Second active NS-208

ns208(M)-> get conf
Total Config size 3518:
set auth-server "Local" id 0
set auth-server "Local" server-name "Local"
set auth default auth server "Local"
set clock "timezone" 0
set admin format dos
set admin name "netscreen"
set admin password nKVUM2rwMUzPcrkG5sWIHdCtqkAibn
set admin auth timeout 120
set admin auth server "Local"
set vrouter trust-vr sharable
unset vrouter "trust-vr" auto-route-export
set zone "Trust" vrouter "trust-vr"
set zone "Untrust" vrouter "trust-vr"
set zone "DMZ" vrouter "trust-vr"
set zone "Trust" tcp-rst
set zone "Untrust" block
unset zone "Untrust" tcp-rst
set zone "DMZ" tcp-rst
set zone "MGT" block
set zone "MGT" tcp-rst
set zone Untrust screen tear-drop
set zone Untrust screen syn-flood
set zone Untrust screen ping-death
set zone Untrust screen ip-filter-src
set zone Untrust screen land
set zone V1-Untrust screen tear-drop
set zone V1-Untrust screen syn-flood
set zone V1-Untrust screen ping-death
set zone V1-Untrust screen ip-filter-src
set zone V1-Untrust screen land
set interface "ethernet1" zone "Trust"
set interface "ethernet2" zone "DMZ"
set interface "ethernet3" zone "Untrust"
set interface vlan1 ip
set interface ethernet1 ip
set interface ethernet1 route
set interface ethernet1:1 ip
set interface ethernet1:1 route
set interface ethernet3 ip
set interface ethernet3 route
set interface ethernet3:1 ip
set interface ethernet3:1 route
unset interface vlan1 bypass-others-ipsec
unset interface vlan1 bypass-non-ip
set interface vlan1 ip manageable
set interface ethernet1 ip manageable
set interface ethernet2 ip manageable
set interface ethernet3 ip manageable
unset interface ethernet1:1 manage scs
unset interface ethernet1:1 manage telnet
unset interface ethernet1:1 manage snmp
unset interface ethernet1:1 manage global-pro
unset interface ethernet1:1 manage ssl
set interface ethernet3 manage ping
set interface ethernet3 manage web
set interface ethernet3:1 manage ping
set interface ethernet3:1 manage web
set console timeout 0
set console page 0
set address "Trust" ""
set snmp name "ns208"
set user "zed" uid 1
set user "zed" ike-id fqdn "zed" share-limit 1
set user "zed" type ike
set user "zed" "enable"
set ike gateway "p1" dialup "zed" Aggr outgoing-interface "ethernet3" preshare "cisco123" sec-level compatible
unset ike gateway "p1" nat-traversal
set ike policy-checking
set ike respond-bad-spi 1
set vpn "p2" id 1 gateway "p1" replay tunnel idletime 0 proposal "g2-esp-3des-md5"
set ike id-mode subnet
set xauth lifetime 480
set xauth default auth server Local
set policy id 1 from "Untrust" to "Trust" "Dial-Up VPN" "" "ANY" Tunnel vpn "p2" id 2 log
set policy id 0 from "Trust" to "Untrust" "Any" "Any" "ANY" Permit log
set policy id 2 from "Untrust" to "Trust" "Any" "Any" "ANY" Permit
unset global-pro policy-manager primary outgoing-interface
unset global-pro policy-manager secondary outgoing-interface
set nsrp cluster id 1
set nsrp vsd-group id 0 priority 150
set nsrp vsd-group id 0 preempt
set nsrp vsd-group id 1 priority 100
set nsrp vsd-group id 1 preempt
set nsrp monitor interface ethernet1
set nsrp monitor interface ethernet3
set nsrp secondary-path "ethernet1"
set pki authority default scep mode "auto
" set pki x509 default cert-path "partial"
set vrouter "untrust-vr"
set vrouter "trust-vr"
unset add-default-route
Return to nskb6606