<
Quidway>dis cur
#
sysname Quidway
#
FTP server enable
#
domain suffix-separator @
#
firewall enable
#
dialer-rule 1 ip permit
#
radius scheme system
#
domain system
domain ty.com
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<<"TX$_S#6.NM(0=0\)*5WWQ=^Q`MAF4<<"TX$_S#6.
N
service-type telnet terminal
level 3
service-type ftp
local-user ty
password cipher 06Z2H3.@5=[Q=^Q`MAF4<<"TX$_S#6.NM(0=0\)*5WWQ=^Q`MAF4<<"TX$_S#6.
N
service-type telnet
level 3
#
dhcp server ip-pool 1
network 192.168.1.0 mask 255.255.255.0
gateway-list 192.168.1.1
dns-list 202.96.128.86
nbns-list 202.96.128.166
#
interface Aux0
async mode flow
#
interface Dialer1
link-protocol ppp
ppp pap local-user ssDSLxxxxxxx password simple 123456
mtu 1450
tcp mss 1024
ip address ppp-negotiate
dialer user typppoe
dialer-group 1
dialer bundle 1
nat outbound 2000
firewall packet-filter 3000 inbound
#
interface Ethernet0/0
tcp mss 1024
ip address 192.168.1.1 255.255.255.0
firewall packet-filter 3000 inbound
#
interface Ethernet0/1
pppoe-client dial-bundle-number 1
ip address dhcp-alloc
firewall packet-filter 3000 inbound
#
sysname Quidway
#
FTP server enable
#
domain suffix-separator @
#
firewall enable
#
dialer-rule 1 ip permit
#
radius scheme system
#
domain system
domain ty.com
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<<"TX$_S#6.NM(0=0\)*5WWQ=^Q`MAF4<<"TX$_S#6.
N
service-type telnet terminal
level 3
service-type ftp
local-user ty
password cipher 06Z2H3.@5=[Q=^Q`MAF4<<"TX$_S#6.NM(0=0\)*5WWQ=^Q`MAF4<<"TX$_S#6.
N
service-type telnet
level 3
#
dhcp server ip-pool 1
network 192.168.1.0 mask 255.255.255.0
gateway-list 192.168.1.1
dns-list 202.96.128.86
nbns-list 202.96.128.166
#
interface Aux0
async mode flow
#
interface Dialer1
link-protocol ppp
ppp pap local-user ssDSLxxxxxxx password simple 123456
mtu 1450
tcp mss 1024
ip address ppp-negotiate
dialer user typppoe
dialer-group 1
dialer bundle 1
nat outbound 2000
firewall packet-filter 3000 inbound
#
interface Ethernet0/0
tcp mss 1024
ip address 192.168.1.1 255.255.255.0
firewall packet-filter 3000 inbound
#
interface Ethernet0/1
pppoe-client dial-bundle-number 1
ip address dhcp-alloc
firewall packet-filter 3000 inbound
#
interface Serial0/0
clock DTECLK1
link-protocol ppp
ip address ppp-negotiate
#
interface NULL0
#
acl number 2000
rule 0 permit source 192.168.1.0 0.0.0.255
rule 1 deny
#
acl number 3000
rule 0 deny tcp source-port eq 3127
rule 1 deny tcp source-port eq 1025
rule 2 deny tcp source-port eq 5554
rule 3 deny tcp source-port eq 9996
rule 4 deny tcp source-port eq 1068
rule 5 deny tcp source-port eq 135
rule 6 deny udp source-port eq 135
rule 7 deny tcp source-port eq 137
rule 8 deny udp source-port eq netbios-ns
rule 9 deny tcp source-port eq 138
rule 10 deny udp source-port eq netbios-dgm
rule 11 deny tcp source-port eq 139
rule 12 deny udp source-port eq netbios-ssn
rule 13 deny tcp source-port eq 593
rule 14 deny tcp source-port eq 4444
rule 15 deny tcp source-port eq 5800
rule 16 deny tcp source-port eq 5900
rule 17 deny udp source-port eq tftp
rule 18 deny tcp source-port eq 8998
rule 19 deny tcp source-port eq 445
rule 20 deny udp source-port eq 445
rule 21 deny udp source-port eq 1434
rule 30 deny tcp destination-port eq 3127
rule 31 deny tcp destination-port eq 1025
rule 32 deny tcp destination-port eq 5554
rule 33 deny tcp destination-port eq 9996
rule 34 deny tcp destination-port eq 1068
rule 35 deny tcp destination-port eq 135
rule 36 deny udp destination-port eq 135
rule 37 deny tcp destination-port eq 137
rule 38 deny udp destination-port eq netbios-ns
rule 39 deny tcp destination-port eq 138
rule 40 deny udp destination-port eq netbios-dgm
rule 41 deny tcp destination-port eq 139
rule 42 deny udp destination-port eq netbios-ssn
rule 43 deny tcp destination-port eq 593
rule 44 deny tcp destination-port eq 4444
rule 45 deny tcp destination-port eq 5800
rule 46 deny tcp destination-port eq 5900
rule 48 deny tcp destination-port eq 8998
rule 49 deny tcp destination-port eq 445
rule 50 deny udp destination-port eq 445
rule 51 deny udp destination-port eq 1434
#
dhcp server forbidden-ip 192.168.1.1
#
ip route-static 0.0.0.0 0.0.0.0 Dialer 1 preference 60
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
interface Serial0/0
clock DTECLK1
link-protocol ppp
ip address ppp-negotiate
#
interface NULL0
#
acl number 2000
rule 0 permit source 192.168.1.0 0.0.0.255
rule 1 deny
#
acl number 3000
rule 0 deny tcp source-port eq 3127
rule 1 deny tcp source-port eq 1025
rule 2 deny tcp source-port eq 5554
rule 3 deny tcp source-port eq 9996
rule 4 deny tcp source-port eq 1068
rule 5 deny tcp source-port eq 135
rule 6 deny udp source-port eq 135
rule 7 deny tcp source-port eq 137
rule 8 deny udp source-port eq netbios-ns
rule 9 deny tcp source-port eq 138
rule 10 deny udp source-port eq netbios-dgm
rule 11 deny tcp source-port eq 139
rule 12 deny udp source-port eq netbios-ssn
rule 13 deny tcp source-port eq 593
rule 14 deny tcp source-port eq 4444
rule 15 deny tcp source-port eq 5800
rule 16 deny tcp source-port eq 5900
rule 17 deny udp source-port eq tftp
rule 18 deny tcp source-port eq 8998
rule 19 deny tcp source-port eq 445
rule 20 deny udp source-port eq 445
rule 21 deny udp source-port eq 1434
rule 30 deny tcp destination-port eq 3127
rule 31 deny tcp destination-port eq 1025
rule 32 deny tcp destination-port eq 5554
rule 33 deny tcp destination-port eq 9996
rule 34 deny tcp destination-port eq 1068
rule 35 deny tcp destination-port eq 135
rule 36 deny udp destination-port eq 135
rule 37 deny tcp destination-port eq 137
rule 38 deny udp destination-port eq netbios-ns
rule 39 deny tcp destination-port eq 138
rule 40 deny udp destination-port eq netbios-dgm
rule 41 deny tcp destination-port eq 139
rule 42 deny udp destination-port eq netbios-ssn
rule 43 deny tcp destination-port eq 593
rule 44 deny tcp destination-port eq 4444
rule 45 deny tcp destination-port eq 5800
rule 46 deny tcp destination-port eq 5900
rule 48 deny tcp destination-port eq 8998
rule 49 deny tcp destination-port eq 445
rule 50 deny udp destination-port eq 445
rule 51 deny udp destination-port eq 1434
#
dhcp server forbidden-ip 192.168.1.1
#
ip route-static 0.0.0.0 0.0.0.0 Dialer 1 preference 60
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return