itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ conf | |
[edit] | |
itconsult@ha-r01a# del policy route outviajt rule 5 | |
[edit] | |
itconsult@ha-r01a# commit | |
[edit] | |
itconsult@ha-r01a# save | |
Saving configuration to '/config/config.boot'... | |
Done | |
[edit] | |
itconsult@ha-r01a# exit | |
exit | |
itconsult@ha-r01a:~$ sh ver | |
Version: VyOS 1.3.3 | |
Release train: equuleus | |
Built by: Sentrium S.L. | |
Built on: Mon 29 May 2023 12:55 UTC | |
Build UUID: a302f99b-4d44-4a40-82ba-1a4275902d5e | |
Build commit ID: bc64a3a72244b9 | |
Architecture: x86_64 | |
Boot via: installed image | |
System type: KVM guest | |
Hardware vendor: Red Hat | |
Hardware model: KVM | |
Hardware S/N: | |
Hardware UUID: 4eb3487e-35a2-4d93-b140-b1f9480fe4a5 | |
Copyright: VyOS maintainers and contributors | |
itconsult@ha-r01a:~$ sh conf c | strip-private | |
set firewall all-ping 'enable' | |
set firewall broadcast-ping 'disable' | |
set firewall config-trap 'disable' | |
set firewall group network-group internaladdresses network 'xxx.xxx.42.0/24' | |
set firewall group network-group internaladdresses network 'xxx.xxx.23.0/29' | |
set firewall group network-group internaladdresses network 'xxx.xxx.203.24/29' | |
set firewall group network-group internaladdresses network 'xxx.xxx.69.64/29' | |
set firewall group network-group internaladdresses network 'xxx.xxx.72.64/29' | |
set firewall group network-group internaladdresses network 'xxx.xxx.4.208/29' | |
set firewall group network-group outviajt network 'xxx.xxx.23.0/29' | |
set firewall group network-group outviajt network 'xxx.xxx.4.208/29' | |
set firewall ipv6-receive-redirects 'disable' | |
set firewall ipv6-src-route 'disable' | |
set firewall ip-src-route 'disable' | |
set firewall log-martians 'enable' | |
set firewall name TO-ROUTER default-action 'drop' | |
set firewall name TO-ROUTER rule 10 action 'accept' | |
set firewall name TO-ROUTER rule 10 description 'itconsult Local Traffic' | |
set firewall name TO-ROUTER rule 10 protocol 'all' | |
set firewall name TO-ROUTER rule 10 source address 'xxx.xxx.42.0/24' | |
set firewall name TO-ROUTER rule 20 action 'accept' | |
set firewall name TO-ROUTER rule 20 description 'Foreshore link subnet' | |
set firewall name TO-ROUTER rule 20 protocol 'all' | |
set firewall name TO-ROUTER rule 20 source address 'xxx.xxx.95.24/29' | |
set firewall name TO-ROUTER rule 21 action 'accept' | |
set firewall name TO-ROUTER rule 21 description 'Foreshore routed subnet' | |
set firewall name TO-ROUTER rule 21 protocol 'all' | |
set firewall name TO-ROUTER rule 21 source address 'xxx.xxx.69.64/29' | |
set firewall name TO-ROUTER rule 30 action 'accept' | |
set firewall name TO-ROUTER rule 30 description 'Newtel link subnet' | |
set firewall name TO-ROUTER rule 30 protocol 'all' | |
set firewall name TO-ROUTER rule 30 source address 'xxx.xxx.203.32/29' | |
set firewall name TO-ROUTER rule 31 action 'accept' | |
set firewall name TO-ROUTER rule 31 description 'Newtel link subnet' | |
set firewall name TO-ROUTER rule 31 protocol 'all' | |
set firewall name TO-ROUTER rule 31 source address 'xxx.xxx.203.24/29' | |
set firewall name TO-ROUTER rule 40 action 'accept' | |
set firewall name TO-ROUTER rule 40 description 'JT link subnet' | |
set firewall name TO-ROUTER rule 40 protocol 'all' | |
set firewall name TO-ROUTER rule 40 source address 'xxx.xxx.4.208/29' | |
set firewall name TO-ROUTER rule 41 action 'accept' | |
set firewall name TO-ROUTER rule 41 description 'JT routed subnet' | |
set firewall name TO-ROUTER rule 41 protocol 'all' | |
set firewall name TO-ROUTER rule 41 source address 'xxx.xxx.23.0/29' | |
set firewall name TO-ROUTER rule 42 action 'accept' | |
set firewall name TO-ROUTER rule 42 description 'JT BGP peers' | |
set firewall name TO-ROUTER rule 42 protocol 'all' | |
set firewall name TO-ROUTER rule 42 source address 'xxx.xxx.12.56/31' | |
set firewall name TO-ROUTER rule 43 action 'accept' | |
set firewall name TO-ROUTER rule 43 description 'JT BGP peers' | |
set firewall name TO-ROUTER rule 43 protocol 'all' | |
set firewall name TO-ROUTER rule 43 source address 'xxx.xxx.102.192/29' | |
set firewall name TO-ROUTER rule 46 action 'accept' | |
set firewall name TO-ROUTER rule 46 description 'qr broadband' | |
set firewall name TO-ROUTER rule 46 protocol 'all' | |
set firewall name TO-ROUTER rule 46 source address 'xxx.xxx.27.93/32' | |
set firewall name TO-ROUTER rule 47 action 'accept' | |
set firewall name TO-ROUTER rule 47 description 'vp-r01a' | |
set firewall name TO-ROUTER rule 47 protocol 'all' | |
set firewall name TO-ROUTER rule 47 source address 'xxx.xxx.63.136/32' | |
set firewall name TO-ROUTER rule 50 action 'accept' | |
set firewall name TO-ROUTER rule 50 description 'ssh from m70' | |
set firewall name TO-ROUTER rule 50 destination port 'ssh' | |
set firewall name TO-ROUTER rule 50 protocol 'tcp' | |
set firewall name TO-ROUTER rule 50 source address 'xxx.xxx.144.150/32' | |
set firewall name TO-ROUTER rule 51 action 'accept' | |
set firewall name TO-ROUTER rule 51 description 'ssh from m72' | |
set firewall name TO-ROUTER rule 51 destination port 'ssh' | |
set firewall name TO-ROUTER rule 51 protocol 'tcp' | |
set firewall name TO-ROUTER rule 51 source address 'xxx.xxx.34.123/32' | |
set firewall name TO-ROUTER rule 60 action 'accept' | |
set firewall name TO-ROUTER rule 60 description 'VRRP' | |
set firewall name TO-ROUTER rule 60 destination address 'xxx.xxx.0.18' | |
set firewall name TO-ROUTER rule 60 protocol '112' | |
set firewall name TO-ROUTER rule 70 action 'accept' | |
set firewall name TO-ROUTER rule 70 description 'IPSEC UDP' | |
set firewall name TO-ROUTER rule 70 destination port '500,4500,1701' | |
set firewall name TO-ROUTER rule 70 protocol 'udp' | |
set firewall name TO-ROUTER rule 80 action 'accept' | |
set firewall name TO-ROUTER rule 80 description 'IPSEC ESP' | |
set firewall name TO-ROUTER rule 80 protocol 'esp' | |
set firewall name TO-ROUTER rule 100 action 'accept' | |
set firewall name TO-ROUTER rule 100 description 'DHCP' | |
set firewall name TO-ROUTER rule 100 destination port 'bootps' | |
set firewall name TO-ROUTER rule 100 protocol 'udp' | |
set firewall name TO-ROUTER rule 401 action 'accept' | |
set firewall name TO-ROUTER rule 401 description 'wireguard re lvg-r01' | |
set firewall name TO-ROUTER rule 401 destination port '51820' | |
set firewall name TO-ROUTER rule 401 protocol 'udp' | |
set firewall name TO-ROUTER rule 401 source address 'xxx.xxx.69.0/24' | |
set firewall name TO-ROUTER rule 402 action 'accept' | |
set firewall name TO-ROUTER rule 402 description 'wireguard re lvg-r01' | |
set firewall name TO-ROUTER rule 402 destination port '51820' | |
set firewall name TO-ROUTER rule 402 protocol 'udp' | |
set firewall name TO-ROUTER rule 402 source address 'xxx.xxx.70.0/24' | |
set firewall name TO-ROUTER rule 996 action 'accept' | |
set firewall name TO-ROUTER rule 996 description 'ICMP Throughout' | |
set firewall name TO-ROUTER rule 996 protocol 'icmp' | |
set firewall name TO-ROUTER rule 999 action 'reject' | |
set firewall name TO-ROUTER rule 999 description 'Block' | |
set firewall name TO-ROUTER rule 999 log 'disable' | |
set firewall name TO-ROUTER rule 999 protocol 'all' | |
set firewall receive-redirects 'disable' | |
set firewall send-redirects 'enable' | |
set firewall source-validation 'disable' | |
set firewall syn-cookies 'enable' | |
set firewall twa-hazards-protection 'disable' | |
set high-availability vrrp group eth0.20-20 advertise-interval '1' | |
set high-availability vrrp group eth0.20-20 interface 'eth0.20' | |
set high-availability vrrp group eth0.20-20 priority '150' | |
set high-availability vrrp group eth0.20-20 virtual-address xxx.xxx.42.170/28 | |
set high-availability vrrp group eth0.20-20 vrid '20' | |
set interfaces ethernet eth0 duplex 'auto' | |
set interfaces ethernet eth0 hw-id 'xx:xx:xx:xx:xx:24' | |
set interfaces ethernet eth0 offload gro | |
set interfaces ethernet eth0 offload gso | |
set interfaces ethernet eth0 offload sg | |
set interfaces ethernet eth0 offload tso | |
set interfaces ethernet eth0 speed 'auto' | |
set interfaces ethernet eth0 vif 20 address 'xxx.xxx.42.168/28' | |
set interfaces ethernet eth0 vif 20 description 'Hatherley Backbone' | |
set interfaces ethernet eth0 vif 20 firewall local name 'TO-ROUTER' | |
set interfaces ethernet eth0 vif 20 ip ospf cost '10' | |
set interfaces ethernet eth0 vif 20 ip ospf dead-interval '4' | |
set interfaces ethernet eth0 vif 20 ip ospf hello-interval '1' | |
set interfaces ethernet eth0 vif 20 ip ospf priority '120' | |
set interfaces ethernet eth0 vif 20 ip ospf retransmit-interval '5' | |
set interfaces ethernet eth0 vif 20 ip ospf transmit-delay '1' | |
set interfaces ethernet eth0 vif 20 policy route 'outviajt' | |
set interfaces ethernet eth0 vif 122 description 'ONT 509001' | |
set interfaces loopback lo address 'xxx.xxx.42.250/32' | |
set interfaces openvpn vtun1 description 'qr-r01a bb - ha-r01a bb' | |
set interfaces openvpn vtun1 encryption cipher 'aes256' | |
set interfaces openvpn vtun1 firewall local name 'TO-ROUTER' | |
set interfaces openvpn vtun1 hash 'sha256' | |
set interfaces openvpn vtun1 ip ospf cost '20' | |
set interfaces openvpn vtun1 ip ospf dead-interval '4' | |
set interfaces openvpn vtun1 ip ospf hello-interval '1' | |
set interfaces openvpn vtun1 ip ospf network 'point-to-point' | |
set interfaces openvpn vtun1 ip ospf priority '1' | |
set interfaces openvpn vtun1 ip ospf retransmit-interval '5' | |
set interfaces openvpn vtun1 ip ospf transmit-delay '1' | |
set interfaces openvpn vtun1 local-address xxx.xxx.42.146 subnet-mask 'xxx.xxx.255.252' | |
set interfaces openvpn vtun1 mode 'site-to-site' | |
set interfaces openvpn vtun1 remote-address 'xxx.xxx.42.145' | |
set interfaces openvpn vtun1 remote-host 'xxx.xxx.27.93' | |
set interfaces openvpn vtun1 shared-secret-key-file xxxxxx | |
set interfaces openvpn vtun2 description 'qr-r01b foreshore - ha-r01a bb' | |
set interfaces openvpn vtun2 encryption cipher 'aes256' | |
set interfaces openvpn vtun2 firewall local name 'TO-ROUTER' | |
set interfaces openvpn vtun2 hash 'sha256' | |
set interfaces openvpn vtun2 ip ospf cost '40' | |
set interfaces openvpn vtun2 ip ospf dead-interval '4' | |
set interfaces openvpn vtun2 ip ospf hello-interval '1' | |
set interfaces openvpn vtun2 ip ospf network 'point-to-point' | |
set interfaces openvpn vtun2 ip ospf priority '1' | |
set interfaces openvpn vtun2 ip ospf retransmit-interval '5' | |
set interfaces openvpn vtun2 ip ospf transmit-delay '1' | |
set interfaces openvpn vtun2 local-address xxx.xxx.42.150 subnet-mask 'xxx.xxx.255.252' | |
set interfaces openvpn vtun2 local-port '1195' | |
set interfaces openvpn vtun2 mode 'site-to-site' | |
set interfaces openvpn vtun2 remote-address 'xxx.xxx.42.149' | |
set interfaces openvpn vtun2 remote-host 'xxx.xxx.95.29' | |
set interfaces openvpn vtun2 remote-port '1195' | |
set interfaces openvpn vtun2 shared-secret-key-file xxxxxx | |
set interfaces openvpn vtun5 description 'vp-r01 - broadband' | |
set interfaces openvpn vtun5 encryption cipher 'aes256' | |
set interfaces openvpn vtun5 firewall local name 'TO-ROUTER' | |
set interfaces openvpn vtun5 hash 'sha256' | |
set interfaces openvpn vtun5 ip ospf cost '65' | |
set interfaces openvpn vtun5 ip ospf dead-interval '4' | |
set interfaces openvpn vtun5 ip ospf hello-interval '1' | |
set interfaces openvpn vtun5 ip ospf network 'point-to-point' | |
set interfaces openvpn vtun5 ip ospf priority '1' | |
set interfaces openvpn vtun5 ip ospf retransmit-interval '5' | |
set interfaces openvpn vtun5 ip ospf transmit-delay '1' | |
set interfaces openvpn vtun5 local-address xxx.xxx.42.241 subnet-mask 'xxx.xxx.255.252' | |
set interfaces openvpn vtun5 local-port '1198' | |
set interfaces openvpn vtun5 mode 'site-to-site' | |
set interfaces openvpn vtun5 remote-address 'xxx.xxx.42.242' | |
set interfaces openvpn vtun5 remote-host 'xxx.xxx.63.136' | |
set interfaces openvpn vtun5 remote-port '1198' | |
set interfaces openvpn vtun5 shared-secret-key-file xxxxxx | |
set interfaces pppoe pppoe0 authentication password xxxxxx | |
set interfaces pppoe pppoe0 authentication user xxxxxx | |
set interfaces pppoe pppoe0 default-route 'none' | |
set interfaces pppoe pppoe0 firewall local name 'TO-ROUTER' | |
set interfaces pppoe pppoe0 mtu '1492' | |
set interfaces pppoe pppoe0 no-peer-dns | |
set interfaces pppoe pppoe0 source-interface 'eth0.122' | |
set interfaces wireguard wg09 address 'xxx.xxx.136.237/30' | |
set interfaces wireguard wg09 description 'lvg-r01 via JT Broadband/Airtel' | |
set interfaces wireguard wg09 ip ospf dead-interval '4' | |
set interfaces wireguard wg09 ip ospf hello-interval '1' | |
set interfaces wireguard wg09 ip ospf network 'point-to-point' | |
set interfaces wireguard wg09 ip ospf priority '1' | |
set interfaces wireguard wg09 ip ospf retransmit-interval '5' | |
set interfaces wireguard wg09 ip ospf transmit-delay '1' | |
set interfaces wireguard wg09 peer to-lvg-r01 allowed-ips 'xxx.xxx.0.0/0' | |
set interfaces wireguard wg09 peer to-lvg-r01 persistent-keepalive '25' | |
set interfaces wireguard wg09 peer to-lvg-r01 pubkey 'CUB1Xs9TIwiKpZLtI09YlkY6+e0qc6WParY1Ku9SrXo=' | |
set interfaces wireguard wg09 port '51820' | |
set interfaces wireguard wg09 private-key xxxxxx | |
set policy as-path-list itconsult rule 10 action 'permit' | |
set policy as-path-list itconsult rule 10 regex '^$' | |
set policy prefix-list default-route rule 10 action 'permit' | |
set policy prefix-list default-route rule 10 prefix 'xxx.xxx.0.0/0' | |
set policy prefix-list itconsult-aggregated rule 10 action 'permit' | |
set policy prefix-list itconsult-aggregated rule 10 prefix 'xxx.xxx.42.0/24' | |
set policy prefix-list rfc1918 rule 10 action 'permit' | |
set policy prefix-list rfc1918 rule 10 prefix 'xxx.xxx.0.0/8' | |
set policy prefix-list rfc1918 rule 11 action 'permit' | |
set policy prefix-list rfc1918 rule 11 ge '9' | |
set policy prefix-list rfc1918 rule 11 prefix 'xxx.xxx.0.0/8' | |
set policy prefix-list rfc1918 rule 20 action 'permit' | |
set policy prefix-list rfc1918 rule 20 prefix 'xxx.xxx.0.0/12' | |
set policy prefix-list rfc1918 rule 21 action 'permit' | |
set policy prefix-list rfc1918 rule 21 ge '13' | |
set policy prefix-list rfc1918 rule 21 prefix 'xxx.xxx.0.0/12' | |
set policy prefix-list rfc1918 rule 30 action 'permit' | |
set policy prefix-list rfc1918 rule 30 prefix 'xxx.xxx.0.0/16' | |
set policy prefix-list rfc1918 rule 31 action 'permit' | |
set policy prefix-list rfc1918 rule 31 ge '17' | |
set policy prefix-list rfc1918 rule 31 prefix 'xxx.xxx.0.0/16' | |
set policy route outviajt rule 10 description 'Internal Traffic' | |
set policy route outviajt rule 10 destination group network-group 'internaladdresses' | |
set policy route outviajt rule 10 set table 'main' | |
set policy route outviajt rule 10 source group network-group 'outviajt' | |
set policy route outviajt rule 20 description 'Out via JT' | |
set policy route outviajt rule 20 set table '1' | |
set policy route outviajt rule 20 source group network-group 'outviajt' | |
set policy route outviajt rule 30 description 'Normal Traffic' | |
set policy route outviajt rule 30 set table 'main' | |
set policy route-map bgp-local-no-export rule 10 action 'permit' | |
set policy route-map bgp-local-no-export rule 10 set community 'no-export' | |
set policy route-map bgp-no-advertise rule 10 action 'deny' | |
set policy route-map static-to-ospf rule 10 action 'permit' | |
set policy route-map static-to-ospf rule 10 description 'Redistribute default route' | |
set policy route-map static-to-ospf rule 10 match ip address prefix-list 'default-route' | |
set policy route-map static-to-ospf rule 20 action 'deny' | |
set policy route-map static-to-ospf rule 20 description 'Do not resistribute anything else' | |
set protocols bgp XXXXXX address-family ipv4-unicast aggregate-address xxx.xxx.42.0/24 | |
set protocols bgp XXXXXX address-family ipv4-unicast network xxx.xxx.42.250/32 route-map 'bgp-local-no-export' | |
set protocols bgp XXXXXX neighbor xxx.xxx.42.213 description 'qr-r01a' | |
set protocols bgp XXXXXX neighbor xxx.xxx.42.213 peer-group 'ITCONSULT' | |
set protocols bgp XXXXXX neighbor xxx.xxx.42.214 description 'vp-r01' | |
set protocols bgp XXXXXX neighbor xxx.xxx.42.214 peer-group 'ITCONSULT' | |
set protocols bgp XXXXXX neighbor xxx.xxx.42.215 description 'ha-r01b' | |
set protocols bgp XXXXXX neighbor xxx.xxx.42.215 peer-group 'ITCONSULT' | |
set protocols bgp XXXXXX neighbor xxx.xxx.42.251 description 'qr-r01b' | |
set protocols bgp XXXXXX neighbor xxx.xxx.42.251 peer-group 'ITCONSULT' | |
set protocols bgp XXXXXX parameters log-neighbor-changes | |
set protocols bgp XXXXXX parameters no-fast-external-failover | |
set protocols bgp XXXXXX peer-group ITCONSULT remote-as '25040' | |
set protocols bgp XXXXXX peer-group ITCONSULT update-source 'xxx.xxx.42.250' | |
set protocols bgp XXXXXX timers holdtime '45' | |
set protocols bgp XXXXXX timers keepalive '5' | |
set protocols ospf area 0 area-type normal | |
set protocols ospf area 0 network 'xxx.xxx.42.160/28' | |
set protocols ospf area 0 network 'xxx.xxx.42.250/32' | |
set protocols ospf area 0 network 'xxx.xxx.42.156/30' | |
set protocols ospf area 0 network 'xxx.xxx.42.200/30' | |
set protocols ospf area 0 network 'xxx.xxx.42.144/30' | |
set protocols ospf area 0 network 'xxx.xxx.42.148/30' | |
set protocols ospf area 0 network 'xxx.xxx.42.240/30' | |
set protocols ospf area 0 network 'xxx.xxx.136.236/30' | |
set protocols ospf default-information originate metric '10' | |
set protocols ospf default-information originate metric-type '1' | |
set protocols ospf log-adjacency-changes detail | |
set protocols ospf redistribute static metric-type '2' | |
set protocols ospf redistribute static route-map 'static-to-ospf' | |
set protocols static interface-route xxx.xxx.63.136/32 next-hop-interface pppoe0 | |
set protocols static interface-route xxx.xxx.69.0/24 next-hop-interface pppoe0 | |
set protocols static interface-route xxx.xxx.70.0/24 next-hop-interface pppoe0 | |
set protocols static interface-route xxx.xxx.12.56/31 next-hop-interface pppoe0 | |
set protocols static interface-route xxx.xxx.27.93/32 next-hop-interface pppoe0 | |
set protocols static interface-route xxx.xxx.95.29/32 next-hop-interface pppoe0 | |
set protocols static route xxx.xxx.0.0/0 blackhole distance '210' | |
set protocols static route xxx.xxx.42.0/24 blackhole distance '210' | |
set protocols static table 1 interface-route xxx.xxx.0.0/0 next-hop-interface pppoe0 | |
set service snmp community [redacted] authorization 'ro' | |
set service snmp community [redacted] network 'xxx.xxx.42.0/24' | |
set service ssh port '22' | |
set system config-management commit-revisions '20' | |
set system conntrack modules ftp | |
set system conntrack modules h323 | |
set system conntrack modules nfs | |
set system conntrack modules pptp | |
set system conntrack modules sip | |
set system conntrack modules sqlnet | |
set system conntrack modules tftp | |
set system domain-name xxxxxx | |
set system host-name xxxxxx | |
set system login banner post-login '' | |
set system login banner pre-login '' | |
set system login user xxxxxx authentication encrypted-password xxxxxx | |
set system login user xxxxxx authentication plaintext-password xxxxxx | |
set system name-server 'xxx.xxx.42.9' | |
set system name-server 'xxx.xxx.42.130' | |
set system ntp listen-address 'xxx.xxx.42.168' | |
set system ntp listen-address 'xxx.xxx.42.250' | |
set system ntp server xxxxx.tld | |
set system ntp server xxxxx.tld | |
set system ntp server xxxxx.tld | |
set system ntp server xxxxx.tld | |
set system syslog global facility all level 'debug' | |
set system syslog global facility protocols level 'debug' | |
set system syslog host xxx.xxx.42.2 facility all level 'debug' | |
set system time-zone 'GB' | |
set traffic-policy | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ ls | |
vyos-1.4.0-epa1-amd64.iso | |
itconsult@ha-r01a:~$ add system image vyos-1.4.0-epa1-amd64.iso | |
Checking SHA256 checksums of files on the ISO image... OK. | |
Done! | |
What would you like to name this image? [1.4.0-epa1]: | |
OK. This image will be named: 1.4.0-epa1 | |
Installing "1.4.0-epa1" image. | |
Copying new release files... | |
Would you like to save the current configuration | |
directory and config file? (Yes/No) [Yes]: | |
Copying current configuration... | |
Would you like to save the SSH host keys from your | |
current configuration? (Yes/No) [Yes]: | |
Copying SSH keys... | |
Running post-install script... | |
Setting up grub configuration... | |
Done. | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ reboot | |
Are you sure you want to reboot this system? [y/N] y | |
Using username "itconsult". | |
[email protected]'s password: | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ ls /tmp | |
systemd-private-b80c5f901fa2437889ab47f447b0f0b8-chrony.service-vTYhCv systemd-private-b80c5f901fa2437889ab47f447b0f0b8-openvpn@vtun5.service-l3xsaC | |
systemd-private-b80c5f901fa2437889ab47f447b0f0b8-haveged.service-GVSDmK systemd-private-b80c5f901fa2437889ab47f447b0f0b8-systemd-logind.service-JdsYpJ | |
systemd-private-b80c5f901fa2437889ab47f447b0f0b8-openvpn@vtun1.service-9niyhs vyos-configd-script-stdout | |
systemd-private-b80c5f901fa2437889ab47f447b0f0b8-openvpn@vtun2.service-V5bbj6 vyos-config-status | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ cat /tmp/vyos-config | |
vyos-configd-script-stdout vyos-config-status | |
itconsult@ha-r01a:~$ cat /tmp/vyos-config-status | |
0 | |
itconsult@ha-r01a:~$ cat /tmp/vyos-configd-script-stdout | |
WARNING: changing speed/duplex setting on "eth0" is unsupported! | |
DEPRECATION WARNING: OpenVPN shared-secret support will be removed in | |
future VyOS versions. Please migrate your site-to-site tunnels to TLS. | |
You can use self-signed certificates with peer fingerprint | |
verification, consult the documentation for details. | |
DEPRECATION WARNING: OpenVPN shared-secret support will be removed in | |
future VyOS versions. Please migrate your site-to-site tunnels to TLS. | |
You can use self-signed certificates with peer fingerprint | |
verification, consult the documentation for details. | |
DEPRECATION WARNING: OpenVPN shared-secret support will be removed in | |
future VyOS versions. Please migrate your site-to-site tunnels to TLS. | |
You can use self-signed certificates with peer fingerprint | |
verification, consult the documentation for details. | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ sh ver | |
Version: VyOS 1.4.0-epa1 | |
Release train: sagitta | |
Built by: Sentrium S.L. | |
Built on: Thu 22 Feb 2024 19:17 UTC | |
Build UUID: 97f0c92c-b99d-4bde-a67f-079ca030f2a1 | |
Build commit ID: bcac2eb1f9b49c | |
Architecture: x86_64 | |
Boot via: installed image | |
System type: KVM guest | |
Hardware vendor: Red Hat | |
Hardware model: KVM | |
Hardware S/N: | |
Hardware UUID: 4eb3487e-35a2-4d93-b140-b1f9480fe4a5 | |
Copyright: VyOS maintainers and contributors | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ sh conf c | strip-private | |
set firewall global-options all-ping 'enable' | |
set firewall global-options broadcast-ping 'disable' | |
set firewall global-options ip-src-route 'disable' | |
set firewall global-options ipv6-receive-redirects 'disable' | |
set firewall global-options ipv6-src-route 'disable' | |
set firewall global-options log-martians 'enable' | |
set firewall global-options receive-redirects 'disable' | |
set firewall global-options send-redirects 'enable' | |
set firewall global-options source-validation 'disable' | |
set firewall global-options syn-cookies 'enable' | |
set firewall global-options twa-hazards-protection 'disable' | |
set firewall group network-group internaladdresses network 'xxx.xxx.42.0/24' | |
set firewall group network-group internaladdresses network 'xxx.xxx.23.0/29' | |
set firewall group network-group internaladdresses network 'xxx.xxx.203.24/29' | |
set firewall group network-group internaladdresses network 'xxx.xxx.69.64/29' | |
set firewall group network-group internaladdresses network 'xxx.xxx.72.64/29' | |
set firewall group network-group internaladdresses network 'xxx.xxx.4.208/29' | |
set firewall group network-group outviajt network 'xxx.xxx.23.0/29' | |
set firewall group network-group outviajt network 'xxx.xxx.4.208/29' | |
set firewall ipv4 input filter default-action 'accept' | |
set firewall ipv4 input filter rule 5 action 'jump' | |
set firewall ipv4 input filter rule 5 inbound-interface name 'eth0.20' | |
set firewall ipv4 input filter rule 5 jump-target 'TO-ROUTER' | |
set firewall ipv4 input filter rule 10 action 'jump' | |
set firewall ipv4 input filter rule 10 inbound-interface name 'pppoe0' | |
set firewall ipv4 input filter rule 10 jump-target 'TO-ROUTER' | |
set firewall ipv4 input filter rule 15 action 'jump' | |
set firewall ipv4 input filter rule 15 inbound-interface name 'vtun1' | |
set firewall ipv4 input filter rule 15 jump-target 'TO-ROUTER' | |
set firewall ipv4 input filter rule 20 action 'jump' | |
set firewall ipv4 input filter rule 20 inbound-interface name 'vtun2' | |
set firewall ipv4 input filter rule 20 jump-target 'TO-ROUTER' | |
set firewall ipv4 input filter rule 25 action 'jump' | |
set firewall ipv4 input filter rule 25 inbound-interface name 'vtun5' | |
set firewall ipv4 input filter rule 25 jump-target 'TO-ROUTER' | |
set firewall ipv4 name TO-ROUTER default-action 'drop' | |
set firewall ipv4 name TO-ROUTER rule 10 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 10 description 'itconsult Local Traffic' | |
set firewall ipv4 name TO-ROUTER rule 10 protocol 'all' | |
set firewall ipv4 name TO-ROUTER rule 10 source address 'xxx.xxx.42.0/24' | |
set firewall ipv4 name TO-ROUTER rule 20 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 20 description 'Foreshore link subnet' | |
set firewall ipv4 name TO-ROUTER rule 20 protocol 'all' | |
set firewall ipv4 name TO-ROUTER rule 20 source address 'xxx.xxx.95.24/29' | |
set firewall ipv4 name TO-ROUTER rule 21 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 21 description 'Foreshore routed subnet' | |
set firewall ipv4 name TO-ROUTER rule 21 protocol 'all' | |
set firewall ipv4 name TO-ROUTER rule 21 source address 'xxx.xxx.69.64/29' | |
set firewall ipv4 name TO-ROUTER rule 30 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 30 description 'Newtel link subnet' | |
set firewall ipv4 name TO-ROUTER rule 30 protocol 'all' | |
set firewall ipv4 name TO-ROUTER rule 30 source address 'xxx.xxx.203.32/29' | |
set firewall ipv4 name TO-ROUTER rule 31 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 31 description 'Newtel link subnet' | |
set firewall ipv4 name TO-ROUTER rule 31 protocol 'all' | |
set firewall ipv4 name TO-ROUTER rule 31 source address 'xxx.xxx.203.24/29' | |
set firewall ipv4 name TO-ROUTER rule 40 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 40 description 'JT link subnet' | |
set firewall ipv4 name TO-ROUTER rule 40 protocol 'all' | |
set firewall ipv4 name TO-ROUTER rule 40 source address 'xxx.xxx.4.208/29' | |
set firewall ipv4 name TO-ROUTER rule 41 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 41 description 'JT routed subnet' | |
set firewall ipv4 name TO-ROUTER rule 41 protocol 'all' | |
set firewall ipv4 name TO-ROUTER rule 41 source address 'xxx.xxx.23.0/29' | |
set firewall ipv4 name TO-ROUTER rule 42 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 42 description 'JT BGP peers' | |
set firewall ipv4 name TO-ROUTER rule 42 protocol 'all' | |
set firewall ipv4 name TO-ROUTER rule 42 source address 'xxx.xxx.12.56/31' | |
set firewall ipv4 name TO-ROUTER rule 43 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 43 description 'JT BGP peers' | |
set firewall ipv4 name TO-ROUTER rule 43 protocol 'all' | |
set firewall ipv4 name TO-ROUTER rule 43 source address 'xxx.xxx.102.192/29' | |
set firewall ipv4 name TO-ROUTER rule 46 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 46 description 'qr broadband' | |
set firewall ipv4 name TO-ROUTER rule 46 protocol 'all' | |
set firewall ipv4 name TO-ROUTER rule 46 source address 'xxx.xxx.27.93/32' | |
set firewall ipv4 name TO-ROUTER rule 47 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 47 description 'vp-r01a' | |
set firewall ipv4 name TO-ROUTER rule 47 protocol 'all' | |
set firewall ipv4 name TO-ROUTER rule 47 source address 'xxx.xxx.63.136/32' | |
set firewall ipv4 name TO-ROUTER rule 50 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 50 description 'ssh from m70' | |
set firewall ipv4 name TO-ROUTER rule 50 destination port 'ssh' | |
set firewall ipv4 name TO-ROUTER rule 50 protocol 'tcp' | |
set firewall ipv4 name TO-ROUTER rule 50 source address 'xxx.xxx.144.150/32' | |
set firewall ipv4 name TO-ROUTER rule 51 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 51 description 'ssh from m72' | |
set firewall ipv4 name TO-ROUTER rule 51 destination port 'ssh' | |
set firewall ipv4 name TO-ROUTER rule 51 protocol 'tcp' | |
set firewall ipv4 name TO-ROUTER rule 51 source address 'xxx.xxx.34.123/32' | |
set firewall ipv4 name TO-ROUTER rule 60 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 60 description 'VRRP' | |
set firewall ipv4 name TO-ROUTER rule 60 destination address 'xxx.xxx.0.18' | |
set firewall ipv4 name TO-ROUTER rule 60 protocol '112' | |
set firewall ipv4 name TO-ROUTER rule 70 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 70 description 'IPSEC UDP' | |
set firewall ipv4 name TO-ROUTER rule 70 destination port '500,4500,1701' | |
set firewall ipv4 name TO-ROUTER rule 70 protocol 'udp' | |
set firewall ipv4 name TO-ROUTER rule 80 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 80 description 'IPSEC ESP' | |
set firewall ipv4 name TO-ROUTER rule 80 protocol 'esp' | |
set firewall ipv4 name TO-ROUTER rule 100 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 100 description 'DHCP' | |
set firewall ipv4 name TO-ROUTER rule 100 destination port 'bootps' | |
set firewall ipv4 name TO-ROUTER rule 100 protocol 'udp' | |
set firewall ipv4 name TO-ROUTER rule 401 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 401 description 'wireguard re lvg-r01' | |
set firewall ipv4 name TO-ROUTER rule 401 destination port '51820' | |
set firewall ipv4 name TO-ROUTER rule 401 protocol 'udp' | |
set firewall ipv4 name TO-ROUTER rule 401 source address 'xxx.xxx.69.0/24' | |
set firewall ipv4 name TO-ROUTER rule 402 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 402 description 'wireguard re lvg-r01' | |
set firewall ipv4 name TO-ROUTER rule 402 destination port '51820' | |
set firewall ipv4 name TO-ROUTER rule 402 protocol 'udp' | |
set firewall ipv4 name TO-ROUTER rule 402 source address 'xxx.xxx.70.0/24' | |
set firewall ipv4 name TO-ROUTER rule 996 action 'return' | |
set firewall ipv4 name TO-ROUTER rule 996 description 'ICMP Throughout' | |
set firewall ipv4 name TO-ROUTER rule 996 protocol 'icmp' | |
set firewall ipv4 name TO-ROUTER rule 999 action 'reject' | |
set firewall ipv4 name TO-ROUTER rule 999 description 'Block' | |
set firewall ipv4 name TO-ROUTER rule 999 protocol 'all' | |
set high-availability vrrp group eth0.20-20 address xxx.xxx.42.170/28 | |
set high-availability vrrp group eth0.20-20 advertise-interval '1' | |
set high-availability vrrp group eth0.20-20 interface 'eth0.20' | |
set high-availability vrrp group eth0.20-20 priority '150' | |
set high-availability vrrp group eth0.20-20 vrid '20' | |
set interfaces ethernet eth0 duplex 'auto' | |
set interfaces ethernet eth0 hw-id 'xx:xx:xx:xx:xx:24' | |
set interfaces ethernet eth0 offload gro | |
set interfaces ethernet eth0 offload gso | |
set interfaces ethernet eth0 offload sg | |
set interfaces ethernet eth0 offload tso | |
set interfaces ethernet eth0 speed 'auto' | |
set interfaces ethernet eth0 vif 20 address 'xxx.xxx.42.168/28' | |
set interfaces ethernet eth0 vif 20 description 'Hatherley Backbone' | |
set interfaces ethernet eth0 vif 122 description 'ONT 509001' | |
set interfaces loopback lo address 'xxx.xxx.42.250/32' | |
set interfaces openvpn vtun1 description 'qr-r01a bb - ha-r01a bb' | |
set interfaces openvpn vtun1 encryption cipher 'aes256' | |
set interfaces openvpn vtun1 hash 'sha256' | |
set interfaces openvpn vtun1 local-address xxx.xxx.42.146 subnet-mask 'xxx.xxx.255.252' | |
set interfaces openvpn vtun1 mode 'site-to-site' | |
set interfaces openvpn vtun1 remote-address 'xxx.xxx.42.145' | |
set interfaces openvpn vtun1 remote-host 'xxx.xxx.27.93' | |
set interfaces openvpn vtun1 shared-secret-key 'openvpn_vtun1_shared' | |
set interfaces openvpn vtun2 description 'qr-r01b foreshore - ha-r01a bb' | |
set interfaces openvpn vtun2 encryption cipher 'aes256' | |
set interfaces openvpn vtun2 hash 'sha256' | |
set interfaces openvpn vtun2 local-address xxx.xxx.42.150 subnet-mask 'xxx.xxx.255.252' | |
set interfaces openvpn vtun2 local-port '1195' | |
set interfaces openvpn vtun2 mode 'site-to-site' | |
set interfaces openvpn vtun2 remote-address 'xxx.xxx.42.149' | |
set interfaces openvpn vtun2 remote-host 'xxx.xxx.95.29' | |
set interfaces openvpn vtun2 remote-port '1195' | |
set interfaces openvpn vtun2 shared-secret-key 'openvpn_vtun2_shared' | |
set interfaces openvpn vtun5 description 'vp-r01 - broadband' | |
set interfaces openvpn vtun5 encryption cipher 'aes256' | |
set interfaces openvpn vtun5 hash 'sha256' | |
set interfaces openvpn vtun5 local-address xxx.xxx.42.241 subnet-mask 'xxx.xxx.255.252' | |
set interfaces openvpn vtun5 local-port '1198' | |
set interfaces openvpn vtun5 mode 'site-to-site' | |
set interfaces openvpn vtun5 remote-address 'xxx.xxx.42.242' | |
set interfaces openvpn vtun5 remote-host 'xxx.xxx.63.136' | |
set interfaces openvpn vtun5 remote-port '1198' | |
set interfaces openvpn vtun5 shared-secret-key 'openvpn_vtun5_shared' | |
set interfaces pppoe pppoe0 authentication password xxxxxx | |
set interfaces pppoe pppoe0 authentication username xxxxxx | |
set interfaces pppoe pppoe0 mtu '1492' | |
set interfaces pppoe pppoe0 no-default-route | |
set interfaces pppoe pppoe0 no-peer-dns | |
set interfaces pppoe pppoe0 source-interface 'eth0.122' | |
set interfaces wireguard wg09 address 'xxx.xxx.136.237/30' | |
set interfaces wireguard wg09 description 'lvg-r01 via JT Broadband/Airtel' | |
set interfaces wireguard wg09 peer to-lvg-r01 allowed-ips 'xxx.xxx.0.0/0' | |
set interfaces wireguard wg09 peer to-lvg-r01 persistent-keepalive '25' | |
set interfaces wireguard wg09 peer to-lvg-r01 public-key 'CUB1Xs9TIwiKpZLtI09YlkY6+e0qc6WParY1Ku9SrXo=' | |
set interfaces wireguard wg09 port '51820' | |
set interfaces wireguard wg09 private-key xxxxxx | |
set pki openvpn shared-secret xxxxxx key xxxxxx | |
set pki openvpn shared-secret xxxxxx version '1' | |
set pki openvpn shared-secret xxxxxx key xxxxxx | |
set pki openvpn shared-secret xxxxxx version '1' | |
set pki openvpn shared-secret xxxxxx key xxxxxx | |
set pki openvpn shared-secret xxxxxx version '1' | |
set policy as-path-list itconsult rule 10 action 'permit' | |
set policy as-path-list itconsult rule 10 regex '^$' | |
set policy prefix-list default-route rule 10 action 'permit' | |
set policy prefix-list default-route rule 10 prefix 'xxx.xxx.0.0/0' | |
set policy prefix-list itconsult-aggregated rule 10 action 'permit' | |
set policy prefix-list itconsult-aggregated rule 10 prefix 'xxx.xxx.42.0/24' | |
set policy prefix-list rfc1918 rule 10 action 'permit' | |
set policy prefix-list rfc1918 rule 10 prefix 'xxx.xxx.0.0/8' | |
set policy prefix-list rfc1918 rule 11 action 'permit' | |
set policy prefix-list rfc1918 rule 11 ge '9' | |
set policy prefix-list rfc1918 rule 11 prefix 'xxx.xxx.0.0/8' | |
set policy prefix-list rfc1918 rule 20 action 'permit' | |
set policy prefix-list rfc1918 rule 20 prefix 'xxx.xxx.0.0/12' | |
set policy prefix-list rfc1918 rule 21 action 'permit' | |
set policy prefix-list rfc1918 rule 21 ge '13' | |
set policy prefix-list rfc1918 rule 21 prefix 'xxx.xxx.0.0/12' | |
set policy prefix-list rfc1918 rule 30 action 'permit' | |
set policy prefix-list rfc1918 rule 30 prefix 'xxx.xxx.0.0/16' | |
set policy prefix-list rfc1918 rule 31 action 'permit' | |
set policy prefix-list rfc1918 rule 31 ge '17' | |
set policy prefix-list rfc1918 rule 31 prefix 'xxx.xxx.0.0/16' | |
set policy route outviajt interface 'eth0.20' | |
set policy route outviajt rule 10 description 'Internal Traffic' | |
set policy route outviajt rule 10 destination group network-group 'internaladdresses' | |
set policy route outviajt rule 10 set table 'main' | |
set policy route outviajt rule 10 source group network-group 'outviajt' | |
set policy route outviajt rule 20 description 'Out via JT' | |
set policy route outviajt rule 20 set table '1' | |
set policy route outviajt rule 20 source group network-group 'outviajt' | |
set policy route outviajt rule 30 description 'Normal Traffic' | |
set policy route outviajt rule 30 set table 'main' | |
set policy route-map bgp-local-no-export rule 10 action 'permit' | |
set policy route-map bgp-local-no-export rule 10 set | |
set policy route-map bgp-no-advertise rule 10 action 'deny' | |
set policy route-map static-to-ospf rule 10 action 'permit' | |
set policy route-map static-to-ospf rule 10 description 'Redistribute default route' | |
set policy route-map static-to-ospf rule 10 match ip address prefix-list 'default-route' | |
set policy route-map static-to-ospf rule 20 action 'deny' | |
set policy route-map static-to-ospf rule 20 description 'Do not resistribute anything else' | |
set protocols bgp address-family ipv4-unicast aggregate-address xxx.xxx.42.0/24 | |
set protocols bgp address-family ipv4-unicast network xxx.xxx.42.250/32 route-map 'bgp-local-no-export' | |
set protocols bgp neighbor xxx.xxx.42.213 address-family ipv4-unicast | |
set protocols bgp neighbor xxx.xxx.42.213 description 'qr-r01a' | |
set protocols bgp neighbor xxx.xxx.42.213 peer-group 'ITCONSULT' | |
set protocols bgp neighbor xxx.xxx.42.214 address-family ipv4-unicast | |
set protocols bgp neighbor xxx.xxx.42.214 description 'vp-r01' | |
set protocols bgp neighbor xxx.xxx.42.214 peer-group 'ITCONSULT' | |
set protocols bgp neighbor xxx.xxx.42.215 address-family ipv4-unicast | |
set protocols bgp neighbor xxx.xxx.42.215 description 'ha-r01b' | |
set protocols bgp neighbor xxx.xxx.42.215 peer-group 'ITCONSULT' | |
set protocols bgp neighbor xxx.xxx.42.251 address-family ipv4-unicast | |
set protocols bgp neighbor xxx.xxx.42.251 description 'qr-r01b' | |
set protocols bgp neighbor xxx.xxx.42.251 peer-group 'ITCONSULT' | |
set protocols bgp parameters log-neighbor-changes | |
set protocols bgp parameters no-fast-external-failover | |
set protocols bgp peer-group ITCONSULT remote-as '25040' | |
set protocols bgp peer-group ITCONSULT update-source 'xxx.xxx.42.250' | |
set protocols bgp system-as '25040' | |
set protocols bgp timers holdtime '45' | |
set protocols bgp timers keepalive '5' | |
set protocols ospf area 0 area-type normal | |
set protocols ospf area 0 network 'xxx.xxx.42.160/28' | |
set protocols ospf area 0 network 'xxx.xxx.42.250/32' | |
set protocols ospf area 0 network 'xxx.xxx.42.156/30' | |
set protocols ospf area 0 network 'xxx.xxx.42.200/30' | |
set protocols ospf area 0 network 'xxx.xxx.42.144/30' | |
set protocols ospf area 0 network 'xxx.xxx.42.148/30' | |
set protocols ospf area 0 network 'xxx.xxx.42.240/30' | |
set protocols ospf area 0 network 'xxx.xxx.136.236/30' | |
set protocols ospf default-information originate metric '10' | |
set protocols ospf default-information originate metric-type '1' | |
set protocols ospf interface eth0.20 cost '10' | |
set protocols ospf interface eth0.20 dead-interval '4' | |
set protocols ospf interface eth0.20 hello-interval '1' | |
set protocols ospf interface eth0.20 priority '120' | |
set protocols ospf interface eth0.20 retransmit-interval '5' | |
set protocols ospf interface eth0.20 transmit-delay '1' | |
set protocols ospf interface vtun1 cost '20' | |
set protocols ospf interface vtun1 dead-interval '4' | |
set protocols ospf interface vtun1 hello-interval '1' | |
set protocols ospf interface vtun1 network 'point-to-point' | |
set protocols ospf interface vtun1 priority '1' | |
set protocols ospf interface vtun1 retransmit-interval '5' | |
set protocols ospf interface vtun1 transmit-delay '1' | |
set protocols ospf interface vtun2 cost '40' | |
set protocols ospf interface vtun2 dead-interval '4' | |
set protocols ospf interface vtun2 hello-interval '1' | |
set protocols ospf interface vtun2 network 'point-to-point' | |
set protocols ospf interface vtun2 priority '1' | |
set protocols ospf interface vtun2 retransmit-interval '5' | |
set protocols ospf interface vtun2 transmit-delay '1' | |
set protocols ospf interface vtun5 cost '65' | |
set protocols ospf interface vtun5 dead-interval '4' | |
set protocols ospf interface vtun5 hello-interval '1' | |
set protocols ospf interface vtun5 network 'point-to-point' | |
set protocols ospf interface vtun5 priority '1' | |
set protocols ospf interface vtun5 retransmit-interval '5' | |
set protocols ospf interface vtun5 transmit-delay '1' | |
set protocols ospf interface wg09 dead-interval '4' | |
set protocols ospf interface wg09 hello-interval '1' | |
set protocols ospf interface wg09 network 'point-to-point' | |
set protocols ospf interface wg09 priority '1' | |
set protocols ospf interface wg09 retransmit-interval '5' | |
set protocols ospf interface wg09 transmit-delay '1' | |
set protocols ospf log-adjacency-changes detail | |
set protocols ospf redistribute static metric-type '2' | |
set protocols ospf redistribute static route-map 'static-to-ospf' | |
set protocols static route xxx.xxx.0.0/0 blackhole distance '210' | |
set protocols static route xxx.xxx.63.136/32 interface pppoe0 | |
set protocols static route xxx.xxx.69.0/24 interface pppoe0 | |
set protocols static route xxx.xxx.70.0/24 interface pppoe0 | |
set protocols static route xxx.xxx.42.0/24 blackhole distance '210' | |
set protocols static route xxx.xxx.12.56/31 interface pppoe0 | |
set protocols static route xxx.xxx.27.93/32 interface pppoe0 | |
set protocols static route xxx.xxx.95.29/32 interface pppoe0 | |
set protocols static table 1 route xxx.xxx.0.0/0 interface pppoe0 | |
set qos policy | |
set service ntp allow-client xxxxxx 'xxx.xxx.0.0/0' | |
set service ntp allow-client xxxxxx '::/0' | |
set service ntp server xxxxx.tld | |
set service ntp server xxxxx.tld | |
set service ntp server xxxxx.tld | |
set service ntp server xxxxx.tld | |
set service snmp community [redacted] authorization 'ro' | |
set service snmp community [redacted] network 'xxx.xxx.42.0/24' | |
set service ssh port '22' | |
set system config-management commit-revisions '20' | |
set system conntrack modules ftp | |
set system conntrack modules h323 | |
set system conntrack modules nfs | |
set system conntrack modules pptp | |
set system conntrack modules sip | |
set system conntrack modules sqlnet | |
set system conntrack modules tftp | |
set system domain-name xxxxxx | |
set system host-name xxxxxx | |
set system login banner post-login '' | |
set system login banner pre-login '' | |
set system login user xxxxxx authentication encrypted-password xxxxxx | |
set system login user xxxxxx authentication plaintext-password xxxxxx | |
set system name-server 'xxx.xxx.42.9' | |
set system name-server 'xxx.xxx.42.130' | |
set system syslog global facility all level 'debug' | |
set system syslog global facility local7 level 'debug' | |
set system syslog host xxx.xxx.42.2 facility all level 'debug' | |
set system time-zone 'GB' | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ conf | |
[edit] | |
itconsult@ha-r01a# load | |
Loading configuration from 'config.boot' | |
No configuration changes to commit. | |
[edit] | |
itconsult@ha-r01a# exit | |
exit | |
itconsult@ha-r01a:~$ | |
itconsult@ha-r01a:~$ |
File Metadata
File Metadata
- Mime Type
- text/plain
- Storage Engine
- blob
- Storage Format
- Raw Data
- Storage Handle
- 440040
- Default Alt Text
- 240309-ha-r01a-test2.txt (41 KB)