biglab pictures added

ne_expr_2/core.txt.txt

@@ -0,0 +1,165 @@
+#
+sysname CORE
+#
+vlan batch 10 20 30 400
+#
+authentication-profile name default_authen_profile
+authentication-profile name dot1x_authen_profile
+authentication-profile name dot1xmac_authen_profile
+authentication-profile name mac_authen_profile
+authentication-profile name multi_authen_profile
+authentication-profile name portal_authen_profile
+#
+diffserv domain default
+#
+radius-server template default
+#
+pki realm default
+ certificate-check none
+#
+free-rule-template name default_free_rule
+#
+portal-access-profile name portal_access_profile
+#
+aaa
+ authentication-scheme default
+  authentication-mode local
+ authentication-scheme radius
+  authentication-mode radius
+ authorization-scheme default
+  authorization-mode local
+ accounting-scheme default
+  accounting-mode none
+ local-aaa-user password policy administrator
+  password history record number 0
+  password expire 0
+ domain default
+  authentication-scheme radius
+  accounting-scheme default
+  radius-server default
+ domain default_admin
+  authentication-scheme default
+  accounting-scheme default
+ local-user admin password irreversible-cipher $1c$2{cX@;%V5#$`(w_4>*#q1iDviGwC{
+bCxq8cFF@6EC<80+<(peJH$
+ local-user admin privilege level 15
+ local-user admin service-type terminal http
+#
+interface Vlanif1
+#
+interface Vlanif10
+ ip address 192.168.10.254 255.255.255.0
+#
+interface Vlanif20
+ ip address 192.168.20.254 255.255.255.0
+#
+interface Vlanif30
+ ip address 192.168.30.254 255.255.255.0
+#
+interface Vlanif400
+ ip address 10.0.4.2 255.255.255.252
+#
+interface MEth0/0/1
+ ip address 192.168.1.253 255.255.255.0
+#
+interface Eth-Trunk1
+ port link-type trunk
+ port trunk allow-pass vlan 10
+ mode lacp
+#
+interface Eth-Trunk2
+ port link-type trunk
+ port trunk allow-pass vlan 20 30
+ mode lacp
+#
+interface GigabitEthernet0/0/1
+ eth-trunk 1
+#
+interface GigabitEthernet0/0/2
+ eth-trunk 1
+#
+interface GigabitEthernet0/0/3
+ eth-trunk 2
+#
+interface GigabitEthernet0/0/4
+ eth-trunk 2
+#
+interface GigabitEthernet0/0/5
+ port link-type access
+ port default vlan 400
+#
+interface GigabitEthernet0/0/6
+#
+interface GigabitEthernet0/0/7
+#
+interface GigabitEthernet0/0/8
+#
+interface GigabitEthernet0/0/9
+#
+interface GigabitEthernet0/0/10
+#
+interface GigabitEthernet0/0/11
+#
+interface GigabitEthernet0/0/12
+#
+interface GigabitEthernet0/0/13
+#
+interface GigabitEthernet0/0/14
+#
+interface GigabitEthernet0/0/15
+#
+interface GigabitEthernet0/0/16
+#
+interface GigabitEthernet0/0/17
+#
+interface GigabitEthernet0/0/18
+#
+interface GigabitEthernet0/0/19
+#
+interface GigabitEthernet0/0/20
+#
+interface GigabitEthernet0/0/21
+#
+interface GigabitEthernet0/0/22
+#
+interface GigabitEthernet0/0/23
+#
+interface GigabitEthernet0/0/24
+#
+interface GigabitEthernet0/0/25
+#
+interface GigabitEthernet0/0/26
+#
+interface GigabitEthernet0/0/27
+#
+interface GigabitEthernet0/0/28
+#
+interface NULL0
+#
+ospf 1 router-id 1.1.1.1
+ area 0.0.0.0
+  network 10.0.4.0 0.0.0.3
+  network 192.168.10.0 0.0.0.255
+  network 192.168.20.0 0.0.0.255
+  network 192.168.30.0 0.0.0.255
+#
+undo icmp name timestamp-request receive
+#
+ssh server cipher aes256_ctr aes128_ctr
+ssh server hmac sha2_256
+ssh client cipher aes256_ctr aes128_ctr
+ssh client hmac sha2_256
+ssh server dh-exchange min-len 2048
+#
+user-interface con 0
+ authentication-mode none
+user-interface vty 0 4
+user-interface vty 16 20
+#
+dot1x-access-profile name dot1x_access_profile
+#
+mac-access-profile name mac_access_profile
+#
+ops
+#
+return

ne_expr_2/fw.txt.txt

@@ -0,0 +1,294 @@
+#
+sysname FW
+#
+ l2tp domain suffix-separator @
+#
+authentication-profile name portal_authen_default
+#
+ undo factory-configuration prohibit
+#
+undo telnet server enable
+undo telnet ipv6 server enable
+#
+clock timezone Beijing add 08:00:00
+#
+ firewall packet-filter basic-protocol enable
+#
+ update schedule location-sdb weekly Sun 22:42
+#
+ firewall defend action discard
+#
+ undo log type traffic enable
+ log type syslog enable
+ log type policy enable
+#
+ undo dataflow enable
+#
+ undo sa force-detection enable
+#
+ banner enable
+#
+ user-manage web-authentication security port 8887
+ undo privacy-statement english
+ undo privacy-statement chinese
+page-setting
+ user-manage security version tlsv1.1 tlsv1.2
+password-policy
+ level high
+user-manage single-sign-on ad
+user-manage single-sign-on tsm
+user-manage single-sign-on radius
+user-manage auto-sync online-user
+#
+ firewall ids authentication type aes256
+#
+ web-manager security version tlsv1.1 tlsv1.2
+ web-manager enable
+ web-manager security enable
+#
+firewall dataplane to manageplane application-apperceive default-action drop
+#
+dhcp enable
+#
+ undo feedback type threat-log enable
+#
+ update schedule ips-sdb daily 06:48
+ update schedule av-sdb daily 06:48
+ update schedule sa-sdb daily 06:48
+ update schedule ip-reputation daily 06:48
+ update schedule cnc daily 06:48
+ update schedule file-reputation daily 06:48
+ update schedule ext-url-sdb daily 06:48
+#
+ disk-usage alarm threshold 95
+#
+ip vpn-instance default
+ ipv4-family
+#
+ time-range worktime
+  period-range 08:00:00 to 18:00:00 working-day
+#
+ike proposal default
+ encryption-algorithm aes-256 aes-192 aes-128
+ dh group14
+ authentication-algorithm sha2-512 sha2-384 sha2-256
+ authentication-method pre-share
+ integrity-algorithm hmac-sha2-256
+ prf hmac-sha2-256
+#
+web-auth-server default
+ port 50100
+#
+portal-access-profile name default
+#
+ip pool VLAN10_Staff
+ gateway-list 192.168.10.254
+ network 192.168.10.0 mask 255.255.255.0
+ section 0 192.168.10.10 192.168.10.200
+ dns-list 8.8.8.8
+#
+ip pool VLAN30_Guest
+ gateway-list 192.168.30.254
+ network 192.168.30.0 mask 255.255.255.0
+ section 0 192.168.30.10 192.168.30.200
+ dns-list 8.8.8.8
+#
+aaa
+ authentication-scheme admin_ad
+ authentication-scheme admin_ad_local
+ authentication-scheme admin_hwtacacs
+ authentication-scheme admin_hwtacacs_local
+ authentication-scheme admin_ldap
+ authentication-scheme admin_ldap_local
+ authentication-scheme admin_local
+ authentication-scheme admin_radius
+ authentication-scheme admin_radius_local
+ authentication-scheme default
+ authorization-scheme default
+ accounting-scheme default
+ domain default
+  service-type internetaccess ssl-vpn l2tp ike dot1x
+  internet-access mode password
+  reference user current-domain
+ manager-user audit-admin
+  password cipher $1a$<vT~V/>!YP$I6@T1:%^)Rhm%fM@2<B1Cmu1MT+mL:'{'CKfTQ;($
+  service-type web terminal
+  level 15
+
+ manager-user admin
+  password cipher $1a$Y5J}3yr|ZQ$(02cA"\}B$#q*/JU(0=~6NSWS$)*n:}ex."SFDY<$
+  service-type web terminal
+  level 15
+
+ role system-admin
+ role device-admin
+ role device-admin(monitor)
+ role audit-admin
+ bind manager-user audit-admin role audit-admin
+ bind manager-user admin role system-admin
+#
+interface MEth0/0/0
+ undo shutdown
+ ip binding vpn-instance default
+ ip address 192.168.0.1 255.255.255.0
+ service-manage http permit
+ service-manage https permit
+ service-manage ping permit
+#
+l2tp-group default-lns
+#
+interface GigabitEthernet0/0/0
+ undo shutdown
+ ip address 10.0.1.1 255.255.255.252
+#
+interface GigabitEthernet0/0/1
+ undo shutdown
+ ip address 10.0.2.2 255.255.255.252
+#
+interface GigabitEthernet0/0/2
+ undo shutdown
+ ip address 10.0.3.2 255.255.255.252
+#
+interface GigabitEthernet0/0/3
+ undo shutdown
+#
+interface GigabitEthernet0/0/4
+ undo shutdown
+#
+interface GigabitEthernet0/0/5
+ undo shutdown
+#
+interface GigabitEthernet0/0/6
+ undo shutdown
+#
+interface GigabitEthernet0/0/7
+ undo shutdown
+#
+interface WAN0/0/0
+ undo shutdown
+#
+interface WAN0/0/1
+ undo shutdown
+#
+interface XGigabitEthernet0/0/0
+ undo shutdown
+#
+interface XGigabitEthernet0/0/1
+ undo shutdown
+#
+interface Virtual-if0
+#
+interface NULL0
+#
+firewall zone local
+ set priority 100
+#
+firewall zone trust
+ set priority 85
+ add interface GigabitEthernet0/0/0
+ add interface MEth0/0/0
+#
+firewall zone untrust
+ set priority 5
+ add interface GigabitEthernet0/0/1
+ add interface GigabitEthernet0/0/2
+#
+firewall zone dmz
+ set priority 50
+#
+api
+#
+ospf 1 router-id 6.6.6.6
+ area 0.0.0.0
+  network 10.0.1.0 0.0.0.3
+  network 10.0.2.0 0.0.0.3
+  network 10.0.3.0 0.0.0.3
+#
+undo icmp name timestamp-request receive
+undo icmp name timestamp-reply receive
+undo icmp type 17 code 0 receive
+undo icmp type 18 code 0 receive
+#
+undo ssh server compatible-ssh1x enable
+ssh authentication-type default password
+ssh server cipher aes256_ctr aes128_ctr
+ssh server hmac sha2_256 sha1
+ssh client cipher aes256_ctr aes128_ctr
+ssh client hmac sha2_256 sha1
+ssh server dh-exchange min-len 2048
+#
+firewall detect ftp
+#
+ v-gateway ssl-renegotiation-attack defend enable
+#
+user-interface con 0
+ authentication-mode aaa
+user-interface vty 0 4
+ authentication-mode aaa
+ protocol inbound ssh
+user-interface vty 16 20
+#
+pki realm default
+#
+sa
+#
+location
+#
+multi-interface
+ mode proportion-of-weight
+#
+right-manager server-group
+#
+IoT
+#
+network-scan
+ network-scan timeout per-asset 300
+ network-scan timeout entire-scan 23
+ conflict-resolve override
+#
+device-classification
+ device-group pc
+ device-group mobile-terminal
+ device-group undefined-group
+#
+user-manage server-sync tsm
+#
+security-policy
+ default action permit
+ rule name t2ut
+  source-zone trust
+  destination-zone untrust
+  source-address 192.168.0.0 mask 255.255.0.0
+  action permit
+#
+auth-policy
+#
+traffic-policy
+#
+policy-based-route
+#
+nat-policy
+ rule name t2ut
+  source-zone trust
+  destination-zone untrust
+  source-address 192.168.0.0 mask 255.255.0.0
+  action source-nat easy-ip
+#
+proxy-policy
+#
+quota-policy
+#
+pcp-policy
+#
+dns-transparent-policy
+ mode based-on-multi-interface
+#
+rightm-policy
+#
+decryption-policy
+#
+flow-probe-policy
+#
+mac-access-profile name mac_access_profile
+#
+return

ne_expr_2/r1.txt.txt

@@ -0,0 +1,154 @@
+[V300R019C00SPC300]
+#
+ sysname R1
+#
+ drop illegal-mac alarm
+#
+authentication-profile name default_authen_profile
+authentication-profile name dot1x_authen_profile
+authentication-profile name dot1xmac_authen_profile
+authentication-profile name mac_authen_profile
+authentication-profile name multi_authen_profile
+authentication-profile name portal_authen_profile
+#
+dhcp enable
+#
+radius-server template default
+#
+pki realm default
+#
+ssl policy default_policy type server
+ pki-realm default
+ version tls1.2
+ ciphersuite rsa_aes_128_cbc_sha rsa_aes_128_sha256 rsa_aes_256_sha256 ecdhe_rsa
+_aes128_gcm_sha256 ecdhe_rsa_aes256_gcm_sha384
+#
+acl number 3000
+ rule 5 permit ip source 192.168.0.0 0.0.255.255
+#
+ike proposal default
+ encryption-algorithm aes-256 aes-192 aes-128
+ dh group14
+ authentication-algorithm sha2-512 sha2-384 sha2-256
+ authentication-method pre-share
+ integrity-algorithm hmac-sha2-256
+ prf hmac-sha2-256
+#
+free-rule-template name default_free_rule
+#
+portal-access-profile name portal_access_profile
+#
+aaa
+ authentication-scheme default
+ authentication-scheme radius
+  authentication-mode radius
+ authorization-scheme default
+ accounting-scheme default
+ local-aaa-user password policy administrator
+ domain default
+  authentication-scheme default
+ domain default_admin
+  authentication-scheme default
+ local-user admin password irreversible-cipher $1a$l/ee<QKJ`1$aPb2.&;1m0F.R-CHp_
+};.,#v)1A_gH=rau~tev,#$
+ local-user admin privilege level 15
+ local-user admin service-type terminal http
+#
+firewall zone Local
+#
+interface Vlanif1
+ ip address 192.168.1.1 255.255.255.0
+ dhcp select interface
+#
+interface GigabitEthernet0/0/0
+ undo portswitch
+ ip address 10.0.2.1 255.255.255.252
+#
+interface GigabitEthernet0/0/1
+ undo portswitch
+ ip address 203.0.113.2 255.255.255.252
+ nat outbound 3000
+ ospf cost 10
+#
+interface GigabitEthernet0/0/2
+#
+interface GigabitEthernet0/0/3
+#
+interface GigabitEthernet0/0/4
+#
+interface GigabitEthernet0/0/5
+#
+interface GigabitEthernet0/0/6
+#
+interface GigabitEthernet0/0/7
+#
+interface GigabitEthernet0/0/8
+#
+interface GigabitEthernet0/0/9
+#
+interface GigabitEthernet0/0/10
+ description VirtualPort
+#
+interface XGigabitEthernet0/0/0
+#
+interface NULL0
+#
+ospf 1 router-id 3.3.3.3
+ area 0.0.0.0
+  network 10.0.2.0 0.0.0.3
+ area 0.0.0.1
+  network 203.0.113.0 0.0.0.3
+#
+ snmp-agent local-engineid 800007DB0324A52CE71F00
+ snmp-agent trap enable
+#
+ http secure-server ssl-policy default_policy
+ http secure-server enable
+ http server permit interface GigabitEthernet0/0/0
+#
+fib regularly-refresh disable
+#
+user-interface con 0
+ authentication-mode password
+ set authentication password cipher %^%#E!6OI[asAL@pGh=~\&TAr:W2;pNN{Tzhe08'*EcE
+BCWEHUqkDX{@(pW(9&x*%^%#
+user-interface vty 0
+ authentication-mode aaa
+ user privilege level 15
+user-interface vty 1 4
+#
+wlan ac
+ traffic-profile name default
+ security-profile name default
+ security-profile name default-wds
+  security wpa2 psk pass-phrase %^%##>,!RC>rMCb+P-%g3FJX_n;+T!$&5Zhmw3WHu%qX%^%#
+ aes
+ ssid-profile name default
+ vap-profile name default
+ wds-profile name default
+ regulatory-domain-profile name default
+ air-scan-profile name default
+ rrm-profile name default
+ radio-2g-profile name default
+ radio-5g-profile name default
+ wids-spoof-profile name default
+ wids-profile name default
+ ap-system-profile name default
+ port-link-profile name default
+ wired-port-profile name default
+ ap-group name default
+#
+dot1x-access-profile name dot1x_access_profile
+#
+mac-access-profile name mac_access_profile
+#
+ops
+#
+autostart
+#
+secelog
+#
+ ms-channel
+
+#
+return

ne_expr_2/r2.txt.txt

@@ -0,0 +1,161 @@
+[V300R019C10SPC200]
+#
+ sysname R2
+#
+ drop illegal-mac alarm
+#
+authentication-profile name default_authen_profile
+authentication-profile name dot1x_authen_profile
+authentication-profile name dot1xmac_authen_profile
+authentication-profile name mac_authen_profile
+authentication-profile name multi_authen_profile
+authentication-profile name portal_authen_profile
+#
+dhcp enable
+#
+radius-server template default
+#
+pki realm default
+#
+ssl policy default_policy type server
+ pki-realm default
+ version tls1.2
+ ciphersuite rsa_aes_128_cbc_sha rsa_aes_128_sha256 rsa_aes_256_sha256 ecdhe_rsa
+_aes128_gcm_sha256 ecdhe_rsa_aes256_gcm_sha384
+#
+acl number 3000
+ rule 5 permit ip source 192.168.0.0 0.0.255.255
+#
+ike proposal default
+ encryption-algorithm aes-256 aes-192 aes-128
+ dh group14
+ authentication-algorithm sha2-512 sha2-384 sha2-256
+ authentication-method pre-share
+ integrity-algorithm hmac-sha2-256
+ prf hmac-sha2-256
+#
+free-rule-template name default_free_rule
+#
+portal-access-profile name portal_access_profile
+#
+aaa
+ authentication-scheme default
+  authentication-mode local
+ authentication-scheme radius
+  authentication-mode radius
+ authorization-scheme default
+  authorization-mode local
+ accounting-scheme default
+  accounting-mode none
+ local-aaa-user password policy administrator
+ domain default
+  authentication-scheme default
+  accounting-scheme default
+ domain default_admin
+  authentication-scheme default
+  accounting-scheme default
+ local-user admin password irreversible-cipher $1a$l/ee<QKJ`1$aPb2.&;1m0F.R-CHp_
+};.,#v)1A_gH=rau~tev,#$
+ local-user admin privilege level 15
+ local-user admin service-type terminal http
+#
+web
+#
+firewall zone Local
+#
+interface Vlanif1
+ ip address 192.168.1.1 255.255.255.0
+ dhcp select interface
+#
+interface GigabitEthernet0/0/0
+ undo portswitch
+ ip address 10.0.3.1 255.255.255.252
+#
+interface GigabitEthernet0/0/1
+ undo portswitch
+ ip address 203.0.113.6 255.255.255.252
+ nat outbound 3000
+ ospf cost 100
+#
+interface GigabitEthernet0/0/2
+#
+interface GigabitEthernet0/0/3
+#
+interface GigabitEthernet0/0/4
+#
+interface GigabitEthernet0/0/5
+#
+interface GigabitEthernet0/0/6
+#
+interface GigabitEthernet0/0/7
+#
+interface GigabitEthernet0/0/8
+#
+interface GigabitEthernet0/0/9
+#
+interface GigabitEthernet0/0/11
+ description VirtualPort
+#
+interface XGigabitEthernet0/0/0
+#
+interface NULL0
+#
+ospf 1 router-id 4.4.4.4
+ area 0.0.0.0
+  network 10.0.3.0 0.0.0.3
+ area 0.0.0.1
+  network 203.0.113.4 0.0.0.3
+#
+ snmp-agent local-engineid 800007DB03A01C8D170B1A
+ snmp-agent trap enable
+#
+ http secure-server ssl-policy default_policy
+ http secure-server enable
+ http server permit interface GigabitEthernet0/0/0
+#
+fib regularly-refresh disable
+#
+user-interface con 0
+ authentication-mode password
+ set authentication password cipher %^%#\~EgVI'Gi9UVWMQ}8H-B75z=~<67c~A-D2I,"s&<
+l,=SB8oa+Lr\,8ER+^wD%^%#
+user-interface vty 0
+ authentication-mode aaa
+ user privilege level 15
+user-interface vty 1 4
+#
+wlan ac
+ traffic-profile name default
+ security-profile name default
+ security-profile name default-wds
+  security wpa2 psk pass-phrase %^%#Bre)S*TVAH#I6aH8Fd98ay'KOIR|F,-DemJ:)_<H%^%#
+ aes
+ ssid-profile name default
+ vap-profile name default
+ wds-profile name default
+ regulatory-domain-profile name default
+ air-scan-profile name default
+ rrm-profile name default
+ radio-2g-profile name default
+ radio-5g-profile name default
+ wids-spoof-profile name default
+ wids-profile name default
+ ap-system-profile name default
+ port-link-profile name default
+ wired-port-profile name default
+ ap-group name default
+#
+dot1x-access-profile name dot1x_access_profile
+#
+mac-access-profile name mac_access_profile
+#
+ops
+#
+autostart
+#
+secelog
+#
+ ms-channel
+
+#
+return

ne_expr_2/r3.txt.txt

@@ -0,0 +1,161 @@
+#
+ sysname R3
+#
+ drop illegal-mac alarm
+#
+ipv6
+#
+authentication-profile name default_authen_profile
+authentication-profile name dot1x_authen_profile
+authentication-profile name dot1xmac_authen_profile
+authentication-profile name mac_authen_profile
+authentication-profile name multi_authen_profile
+authentication-profile name portal_authen_profile
+#
+dhcp enable
+#
+radius-server template default
+#
+pki realm default
+#
+ike proposal default
+ encryption-algorithm aes-256 aes-192 aes-128
+ dh group14
+ authentication-algorithm sha2-512 sha2-384 sha2-256
+ authentication-method pre-share
+ integrity-algorithm hmac-sha2-256
+ prf hmac-sha2-256
+#
+free-rule-template name default_free_rule
+#
+portal-access-profile name portal_access_profile
+#
+aaa
+ authentication-scheme default
+  authentication-mode local
+ authentication-scheme radius
+  authentication-mode radius
+ authorization-scheme default
+  authorization-mode local
+ accounting-scheme default
+  accounting-mode none
+ domain default
+  authentication-scheme radius
+  accounting-scheme default
+  radius-server default
+ domain default_admin
+  authentication-scheme default
+  accounting-scheme default
+ local-user admin password irreversible-cipher $1a$dI~qTD'A.$$83RH2*P,V!+M,IT;TP
+9$fCzdPEf|JQk>p.GadHd>$
+ local-user admin service-type http
+#
+web
+#
+firewall zone Local
+#
+interface GigabitEthernet0/0/0
+ undo portswitch
+ ipv6 enable
+ ip address 203.0.113.1 255.255.255.252
+ ipv6 address auto link-local
+ ipv6 address auto global default
+ ipv6 address auto dhcp
+#
+interface GigabitEthernet0/0/1
+ undo portswitch
+ ipv6 enable
+ ip address 203.0.113.5 255.255.255.252
+ ipv6 address auto link-local
+ ipv6 address auto global default
+ ipv6 address auto dhcp
+#
+interface GigabitEthernet0/0/2
+ undo portswitch
+ ip address 172.16.1.254 255.255.255.0
+#
+interface GigabitEthernet0/0/3
+ undo portswitch
+ ipv6 enable
+ ip address 8.8.8.1 255.255.255.0
+ ipv6 address auto link-local
+ ipv6 address auto global default
+ ipv6 address auto dhcp
+#
+interface GigabitEthernet0/0/4
+#
+interface GigabitEthernet0/0/5
+#
+interface GigabitEthernet0/0/6
+#
+interface GigabitEthernet0/0/7
+#
+interface GigabitEthernet0/0/8
+#
+interface GigabitEthernet0/0/9
+#
+interface GigabitEthernet0/0/11
+ description VirtualPort
+ ipv6 enable
+ ipv6 address auto link-local
+ ipv6 address auto global default
+ ip address dhcp-alloc
+ ipv6 address auto dhcp
+#
+interface XGigabitEthernet0/0/0
+#
+interface NULL0
+#
+ospf 1 router-id 5.5.5.5
+ default-route-advertise always
+ area 0.0.0.1
+  network 8.8.8.0 0.0.0.255
+  network 172.16.1.0 0.0.0.255
+  network 203.0.113.0 0.0.0.3
+  network 203.0.113.4 0.0.0.3
+#
+ snmp-agent local-engineid 800007DB03A01C8D17099E
+#
+fib regularly-refresh disable
+#
+user-interface con 0
+ authentication-mode password
+ set authentication password cipher %^%#4wT.3a<>PKul8&(@~(-0v,-w1-zQo/`:j^LE<I5$
+i;%u'EhQ-R%VY]SS(43"%^%#
+user-interface vty 0 4
+#
+wlan ac
+ traffic-profile name default
+ security-profile name default
+ security-profile name default-wds
+  security wpa2 psk pass-phrase %^%#OaPv/S-z7#`J3@Jh\/{+NISM.mJ*5GAyP[-0As85%^%#
+ aes
+ ssid-profile name default
+ vap-profile name default
+ wds-profile name default
+ regulatory-domain-profile name default
+ air-scan-profile name default
+ rrm-profile name default
+ radio-2g-profile name default
+ radio-5g-profile name default
+ wids-spoof-profile name default
+ wids-profile name default
+ ap-system-profile name default
+ port-link-profile name default
+ wired-port-profile name default
+ ap-group name default
+#
+dot1x-access-profile name dot1x_access_profile
+#
+mac-access-profile name mac_access_profile
+#
+ops
+#
+autostart
+#
+secelog
+#
+ ms-channel
+
+#
+return

ne_expr_2/rnew.txt.txt

@@ -0,0 +1,154 @@
+#
+ sysname R_NEW
+#
+ drop illegal-mac alarm
+#
+authentication-profile name default_authen_profile
+authentication-profile name dot1x_authen_profile
+authentication-profile name dot1xmac_authen_profile
+authentication-profile name mac_authen_profile
+authentication-profile name multi_authen_profile
+authentication-profile name portal_authen_profile
+#
+dhcp enable
+#
+radius-server template default
+#
+pki realm default
+#
+ssl policy default_policy type server
+ pki-realm default
+ version tls1.2
+ ciphersuite rsa_aes_128_cbc_sha rsa_aes_128_sha256 rsa_aes_256_sha256 ecdhe_rsa
+_aes128_gcm_sha256 ecdhe_rsa_aes256_gcm_sha384
+#
+ike proposal default
+ encryption-algorithm aes-256 aes-192 aes-128
+ dh group14
+ authentication-algorithm sha2-512 sha2-384 sha2-256
+ authentication-method pre-share
+ integrity-algorithm hmac-sha2-256
+ prf hmac-sha2-256
+#
+free-rule-template name default_free_rule
+#
+portal-access-profile name portal_access_profile
+#
+aaa
+ authentication-scheme default
+  authentication-mode local
+ authentication-scheme radius
+  authentication-mode radius
+ authorization-scheme default
+  authorization-mode local
+ accounting-scheme default
+  accounting-mode none
+ local-aaa-user password policy administrator
+ domain default
+  authentication-scheme default
+  accounting-scheme default
+ domain default_admin
+  authentication-scheme default
+  accounting-scheme default
+ local-user admin password irreversible-cipher $1a$l/ee<QKJ`1$aPb2.&;1m0F.R-CHp_
+};.,#v)1A_gH=rau~tev,#$
+ local-user admin privilege level 15
+ local-user admin service-type terminal http
+#
+web
+#
+firewall zone Local
+#
+interface Vlanif1
+ ip address 192.168.1.1 255.255.255.0
+ dhcp select interface
+#
+interface GigabitEthernet0/0/0
+ undo portswitch
+ ip address 10.0.1.2 255.255.255.252
+#
+interface GigabitEthernet0/0/1
+ undo portswitch
+ ip address 10.0.4.1 255.255.255.252
+#
+interface GigabitEthernet0/0/2
+#
+interface GigabitEthernet0/0/3
+#
+interface GigabitEthernet0/0/4
+#
+interface GigabitEthernet0/0/5
+#
+interface GigabitEthernet0/0/6
+#
+interface GigabitEthernet0/0/7
+#
+interface GigabitEthernet0/0/8
+#
+interface GigabitEthernet0/0/9
+#
+interface GigabitEthernet0/0/11
+ description VirtualPort
+#
+interface XGigabitEthernet0/0/0
+#
+interface NULL0
+#
+ospf 1 router-id 2.2.2.2
+ area 0.0.0.0
+  network 10.0.1.0 0.0.0.3
+  network 10.0.4.0 0.0.0.3
+#
+ snmp-agent local-engineid 800007DB03A01C8D1709B2
+ snmp-agent trap enable
+#
+ http secure-server ssl-policy default_policy
+ http secure-server enable
+ http server permit interface GigabitEthernet0/0/0
+#
+fib regularly-refresh disable
+#
+user-interface con 0
+ authentication-mode password
+ set authentication password cipher %^%#ldqKO$>Xw/5.o2KC#J`@~EDG4BYJ'~f8F3FV~e/3
+Af\S)aqga5*%H'CVym#O%^%#
+user-interface vty 0
+ authentication-mode aaa
+ user privilege level 15
+user-interface vty 1 4
+#
+wlan ac
+ traffic-profile name default
+ security-profile name default
+ security-profile name default-wds
+  security wpa2 psk pass-phrase %^%#/+;z%#YEj.Y]/]N"dDy)Ge)KPW``JA5#2wH.,.-~%^%#
+ aes
+ ssid-profile name default
+ vap-profile name default
+ wds-profile name default
+ regulatory-domain-profile name default
+ air-scan-profile name default
+ rrm-profile name default
+ radio-2g-profile name default
+ radio-5g-profile name default
+ wids-spoof-profile name default
+ wids-profile name default
+ ap-system-profile name default
+ port-link-profile name default
+ wired-port-profile name default
+ ap-group name default
+#
+dot1x-access-profile name dot1x_access_profile
+#
+mac-access-profile name mac_access_profile
+#
+ops
+#
+autostart
+#
+secelog
+#
+ ms-channel
+
+#
+return

ne_expr_2/s3.txt.txt

@@ -0,0 +1,142 @@
+#
+sysname S3
+#
+dns resolve
+#
+vlan batch 10
+#
+authentication-profile name default_authen_profile
+authentication-profile name dot1x_authen_profile
+authentication-profile name dot1xmac_authen_profile
+authentication-profile name mac_authen_profile
+authentication-profile name multi_authen_profile
+authentication-profile name portal_authen_profile
+#
+diffserv domain default
+#
+radius-server template default
+#
+pki realm default
+ certificate-check none
+#
+free-rule-template name default_free_rule
+#
+portal-access-profile name portal_access_profile
+#
+aaa
+ authentication-scheme default
+  authentication-mode local
+ authentication-scheme radius
+  authentication-mode radius
+ authorization-scheme default
+  authorization-mode local
+ accounting-scheme default
+  accounting-mode none
+ local-aaa-user password policy administrator
+  password history record number 0
+  password expire 0
+ domain default
+  authentication-scheme radius
+  accounting-scheme default
+  radius-server default
+ domain default_admin
+  authentication-scheme default
+  accounting-scheme default
+ local-user admin password irreversible-cipher $1c$3GgV!n|Zu$$nq7TY{L42<}bh%!$&\
+UOth,TDxg`TByVn#Rx'I!#$
+ local-user admin privilege level 15
+ local-user admin service-type terminal http
+#
+interface Vlanif1
+#
+interface MEth0/0/1
+ ip address 192.168.1.253 255.255.255.0
+#
+interface Eth-Trunk1
+ port link-type trunk
+ port trunk allow-pass vlan 10
+ mode lacp
+#
+interface GigabitEthernet0/0/1
+ eth-trunk 1
+#
+interface GigabitEthernet0/0/2
+ eth-trunk 1
+#
+interface GigabitEthernet0/0/3
+ port link-type access
+ port default vlan 10
+ stp edged-port enable
+#
+interface GigabitEthernet0/0/4
+#
+interface GigabitEthernet0/0/5
+#
+interface GigabitEthernet0/0/6
+#
+interface GigabitEthernet0/0/7
+#
+interface GigabitEthernet0/0/8
+#
+interface GigabitEthernet0/0/9
+#
+interface GigabitEthernet0/0/10
+#
+interface GigabitEthernet0/0/11
+#
+interface GigabitEthernet0/0/12
+#
+interface GigabitEthernet0/0/13
+#
+interface GigabitEthernet0/0/14
+#
+interface GigabitEthernet0/0/15
+#
+interface GigabitEthernet0/0/16
+#
+interface GigabitEthernet0/0/17
+#
+interface GigabitEthernet0/0/18
+#
+interface GigabitEthernet0/0/19
+#
+interface GigabitEthernet0/0/20
+#
+interface GigabitEthernet0/0/21
+#
+interface GigabitEthernet0/0/22
+#
+interface GigabitEthernet0/0/23
+#
+interface GigabitEthernet0/0/24
+#
+interface GigabitEthernet0/0/25
+#
+interface GigabitEthernet0/0/26
+#
+interface GigabitEthernet0/0/27
+#
+interface GigabitEthernet0/0/28
+#
+interface NULL0
+#
+undo icmp name timestamp-request receive
+#
+ssh server cipher aes256_ctr aes128_ctr
+ssh server hmac sha2_256
+ssh client cipher aes256_ctr aes128_ctr
+ssh client hmac sha2_256
+ssh server dh-exchange min-len 2048
+#
+user-interface con 0
+ authentication-mode aaa
+user-interface vty 0 4
+user-interface vty 16 20
+#
+dot1x-access-profile name dot1x_access_profile
+#
+mac-access-profile name mac_access_profile
+#
+ops
+#
+return

ne_expr_2/s4.txt.txt

@@ -0,0 +1,156 @@
+#
+sysname S4
+#
+vlan batch 20 30
+#
+authentication-profile name default_authen_profile
+authentication-profile name dot1x_authen_profile
+authentication-profile name dot1xmac_authen_profile
+authentication-profile name mac_authen_profile
+authentication-profile name multi_authen_profile
+authentication-profile name portal_authen_profile
+#
+dhcp enable
+#
+dhcp snooping enable
+#
+diffserv domain default
+#
+radius-server template default
+#
+pki realm default
+ certificate-check none
+#
+free-rule-template name default_free_rule
+#
+portal-access-profile name portal_access_profile
+#
+vlan 20
+ dhcp snooping enable
+vlan 30
+ dhcp snooping enable
+#
+aaa
+ authentication-scheme default
+  authentication-mode local
+ authentication-scheme radius
+  authentication-mode radius
+ authorization-scheme default
+  authorization-mode local
+ accounting-scheme default
+  accounting-mode none
+ local-aaa-user password policy administrator
+  password history record number 0
+  password expire 0
+ domain default
+  authentication-scheme radius
+  accounting-scheme default
+  radius-server default
+ domain default_admin
+  authentication-scheme default
+  accounting-scheme default
+ local-user admin password irreversible-cipher $1c$!KEu5`>r/U$XH0oSdg%O*K{t>JY0_
+J/I`r9Rf1"aW(ws]4]S^=+$
+ local-user admin privilege level 15
+ local-user admin service-type terminal http
+#
+interface Vlanif1
+#
+interface MEth0/0/1
+ ip address 192.168.1.253 255.255.255.0
+#
+interface Eth-Trunk1
+ port link-type trunk
+ port trunk allow-pass vlan 20 30
+ mode lacp
+#
+interface GigabitEthernet0/0/1
+ eth-trunk 1
+#
+interface GigabitEthernet0/0/2
+ eth-trunk 1
+#
+interface GigabitEthernet0/0/3
+ port link-type access
+ port default vlan 20
+ stp edged-port enable
+ port-security enable
+#
+interface GigabitEthernet0/0/4
+ port link-type access
+ port default vlan 30
+ stp edged-port enable
+ port-security enable
+#
+interface GigabitEthernet0/0/5
+#
+interface GigabitEthernet0/0/6
+#
+interface GigabitEthernet0/0/7
+#
+interface GigabitEthernet0/0/8
+#
+interface GigabitEthernet0/0/9
+#
+interface GigabitEthernet0/0/10
+#
+interface GigabitEthernet0/0/11
+#
+interface GigabitEthernet0/0/12
+#
+interface GigabitEthernet0/0/13
+#
+interface GigabitEthernet0/0/14
+#
+interface GigabitEthernet0/0/15
+#
+interface GigabitEthernet0/0/16
+#
+interface GigabitEthernet0/0/17
+#
+interface GigabitEthernet0/0/18
+#
+interface GigabitEthernet0/0/19
+#
+interface GigabitEthernet0/0/20
+#
+interface GigabitEthernet0/0/21
+#
+interface GigabitEthernet0/0/22
+#
+interface GigabitEthernet0/0/23
+#
+interface GigabitEthernet0/0/24
+#
+interface GigabitEthernet0/0/25
+#
+interface GigabitEthernet0/0/26
+#
+interface GigabitEthernet0/0/27
+#
+interface GigabitEthernet0/0/28
+#
+interface NULL0
+#
+undo icmp name timestamp-request receive
+#
+ssh server cipher aes256_ctr aes128_ctr
+ssh server hmac sha2_256
+ssh client cipher aes256_ctr aes128_ctr
+ssh client hmac sha2_256
+ssh server dh-exchange min-len 2048
+#
+user-interface con 0
+ authentication-mode password
+ set authentication password cipher $1a$SFrKTa%+a4$4L)<7dU}{5G(z2Q*Gy0+_)r!T\az%
+6O:[iC+^701$
+user-interface vty 0 4
+user-interface vty 16 20
+#
+dot1x-access-profile name dot1x_access_profile
+#
+mac-access-profile name mac_access_profile
+#
+ops
+#
+return