## CentreCOM AR550S ݒW 2.9
##  180 NATgpAlbg[NAhX_ԂIPsec VPNʐM
##  [^[ÃRtBO
##
## u#vŎn܂śAR\[͂ȂƈӖȂR}hłB

add user=secoff pass=PasswordS priv=securityOfficer
create ppp=0 over=eth0-any
set ppp=0 bap=off username="user1@isp" password="password1"
set ppp=0 over=eth0-any lqr=off echo=on
enable ip
add ip int=vlan1 ip=192.168.1.1 mask=255.255.255.0
add ip int=ppp0 ip=1.1.1.1 mask=255.255.255.255
add ip route=0.0.0.0 mask=0.0.0.0 int=ppp0 next=0.0.0.0
enable firewall
create firewall policy="net"
enable firewall policy="net" icmp_f=unre,ping
disable firewall policy="net" identproxy
add firewall policy="net" int=vlan1 type=private
add firewall policy="net" int=ppp0 type=public
add firewall poli="net" nat=enhanced int=vlan1 gblin=ppp0 gblip=1.1.1.1
add firewall poli="net" ru=1 ac=allo int=ppp0 prot=udp po=500 ip=1.1.1.1 gblip=1.1.1.1 gblp=500
add firewall poli="net" ru=2 ac=nat int=ppp0  prot=ALL ip=192.168.1.0 gblip=172.16.1.0 natm=255.255.255.0 remoteip=172.16.2.1-172.16.2.254
add firewall poli="net" ru=3 ac=nat int=vlan1 prot=ALL ip=192.168.1.0 gblip=172.16.1.0 natm=255.255.255.0 remoteip=172.16.2.1-172.16.2.254
# create enco key=1 type=general value=secret
create isakmp pol="i" pe=any key=1 heartbeatmode=both sendn=true remoteid="vpn" mode=aggressive
create ipsec sas=1 key=isakmp prot=esp enc=des hasha=sha
create ipsec bund=1 key=isakmp string="1"
create ipsec pol="isa" int=ppp0 ac=permit lp=500 rp=500 tra=UDP
create ipsec pol="vpn" int=ppp0 ac=ipsec key=isakmp bund=1 peer=dynamic
set ipsec pol="vpn" lad=172.16.1.0 lma=255.255.255.0 rad=172.16.2.0 rma=255.255.255.0
create ipsec pol="inet" int=ppp0 ac=permit
enable ipsec
enable isakmp
# login secoff
# enable system security_mode
