[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Tue Mar 8 10:02:53 CST 2016
Index: configs/hub.okm.onenet.net
===================================================================
--- configs/hub.okm.onenet.net (revision 140542)
+++ configs/hub.okm.onenet.net (working copy)
@@ -333,7 +333,7 @@
#t1-2/0/2:9 up up
#t1-2/0/2:9.0 up up
#t1-2/0/2:10 up up
-#t1-2/0/2:10.0 up down
+#t1-2/0/2:10.0 up up
#t1-2/0/2:11 down down
#t1-2/0/2:12 down down
#t1-2/0/2:13 down down
Index: configs/hub.say.onenet.net
===================================================================
--- configs/hub.say.onenet.net (revision 140334)
+++ configs/hub.say.onenet.net (working copy)
@@ -302,9 +302,9 @@
#t1-2/0/2:5.17 up up
#t1-2/0/2:6 up up
#t1-2/0/2:6.0 up up
-#t1-2/0/2:7 up up
-#t1-2/0/2:7.16 up up
-#t1-2/0/2:7.17 up up
+#t1-2/0/2:7 up down
+#t1-2/0/2:7.16 up down
+#t1-2/0/2:7.17 up down
#t1-2/0/2:8 down down
#t1-2/0/2:9 down down
#t1-2/0/2:10 down down
Index: configs/rpswi2.rp1f3.onenet.net
===================================================================
--- configs/rpswi2.rp1f3.onenet.net (revision 140542)
+++ configs/rpswi2.rp1f3.onenet.net (working copy)
@@ -436,10 +436,10 @@
#ge-0/0/15.0 up down
#ge-0/0/16 up up
#ge-0/0/16.0 up up
-#ge-0/0/17 up up
-#ge-0/0/17.0 up up
-#ge-0/0/18 up down
-#ge-0/0/18.0 up down
+#ge-0/0/17 up down
+#ge-0/0/17.0 up down
+#ge-0/0/18 up up
+#ge-0/0/18.0 up up
#ge-0/0/19 up up
#ge-0/0/19.0 up up
#ge-0/0/20 up up
@@ -548,8 +548,8 @@
#ge-1/0/22.0 up up
#ge-1/0/23 up down
#ge-1/0/23.0 up down
-#ge-1/0/24 up down
-#ge-1/0/24.0 up down
+#ge-1/0/24 up up
+#ge-1/0/24.0 up up
#ge-1/0/25 up up
#ge-1/0/25.0 up up
#ge-1/0/26 up down
Index: configs/stringtown-high-school.client.onenet.net
===================================================================
--- configs/stringtown-high-school.client.onenet.net (revision 140542)
+++ configs/stringtown-high-school.client.onenet.net (working copy)
@@ -110,11 +110,10 @@
# WARNING: / was not properly dismounted
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show version
-# file list /var/tmp detail # Hostname: STRINGTOWN-HIGH-SCHOOL-TAG-004909 # Model: srx240h2 # JUNOS Software Release [12.1X44-D35.5] # # grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> file list /var/tmp detail # lrw-r--r-- 1 root wheel 11 May 19 2014 /var/tmp@ -> /cf/var/tmp
+# Hostname: STRINGTOWN-HIGH-SCHOOL-TAG-004909 # Model: srx240h2 # JUNOS Software Release [12.1X44-D35.5] # # grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> file list /var/tmp detail # lrw-r--r-- 1 root wheel 11 May 19 2014 /var/tmp@ -> /cf/var/tmp
# total files: 1
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show system uptime
-# show interface terse
# System booted: 2016-03-02 23:05 CST
# Protocols started: 2016-03-02 23:08 CST
# Last configured: 2016-02-17 16:01 CST by sean
@@ -174,7 +173,6 @@
#vlan.3 up down
#vlan.999 up down
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show configuration
-show ospf neighbor
## Last commit: 2016-02-17 16:01:39 CST by sean
version 12.1X44-D35.5;
system {
@@ -676,7 +674,6 @@
# OSPF instance is not running
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show bfd session
-quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/meeker-ps.client.onenet.net
===================================================================
--- configs/meeker-ps.client.onenet.net (revision 140542)
+++ configs/meeker-ps.client.onenet.net (working copy)
@@ -144,8 +144,8 @@
#ge-0/0/11 down down
#ge-0/0/12 down down
#ge-0/0/13 down down
-#ge-0/0/14 up up
-#ge-0/0/14.0 up up
+#ge-0/0/14 up down
+#ge-0/0/14.0 up down
#ge-0/0/15 up up
#ge-0/0/15.0 up up
#fxp2 up up
Index: configs/perry-ps.client.onenet.net
===================================================================
--- configs/perry-ps.client.onenet.net (revision 140401)
+++ configs/perry-ps.client.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at PERRY-PS-LR-00XXXX> show system commit
+# 2016-03-08 09:53:03 CST by sky via cli
+# 2016-03-08 09:43:22 CST by sky via cli commit confirmed, rollback in 3mins
# 2016-03-03 13:35:41 CST by admin via cli
# 2016-03-03 12:17:58 CST by admin via cli
# 2016-03-03 11:00:12 CST by admin via cli
# 2016-03-03 10:53:27 CST by admin via cli
-# 2016-03-03 10:29:54 CST by admin via cli
-# 2016-02-22 13:57:30 CST by admin via cli commit confirmed, rollback in 3mins
# grnoc-mon at PERRY-PS-LR-00XXXX> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -115,7 +115,7 @@
# grnoc-mon at PERRY-PS-LR-00XXXX> show system uptime
# System booted: 2016-02-03 13:07 CST
# Protocols started: 2016-02-03 13:10 CST
-# Last configured: 2016-03-03 13:35 CST by admin
+# Last configured: 2016-03-08 09:53 CST by sky
#
# grnoc-mon at PERRY-PS-LR-00XXXX> show interface terse
#Interface Admin Link
@@ -169,7 +169,7 @@
#vlan.3 up up
#vlan.999 up down
# grnoc-mon at PERRY-PS-LR-00XXXX> show configuration
-## Last commit: 2016-03-03 13:35:41 CST by admin
+## Last commit: 2016-03-08 09:53:03 CST by sky
version 12.1X44-D35.5;
system {
host-name PERRY-PS-LR-00XXXX;
@@ -257,6 +257,11 @@
root-login deny;
protocol-version v2;
}
+ web-management {
+ https {
+ system-generated-certificate;
+ }
+ }
dhcp {
pool 10.1.0.0/24 {
address-range low 10.1.0.2 high 10.1.0.254;
@@ -439,6 +444,34 @@
}
}
security {
+ ike {
+ policy IKE-DYN-VPN-POLICY {
+ mode aggressive;
+ proposal-set standard;
+# pre-shared-#key <removed>;
+ }
+ gateway DYN-VPN-LOCAL-GATEWAY {
+ ike-policy IKE-DYN-VPN-POLICY;
+ dynamic {
+ hostname DYNVPN;
+ connections-limit 2;
+ ike-user-type group-ike-id;
+ }
+ external-interface ge-0/0/0.0;
+ xauth access-profile DYN-VPN-ACCESS-PROFILE;
+ }
+ }
+ ipsec {
+ policy IPSEC-DYN-VPN-POLICY {
+ proposal-set standard;
+ }
+ vpn DYN-VPN {
+ ike {
+ gateway DYN-VPN-LOCAL-GATEWAY;
+ ipsec-policy IPSEC-DYN-VPN-POLICY;
+ }
+ }
+ }
address-book {
global {
address host-10.10.1.23 10.10.1.23/32;
@@ -459,6 +492,23 @@
alg {
h323 media-source-port-any;
}
+ dynamic-vpn {
+ access-profile DYN-VPN-ACCESS-PROFILE;
+ clients {
+ all {
+ remote-protected-resources {
+ 192.168.1.0/24;
+ }
+ remote-exceptions {
+ 0.0.0.0/0;
+ }
+ ipsec-vpn DYN-VPN;
+ user {
+ VPN-USER;
+ }
+ }
+ }
+ }
screen {
ids-option UNTRUST-SCREEN {
icmp {
@@ -673,6 +723,20 @@
permit;
}
}
+ policy DYN-VPN-POLICY {
+ match {
+ source-address any;
+ destination-address any;
+ application any;
+ }
+ then {
+ permit {
+ tunnel {
+ ipsec-vpn DYN-VPN;
+ }
+ }
+ }
+ }
}
}
zones {
@@ -711,6 +775,8 @@
snmp;
ssh;
traceroute;
+ ike;
+ https;
}
}
}
@@ -767,6 +833,34 @@
}
}
}
+access {
+ profile DYN-VPN-ACCESS-PROFILE {
+ client VPN-USER {
+ firewall-user {
+ password "$9$jgk5zFn9t0B-VP5F39CKvW"; ## SECRET-DATA
+ }
+ }
+ address-assignment {
+ pool DYN-VPN-ACCESS-POOL;
+ }
+ }
+ address-assignment {
+ pool DYN-VPN-ACCESS-POOL {
+ family inet {
+ network 192.168.2.0/24;
+ range dvpn-range {
+ low 192.168.2.50;
+ high 192.168.2.55;
+ }
+ }
+ }
+ }
+ firewall-authentication {
+ web-authentication {
+ default-profile DYN-VPN-ACCESS-PROFILE;
+ }
+ }
+}
ethernet-switching-options {
secure-access-port {
interface ge-0/0/1.0 {
Index: configs/hub.tsb.onenet.net
===================================================================
--- configs/hub.tsb.onenet.net (revision 140542)
+++ configs/hub.tsb.onenet.net (working copy)
@@ -198,7 +198,7 @@
# -rw-rw---- 1 root field 51994624 Oct 24 2013 ifinfo.core.1
# -rw-rw---- 1 root field 51974144 Oct 24 2013 ifinfo.core.2
# -rw-rw---- 1 root field 52744192 Oct 24 2013 ifinfo.core.3
-# -rw-rw---- 1 root field 52727808 Mar 8 08:59 ifinfo.core.4
+# -rw-rw---- 1 root field 52727808 Mar 8 09:58 ifinfo.core.4
# drwxrwxrwx 2 root wheel 512 Oct 12 2012 install/
# -rw-rw---- 1 root field 33464320 Mar 3 2014 jdiameterd.core.0
# -rw-r--r-- 1 eng field 99542994 Apr 23 2013 jinstall-ppc-11.4R7.5-domestic-signed.tgz
More information about the Nocrancid
mailing list