ほげほげ「

Total Config size 3623:set clock timezone 0set vrouter trust-vr sharableset vrouter "untrust-vr"exitset vrouter "trust-vr"unset auto-route-exportexitset auth-server "Local" id 0set auth-server "Local" server-name "Local"set auth default auth server "Local"set auth radius accounting port 1646set admin name "netscreen"set admin password "nKVUM2rwMUzPcrkG5sWIHdCtqkAibn"set admin auth timeout 10set admin auth server "Local"set admin format dosset zone "Trust" vrouter "trust-vr"set zone "Untrust" vrouter "trust-vr"set zone "VLAN" vrouter "trust-vr"set zone "Untrust-Tun" vrouter "trust-vr"set zone "Trust" tcp-rst set zone "Untrust" block unset zone "Untrust" tcp-rst set zone "MGT" block set zone "VLAN" block unset zone "VLAN" tcp-rst set zone "Untrust" screen tear-dropset zone "Untrust" screen syn-floodset zone "Untrust" screen ping-deathset zone "Untrust" screen ip-filter-srcset zone "Untrust" screen landset zone "V1-Untrust" screen tear-dropset zone "V1-Untrust" screen syn-floodset zone "V1-Untrust" screen ping-deathset zone "V1-Untrust" screen ip-filter-srcset zone "V1-Untrust" screen landset interface "trust" zone "Trust"set interface "untrust" zone "Untrust"unset interface vlan1 ipset interface trust ip 1.1.2.3/24set interface trust routeset interface untrust ip 1.1.3.3/24set interface untrust routeunset interface vlan1 bypass-others-ipsecunset interface vlan1 bypass-non-ipset interface trust ip manageableset interface untrust ip manageableset flow tcp-mssunset flow no-tcp-seq-checkset flow tcp-syn-checkset console page 0set hostname ns5xtset pki authority default scep mode "auto"set pki x509 default cert-path partialset address "Trust" "1.1.1.80/32" 1.1.1.80 255.255.255.255set address "Trust" "1.1.1.81/32" 1.1.1.81 255.255.255.255set address "Trust" "1.1.1.82/32" 1.1.1.82 255.255.255.255set address "Trust" "1.1.1.85/32" 1.1.1.85 255.255.255.255set address "Trust" "1.1.1.86/32" 1.1.1.86 255.255.255.255set address "Trust" "1.1.1.87/32" 1.1.1.87 255.255.255.255set address "Trust" "1.1.3.0/24" 1.1.3.0 255.255.255.0set address "Untrust" "1.1.3.0/24" 1.1.3.0 255.255.255.0set ike respond-bad-spi 1unset ike ikeid-enumerationunset ipsec access-session enableset ipsec access-session maximum 5000set ipsec access-session upper-threshold 0set ipsec access-session lower-threshold 0set ipsec access-session dead-p2-sa-timeout 0unset ipsec access-session log-errorunset ipsec access-session info-exch-connectedunset ipsec access-session use-error-logset policy id 1 from "Trust" to "Untrust"  "Any" "Any" "ANY" permit set policy id 1exitset policy id 2 from "Untrust" to "Trust"  "Any" "Any" "TELNET" permit set policy id 2exitset policy id 3 from "Untrust" to "Trust"  "1.1.3.0/24" "1.1.1.85/32" "HTTPS" permit set policy id 3set dst-address "1.1.1.87/32"exitset policy id 4 from "Untrust" to "Trust"  "1.1.3.0/24" "1.1.1.82/32" "ICMP-ANY" permit set policy id 4set dst-address "1.1.1.86/32"exitset policy id 5 from "Untrust" to "Trust"  "1.1.3.0/24" "1.1.1.80/32" "HTTP" permit set policy id 5set dst-address "1.1.1.81/32"exitset nsmgmt bulkcli reboot-timeout 60set ssh version v2set config lock timeout 5set modem speed 115200set modem retry 3set modem interval 10set modem idle-time 10set snmp port listen 161set snmp port trap 162set vrouter "untrust-vr"exitset vrouter "trust-vr"unset add-default-routeset route 0.0.0.0/0 gateway 1.1.2.2exitset vrouter "untrust-vr"exitset vrouter "trust-vr"exitns5xt-> set interface "bri0/0" zone "Untrust"set interface "ethernet0/0" zone "Untrust"set interface "ethernet0/1" zone "DMZ"set interface "bgroup0" zone "Trust"set interface bgroup0 port ethernet0/2set interface bgroup0 port ethernet0/3set interface bgroup0 port ethernet0/4set interface bgroup0 port ethernet0/5set interface bgroup0 port ethernet0/6