古河電工TOP Telecom English お問い合わせ
ルータ・ネットワーク機器
製品・サービスラインナップ
ファームウエア
設定例
技術情報
マニュアル&カタログ
イベント&セミナー
セールス&サポート
ルータ・ネットワーク機器に関するお問い合わせ
情報通信トップ
古河電工TOPTelecom English お問い合わせ
閉じる
Home >ルータ・ネットワーク機器 >設定例 >設定例/組み合わせ
ここに変換元ファイルをドロップして下さいもしくは
! enable configure terminal
! end save refresh
! access-list 111 deny udp any eq 135 any access-list 111 deny udp any any eq 135 access-list 111 deny tcp any eq 135 any access-list 111 deny tcp any any eq 135 access-list 111 deny udp any range 137 139 any access-list 111 deny udp any any range 137 139 access-list 111 deny tcp any range 137 139 any access-list 111 deny tcp any any range 137 139 access-list 111 deny udp any eq 445 any access-list 111 deny udp any any eq 445 access-list 111 deny tcp any eq 445 any access-list 111 deny tcp any any eq 445 access-list 112 deny ip 192.168.100.0 0.0.0.255 any access-list 112 permit icmp any 192.168.100.0 0.0.0.255 access-list 113 spi tcp any any eq ftp access-list 113 spi tcp any any eq ftp-data access-list 113 spi tcp any any eq www access-list 113 spi udp any any eq domain access-list 113 spi tcp any any eq smtp access-list 113 spi tcp any any eq pop3 access-list 113 spi tcp any any eq 587 access-list 113 spi tcp any any access-list 113 spi udp any any access-list 114 permit ip any any access-list 115 deny ip any any ! aaa authentication login default local aaa authorization exec default local ! username guest password guest-secret !
! interface GigaEthernet 1/1.1 description GigaEther-1 vlan-id 1 bridge-group 1 #Part001_channel_group exit
! interface GigaEthernet #Part003_interface_number description GigaEther-#Part003_description vlan-id #Part003_vlan_id bridge-group #Part003_bridge_group #Part003_channel_group exit
! interface GigaEthernet 2/1.1 description GigaEther-20 vlan-id 20 bridge-group 20 #Part002_channel_group #Part002_pppoe_enable #WildCard_access-group exit
! interface GigaEthernet #Part004_interface_number description GigaEther-#Part004_description vlan-id #Part004_vlan_id bridge-group #Part004_bridge_group #Part004_channel_group #Part004_pppoe_enable #WildCard_access-group exit
! interface port-channel 1 description PortChannel-1 ip address #Part005_IPv4address 255.255.255.0 #Part005_ip_dhcp_service #Part005_ip_dhcp_server-profile #Part005_mss exit
! interface port-channel 20 description PortChannel-20 ip address #Part006_IPv4address 255.255.255.0 exit
! pppoe profile PPPOE_PROF account user@xxxx.ne.jp secret exit
! interface tunnel 1 description #Part008_description #WildCard_access-group #Part008_tunnel_mode_pppoe #Part008_pppoe_interface #Part008_nat_inside_source #Part008_IPv4address exit
! ip route 0.0.0.0 0.0.0.0 tunnel 1
! ip nat list 1 192.168.2.0 0.0.0.255
! ip dhcp server-profile lan2 address #Part011_octetFirstToThird_1.2 #Part011_octetFirstToThird_2.127 lease-time 28800 dns 203.0.113.1 203.0.113.2 domain example.co.jp gateway #Part011_octetFirstToThird_3.1 wins-server #Part011_octetFirstToThird_4.254 exit
! crypto isakmp policy P1-POLICY authentication pre-share encryption aes encryption-keysize aes 256 256 256 group 14 lifetime 86400 hash sha-256 set security-association softlimit initiate seconds 60 set security-association softlimit respond seconds 30 #Part012_initiate_mode exit
! crypto ipsec policy P2-POLICY set pfs group14 set security-association always-up set security-association lifetime seconds 28800 set security-association transform-keysize aes 256 256 256 set security-association transform esp-aes esp-sha256-hmac set mtu 1454 set mss 1300 set ip df-bit 0 set ip fragment post exit
! crypto ipsec selector SELECTOR src 1 ipv4 any dst 1 ipv4 any exit
! crypto isakmp profile PROF0001 #Part015_local_address match identity user center self-identity user-fqdn id-kyoten set isakmp-policy P1-POLICY set ipsec-policy P2-POLICY set peer 192.0.2.1 ike-version #Part015_ike_version local-key SECRET-VPN exit
! crypto map CENTER ipsec-isakmp match address SELECTOR set isakmp-profile PROF0001 exit
! crypto isakmp keepalive
! logging buffer level informational crypto isakmp log sa crypto isakmp log session crypto isakmp log negotiation-fail
! interface Tunnel 2 description CENTER tunnel mode ipsec map CENTER exit
! ip route 192.168.1.0 255.255.255.0 tunnel 2
! f-rakunet tenant id <テナントID> password <テナントパスワード> f-rakunet host service.f-rakunet.jp:5000
ページの先頭へ