# RTX830 Rev.15.02.09 (Fri Nov 2 14:23:51 2018) # Reporting Date: Jul 3 14:09:42 2019 login password * administrator password encrypted * login user user * user attribute connection=serial,telnet,remote,ssh,sftp,http gui-page=dashboard,lan-map,config login-timer=300 user attribute user connection=serial,telnet,remote,ssh,sftp,http gui-page=dashboard,lan-map,config login-timer=1200 ip route default gateway pp 1 filter 10 20 30 40 gateway tunnel 1 ip route *.*.*.* gateway tunnel 1 <--IP address for home security ipv6 route default gateway dhcp lan2 ipv6 prefix 1 dhcp-prefix@lan2::/64 ip lan1 address 172.29.100.1/24 ip lan1 proxyarp on ipv6 lan1 address dhcp-prefix@lan2::1/64 ipv6 lan1 rtadv send 1 o_flag=on ipv6 lan1 dhcp service server switch control use lan1 on terminal=on description lan2 Transix ip lan2 address 172.29.1.2/29 ipv6 lan2 address dhcp ipv6 lan2 secure filter in 101000 101001 101002 ipv6 lan2 secure filter out 101099 dynamic 101080 101081 101082 101083 101084 101085 101098 101099 ipv6 lan2 dhcp service client ngn type lan2 ntt pp select 1 description pp wakwak pp keepalive interval 30 retry-interval=30 count=12 pp always-on on pppoe use lan2 pppoe auto disconnect off pp auth accept pap chap pp auth myname ***@***.*** *pswd* <--PPPoE access ppp lcp mru on 1454 ppp ipcp ipaddress on ppp ipcp msext on ppp ccp type none ip pp mtu 1454 ip pp secure filter in 201003 201020 201021 201022 201023 201024 201025 201030 201032 201100 201101 201102 201103 ip pp secure filter out 201013 201020 201021 201022 201023 201024 201025 201026 201027 10 20 30 40 dynamic 201080 201081 201082 201083 201084 201085 201098 201099 ip pp nat descriptor 1100 netvolante-dns hostname host pp server=1 *host*.aa0.netvolante.jp pp enable 1 pp select anonymous pp bind tunnel2-tunnel3 pp auth request mschap-v2 pp auth username acct1 *pswd* pp auth username acct2 *pswd* ppp ipcp ipaddress on ppp ipcp msext on ip pp remote address pool dhcp ip pp mtu 1258 pp enable anonymous tunnel select 1 tunnel name DSLite tunnel encapsulation ipip tunnel endpoint address 2404:8e00::feed:100 ip tunnel mtu 1500 ip tunnel tcp mss limit auto tunnel enable 1 tunnel select 2 tunnel encapsulation l2tp ipsec tunnel 2 ipsec sa policy 2 2 esp aes-cbc sha-hmac ipsec ike keepalive use 2 off ipsec ike local address 2 172.29.100.1 ipsec ike nat-traversal 2 on ipsec ike pre-shared-key 2 text *shrkey* ipsec ike remote address 2 any l2tp tunnel disconnect time off l2tp keepalive use on 10 3 l2tp keepalive log on l2tp syslog on ip tunnel tcp mss limit auto tunnel enable 2 tunnel select 3 tunnel encapsulation l2tp ipsec tunnel 3 ipsec sa policy 3 3 esp aes-cbc sha-hmac ipsec ike keepalive use 3 off ipsec ike local address 3 172.29.100.1 ipsec ike nat-traversal 3 on ipsec ike pre-shared-key 2 text *shrkey* ipsec ike remote address 3 any l2tp tunnel disconnect time off l2tp keepalive use on 10 3 l2tp keepalive log on l2tp syslog on ip tunnel tcp mss limit auto tunnel enable 3 ip filter 10 pass * * udp 500,4500 * ip filter 20 pass * * esp ip filter 30 pass * * tcp * 2002 <--Home security use ip filter 40 pass * * udp 1701 * <--Enables PPPoE connection ip filter 201000 reject 10.0.0.0/8 * * * * ip filter 201001 reject 172.16.0.0/12 * * * * ip filter 201002 reject 192.168.0.0/16 * * * * ip filter 201003 reject 172.29.100.0/24 * * * * ip filter 201010 reject * 10.0.0.0/8 * * * ip filter 201011 reject * 172.16.0.0/12 * * * ip filter 201012 reject * 192.168.0.0/16 * * * ip filter 201013 reject * 172.29.100.0/24 * * * ip filter 201020 reject * * udp,tcp 135 * ip filter 201021 reject * * udp,tcp * 135 ip filter 201022 reject * * udp,tcp netbios_ns-netbios_ssn * ip filter 201023 reject * * udp,tcp * netbios_ns-netbios_ssn ip filter 201024 reject * * udp,tcp 445 * ip filter 201025 reject * * udp,tcp * 445 ip filter 201026 restrict * * tcpfin * www,21,nntp ip filter 201027 restrict * * tcprst * www,21,nntp ip filter 201030 pass * 172.29.100.0/24 icmp * * ip filter 201031 pass * 172.29.100.0/24 established * * ip filter 201032 pass * 172.29.100.0/24 tcp * ident ip filter 201033 pass * 172.29.100.0/24 tcp ftpdata * ip filter 201034 pass * 172.29.100.0/24 tcp,udp * domain ip filter 201035 pass * 172.29.100.0/24 udp domain * ip filter 201036 pass * 172.29.100.0/24 udp * ntp ip filter 201037 pass * 172.29.100.0/24 udp ntp * ip filter 201100 pass * 172.29.100.1 esp * * ip filter 201101 pass * 172.29.100.1 udp * 500 ip filter 201102 pass * 172.29.100.1 udp * 1701 ip filter 201103 pass * 172.29.100.1 udp * 4500 ip filter 500000 restrict * * * * * ip filter dynamic 201080 * * ftp ip filter dynamic 201081 * * domain ip filter dynamic 201082 * * www ip filter dynamic 201083 * * smtp ip filter dynamic 201084 * * pop3 ip filter dynamic 201098 * * tcp ip filter dynamic 201085 * * submission ip filter dynamic 201099 * * udp nat descriptor type 1100 masquerade nat descriptor masquerade static 1100 1 172.29.100.1 esp nat descriptor masquerade static 1100 2 172.29.100.1 udp 500 nat descriptor masquerade static 1100 3 172.29.100.1 udp 4500 ipsec auto refresh on ipsec transport 2 2 udp 1701 ipsec transport 3 3 udp 1701 ipv6 filter 101000 pass * * icmp6 * * ipv6 filter 101001 pass * * tcp * ident ipv6 filter 101002 pass * * udp * 546 ipv6 filter 101099 pass * * * * * ipv6 filter dynamic 101080 * * ftp ipv6 filter dynamic 101081 * * domain ipv6 filter dynamic 101082 * * www ipv6 filter dynamic 101083 * * smtp ipv6 filter dynamic 101084 * * pop3 ipv6 filter dynamic 101098 * * tcp ipv6 filter dynamic 101085 * * submission ipv6 filter dynamic 101099 * * udp syslog notice on syslog debug on dhcp service server dhcp server rfc2131 compliant except remain-silent dhcp scope 1 172.29.100.20-172.29.100.191/24 gateway 172.29.100.1 expire 36:00 dhcp client release linkdown on dns host lan1 dns service fallback on dns server 172.29.100.1 dns server dhcp lan2 dns server select 500000 dhcp lan2 any . dns server select 500002 219.103.130.56 211.132.129.56 any . restrict pp 1 dns private address spoof on schedule at 1 */* 03:00:00 * ntpdate ntp.nict.jp syslog l2tp service on sip use on dashboard accumulate traffic on