miio · January 1, 2016 04:39
diff --git a/ix2015-ggj2014 b/ix2015-ggj2014
 ! NEC Portable Internetwork Core Operating System Software
 ! IX Series IX2010 (magellan-sec) Software, Version 8.3.47, RELEASE SOFTWARE
 ! Compiled Aug 27-Fri-2010 10:36:11 JST #1
 ! Last updated Dec 23-Mon-2013 15:57:03 JST
 !
 !
 hostname sanjose
 timezone +09 00
 !
 !
 !
 username admin password hash **************** administrator
 !
 !
 !
 !
 !
 !
 logging buffered 8000000
 logging subsystem all debug
 !       
 !
 ip ufs-cache enable
 ip route default FastEthernet0/0.0 
 ip route default 192.168.2.1 
 ip route 192.168.222.0/24 Tunnel0.0 
 ip dhcp enable
 ip access-list admin_console permit ip src any dest 172.16.24.0/24
 ip access-list admin_console permit ip src any dest 192.168.2.0/24
 ip access-list admin_console permit ip src any dest 192.168.222.0/24
 ip access-list ipsec-list permit ip src any dest any
 ip access-list management permit ip src 172.16.24.0/24 dest any
 !
 !
 !
 ike proposal ike-prop encryption 3des hash sha group 1024-bit
 ike proposal ikeprop encryption aes hash sha group 1024-bit
 !
 ike suppress-dangling
 !
 ike policy ike-policy peer **.**.**.** key-type secret 1 key ******************************* ikeprop
 ike keepalive ike-policy 30 6
 !       
 ipsec autokey-proposal ipsec-prop esp-3des esp-sha
 ipsec autokey-proposal secprop esp-aes esp-sha
 !
 ipsec autokey-map ipsec-policy ipsec-list peer **.**.**.** secproc
 ipsec local-id ipsec-policy 172.16.24.0/24
 ipsec remote-id ipsec-policy 192.168.222.1
 !
 !
 !
 !
 !
 !
 proxy-dns ip enable
 proxy-dns server 192.168.2.1
 !
 telnet-server ip enable
 !
 http-server username admin
 http-server ip access-list admin_console
 http-server ip enable
 !
 !       
 !
 !
 !
 !
 !
 watch-group host 10
  event 10 ip unreach-host 192.168.222.1 Tunnel0.0 source FastEthernet0/0.1
  probe-timer restorer 60
  probe-timer variance 60
 !
 network-monitor host enable
 !
 !
 ip dhcp profile default-dhcp
  assignable-range 172.16.24.2 172.16.24.254
  default-gateway 172.16.24.1
  dns-server 172.16.24.1
 !
 device FastEthernet0/0
 !
 device FastEthernet0/1
 !       
 device FastEthernet1/0
 !
 device BRI1/0
  isdn switch-type hsd128k
 !
 interface FastEthernet0/0.0
  description upstream
  ip address 192.168.2.2/24 
  ip napt enable
  no shutdown
 !
 interface FastEthernet0/1.0
  no ip address
  shutdown
 !
 interface FastEthernet1/0.0
  ip address 172.16.24.1/24 
  ip mtu 1454
  ip tcp adjust-mss 1414
  ip napt translation max-entries 65535
  ip napt translation max-entries per-address 6553
  ip dhcp binding default-dhcp
  no shutdown
 !
 interface BRI1/0.0
  encapsulation ppp
  no auto-connect
  no ip address
  shutdown
 !
 interface FastEthernet0/0.1
  encapsulation pppoe
  auto-connect
  ip address ipcp
  ip tcp adjust-mss auto
  ip napt enable
  ip napt static FastEthernet0/0.1 50
  no shutdown
 !
 interface Loopback0.0
  no ip address
 !
 interface Null0.0
  no ip address
 !
 interface Tunnel0.0
  description vpn-gateway
  tunnel mode ipsec
  ip unnumbered FastEthernet0/0.1
  ip tcp adjust-mss auto
  ipsec policy tunnel ipsec-policy out
  no shutdown
	! NEC Portable Internetwork Core Operating System Software
	! IX Series IX2010 (magellan-sec) Software, Version 8.3.47, RELEASE SOFTWARE
	! Compiled Aug 27-Fri-2010 10:36:11 JST #1
	! Last updated Dec 23-Mon-2013 15:57:03 JST
	!
	!
	hostname sanjose
	timezone +09 00
	!
	!
	!
	username admin password hash **************** administrator
	!
	!
	!
	!
	!
	!
	logging buffered 8000000
	logging subsystem all debug
	!
	!
	ip ufs-cache enable
	ip route default FastEthernet0/0.0
	ip route default 192.168.2.1
	ip route 192.168.222.0/24 Tunnel0.0
	ip dhcp enable
	ip access-list admin_console permit ip src any dest 172.16.24.0/24
	ip access-list admin_console permit ip src any dest 192.168.2.0/24
	ip access-list admin_console permit ip src any dest 192.168.222.0/24
	ip access-list ipsec-list permit ip src any dest any
	ip access-list management permit ip src 172.16.24.0/24 dest any
	!
	!
	!
	ike proposal ike-prop encryption 3des hash sha group 1024-bit
	ike proposal ikeprop encryption aes hash sha group 1024-bit
	!
	ike suppress-dangling
	!
	ike policy ike-policy peer ... key-type secret 1 key ******************************* ikeprop
	ike keepalive ike-policy 30 6
	!
	ipsec autokey-proposal ipsec-prop esp-3des esp-sha
	ipsec autokey-proposal secprop esp-aes esp-sha
	!
	ipsec autokey-map ipsec-policy ipsec-list peer ... secproc
	ipsec local-id ipsec-policy 172.16.24.0/24
	ipsec remote-id ipsec-policy 192.168.222.1
	!
	!
	!
	!
	!
	!
	proxy-dns ip enable
	proxy-dns server 192.168.2.1
	!
	telnet-server ip enable
	!
	http-server username admin
	http-server ip access-list admin_console
	http-server ip enable
	!
	!
	!
	!
	!
	!
	!
	watch-group host 10
	event 10 ip unreach-host 192.168.222.1 Tunnel0.0 source FastEthernet0/0.1
	probe-timer restorer 60
	probe-timer variance 60
	!
	network-monitor host enable
	!
	!
	ip dhcp profile default-dhcp
	assignable-range 172.16.24.2 172.16.24.254
	default-gateway 172.16.24.1
	dns-server 172.16.24.1
	!
	device FastEthernet0/0
	!
	device FastEthernet0/1
	!
	device FastEthernet1/0
	!
	device BRI1/0
	isdn switch-type hsd128k
	!
	interface FastEthernet0/0.0
	description upstream
	ip address 192.168.2.2/24
	ip napt enable
	no shutdown
	!
	interface FastEthernet0/1.0
	no ip address
	shutdown
	!
	interface FastEthernet1/0.0
	ip address 172.16.24.1/24
	ip mtu 1454
	ip tcp adjust-mss 1414
	ip napt translation max-entries 65535
	ip napt translation max-entries per-address 6553
	ip dhcp binding default-dhcp
	no shutdown
	!
	interface BRI1/0.0
	encapsulation ppp
	no auto-connect
	no ip address
	shutdown
	!
	interface FastEthernet0/0.1
	encapsulation pppoe
	auto-connect
	ip address ipcp
	ip tcp adjust-mss auto
	ip napt enable
	ip napt static FastEthernet0/0.1 50
	no shutdown
	!
	interface Loopback0.0
	no ip address
	!
	interface Null0.0
	no ip address
	!
	interface Tunnel0.0
	description vpn-gateway
	tunnel mode ipsec
	ip unnumbered FastEthernet0/0.1
	ip tcp adjust-mss auto
	ipsec policy tunnel ipsec-policy out
	no shutdown