administrator password encrypted (パスワード※：必須) ※暗号化されて表示されます。
login user (ユーザー名：必須) (パスワード：必須)
user attribute admin administrator=2
console character ja.utf8
ip route default gateway pp 2
ip route 192.168.1.0/24 gateway tunnel 1
ip route (フレッツ・VPNワイドより割り当てられる対向拠点の固定IPアドレス) gateway pp 1
ip filter source-route on
ip filter directed-broadcast on
lan flexible-port lan1=2-8,10 lan2=9 lan3=1
ip lan1 address 172.16.0.1/24
vlan lan1/1 802.1q vid=10 name=VLAN10
ip lan1/1 address 172.21.0.1/24
vlan lan1/2 802.1q vid=20 name=VLAN20
ip lan1/2 address 172.22.0.1/23
vlan lan1/3 802.1q vid=50 name=VLAN50
ip lan1/3 address 172.25.0.1/22
pp select 1
 description pp (接続先説明：任意)
 pp always-on on
 pppoe use lan3
 pp auth accept pap chap
 pp auth myname (フレッツ・VPNワイドへの接続ID) (フレッツ・VPNワイドへの接続パスワード)
 ppp lcp mru on 1454
 ip pp address (フレッツ・VPNワイドより割り当てられる自拠点の固定IPアドレス)
 ip pp mtu 1454
 pp enable 1
pp select 2
 description pp (接続先説明：任意)
 pp keepalive interval 30 retry-interval=30 count=12
 pp always-on on
 pppoe use lan2
 pp auth accept pap chap
 pp auth myname (ISPへの接続ID) (ISPへの接続パスワード)
 ppp lcp mru on 1454
 ppp ipcp ipaddress on
 ip pp mtu 1454
 ip pp secure filter in 200030 200031 200001
 ip pp secure filter out 200020 200021 200022 200023 200024 200025 200026 200027 200099 dynamic 200080 200081 200082 200083 200084 200085 200086 200098 200099
 ip pp nat descriptor 1
 pp enable 2
tunnel select 1
 description tunnel (接続先説明：任意)
 ipsec tunnel 1
  ipsec sa policy 1 1 esp aes-cbc sha-hmac
  ipsec ike keepalive use 1 on
  ipsec ike local address 1 (フレッツ・VPNワイドより割り当てられる自拠点の固定IPアドレス)
  ipsec ike pre-shared-key 1 text (事前共有鍵)
  ipsec ike remote address 1 (フレッツ・VPNワイドより割り当てられる対向拠点の固定IPアドレス)
 tunnel enable 1
ip filter 200001 reject * * * * *
ip filter 200020 reject * * udp,tcp 135 *
ip filter 200021 reject * * udp,tcp * 135
ip filter 200022 reject * * udp,tcp netbios_ns-netbios_ssn *
ip filter 200023 reject * * udp,tcp * netbios_ns-netbios_ssn
ip filter 200024 reject * * udp,tcp 445 *
ip filter 200025 reject * * udp,tcp * 445
ip filter 200026 restrict * * tcpfin * www,21,nntp
ip filter 200027 restrict * * tcprst * www,21,nntp
ip filter 200030 pass * 172.16.0.0/24 tcp * ident
ip filter 200031 pass * 172.16.0.0/24 icmp
ip filter 200099 pass * * * * *
ip filter dynamic 200080 * * ftp
ip filter dynamic 200081 * * domain
ip filter dynamic 200082 * * www
ip filter dynamic 200083 * * smtp
ip filter dynamic 200084 * * pop3
ip filter dynamic 200085 * * submission
ip filter dynamic 200086 * * ping
ip filter dynamic 200098 * * tcp
ip filter dynamic 200099 * * udp
nat descriptor type 1 masquerade
ipsec auto refresh on
telnetd host lan
dns host lan1 lan1/1 lan1/2 lan1/3
dns server (ISPより指定されたDNSサーバーのアドレス)
dns private address spoof on
snmpv2c host (SNMPマネージャーのIPアドレス) (コミュニティー名)
snmpv2c community read-only (コミュニティー名)
snmpv2c trap host (SNMPマネージャーのIPアドレス) trap (コミュニティー名)
snmp trap enable snmp all
snmp trap send linkdown lan1 on
snmp trap send linkdown lan2 on
snmp trap send linkdown lan3 on
snmp trap send linkdown pp 1 on
snmp trap send linkdown pp 2 on
snmp trap send linkdown tunnel 1 on
schedule at 1 */* 06:00:00 * ntpdate ntp.nict.jp syslog
statistics traffic on
