WAN IP ID tokyo tokyopass kawasaki kawapass /16 30 backup tokyo WAN IP WAN IP ID kawasaki kawapass tokyo tokyopass /

281 V21 2 # remote 0 name backup # remote 0 ap 0 name yokohama # remote 0 ap 0 datalink bind serial 0 # remote 0 ap 0 dial 0 number # remote 0 ap 0 ppp auth send yokohama yokopass # remote 0 ap 0 ppp auth receive tokyo tyokyopass # remote 0 ap 0 idle 1m # serial 0 use on # answer accept enable BGP # remote 0 ip route / # reset # remote 0 name backup # remote 0 ap 0 name tokyo # remote 0 ap 0 datalink bind serial 0 # remote 0 ap 0 dial 0 number # remote 0 ap 0 ppp auth send tokyo tyokyopass # remote 0 ap 0 ppp auth receive yokohama yokopass # remote 0 ap 0 idle 1m # serial 0 use on # answer accept enable BGP # remote 0 ip route / # reset 281

282 V ISDN +TA ISDN +ISDN ISDN +PIAFS +PHS PHS ISDN ISDN AAA MR P.117 PHS ISDN U ISDN rmt30 2 PC0 PHS - ID mobile-a - mobilepass-a - PHS PC1 PHS - ID mobile-b - mobilepass-b - PHS LAN /24 IP

283 V21 2 ISDN MP rmt remote rmt30 47 remote remote IP rmt AAA AAA AAA CLID AAA PPP AAA AAA ID AAA ID ID ID LAN IP # lan 0 ip address /24 3 # wan 0 bind mb 0 # wan 0 line isdn # template 0 name mobile # template 0 datalink bind wan 0 # template 0 interface pool 30 2 # template 0 ip address remote-pool # template 0 aaa 0 AAA # aaa 0 name mobile # aaa 0 user 0 id mobile-a # aaa 0 user 0 password mobilepass-a # aaa 0 user 1 id mobile-b # aaa 0 user 1 password mobilepass-b 283

284 V21 A ADSL...34 arp AS...93 AS...93 B BAP/BACP BGP/MPLS VPN BGP BGP IPv BSR B C CATV...10 COM CUG Closed Users Group D DHCP DHCP DHCP DHCP DHCP DH...44, 50 DNS DNS DNS DNS DNS DNS E ECMP EoMPLS Ethernet over IP Ethernet F FNA I ID...56 IKE...44, 50 IKE IPsec IPsec IPsec IPv IPv6 DHCP IPv6 over IPv IPv IPv IPv IP-VPN...33 IP...62, 134, 215 IP IP IP...133, 192 IP IP ISDN IPv ISDN LAN...19 L LAN...12 LSA...92 LSP M MAC MED...98 MIB MPLS MPLS LSP MPLS MPLS LAN MPLS MSS MTU MTU N NAT...32 NAT NetBIOS O OSPFv2 IPv OSPF IPv P PIAFS

285 V21 PIM-DM PIM-SM PING PPPoE...17 Proxy ARP ProxyDNS R RFC RIP IPv RIP IPv RP S SNMP SNMP SNTP...13 SPI...145, 163 SPT STP T TCP...133, 134, 136 TIME...13 TOS...208, 215 TOS/Traffic Class TOS/Traffic Class TOS TOS Traffic Class...208, 215 Trap U URL V VLAN ID VLAN VLAN VLAN VLAN VoIP NAT VPN...159, 160 VRRP W Wakeup on LAN WAN WFQ , , ID , 111 IP , 245 NAT , 248 ID , IP...41, 47, PPPoE LAN 199,

286 V , , 47, 159, , TOS HUB...131, NAT LAN , , , , NAT RIP , , , , LAN LAN...24 ADSL , 208, 210, , 70, NAT...192,

287 V , VPN VPN

288 MR K1N-D-04167B Printed in Japan

すべて見る

設定例集_Rev.8.03, Rev.9.00, Rev.10.01対応

設定例集_Rev.8.03, Rev.9.00, Rev.10.01対応 Network Equipment 設定例集 Rev.8.03, Rev.9.00, Rev.10.01 対応 2 3 4 5 6 7 8 help > help show command > show command console character administrator pp disable disconnect 9 pp enable save Password: login timer

MR1000 コマンド設定事例集

MR1000　コマンド設定事例集