Allied Telesis NetScreen Routers Network Router User Manual

Open as PDF

of 34

Page 33 | AlliedWare™ OS How To Note: VPNs with NetScreen routers

Dynamic

address on

NetScreen

router

The configuration is:

set auth-server "Local" id 0

set auth-server "Local" server-name "Local"

set auth default auth server "Local"

set clock "timezone" 0

set admin format dos

set admin name "netscreen"

set admin password nKVUM2rwMUzPcrkG5sWIHdCtqkAibn

set admin auth timeout 10

set admin auth server "Local"

set vrouter trust-vr sharable

unset vrouter "trust-vr" auto-route-export

set zone "Trust" vrouter "trust-vr"

set zone "Untrust" vrouter "trust-vr"

set zone "DMZ" vrouter "trust-vr"

set zone "Trust" tcp-rst

set zone "Untrust" block

unset zone "Untrust" tcp-rst

set zone "DMZ" tcp-rst

set zone "MGT" block

set zone "MGT" tcp-rst

set zone Untrust screen tear-drop

set zone Untrust screen syn-flood

set zone Untrust screen ping-death

set zone Untrust screen ip-filter-src

set zone Untrust screen land

set zone V1-Untrust screen tear-drop

set zone V1-Untrust screen syn-flood

set zone V1-Untrust screen ping-death

set zone V1-Untrust screen ip-filter-src

set zone V1-Untrust screen land

set interface "ethernet1" zone "Trust"

set interface "ethernet2" zone "DMZ"

set interface "ethernet3" zone "Untrust"

set interface vlan1 ip 192.168.1.1/24

set interface ethernet1 ip 192.168.2.1/24

set interface ethernet1 nat

set interface ethernet3 ip 200.200.200.1/30

set interface ethernet3 route

unset interface vlan1 bypass-others-ipsec

unset interface vlan1 bypass-non-ip

set interface ethernet1 manage-ip 192.168.2.2

set interface vlan1 ip manageable

unset interface ethernet1 ip manageable

set interface ethernet2 ip manageable

set interface ethernet3 ip manageable

set hostname ns25

set address "Trust" "192.168.2.0" 192.168.2.0 255.255.255.0

"Created by vpn wizard"

set address "Untrust" "192.168.1.0" 192.168.1.0 255.255.255.0

"Created by vpn wizard"

set snmp name "ns25"

set ike gateway "Gateway for 192.168.1.0" address 0.0.0.0 id "alliedtelesis"

Aggr outgoing-interface "ethernet3" preshare "secret-key" sec-level standard

set ike gateway "Gateway for 192.168.1.0" nat-traversal udp-checksum

set ike gateway "Gateway for 192.168.1.0" nat-traversal keepalive-frequency 5

set ike policy-checking

set ike respond-bad-spi 1

set vpn "Tunnel for 192.168.1.0" id 1 gateway "Gateway for 192.168.1.0" no-

replay tunnel idletime 0 sec-level standard

set ike id-mode subnet

set xauth lifetime 480

set xauth default auth server Local

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Allied Telesis NetScreen Routers Network Router User Manual