!
! Century Systems NXR-530 Series ver 21.11.13 (build 10/16:18 09 03 2023)
!
hostname NXR_B
telnet-server enable
telnet-server ip forbidden-access-wan
telnet-server ipv6 forbidden-access-wan
http-server enable
http-server ip forbidden-access-wan
http-server ipv6 forbidden-access-wan
no rest http enable
no rest https enable
!
!
!
!
!
ipv6 forwarding
fast-forwarding enable
!
!
!
!
ppp account username [IP_VPN接続用ユーザID] password [IP_VPN接続用パスワード]
!
!
l2tp udp source-port 40001
!
l2tpv3 hostname NXRB
l2tpv3 router-id 192.168.10.2
l2tpv3 path-mtu-discovery enable
l2tpv3 fast-forwarding enable
!
!
!
!
l2tpv3 tunnel 1
 description NXR_A
 tunnel address 192.0.2.1
 tunnel hostname NXRA
 tunnel router-id 192.168.10.1
!
l2tpv3 xconnect 1
 description NXR_A
 tunnel 1
 xconnect ethernet 0
 xconnect end-id 1
 retry-interval 45
 ip tcp adjust-mss auto
!
interface ppp 0
 ip address 192.0.2.2/32
 ppp username [IP_VPN接続用ユーザID]
 ppp ipcp enable
!
interface ethernet 0
 ip address 192.168.10.2/24
 l2tpv3 access-group in L2FILTER-eth0_IN
!
interface ethernet 1
 no ip address
 pppoe-client ppp 0
!
interface ethernet 2
 no ip address
!
dns
 service enable
!
!
syslog
 local enable
 exit-syslog
!
!
!
system led ext 0 signal-level mobile 0
!
!
!
!
!
!
!
ip route 0.0.0.0/0 ppp 0
!
!
!
l2tpv3 access-list L2FILTER-eth0_IN root deny
 layer2 access-list L2_ACL_ARP 1
 layer2 access-list L2_ACL_IP 2
!
l2tpv3 access-list L2_ACL_ARP layer2 deny
 ethernet-type arp extended ARP_ACL 1
!
l2tpv3 access-list L2_ACL_IP layer2 deny
 ethernet-type ip extended IP_ACL 1
!
l2tpv3 access-list IP_ACL extended ip permit
 source 192.168.10.102
 destination 192.168.10.101
!
l2tpv3 access-list ARP_ACL extended arp permit
 opcode request
 sender-mac 00:00:5E:00:53:02
 sender-ip 192.168.10.102
 target-ip 192.168.10.101
!
!
!
end