h3c路由器配置案例
#
version 5.20, ESS 1807
#
sysname Navigator
#
l2tp enable
#
tcp syn-cookie enable
tcp anti-naptha enable
tcp state closing connection-number 500
tcp state established connection-number 500
tcp state fin-wait-1 connection-number 500
tcp state fin-wait-2 connection-number 500
tcp state last-ack connection-number 500
tcp state syn-received connection-number 500
#
info-center source default channel 2 log level errors
info-center source default channel 9 log level errors
#
domain default enable rzglj.vpdn.sd
#
dns resolve
dns proxy enable
dns server 219.146.1.66
#
telnet server enable
#
dar p2p signature-file flash:/p2p_default.mtd
#
port-security enable
#
ip http acl 199
#
acl number 199
rule 65534 permit
#
vlan 1
#
radius scheme rztele
primary authentication *.*.*.* 1645
primary accounting *.*.*.* 1646
key authentication 1231
key accounting 1231
#
domain *.vpdn.sd
authentication ppp radius-scheme rztele
authorization ppp radius-scheme rztele
accounting ppp radius-scheme rztele
access-limit disable
state active
idle-cut disable
self-service-url disable
ip pool 1 10.0.0.2 10.0.0.254
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
pki domain navigator
crl check disable
#
pki domain tr069_vpn_dom
crl check disable
#
ike proposal 1
encryption-algorithm 3des-cbc
dh group2
#
ike peer navigator
pre-shared-key cipher AD1LqehiOrugHKZPCChabQ==
#
ipsec proposal navigator
encapsulation-mode transport
esp authentication-algorithm sha1
esp encryption-algorithm 3des
#
ipsec proposal navigator1
esp authentication-algorithm sha1
esp encryption-algorithm 3des
#
ipsec policy-template gateway 1
ike-peer navigator
proposal navigator navigator1
#
ipsec policy navigator 1 isakmp template gateway
#
dhcp server ip-pool vlan1 extended
#
user-group system
#
local-user telecomadmin
password cipher QQB
service-type telnet
local-user useradmin
password cipher (@KW6^>_R%UH;C/!R%=1I!!!
authorization-attribute level 3
service-type telnet
#
wlan rrm
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
wlan service-template 1 clear
ssid ChinaNet-cszz
#
wlan service-template 2 crypto
ssid ChinaNet-000
#
wlan service-template 3 crypto
ssid ChinaNet-111
cipher-suite tkip
cipher-suite ccmp
security-ie rsn
security-ie wpa
service-template enable
#
ssl server-policy chinanet
pki-domain navigator
#
cwmp
undo cwmp enable
cwmp acs username navigator
cwmp acs password navigator
cwmp cpe inform interval enable
cwmp cpe inform interval 43200
cwmp cpe username bbms password bbms
#
l2tp-group 1
mandatory-lcp
allow l2tp virtual-template 0 remote SHDLAC domain rzglj.vpdn.sd
tunnel passwor
d simple rzglj001
tunnel name rztest
#
interface Ethernet0/0
port link-mode route
nat outbound
ip address *
ipsec policy navigator
#
interface Ethernet0/1
port link-mode route
#
interface Virtual-Template0
ppp authentication-mode pap domain rzglj.vpdn.sd
remote address pool 1
ip address 10.0.0.1 255.255.255.0
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.10.1 255.255.255.0
dhcp server apply ip-pool vlan1
dhcp select relay
#
interface Ethernet0/2
port link-mode bridge
#
interface Ethernet0/3
port link-mode bridge
#
interface Ethernet0/4
port link-mode bridge
#
interface Ethernet0/5
port link-mode bridge
#
interface Ethernet0/6
port link-mode bridge
#
interface Ethernet0/7
port link-mode bridge
#
interface Ethernet0/8
port link-mode bridge
#
interface Ethernet0/9
port link-mode bridge
#
interface WLAN-BSS0
#
interface WLAN-BSS1
#
interface WLAN-BSS2
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase sdrz0633
#
interface WLAN-Radio2/0
service-template 1 interface wlan-bss 0
service-template 2 interface wlan-bss 1
service-template 3 interface wlan-bss 2
#
ip route-static 0.0.0.0 0.0.0.0 *
#
dhcp enable
#
ip https ssl-server-policy chinanet
ip https enable
#
nms primary monitor-interface Ethernet0/0
#
load xml-configuration
#
load tr069-configuration
#
user-interface con 0
user-interface vty 0 4
authentication-mode scheme
#
return
相关文档
- H3C华为路由器配置实例
- 史上最详细H3C路由器NAT典型配置案例
- H3C MSR系列路由器policy-route典型配置案例
- H3C路由器配置实例
- H3C路由器配置模版
- H3C路由器配置实例
- H3C路由器静态路由配置综合实例
- [史上最详细]H3C路由器NAT典型配置案例
- H3C路由器开启web
- H3C路由器配置实例.pdf
- 最新H3C单臂路由配置实例
- H3C单臂路由配置实例
- 史上最详细H3C路由器NAT典型配置案例
- H3C MSR系列路由器典型配置举例
- h3c路由器配置案例
- H3C-MSR系列路由器IPsec典型配置举例(V7)
- [史上最详细]H3C路由器NAT典型配置案例
- H3C PPP和PPPoE配置举例
- H3C路由器设置
- [史上最详细]H3C路由器NAT典型配置案例