1.26
1 9 1.1................................................ 9 1.2............................................. 9 1.3.................................................. 11 1.4.............................................. 13 1.5 TELNET..................................... 16 1.6 IPv6............................................. 18 2 19 2.1 IP.......................................... 19 2.2 IP.......................................... 19 2.3 unnumbered................................ 20 2.4................................... 20 2.5 TCP MSS.............................. 20 2.6 LAN............................. 21 2.7 MDI/MDI-X.......................................... 21 2.8 WAN....................... 22 2.9............................................ 22 2.10 IPsec.................................... 23 2.11 VLAN............................................. 23 2.12 PPPoE.......................................... 24 3 PPP 25 3.1 PPP............................................ 25 3.2 PPP............................................ 26 3.3 PPP............................................ 27 4 28 4.1 /................................. 28 4.2 IP................................. 28 4.3 IPv6................................ 28 4.4 VMAN TPID.......................... 29 5 MAC 30 5.1 MAC.................................... 30 5.2 MAC.................................... 30 5.3 MAC.................................... 31 1 Internet Initiative Japan Inc.
6 ARP 32 6.1 ARP........................................... 32 6.2 ARP........................................... 32 6.3 ARP........................................... 32 6.4 NAT Proxy ARP /........................... 32 7 34 7.1......................................... 34 7.2......................................... 35 7.3......................................... 35 7.4 MultiPath.................................. 35 7.5............................................. 36 7.6............................................. 36 7.7......................................... 37 7.8......................................... 37 7.9 RIP /...................................... 38 7.10 RIP /......................... 38 7.11 RIP........................................ 38 7.12 RIPv2 /................................... 39 7.13 RIP /............................. 39 7.14 RIP................................. 40 7.15 RIP.......................................... 40 7.16 OSPF /..................................... 40 7.17 OSPF ID....................................... 41 7.18............................................. 41 7.19............................................. 42 7.20............................................. 42 7.21............................................. 43 7.22 distance............................. 44 7.23 OSPF................................. 44 7.24............................................. 44 7.25 IPv4 (PIM-SM) /................ 45 7.26 IPv4 (PIM-SM).................... 46 7.27 IPv6........................................ 46 7.28 IPv6........................................ 47 7.29 IPv6........................................ 47 7.30 IPv6 MultiPath................................. 47 7.31 RIPng /..................................... 48 7.32 RIPng......................................... 48 7.33 RIPng....................................... 49 2 Internet Initiative Japan Inc.
7.34 RIPng..................................... 49 7.35 IPv6 (PIM-SM) /................ 50 7.36 IPv6 (PIM-SM).................... 50 8 51 8.1............................................ 51 8.2............................................ 53 8.3............................................ 53 8.4 /..................................... 53 8.5..................................... 54 8.6 IPv6......................................... 54 8.7 IPv6......................................... 56 8.8 IPv6......................................... 56 8.9 IPv6 /.................................. 57 8.10 IPv6................................... 57 9 NAT 59 9.1 NAT........................................... 59 9.2 NAT........................................... 59 9.3 NAT IP ( )..................... 59 9.4 NAT IP ( )......................... 60 9.5 NAT IP ( )....................... 60 9.6 NAT IP ( )......................... 60 9.7 NAT....................................... 61 9.8 NAPT IP ( )....................... 61 9.9 NAPT IP............................... 61 9.10 NAPT IP ( )......................... 62 9.11 NAPT IP............................... 62 9.12 NAPT......................................... 62 9.13 NAPT.......................................... 62 9.14 NAPT........................................ 63 9.15 NAPT /................................... 64 9.16 SIP.................................... 64 9.17 SIP.................................... 65 9.18 NAT......................................... 65 9.19 NAT......................................... 65 9.20 Reflection NAT..................................... 65 9.21 Reflection NAT..................................... 66 9.22 UPnP /....................................... 66 9.23 UPnP............................. 66 3 Internet Initiative Japan Inc.
10 IPsec 68 10.1........................ 68 10.2........................ 69 10.3........................ 69 10.4............................... 69 10.5............................... 72 10.6 IKE........................ 72 10.7 IKE........................ 74 10.8............................ 74 10.9............................... 74 10.10.................................... 75 10.11.................................... 76 10.12.................................... 76 10.13 /.............................. 77 10.14.............................. 77 10.15 IKE.......................................... 77 10.16 IKE......................................... 78 10.17 IKE....................................... 78 10.18 IKE Peer........................................... 79 10.19 IKE Peer........................................... 81 10.20 IKE Peer........................................... 82 10.21 IKE....................................... 82 10.22 IKE....................................... 83 10.23 IKE....................................... 83 10.24 IKE........................................ 83 10.25 IKE........................................ 84 10.26 IKE........................................ 84 11 / 85 11.1 CBQ................................... 85 11.2 CBQ...................................... 85 11.3 CBQ...................................... 86 11.4 CBQ...................................... 87 11.5 CBQ............................... 87 11.6 CBQ............................... 89 11.7 CBQ............................... 90 11.8 CBQ /........................... 90 11.9 CBQ........................... 90 12 SNMP 92 4 Internet Initiative Japan Inc.
12.1 SNMP /............................... 92 12.2 SNMP community...................................... 92 12.3 SNMP sysname........................................ 92 12.4 SNMP location........................................ 92 12.5 SNMP contact........................................ 93 12.6 SNMP......................................... 93 12.7 SNMP trap /.................................. 93 12.8 SNMP trap.................................. 94 12.9 SNMP trap.................................. 94 12.10 SNMP trap................................. 94 12.11...................................... 95 12.12...................................... 95 13 96 13.1 /............................ 96 13.2 /............................. 96 13.3 /................................. 96 13.4............................... 97 13.5............................... 97 13.6.................................. 97 13.7 /............................ 97 14 VRRP 99 14.1 VRRP...................................... 99 14.2 VRRP...................................... 99 14.3 VRID............................................. 100 14.4 VRID............................................. 101 15 DHCP 102 15.1 DHCP /..................................... 102 15.2 DHCP...................................... 102 15.3 DHCP /................... 102 15.4 DHCP IP................................ 103 15.5 DHCP IP.......................... 103 15.6 DHCP DNS........................... 104 15.7 DHCP DNS........................... 104 15.8 DHCP................................. 104 15.9 DHCP.............................. 105 15.10 DHCP NTP........................... 105 15.11 DHCP NTP........................... 106 15.12 DHCP WINS.......................... 106 5 Internet Initiative Japan Inc.
15.13 DHCP WINS.......................... 106 15.14 DHCP WINS........................... 107 15.15 DHCP DHCP............... 107 15.16 DHCP DHCP............... 108 16 DNS 109 16.1 DNS /.................................... 109 16.2 DNS.................................. 109 16.3 DNS.................................. 109 16.4 IPv4-IPv6......................................... 110 17 111 17.1.......................................... 111 17.2 /....................... 111 17.3............................. 111 18 113 18.1............................... 113 18.2............................... 113 18.3................................. 113 18.4................................. 114 18.5................................... 114 19 115 19.1................................ 115 19.2 IPv6............................. 115 19.3 ICMP............................. 115 19.4 IPv6 ICMP.......................... 116 20 117 20.1..................................... 117 20.2............................................ 117 20.3............................ 117 20.4............................ 118 20.5......................................... 118 20.6 NTP /...................................... 118 20.7 NTP.......................................... 119 20.8....................................... 119 20.9........................................ 120 20.10 DNS /...................................... 120 20.11 DNS..................................... 120 6 Internet Initiative Japan Inc.
20.12 DNS..................................... 121 20.13.......................................... 121 20.14 Web /.................................... 121 20.15 TELNET /............................. 122 20.16 Secure Shell /.................................. 122 20.17 Secure Shell hostkey.................................... 122 20.18 Secure Shell................................. 123 20.19 Secure Shell................................. 124 21 125 21.1.................................. 125 21.2......................................... 125 21.3.............................................. 125 21.4............................................. 125 21.5.................................. 126 21.6....................................... 126 21.7........................................ 127 21.8............................................... 127 21.9................................................ 128 21.10........................................ 129 21.11 IPL.............................................. 129 21.12................................................. 130 21.13.............................................. 130 21.14 PPPoE............................................ 130 21.15 ARP...................................... 131 21.16 NDP...................................... 131 21.17 NAT....................................... 131 21.18............................................. 131 21.19........................................ 132 21.20.......................................... 132 21.21 IPv6........................................ 132 21.22 IKE........................... 132 21.23 IPsec........................... 133 21.24 IPsec................................ 133 21.25.............................. 133 21.26........................................ 133 21.27 IPv6..................................... 134 21.28 TELNET............................................. 134 22 135 7 Internet Initiative Japan Inc.
22.1............................................ 135 22.2............................................... 135 22.3........................................ 135 22.4............................................. 135 22.5........................................ 137 22.6......................................... 137 22.7......................................... 137 22.8................................. 137 22.9............................................ 138 23 factory config 140 A 148 8 Internet Initiative Japan Inc.
1 FutureNet CS-SEIL-410(/C) 1.1 FutureNet CS-SEIL-410(/C) TELNET SecureShell 1.2 / / / / 1: IP PPP WAN PPP LAN MAC Ethernet MAC ARP NAT LAN ARP NAT/NAPT 9 Internet Initiative Japan Inc.
IPsec VPN IPsec/IKE / CBQ SNMP VRRP DHCP FutureNet CS-SEIL-410(/C) DHCP DNS DNS IPv6 IPv6 IPv4 10 Internet Initiative Japan Inc.
1.3 / 2: / keyword text <parameter> [text] 3: [] [A B] A B {A B} A B... {}, [] 11 Internet Initiative Japan Inc.
4: ) <filter name> (1-16, [a-za-z0-9 ]) 1 16 ( ) 0 ( ) [ ] - ( - - ) [ ] 10 012..9 16 012..9abc..f 0x 16 10 12 Internet Initiative Japan Inc.
1.4 5: interface IPaddress/prefixlen, IPaddress FutureNet CS-SEIL-410(/C) Ether lan tunnel VLAN vlan PPPoE pppoe IP 10 /prefixlen /32 interface IP [/8 /16 /24] 6 IP IP - IPv6 IPv6 RFC2373 /64 ID ID % 192.168.1.0/24 192.168.0.1 192.168.0.1-192.168.255.255 fec0::8001:2e0:4fff:fe20:829f fe80::2e0:4fff:fe20:829f%lan0 13 Internet Initiative Japan Inc.
hostname, URL protocol port top, bottom, above, below URL URL FTP HTTP TCP ICMP tcp icmp 0 255 TCP UDP 0 65535-23, 80, 137-139 top bottom above below 14 Internet Initiative Japan Inc.
6: prefixlen netmask /32 255.255.255.255 /31 255.255.255.254 /30 255.255.255.252 /29 255.255.255.248 /28 255.255.255.240 /27 255.255.255.224 /26 255.255.255.192 /25 255.255.255.128 /24 255.255.255.0 /23 255.255.254.0 /22 255.255.252.0 /21 255.255.248.0 /20 255.255.240.0 /19 255.255.224.0 /18 255.255.192.0 /17 255.255.128.0 /16 255.255.0.0 /15 255.254.0.0 /14 255.252.0.0 /13 255.248.0.0 /12 255.240.0.0 /11 255.224.0.0 /10 255.192.0.0 /9 255.128.0.0 /8 255.0.0.0 /7 254.0.0.0 /6 252.0.0.0 /5 248.0.0.0 /4 240.0.0.0 /3 224.0.0.0 /2 192.0.0.0 /1 128.0.0.0 15 Internet Initiative Japan Inc.
1.5 TELNET FutureNet CS-SEIL-410(/C) LAN TELNET FutureNet CS-SEIL-410(/C) TELNET login: user admin user admin user / administrator Password: Login incorrect admin # user > TELNET exit tcsh bash UNIX / 7 FutureNet CS-SEIL-410(/C) TELNET Secure Shell 20.16 Secure Shell / Secure Shell 16 Internet Initiative Japan Inc.
7: Space BackSpace Ctrl-H, Del Ctrl-D Tab 1 BackSpace?? Enter Ctrl-M, Ctrl-J Ctrl-C Ctrl-F Ctrl-B Ctrl-A Ctrl-E Ctrl-T Ctrl-P Ctrl-N Ctrl-Space Ctrl-W Ctrl-K Ctrl-Y Ctrl-U Ctrl-V Ctrl-L Enter 1 1 1 1? ( ) ( 1 ) ( ( ) ) Y= ( ) ( ) 17 Internet Initiative Japan Inc.
1.6 IPv6 FutureNet CS-SEIL-410(/C) IPv6 IPv6 RFC 8: IPv4 IPv6 IPv4 IPv6 interface interface ppp ppp bridge bridge arp - ipsec ipsec ike ike cbq cbq syslog syslog load-from load-from ntp ntp save-to save-to update update resolver resolver dns dns translator translator route route6 filter filter6 ping ping6 traceroute traceroute6 snmp - nat - vrrp - dhcp - - rtadvd 18 Internet Initiative Japan Inc.
2 2.1 IP [ ] interface { <lan> <vlan> } { address add } <local IPaddress/prefixlen> interface lan1 { address add } dhcp interface { <pppoe> <tunnel> <ipsec> } { address add } <local IPaddress/prefixlen> remote <remote IPaddress> [ ] <lan> LAN <pppoe> <tunnel> <vlan> <ipsec> PPPoE pppoe0, pppoe1,... Tunnel tunnel0, tunnel1,... VLAN vlan0, vlan1... IPsec (ipsec0, ipsec1,...) <local IPaddress/prefixlen> IP <remote IPaddress> dhcp Point to Point IP DHCP IP [ ] IP [ ] IPv4 IPv6 address IP add IPv4 4 IPv6 8 prefixlen IPv4 IPv6 /64 dhcp lan1 IPsec VLAN PPPoE 2.9 2.10 IPsec 2.11 VLAN 2.12 PPPoE ] lan0 192.168.0.1/24 2.2 IP [ ] interface <interface> delete <IPaddress> [ ] <interface> <IPaddress> IP 19 Internet Initiative Japan Inc.
[ ] IP [ ] IPv4 IPv6 2.3 unnumbered [ ] interface <interface> unnumbered [ ] <interface> [ ] unnumbered [ ] unnumbered unnumbered lan0 IPv4 PPPoE unnumbered PPP IPCP address option OFF PPP 3.1 PPP LAN VLAN 2.4 [ ] interface <interface> description <description> [ ] <interface> <description> (0-64 ) [ ] [ ] ( 7 ) 2.5 TCP MSS [ ] interface <interface> tcp-mss { <mss> auto off } [ ] <interface> 20 Internet Initiative Japan Inc.
<mss> 32 32767 TCP MSS auto off TCP MSS TCP MSS [ ] TCP MSS [ ] PPPoE 3.1 PPP IPsec auto 32 32767 2.6 LAN [ ] interface { lan0 lan1 } media <media> [ ] <media> 10baseT 10Mbps 10baseT-FDX 100baseTX 100baseTX-FDX auto 10Mbps 100Mbps 100Mbps [ ] FutureNet CS-SEIL-410(/C) LAN [ ] LAN 10baseT,10baseT-FDX 100baseTX,100baseTX-FDX interface IPv4 IPv6 ] auto 2.7 MDI/MDI-X [ ] interface { lan0 lan1 } mdi { auto normal reverse } [ ] mdi auto normal reverse MDI MDI-X [ ] FutureNet CS-SEIL-410(/C) LAN 21 Internet Initiative Japan Inc.
[ ] LAN interface IPv4 IPv6 ] auto 2.8 WAN [ ] interface lan1 queue { normal cbq } [ ] normal cbq CBQ Class-Based Queueing [ ] WAN [ ] CBQ 11 interface IPv4 IPv6 ] normal 2.9 [ ] interface <interface> tunnel <start IPaddress> <end IPaddress> interface <interface> tunnel none interface <interface> mtu <mtu size> [ ] <interface> (tunnel0, tunnel1,...) <start IPaddress> <end IPaddress> none ] mtu 1280 IP IP <mtu size> 1280 8192 system-default MTU FutureNet CS-SEIL-410(/C) [ ] 2 [ ] IPv4, IPv6 22 Internet Initiative Japan Inc.
none IP 2.10 IPsec [ ] interface <interface> tunnel <start IPaddress> <end IPaddress> interface <interface> tunnel none interface <interface> mtu <mtu size> [ ] <interface> IPsec (ipsec0, ipsec1,...) <start IPaddress> <end IPaddress> none ] mtu 1280 IPsec IP IPsec IP IPsec <mtu size> 1280 8192 IPsec MTU system-default [ ] 2 IPsec FutureNet CS-SEIL-410(/C) [ ] IPv4, IPv6 none IP IPsec / 2.11 VLAN [ ] interface <interface> tag <tag> [over <lan interface>] interface <interface> tag none 23 Internet Initiative Japan Inc.
[ ] <interface> VLAN <tag> 1 4094 VLAN none <lan interface> [ ] VLAN VLAN VLAN LAN [ ] interface IPv4 IPv6 2.12 PPPoE [ ] interface <interface> ppp-configuration <ppp name> interface <interface> ppp-configuration none interface <interface> over <lan interface> interface <interface> over none interface <interface> mtu <mtu size> [ ] <interface> pppoe0 pppoe3 PPPoE <ppp name> PPP <lan interface> lan0, lan1 PPPoE LAN none PPPoE <mtu size> 1280 1492 PPPoE MTU system-default FutureNet CS-SEIL-410(/C) [ ] PPPoE PPP [ ] MTU ppp-configuration interface IPv4 IPv6 ] over lan1 mtu system-default 24 Internet Initiative Japan Inc.
3 PPP 3.1 PPP [ ] ppp add <ppp name> [ipcp { enable disable }] [ipv6cp { enable disable }] [keepalive { <time> none }] [ipcp-address { on off }] [ipcp-dns { on off }] [acname <ac name>] [servicename <service name>] [authentication-method { auto pap chap none }] [identifier <userid>] [passphrase <pass phrase>] [tcp-mss { auto <mss> none }] [auto-connect { vrrp always }] [ ] <ppp name> PPP (1-16, ) ipcp enable IPCP disable IPCP ipv6cp enable IPV6CP disable IPV6CP keepalive 1 3600 none ipcp-address on IPCP address option off IPCP address option ipcp-dns on DNS extension <ac name> <service name> off PPPoE Access Concentrator (0-16 ) PPPoE (0-16 ) DNS extension authentication-method pap PAP <userid> <pass phrase> chap auto none ID(0-36 ) (0-36 ) CHAP tcp-mss auto TCP MSS 512 1452 none TCP MSS TCP MSS auto-connect vrrp VRRP ( ) PPPoE VRRP 25 Internet Initiative Japan Inc.
always PPPoE VRRP PP- PoE [ ] PPP [ ] ppp IPv4 IPv6 PPP 8 PPPoE Unnumbered ipcp-address off Unnumbered Unnumbered 2.3 unnumbered PPPoE VRRP VRRP 14.1 VRRP PPP none ] ipcp enable ipv6cp enable keepalive none ipcp-address off ipcp-dns off authentication-method auto tcp-mss auto 3.2 PPP [ ] ppp modify <ppp name> [ipcp { enable disable }][ipv6cp { enable disable }] [ ] [keepalive { <time> none }] [ipcp-address { on off }] [ipcp-dns { on off }] [acname <ac name>] [servicename <service name>] [authentication-method { auto pap chap none }] [identifier <userid>] [passphrase <pass phrase>] [tcp-mss { auto <mss> none }] [ ] PPP [ ] ppp IPv4 IPv6 26 Internet Initiative Japan Inc.
3.3 PPP [ ] ppp delete <ppp name> [ ] <ppp name> PPP [ ] PPP [ ] ppp IPv4 IPv6 27 Internet Initiative Japan Inc.
4 4.1 / [ ] bridge { enable disable } [ ] enable disable [ ] / [ ] RIP RIPng OSPF bridge IPv4 IPv6 ] disable 4.2 IP [ ] bridge ip-bridging { on off } [ ] on IP off IP [ ] IP / [ ] enable IP off IP ARP FutureNet CS-SEIL-410(/C) IP IP ARP on WAN IPv4 gateway WAN disable ip-bridging bridge IPv4 IPv6 ] on 4.3 IPv6 [ ] bridge ipv6-bridging { on off } 28 Internet Initiative Japan Inc.
[ ] on IPv6 off IPv6 [ ] IPv6 / [ ] enable IPv6 off FutureNet CS-SEIL-410(/C) IPv6 disable ipv6-bridging ] on 4.4 VMAN TPID [ ] bridge vman-tpid { none <vman tpid> } [ ] <vman tpid> 0x0001 0xffff none VMAN TPID [ ] Ethernet VMAN (Virtual Metropolitan Area Network) TPID (Tag Protocol Identifier) [ ] VMAN TPID Ethertype VLAN tag VLAN ID VLAN Priority / none VMAN TPID ] none 29 Internet Initiative Japan Inc.
5 MAC 5.1 MAC [ ] macfilter add <name> [action <action>] src { any <macaddr> } [logging <log mode>] [ ] <name> (1-16, [a-za-z0-9 ]) <action> block pass <macaddr> any MAC MAC 1 : 00:e0:4d:ff:00:01 <log mode> on off [ ] Ethernet / MAC [ ] MAC lan0 32 MAC src any pass/block 1 20 logging off ] action pass logging off 5.2 MAC [ ] macfilter modify <name> [action <action>] [src { any <macaddr> }] [logging <log mode>] 30 Internet Initiative Japan Inc.
[ ] [ ] [ ] MAC src any src action show status macfilter (blocked)/ (passed) 5.3 MAC [ ] macfilter delete { all <name> [<name>...] } [ ] <name> all [ ] MAC all MAC 31 Internet Initiative Japan Inc.
6 ARP 6.1 ARP [ ] arp add <IPaddress> <MACaddress> [proxy { on off }] [ ] <IPaddress> IP <MACaddress> IP MAC proxy on ARP off ARP [ ] IP MAC ARP [ ] 16 IP 0.0.0.0 ] proxy off 6.2 ARP [ ] arp modify <IPaddress> [<MACaddress>] [proxy { on off }] [ ] [ ] ARP 6.3 ARP [ ] arp delete <IPaddress> arp delete all [ ] <IPaddress> ARP IP all ARP [ ] ARP all ARP 6.4 NAT Proxy ARP / [ ] arp reply-nat { on off } 32 Internet Initiative Japan Inc.
[ ] on NAT Proxy ARP off NAT Proxy ARP [ ] NAT IP IP ARP NAT Proxy ARP / [ ] NAT IP nat static add <private IPaddress> <global IPaddress> nat dynamic add global <global IPaddress> nat napt add global <global IPaddress> ] off 33 Internet Initiative Japan Inc.
7 7.1 [ ] route add <dst address/prefixlen> { <gateway address> <interface> dhcp discard } [distance { <distance> system-default }] [metric { <metric> system-default }] route add default { <gateway address> <interface> dhcp discard } [distance { <distance> system-default }] [metric { <metric> system-default }] [ ] <dst address/prefixlen> IPv4 <gateway address> <interface> dhcp discard DHCP default route discard <distance> 1 255 <metric> 1 15 RIP metric [ ] [ ] metric RIP metric distance gateway dhcp dhcp default route interface dhcp dhcp gateway discard MultiPath 512 route IPv4 ] default pppoe0 metric system-default distance system-default 34 Internet Initiative Japan Inc.
7.2 [ ] route modify <dst address/prefixlen> [<gateway address> <interface> dhcp discard] [distance { <distance> system-default }] [metric { <metric> system-default }] route modify default [ ] [<gateway address> <interface> dhcp discard] [distance { <distance> system-default }] [metric { <metric> system-default }] [ ] [ ] metric RIP metric distance MultiPath distance metric route IPv4 7.3 [ ] route delete <dst address/prefixlen> route delete default route delete all [ ] <dst address/prefixlen> IPv4 default all [ ] [ ] MultiPath 7.4 MultiPath route IPv4 7.4 MultiPath [ ] route delete <dst address/prefixlen> 35 Internet Initiative Japan Inc.
{ <gateway address> <interface> discard } route delete <dst address/prefixlen> all route delete default { <gateway address> <interface> discard } route delete default all [ ] <dst address/prefixlen> IPv4 default <gateway address> <interface> discard all IPv4 discard [ ] MultiPath [ ] route IPv4 7.5 [ ] route dynamic auth-key add <key-name> type plain-text password <password> route dynamic auth-key add <key-name> type md5 keyid <keyid> password <password> [ ] <key-name> (1-16, [!#] ) <password> (1-16, [!#] ) <keyid> 1 255 MD5 ID [ ] [ ] 64 plain-text OSPF 8 route IPv4 7.6 [ ] route dynamic auth-key delete <key-name> route dynamic auth-key delete all [ ] 36 Internet Initiative Japan Inc.
[ ] route IPv4 7.7 [ ] route dynamic route-filter add <filter-name> [network <IPaddress>[/<prefixlen>] [exact-match]] [interface <ifname>] [metric <number>] { pass block } [set-metric <number>] [set-metric-type <number>] [ ] <filter-name> (1-16, [!#] ) network interface metric block pass set-metric set-metric-type metric [ ] metric metric-type [ ] metric OSPF set-metric-type RIP metric set-metric-type 128 route IPv4 ] network interface 7.8 [ ] route dynamic route-filter delete <filter-name> route dynamic route-filter delete all [ ] [ ] route IPv4 37 Internet Initiative Japan Inc.
7.9 RIP / [ ] route dynamic rip { enable disable } [ ] enable RIP disable RIP [ ] RIP / [ ] bridge disable route IPv4 ] disable 7.10 RIP / [ ] route dynamic rip interface <interface> { enable disable supply-only listen-only } [ ] <interface> enable disable supply-only listen-only [ ] RIP / [ ] route IPv4 ] disable 7.11 RIP [ ] route dynamic rip interface <interface> version { ripv1 ripv2 ripv2-broadcast } [ ] ripv1 RIPv1 ripv2 RIPv2 38 Internet Initiative Japan Inc.
ripv2-broadcast RIPv2 [ ] RIP [ ] route IPv4 ] ripv2 7.12 RIPv2 / [ ] route dynamic rip interface <interface> authentication { enable disable } route dynamic rip interface <interface> authentication auth-key { <key-name> none } [ ] enable disable <key-name> none [ ] RIPv2 [ ] route IPv4 ] disable 7.13 RIP / [ ] route dynamic rip interface <interface> route-filter { in out } <route-filter-name>[,<route-filter-name>...] route dynamic rip interface <interface> route-filter { in out } none [ ] in out <route-filter-name> none [ ] RIP [ ] route IPv4 39 Internet Initiative Japan Inc.
network ] none 7.14 RIP [ ] route dynamic rip default-route-originate { enable disable } [ ] enable disable [ ] RIP [ ] route IPv4 ] disable 7.15 RIP [ ] route dynamic rip update-timer { <update-timer> system-default } route dynamic rip expire-timer { <expire-timer> system-default } route dynamic rip garbage-collection-timer { <garbage-collection-timer> system-default } [ ] <update-timer> 5 2147483647 <expire-timer> 5 2147483647 <garbage-collection-timer> 5 2147483647 garbage collection [ ] RIP [ ] route IPv4 ] update-timer system-default expire-timer system-default garbage-collection-timer system-default 7.16 OSPF / 40 Internet Initiative Japan Inc.
[ ] route dynamic ospf { disable enable } [ ] enable OSPF disable OSPF [ ] OSPF / [ ] bridge disable route IPv4 ] disable 7.17 OSPF ID [ ] route dynamic ospf router-id <my-router-id> [ ] <my-router-id> 0.0.0.1 255.255.255.255 FutureNet CS-SEIL-410(/C) ID [ ] FutureNet CS-SEIL-410(/C) ID [ ] route IPv4 7.18 [ ] route dynamic ospf area add <area-id> [range <IPaddress/prefixlen>] [stub { enable disable } [no-summary { on off }] [default-cost { <cost> system-default }]] [ ] <area-id> 0.0.0.0 <IPaddress/prefixlen> stub no-summary default-cost 255.255.255.255 ID <cost> 1 65535 [ ] 41 Internet Initiative Japan Inc.
[ ] 8 0.0.0.0 range route IPv4 ] default-cost system-default stub disable no-summary off 7.19 [ ] route dynamic ospf area delete <area-id> route dynamic ospf area delete all [ ] <area-id> ID all [ ] ID [ ] route IPv4 7.20 [ ] route dynamic ospf link add { <peer-router-id> <interface> } area <area-id> [authentication auth-key { <key-name> none }] [cost { <cost> system-default }] [hello-interval { <hello-interval> system-default }] [dead-interval { <dead-interval> system-default }] [retransmit-interval { <retransmit-interval> system-default }] [transmit-delay { <transmit-delay> system-default }] [priority { <priority> system-default }] [ ] <peer-router-id> Router-ID <interface> <area-id> <key-name> none OSPF (1-16, [!#] ) <cost> 1 65535 42 Internet Initiative Japan Inc.
<hello-interval> 1 65535 Hello <dead-interval> 1 65535 <retransmit-interval> 3 65535 LSA <transmit-delay> 1 65535 LS <priority> 0 255 DB/BDR system-default FutureNet CS-SEIL-410(/C) [ ] OSPF [ ] <area-id> route dynamic ospf area add ID <key-name> MD5 2 cost priority DR BDR 0 DR BDR route IPv4 ] cost system-default hello-interval system-default dead-interval system-default retransmit-interval system-default transmit-delay system-default priority system-default 7.21 [ ] route dynamic ospf link delete { <interface> all } [ ] <interface> OSPF all [ ] OSPF [ ] route IPv4 43 Internet Initiative Japan Inc.
7.22 distance [ ] route dynamic ospf administrative-distance { external inter-area intra-area } { <number> system-default } [ ] external distance inter-area intra-area distance distance <number> 1 255 distance system-default FutureNet CS-SEIL-410(/C) [ ] distance [ ] route IPv4 ] system-default 7.23 OSPF [ ] route dynamic ospf default-route-originate { enable disable } [metric <metric>] [metric-type { 1 2 }] [ ] enable disable <metric> 0 16777214 metric <metric-type> 1 or 2 metric-type [ ] OSPF [ ] route IPv4 ] disable metric 10 metric-type 2 7.24 [ ] route dynamic redistribute { static-to-rip ospf-to-rip } { enable disable } [metric <metric>] 44 Internet Initiative Japan Inc.
[route-filter <route-filter-name>[,<route-filter-name>...]] route dynamic redistribute connected-to-rip { enable disable } [metric <metric>] route dynamic redistribute { static-to-ospf rip-to-ospf } { enable disable } [metric <metric>] [metric-type <metric-type>] [route-filter <route-filter-name>[,<route-filter-name>...]] route dynamic redistribute connected-to-ospf { enable disable } [metric <metric>] [metric-type <metric-type>] [ ] enable disable <metric> RIP: 1 15 metric OSPF: 0 16777214 metric <metric-type> 1 or 2 metric-type route-filter [ ] Connected RIP OSPF RIP OSPF [ ] route IPv4 ] static-to-rip disable connected-to-rip enable ospf-to-rip disable static-to-ospf disable connected-to-ospf enable rip-to-ospf disable metric 1 metric-type 2 7.25 IPv4 (PIM-SM) / [ ] route dynamic pim-sparse { enable disable } [ ] enable IPv4 disable IPv4 [ ] IPv4 PIM-SM / [ ] route IPv4 45 Internet Initiative Japan Inc.
] disable 7.26 IPv4 (PIM-SM) [ ] route dynamic pim-sparse interface <interface> { enable disable } [ ] <interface> enable disable IPv4 IPv4 [ ] IPv4 PIM-SM [ ] route IPv4 ] disable 7.27 IPv6 [ ] route6 add <dst IPaddress/prefixlen> { <gateway IPaddress> <interface> discard } [distance { <distance> system-default }] route6 add default { <gateway IPaddress> <interface> discard } [distance { <distance> system-default }] [ ] <dst IPaddress/prefixlen> IPv6 default <gateway IPaddress> <interface> discard IPv6 discard <distance> 1 255 [ ] default [ ] distance 512 discard MultiPath 46 Internet Initiative Japan Inc.
route6 IPv6 7.28 IPv6 [ ] route6 modify <dst IPaddress/prefixlen> [<gateway IPaddress> <interface> discard] [distance { <distance> system-default }] route6 modify default [ ] [<gateway IPaddress> <interface> discard] [distance { <distance> system-default }] [ ] [ ] distance MultiPath distance metric route6 IPv6 7.29 IPv6 [ ] route6 delete <dst IPaddress/prefixlen> route6 delete default route6 delete all [ ] <dst IPaddress/prefixlen> IPv6 default all [ ] IPv6 [ ] MultiPath route6 IPv6 7.30 IPv6 MultiPath [ ] route6 delete <dst IPaddress/prefixlen> { <gateway IPaddress> <interface> discard } 47 Internet Initiative Japan Inc.
route6 delete <dst IPaddress/prefixlen> all route6 delete default { <gateway IPaddress> <interface> discard } route6 delete default all [ ] <dst IPaddress/prefixlen> IPv6 default <gateway IPaddress> <interface> discard all IPv6 discard [ ] IPv6 MultiPath [ ] MultiPath route6 IPv6 7.31 RIPng / [ ] route6 dynamic ripng { enable disable } [ ] enable RIPng disable RIPng [ ] RIPng / [ ] bridge disable route6 IPv6 ] disable 7.32 RIPng [ ] route6 dynamic ripng interface <interface> { enable disable supply-only listen-only } [ ] <interface> enable disable supply-only listen-only 48 Internet Initiative Japan Inc.
[ ] RIPng [ ] route6 IPv6 ] disable 7.33 RIPng [ ] route6 dynamic ripng interface <interface> aggregate add <prefix/prefixlen> metric <metric> route6 dynamic ripng interface <interface> aggregate delete <prefix/prefixlen> [ ] <interface> <prefix/prefixlen> <metric> 1 15 metric [ ] [ ] route6 IPv6 ] metric 1 7.34 RIPng [ ] route6 dynamic redistribute static-to-ripng { enable disable } [metric <metric>] route6 dynamic redistribute connected-to-ripng { enable disable } [metric <metric>] [ ] enable disable <metric> 1 15 metric [ ] Connected RIPng [ ] route6 IPv6 ] static-to-ripng disable 49 Internet Initiative Japan Inc.
connected-to-ripng enable metric 1 7.35 IPv6 (PIM-SM) / [ ] route6 dynamic pim-sparse { enable disable } [ ] enable IPv6 disable IPv6 [ ] IPv6 PIM-SM / [ ] route6 IPv6 ] disable 7.36 IPv6 (PIM-SM) [ ] route6 dynamic pim-sparse interface <interface> { enable disable } [ ] <interface> enable disable IPv6 IPv6 [ ] IPv6 PIM-SM [ ] route6 IPv6 ] disable 50 Internet Initiative Japan Inc.
8 8.1 [ ] filter add <filter name> action <action> interface <interface> direction <direct mode> [protocol <protocol>] [src <src IPaddress/prefixlen>] [srcport <src port range>] [dst <dst IPaddress/prefixlen>] [dstport <dst port range>] [state <state>] [state-ttl <ttl>] [logging <log mode>] [<priority>[<base name>]] [enable disable] [ ] <filter name> (1-16, [a-za-z0-9 ]) <action> block <interface> pass <direct mode> in out in/out <protocol> ip IP <src IPaddress/prefixlen> tcp tcp-synonly tcp-established udp tcpudp icmp ipv6-icmp igmp ah esp 0 255 IP TCP TCP TCP UDP TCP UDP ICMP ICMPv6 IGMP AH ESP <src port range> 0 65535 <dst IPaddress/prefixlen> IP 51 Internet Initiative Japan Inc.
<dst port range> 0 65535 <state> enable disable <ttl> 5 999999 normal <log mode> on off <priority> top <base name> enable disable bottom above below [ ] [ ] protocol tcp-synonly action block protocol tcp-established action pass 512 IP IP 0.0.0.0/0 state enable action pass direction out state-ttl normal TTL port 53 15 180 filter IPv4 ] protocol src 0.0.0.0/0 srcport 0-65535 dst 0.0.0.0/0 dstport 0-65535 state disable state-ttl normal logging on priority bottom enable 52 Internet Initiative Japan Inc.
8.2 [ ] filter modify <filter name> [action <action>] [interface <interface>] [ ] [direction <direct mode>] [protocol <protocol>] [src <src IPaddress/prefixlen>] [srcport <src port range>] [dst <dst IPaddress/prefixlen>] [dstport <dst port range>] [state <state>] [state-ttl <ttl>] [logging <log mode>] [enable disable] [ ] [ ] filter move filter IPv4 8.3 [ ] filter delete <filter name>... filter delete all [ ] <filter name> all [ ] all [ ] filter IPv4 8.4 / [ ] filter { enable disable } <filter name>... filter { enable disable } all [ ] <enable> <disable> <filter name> all 53 Internet Initiative Japan Inc.
[ ] all / [ ] filter IPv4 8.5 [ ] filter move <filter name> { top bottom } filter move <filter name> { above below } <base name> [ ] <filter name> <base name> top bottom above below [ ] [ ] filter IPv4 8.6 IPv6 [ ] filter6 add <filter name> action <action> interface <interface> direction <direct mode> [protocol <protocol>] [src <src IPaddress/prefixlen>] [srcport <src port range>] [dst <dst IPaddress/prefixlen>] [dstport <dst port range>] [state <state>] [state-ttl <ttl>] [logging <log mode>] [<priority>[<base name>]] [enable disable] [ ] <filter name> (1-16, [a-za-z0-9 ]) <action> block <interface> pass <direct mode> in out 54 Internet Initiative Japan Inc.
in/out <protocol> ip IP <src IPaddress/prefixlen> tcp tcp-synonly tcp-established udp tcpudp icmp ipv6-icmp igmp ah esp 0 255 IP TCP TCP TCP UDP TCP UDP ICMP ICMPv6 IGMP AH ESP <src port range> 0 65535 <dst IPaddress/prefixlen> IP <dst port range> 0 65535 <state> enable disable <ttl> 5 999999 normal <log mode> on off <priority> top <base name> enable disable bottom above below [ ] / [ ] protocol tcp-synonly action block protocol tcp-established action pass 512 55 Internet Initiative Japan Inc.
IP IP ::/0 state enable action pass direction out state-ttl normal TTL port 53 15 180 filter6 IPv6 ] protocol src ::/0 srcport 0-65535 dst ::/0 dstport 0-65535 state disable state-ttl normal logging on priority bottom enable 8.7 IPv6 [ ] filter6 modify <filter name> [action <action>] [interface <interface>] [ ] [direction <direct mode>] [protocol <protocol>] [src <src IPaddress/prefixlen>] [srcport <src port range>] [dst <dst IPaddress/prefixlen>] [dstport <dst port range>] [state <state>] [state-ttl <ttl>] [logging <log mode>] [enable disable] [ ] [ ] filter6 move filter6 IPv6 8.8 IPv6 [ ] filter6 delete <filter name>... 56 Internet Initiative Japan Inc.
filter6 delete all [ ] <filter name> all [ ] [ ] all filter6 IPv6 8.9 IPv6 / [ ] filter6 { enable disable } <filter name>... filter6 { enable disable } all [ ] enable disable <filter name> all [ ] [ ] all / filter6 IPv6 8.10 IPv6 [ ] filter6 move <filter name> { top bottom } filter6 move <filter name> { above below } <base name> [ ] <filter name> <base name> top bottom above below [ ] 57 Internet Initiative Japan Inc.
[ ] filter6 IPv6 58 Internet Initiative Japan Inc.
9 NAT 9.1 NAT [ ] nat static add <private IPaddress> <global IPaddress> [interface <interface-name>] [ ] <private IPaddress> NAT IP ( ) <global IPaddress> <interface-name> IP IP ( ) NAT [ ] IP IP NAT [ ] 32 ] interface lan1 9.2 NAT [ ] nat static delete <private IPaddress> <global IPaddress> interface <interface-name> nat static delete all [ ] <private IPaddress> NAT IP <global IPaddress> <interface-name> all IP IP NAT NAT [ ] NAT all NAT 9.3 NAT IP ( ) [ ] nat dynamic add private <private IPaddress> [interface <interface-name>] [ ] <private IPaddress> NAT IP ( 59 Internet Initiative Japan Inc.
<interface-name> ) NAT [ ] NAT IP [ ] nat dynamic add global NAT 8 ] interface lan1 9.4 NAT IP ( ) [ ] nat dynamic add global <global IPaddress> [interface <interface-name>] [ ] <global IPaddress> IP IP <interface-name> ( ) NAT [ ] NAT IP IP [ ] NAT IP NAT 8 ] interface lan1 9.5 NAT IP ( ) [ ] nat dynamic delete private <private IPaddress> interface <interface-name> [ ] <private IPaddress> NAT IP ( ) <interface-name> NAT [ ] IP NAT 9.6 NAT IP ( ) [ ] nat dynamic delete global <global IPaddress> interface <interface-name> [ ] <global IPaddress> IP IP 60 Internet Initiative Japan Inc.
<interface-name> ( ) NAT [ ] IP NAT IP IP 9.7 NAT [ ] nat dynamic delete all [ ] all NAT [ ] NAT 9.8 NAPT IP ( ) [ ] nat napt add private <private IPaddress> [interface <interface-name>] [ ] <private IPaddress > NAPT IP ( ) <interface-name> NAT [ ] NAPT IP [ ] 8 ] 192.168.0.0-192.168.255.255 interface lan1 9.9 NAPT IP [ ] nat napt add global <global IPaddress> [interface <interface-name>] [ ] <global IPaddress> NAPT IP <interface-name> IP NAT [ ] NAPT IP [ ] 61 Internet Initiative Japan Inc.
] interface lan1 9.10 NAPT IP ( ) [ ] nat napt delete private <private IPaddress> interface <interface-name> nat napt delete private all [ ] <private IPaddress> NAPT IP ( ) <interface-name> all NAT NAPT IP [ ] IP NAPT IP 9.11 NAPT IP [ ] nat napt delete global <global IPaddress> interface <interface-name> nat napt delete global all [ ] <global IPaddress> NAPT IP <interface-name> all IP NAT NAPT IP IP [ ] IP NAPT IP IP 9.12 NAPT [ ] nat napt delete all [ ] all NAPT [ ] NAPT 9.13 NAPT [ ] nat snapt add protocol <protocol> listen <listen port> [interface <interface-name>] 62 Internet Initiative Japan Inc.
forward <forward IPaddress> <forward port> [enable disable] nat snapt add default <forward IPaddress> [interface <interface-name>] [ ] <protocol> tcp TCP udp tcpudp UDP TCP, UDP <listen port> 1 65535 IP default <interface-name> <forward IPaddress> IP NAPT NAT IP <forward port> 1 65535 IP enable disable [ ] IP IP default IP [ ] NAPT 256 nat napt add global ] interface lan1 9.14 NAPT [ ] nat snapt delete protocol <protocol> listen <listen port> interface <interface-name> nat snapt delete all interface <interface-name> nat snapt delete default [ ] <protocol> tcp TCP udp UDP 63 Internet Initiative Japan Inc.
tcpudp TCP, UDP <listen port> 1 65535 IP default <interface-name> all IP NAPT NAT NAPT [ ] NAPT <protocol> <listen port> 9.15 NAPT / [ ] nat snapt { enable disable } protocol <protocol> listen <listen port> [ ] enable disable <protocol> tcp TCP udp tcpudp UDP TCP, UDP <listen port> 1 65535 IP [ ] NAPT / 9.16 SIP [ ] nat proxy sip add port <port> [protocol <protocol>] [ ] <port> 1 65535 SIP <protocol> tcp TCP udp tcpudp UDP TCP, UDP [ ] SIP [ ] SIP SIP NAT 4 64 Internet Initiative Japan Inc.
] port 5060 protocol tcpudp 9.17 SIP [ ] nat proxy sip delete port <port> [protocol <protocol>] nat proxy sip delete all [ ] <port> 1 65535 SIP <protocol> tcp TCP all udp tcpudp UDP TCP, UDP [ ] SIP 9.18 NAT [ ] nat timeout <time> [ ] <time> 5 999999 ( ) [ ] IP IP ] 900( ) ( ) 9.19 NAT [ ] nat logging { on off } [ ] on NAT off NAT [ ] NAT ] off 9.20 Reflection NAT 65 Internet Initiative Japan Inc.
[ ] nat reflect add interface <interface-name> [ ] <interface-name> Reflection NAT [ ] NAT Reflection NAT [ ] Reflection NAT 8 NAT NAPT 9.21 Reflection NAT [ ] nat reflect delete interface <interface-name> nat reflect delete interface all [ ] <interface-name> Reflection NAT all [ ] Reflection NAT [ ] NAT, NAPT 9.22 UPnP / [ ] nat upnp { on off } [ ] on UPnP off UPnP [ ] UPnP / [ ] UPnP NAPT Windows Messenger ] off 9.23 UPnP [ ] nat upnp interface <interface> 66 Internet Initiative Japan Inc.
[ ] <interface> LAN PPPoE [ ] UPnP NAPT ] lan1 1 pppoe0 UPnP NAPT nat upnp interface pppoe0 67 Internet Initiative Japan Inc.
10 IPsec 10.1 [ ] ipsec security-association proposal add <SAP name> authentication-algorithm <auth algo>,... encryption-algorithm <enc algo>,... [lifetime-of-time { <time> system-default }] [pfs-group { <pfs-group> none }] [ ] <SAP name> (1-16, <auth algo> <enc algo> <time> <pfs-group> system-default ] lifetime-of-time 28800 pfs-gruop none [a-za-z0-9 ]) AH ESP IKE IPsec 1 99999999 Diffie-Hellman FutureNet CS-SEIL-410(/C) [ ] IKE IPsec [ ] IKE 2 8 Diffie-Hellman modp768, modp1024, modp1536 AH hmac-md5, hmac-sha1 ESP 3des, des, blowfish, cast128, rijndael 32 ipsec IPv4 IPv6 lifetime-of-time d h m d h m 68 Internet Initiative Japan Inc.
10.2 [ ] ipsec security-association proposal modify <SAP name> [ ] ] : [authentication-algorithm <auth algo>[,<auth algo>...]] [encryption-algorithm <enc algo>[,<enc algo>...]] [lifetime-of-time { <time> system-default }] [pfs-group { <pfs-group> system-default }] [ ] [ ] ipsec IPv4 IPv6 10.3 [ ] ipsec security-association proposal delete <SAP name>... ipsec security-association proposal delete all [ ] <SAP name> all [ ] [ ] ipsec IPv4 IPv6 10.4 [ ] ipsec security-association add <SA name> { { tunnel transport } { <start IPaddress> <end IPaddress> <start Interface> <end IPaddress> dynamic auto } tunnel-interface <ipsec Interface> } [to-auth { none ah <spi> <ah auth algorithm> <auth keyphrase> }] [to-encap { esp <spi> <esp algorithm> <esp keyphrase> esp-auth <spi> <esp algorithm> <esp keyphrase> <auth algorithm> <auth keyphrase> }] [from-auth { none ah <spi> <auth algorithm> <auth keyphrase> }] 69 Internet Initiative Japan Inc.
[from-encap { esp <spi> <esp algorithm> <esp keyphrase> esp-auth <spi> <esp algorithm> <esp keyphrase> <auth algorithm> <auth keyphrase> }] [ ] <SA name> (1-16, [a-za-z0-9 ]) <start IPaddress> <end IPaddress> dynamic auto tunnel transport tunnel-interface IPsec / IP IPsec / IP IPsec / IP IPsec / IP IPsec IPsec IPsec <spi> 0x100 0xffffffff <auth algorithm> <esp algorithm> <auth keyphrase> <esp keyphrase> ] to-auth none to-encap none from-auth none from-encap none 16 9 IPsec 16 9 IPsec [ ] IPsec [ ] IPsec IPsec ipsec ipsec <start IPaddress> FutureNet CS-SEIL-410(/C) IP IP NAPT IP <start IPaddress> <start Interface> 70 Internet Initiative Japan Inc.
to-auth from-auth to-encap from-encap to-encap from-encap to-auth from-auth 64 ipsec IPv4 IPv6 10 11. auto / IPv4 32 IPv6 128 9: IPsec des 16 64bit hmac-md5 32 128bit 3des 48 192bit keyed-md5 32 128bit blowfish 10 112 40 448bit hmac-sha1 40 160bit cast128 10 32 40 128bit keyed-sha1 40 160bit rijndael 32 64 128 256bit 10: des, 3des, rijndael hmac-md5, hmac-sha1 ESP 71 Internet Initiative Japan Inc.
11: AH ( ) ESP ( / ) ESP-Auth ( / ) AH + ESP (AH ESP ) AH + ESP-Auth ( ) (AH ESP ) 10.5 [ ] ipsec security-association modify <SA name> [ ] ] : [to-auth { none ah <spi> <ah auth algorithm> <auth keyphrase> }] [to-encap { esp <spi> <esp algorithm> <esp keyphrase> esp-auth <spi> <esp algorithm> <esp keyphrase> <auth algorithm> <auth keyphrase> }] [from-auth { none ah <spi> <auth algorithm> <auth keyphrase> }] [from-encap { esp <spi> <esp algorithm> <esp keyphrase> esp-auth <spi> <esp algorithm> <esp keyphrase> <auth algorithm> <auth keyphrase> }] [ ] IPsec [ ] <start IPaddress> FutureNet CS-SEIL-410(/C) IP IP NAPT IP to-encap from-encap to-auth from-auth ipsec IPv4 IPv6 10.6 IKE [ ] ipsec security-association add <SA name> { tunnel transport } 72 Internet Initiative Japan Inc.
{ <start IPaddress> <end IPaddress> <start Interface> <end IPaddress> dynamic auto } ike <SAP name> ah { enable disable } esp { enable disable } ipsec security-association add <SA name> tunnel-interface <IPsec Interface> ike <SAP name> ah { enable disable } esp { enable disable } [ ] <SA name> (1-16, [a-za-z0-9 ]) <start IPaddress> <end IPaddress> tunnel transport tunnel-interface <SAP name> ah esp ] ah disable ipv6 pass IPsec / IP IPsec / IP IPsec IPsec IPsec SA AH / ESP / [ ] IPsec [ ] IPsec IPsec ipsec ipsec <start IPaddress> FutureNet CS-SEIL-410(/C) IP IP NAPT IP dynamic IP auto IP IPv4 32 IPv6 128 dynamic ah 73 Internet Initiative Japan Inc.
64 ipsec IPv4 IPv6 10.7 IKE [ ] ipsec security-association modify <SA name> [ ] ] : [ike <SAP name>] [ah { enable disable }] [esp { enable disable }] [ ] IPsec [ ] ah ipsec IPv4 IPv6 10.8 [ ] ipsec security-association add <SA name> pass ipsec security-association add <SA name> block [ ] <SA name> pass block IPsec IPsec [ ] 10.9 [ ] ipsec security-association delete <SA name>... ipsec security-association delete all [ ] <SA name> all [ ] all 74 Internet Initiative Japan Inc.
[ ] ipsec IPv4 IPv6 10.10 [ ] ipsec security-policy add <SP name> security-association <SA name> src { <src IPaddress/prefixlen> <src Interface> } dst <dst IPaddress/prefixlen> [protocol <protocol>] [srcport <src port>] [dstport <dst port>] [enable disable] [ ] <SP name> (1-16, [a-za-z0-9 ]) <SA name> <protocol> ip IP <src IPaddress/prefixlen> tcp udp icmp ipv6-icmp igmp ah esp any 0 254 TCP UDP ICMP ICMPv6 IGMP AH ESP IP any <src Interface> IP <src port> 1 65535 <dst IPaddress/prefixlen> any IP any <dst port> 1 65535 enable disable ] protocol any src any srcport any any 75 Internet Initiative Japan Inc.
dst any dst port any enable [ ] IPsec [ ] <src IPaddress/prefixlen> <dst IPaddress/prefixlen> 128 ipsec IPv4 IPv6 <src IPaddress/prefixlen> <dst IPaddress/prefixlen> any <src Interface> IPv4 32 IPv6 128 10.11 [ ] ipsec security-policy modify <SP name> [ ] ] : [security-association <SA name>] [protocol <protocol>] [src { <src IPaddress/prefixlen> <src Interface> }] [srcport <src port>] [dst <dst IPaddress/prefixlen>] [dstport <dst port>] [enable disable] [ ] IPsec [ ] ipsec IPv4 IPv6 10.12 [ ] ipsec security-policy delete <SP name>... ipsec security-policy delete all [ ] <SP name> all [ ] 76 Internet Initiative Japan Inc.
all [ ] ipsec IPv4 IPv6 10.13 / [ ] ipsec security-policy [enable disable] <SP name>... ipsec security-policy [enable disable] all [ ] enable disable <SP name> all [ ] / all / [ ] ipsec IPv4 IPv6 10.14 [ ] ipsec security-policy move <SP name> [top bottom] ipsec security-policy move <SP name> [above below] <base name> [ ] <SP name> <base name> top bottom above below [ ] IPsec [ ] ipsec IPv4 IPv6 10.15 IKE 77 Internet Initiative Japan Inc.
[ ] ike retry { <retry> system-default } ike interval { <interval> system-default } ike phase1-timeout { <phase1-timeout> system-default } ike phase2-timeout { <phase2-timeout> system-default } ike per-send { <packets> system-default } [ ] <retry> 1 2147483647 <interval> <phase1-timeout> <phase2-timeout> <packets> system-default ] retry 5 interval 10 phase1-timeout 30 phase2-timeout 30 per-send 1 1 86400 1 1 86400 2 1 86400 1 (1 65535 ) FutureNet CS-SEIL-410(/C) [ ] IKE 10.16 IKE [ ] ike auto-initiation { enable disable system-default } [ ] enable disable system-default ] disable FutureNet CS-SEIL-410(/C) [ ] IKE [ ] IPsec/IKE SA SA 10.17 IKE [ ] ike randomize-padding-value { enable disable system-default } ike randomize-padding-length { enable disable system-default } ike maximum-padding-length { <length> system-default } 78 Internet Initiative Japan Inc.
ike strict-padding-byte-check { enable disable system-default } ike exclusive-tail { enable disable system-default } [ ] randomize-padding-value randomize-padding-length <length> strict-padding-byte-check exclusive-tail system-default ] randomize-padding-value enable randomize-padding-length disable maximum-padding-length 20 strict-padding-byte-check disable exclusive-tail enable (1 65535bytes) FutureNet CS-SEIL-410(/C) [ ] IKE 10.18 IKE Peer [ ] ike peer add <peer name> exchange-mode { main aggressive base } proposals <proposal>,...address { <address> dynamic } [port { <port> system-default }] [check-level { <level> system-default }] [initial-contact { enable disable system-default }] [ipsec-doi { enable disable system-default }] [my-identifier [{ fqdn user-fqdn } <psk name> address system-default]] [nonce-size { <size> system-default }] [peers-identifier [{ fqdn user-fqdn } <psk name> address system-default]] [situation-identity-only { enable disable system-default }] [variable-size-key-exchange-payload { enable disable system-default }] [tunnel-interface { enable disable }] [ ] <peer name> IKE Peer (1-16 ) exchange-mode <proposal> <address> dynamic 1 IKE IKE IP IP 79 Internet Initiative Japan Inc.