h3c路由器配置案例

合集下载
  1. 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
  2. 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
  3. 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。

#
version 5.20, ESS 1807
#
sysname Navigator
#
l2tp enable
#
tcp syn-cookie enable
tcp anti-naptha enable
tcp state closing connection-number 500
tcp state established connection-number 500
tcp state fin-wait-1 connection-number 500
tcp state fin-wait-2 connection-number 500
tcp state last-ack connection-number 500
tcp state syn-received connection-number 500
#
info-center source default channel 2 log level errors
info-center source default channel 9 log level errors
#
domain default enable rzglj.vpdn.sd
#
dns resolve
dns proxy enable
dns server 219.146.1.66
#
telnet server enable
#
dar p2p signature-file flash:/p2p_default.mtd
#
port-security enable
#
ip http acl 199
#
acl number 199
rule 65534 permit
#
vlan 1
#
radius scheme rztele
primary authentication *.*.*.* 1645
primary accounting *.*.*.* 1646
key authentication 1231
key accounting 1231
#
domain *.vpdn.sd
authentication ppp radius-scheme rztele
authorization ppp radius-scheme rztele
accounting ppp radius-scheme rztele
access-limit disable
state active
idle-cut disable
self-service-url disable
ip pool 1 10.0.0.2 10.0.0.254
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
pki domain navigator
crl check disable
#
pki domain tr069_vpn_dom
crl check disable
#
ike proposal 1
encryption-algorithm 3des-cbc
dh group2
#
ike peer navigator
pre-shared-key cipher AD1LqehiOrugHKZPCChabQ==
#
ipsec proposal navigator
encapsulation-mode transport
esp authentication-algorithm sha1
esp encryption-algorithm 3des
#
ipsec proposal navigator1
esp authentication-algorithm sha1
esp encryption-algorithm 3des
#
ipsec policy-template gateway 1
ike-peer navigator
proposal navigator navigator1
#
ipsec policy navigator 1 isakmp template gateway
#
dhcp server ip-pool vlan1 extended
#
user-group system
#
local-user telecomadmin
password cipher QQBauthorization-attribute level 3
service-type telnet
local-user useradmin
password cipher (@KW6^>_R%UH;C/!R%=1I!!!
authorization-attribute level 3
service-type telnet
#
wlan rrm
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
wlan service-template 1 clear
ssid ChinaNet-cszz
#
wlan service-template 2 crypto
ssid ChinaNet-000
#
wlan service-template 3 crypto
ssid ChinaNet-111
cipher-suite tkip
cipher-suite ccmp
security-ie rsn
security-ie wpa
service-template enable
#
ssl server-policy chinanet
pki-domain navigator
#
cwmp
undo cwmp enable
cwmp acs username navigator
cwmp acs password navigator
cwmp cpe inform interval enable
cwmp cpe inform interval 43200
cwmp cpe username bbms password bbms
#
l2tp-group 1
mandatory-lcp
allow l2tp virtual-template 0 remote SHDLAC domain rzglj.vpdn.sd
tunnel passwor

d simple rzglj001
tunnel name rztest
#
interface Ethernet0/0
port link-mode route
nat outbound
ip address *
ipsec policy navigator
#
interface Ethernet0/1
port link-mode route
#
interface Virtual-Template0
ppp authentication-mode pap domain rzglj.vpdn.sd
remote address pool 1
ip address 10.0.0.1 255.255.255.0
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.10.1 255.255.255.0
dhcp server apply ip-pool vlan1
dhcp select relay
#
interface Ethernet0/2
port link-mode bridge
#
interface Ethernet0/3
port link-mode bridge
#
interface Ethernet0/4
port link-mode bridge
#
interface Ethernet0/5
port link-mode bridge
#
interface Ethernet0/6
port link-mode bridge
#
interface Ethernet0/7
port link-mode bridge
#
interface Ethernet0/8
port link-mode bridge
#
interface Ethernet0/9
port link-mode bridge
#
interface WLAN-BSS0
#
interface WLAN-BSS1
#
interface WLAN-BSS2
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase sdrz0633
#
interface WLAN-Radio2/0
service-template 1 interface wlan-bss 0
service-template 2 interface wlan-bss 1
service-template 3 interface wlan-bss 2
#
ip route-static 0.0.0.0 0.0.0.0 *
#
dhcp enable
#
ip https ssl-server-policy chinanet
ip https enable
#
nms primary monitor-interface Ethernet0/0
#
load xml-configuration
#
load tr069-configuration
#
user-interface con 0
user-interface vty 0 4
authentication-mode scheme
#
return

相关文档
最新文档