<Secpath_F100-C>dis cur
#
sysname Secpath_F100-C
#
firewall packet-filter enable
#
undo connection-limit enable
connection-limit default deny
connection-limit default amount upper-limit 50 lower-limit 20
#
firewall statistic system enable
#
radius scheme system
server-type extended
#
domain system                        
#
acl number 2000
rule 1 permit source 192.168.1.0 0.0.0.255
rule 10 deny
#
interface Ethernet1/0
mtu 1450
tcp mss 1024
ip address 192.168.1.1 255.255.255.0
#
interface Ethernet2/0
speed 10
duplex full
mtu 1450
tcp mss 1024                             
ip address 100.1.1.2 255.255.255.0
nat outbound 2000
#
interface NULL0
#
firewall zone local
set priority 100
#
firewall zone trust
add interface Ethernet1/0
set priority 85
#
firewall zone untrust
add interface Ethernet2/0
set priority 5
#
firewall zone DMZ
set priority 50
#
firewall interzone local trust
#                                         
firewall interzone local untrust
#
firewall interzone local DMZ
#
firewall interzone trust untrust
#
firewall interzone trust DMZ
#
firewall interzone DMZ untrust
#
FTP server enable
#
dhcp server forbidden-ip 192.168.1.1
#
ip route-static 0.0.0.0 0.0.0.0 100.1.1.1 preference 60
#
user-interface con 0
user-interface vty 0
#
return