!
! Century Systems NXR-G100 Series ver 6.12.0 (build 16/18:34 08 07 2016)
!
hostname NXR_A
telnet-server enable
http-server enable
!
!
system power-management mode balance
!
!
!
ipv6 forwarding
fast-forwarding enable
!
!
!
ppp account username test2@example.jp password test2pass
!
!
l2tpv3 udp path-mtu-discovery enable
l2tpv3 hostname nxra
l2tpv3 router-id 192.168.10.2
!
ipsec local policy 1
 address ip
!
!
ipsec isakmp policy 1
 description YAMAHA
 authentication pre-share ipseckey1
 hash sha256
 encryption aes128
 group 5
 isakmp-mode main
 remote address ip 10.10.10.1
 local policy 1
!
!
ipsec tunnel policy 1
 description YAMAHA
 set transform esp-aes128 esp-sha256-hmac
 set pfs group5
 set key-exchange isakmp 1
 set protocol-mode transport
 match address ipsec_acl
!
!
l2tpv3 tunnel 1
 description YAMAHA
 tunnel address 10.10.10.1
 tunnel hostname yamaha
 tunnel router-id 192.168.10.1
 tunnel protocol udp
!
l2tpv3 xconnect 1
 description YAMAHA
 tunnel 1
 xconnect ethernet 0
 xconnect end-id 1
 retry-interval 30
 ip tcp adjust-mss auto
!
interface ppp 0
 ip address 10.10.20.1/32
 ip tcp adjust-mss auto
 ip access-group in ppp0_in
 ip access-group out ppp0_out
 ip masquerade
 ip spi-filter
 ppp username test2@example.jp
 ipsec policy 1
!
interface ethernet 0
 ip address 192.168.10.2/24
!
interface ethernet 1
 no ip address
 pppoe-client ppp 0
!
dns
 service enable
!
syslog
 local enable
!
!
!
!
!
!
!
!
!
!
ip route 0.0.0.0/0 ppp 0
!
ip access-list ppp0_in permit 10.10.10.1 10.10.20.1 udp 500 500
ip access-list ppp0_in permit 10.10.10.1 10.10.20.1 50
ip access-list ppp0_out deny 10.10.20.1 10.10.10.1 udp any 1701
!
ipsec access-list ipsec_acl ip host host
!
!
!
end