!
! Century Systems NXR-G110 Series ver 21.7.6 (build 55/10:18 23 12 2020)
!    DIP-SW : 1:off 2:off 3:off 4:off
!
hostname NXR
telnet-server enable
telnet-server ip forbidden-access-wan
telnet-server ipv6 forbidden-access-wan
http-server enable
http-server ip forbidden-access-wan
http-server ipv6 forbidden-access-wan
no rest http enable
no rest https enable
!
!
system power-management mode balance
!
!
!
ipv6 forwarding
no fast-forwarding enable
!
!
!
!
ppp account username android01 password android01pass
ppp account username ios01 password ios01pass
ppp account username windows01 password windows01pass
!
ipsec nat-traversal enable
!
l2tp udp source-port 1701
!
l2tpv3 udp source-port 40001
!
ipsec local policy 1
 address ip
!
!
ipsec isakmp policy 1
 description smartdevice
 authentication pre-share ipseckey
 hash sha256
 encryption aes128
 group 5
 lifetime 86400
 isakmp-mode main
 remote address ip any
 local policy 1
!
!
ipsec tunnel policy 1
 description smartdevice
 set transform esp-aes128 esp-sha256-hmac
 no set pfs
 set key-exchange isakmp 1
 set sa lifetime 28800
 match protocol l2tp-smartphone nat-traversal
!
!
l2tp 1
 tunnel address any ipsec
 tunnel mode lns
 tunnel virtual-template 0
!
interface virtual-template 0
 ip address 192.168.10.1/32
 no ip rebound
 ip tcp adjust-mss auto
 peer ip proxy-arp
 peer ip pool smartdevice
!
interface ethernet 0
 ip address 192.168.10.1/24
!
interface ethernet 1
 no ip address
!
interface wwan 0
 ip address dhcp
 ip tcp adjust-mss auto
 ip access-group in wwan0_in
 ip masquerade
 ip spi-filter
 wwan username [WWAN接続用ユーザID] password [WWAN接続用パスワード]
 wwan authentication chap
 mobile apn [APN] cid 1 pdp-type ip
 ipsec policy 1
!
dns
 service enable
!
!
syslog
 local enable
 exit-syslog
!
warplink
 service enable
 account username [WarpLinkユーザID] password [WarpLinkパスワード]
!
!
mobile 1 carrier [キャリア]
mobile error-recovery-reset
!
!
!
!
!
!
!
!
!
ip local pool smartdevice address 192.168.10.100 192.168.10.102
!
!
!
ip access-list wwan0_in permit any any udp any 500
ip access-list wwan0_in permit any any udp any 4500
ip access-list wwan0_in permit any any 50
!
!
!
end