環境をau one 光からフレッツ光へ移行したのでRTX1200を設置
全てを同時契約したので、HGWとしてPR-400KIがやってきました。
ONU配下にルータ直収したことはあったけど、HGW配下は初体験。
フレッツ・テレビ
ひかり電話
フレッツ光ファミリープラン
PR-400KIの設定はデフォルトでPPPoEブリッジが設定されているので、RTX1200側は通常のコンフィグで問題なし。
login password encrypted パスワード
administrator password encrypted パスワード
security class 1 on on
timezone +09:00
console prompt home_
ip routing on
ip routing process fast
ip route default gateway pp 1
ip filter source-route on
ip filter directed-broadcast on
ip lan1 address 172.31.255.253/24
ip lan1 secure filter in 1001 1002 1003 1004 1005 1006 1007 1008 1997 1998 1999
pp select 1
description pp PRV/PPPoE/0:ISP名
pp keepalive interval 30 retry-interval=30 count=12
pp always-on on
pppoe use lan2
pppoe auto connect on
pppoe auto disconnect off
pp auth accept pap chap
pp auth myname 接続ID 接続パスワード
ppp lcp mru on 1454
ppp ipcp ipaddress on
ppp ipcp msext on
ppp ccp type none
ip pp mtu 1454
ip pp secure filter in 3001 3002 3003 3004 3005 3006 3007 3997 3998 3999
ip pp secure filter out 4001 4002 4003 4004 4005 4006 4007 4008 4009 4997 4998 4999 dynamic 1 2 3 4 5 996 997
ip pp intrusion detection in on
ip pp intrusion detection in ip on reject=on
ip pp intrusion detection in ip-option on reject=off
ip pp intrusion detection in fragment on reject=on
ip pp intrusion detection in icmp on reject=on
ip pp intrusion detection in udp on reject=on
ip pp intrusion detection in tcp on reject=on
ip pp intrusion detection in default off
ip pp nat descriptor 1000
netvolante-dns use pp server=1 auto
pp enable 1
ip filter 1001 reject * * udp,tcp 135 *
ip filter 1002 reject * * udp,tcp * 135
ip filter 1003 reject * * udp,tcp netbios_ns-netbios_dgm *
ip filter 1004 reject * * udp,tcp * netbios_ns-netbios_dgm
ip filter 1005 reject * * udp,tcp netbios_ssn *
ip filter 1006 reject * * udp,tcp * netbios_ssn
ip filter 1007 reject * * udp,tcp 445 *
ip filter 1008 reject * * udp,tcp * 445
ip filter 1997 pass * * udp,tcp * 2002
ip filter 1998 pass * * udp,tcp 2002 *
ip filter 1999 pass * * * * *
ip filter 3001 reject 172.31.255.0/24 * * * *
ip filter 3002 reject * * udp,tcp 135 *
ip filter 3003 reject * * udp,tcp * 135
ip filter 3004 reject * * udp,tcp netbios_ns-netbios_ssn *
ip filter 3005 reject * * udp,tcp * netbios_ns-netbios_ssn
ip filter 3006 reject * * udp,tcp 445 *
ip filter 3007 reject * * udp,tcp * 445
ip filter 3997 pass * * udp,tcp * 2002
ip filter 3998 pass * * udp,tcp 2002 *
ip filter 3999 pass * 172.31.255.0/24 * * *
ip filter 4001 reject * 172.31.255.0/24 * * *
ip filter 4002 reject * * udp,tcp 135 *
ip filter 4003 reject * * udp,tcp * 135
ip filter 4004 reject * * udp,tcp netbios_ns-netbios_ssn *
ip filter 4005 reject * * udp,tcp * netbios_ns-netbios_ssn
ip filter 4006 reject * * udp,tcp 445 *
ip filter 4007 reject * * udp,tcp * 445
ip filter 4008 restrict * * tcpfin * www,21,nntp
ip filter 4009 restrict * * tcprst * www,21,nntp
ip filter 4997 pass * * udp,tcp * 2002
ip filter 4998 pass * * udp,tcp 2002 *
ip filter 4999 pass * * * * *
ip filter 500000 restrict * * * * *
ip filter dynamic 1 * * ftp
ip filter dynamic 2 * * domain
ip filter dynamic 3 * * www
ip filter dynamic 4 * * smtp
ip filter dynamic 5 * * pop3
ip filter dynamic 996 * * tcp
ip filter dynamic 997 * * udp
nat descriptor type 1000 masquerade
dhcp service server
dhcp server rfc2131 compliant except remain-silent
dhcp scope 1 172.31.255.11-172.31.255.30/24
dns server pp 1
dns server select 500001 pp 1 any . restrict pp 1
dns private address spoof on
snmp sysname yamaha-rtx1200
statistics cpu on
statistics memory on