[Nocrancid] autopop-onenet.net router config diffs

rancid at rancid.noc.onenet.net rancid at rancid.noc.onenet.net
Sat Aug 19 17:05:40 CDT 2017 

Index: configs/maysville-es.client.onenet.net
===================================================================
--- configs/maysville-es.client.onenet.net	(revision 155877)
+++ configs/maysville-es.client.onenet.net	(working copy)
@@ -630,6 +630,7 @@
 # OSPF instance is not running
 # 
 # grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show bfd session 
+quit
 
 0 sessions, 0 clients
 Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/hub.tah.onenet.net
===================================================================
--- configs/hub.tah.onenet.net	(revision 155909)
+++ configs/hub.tah.onenet.net	(working copy)
@@ -407,9 +407,9 @@
 #ct3-2/0/2 down down
 #t3-2/0/2 down down
 #ct3-2/0/3 up up
-#t1-2/0/3:1 up down
-#t1-2/0/3:1.0 up down
-#t1-2/0/3:2 up down
+#t1-2/0/3:1 up up
+#t1-2/0/3:1.0 up up
+#t1-2/0/3:2 up up
 #t1-2/0/3:2.0 up down
 #t1-2/0/3:3 up up
 #t1-2/0/3:3.16 up up
@@ -447,7 +447,7 @@
 #gr-2/3/0 up up
 #ip-2/3/0 up up
 #lsq-2/3/0 up up
-#lsq-2/3/0.10 up down
+#lsq-2/3/0.10 up up
 #mt-2/3/0 up up
 #pd-2/3/0 up up
 #pe-2/3/0 up up
Index: configs/odmhsas.central-office.okc.client.onenet.net
===================================================================
--- configs/odmhsas.central-office.okc.client.onenet.net	(revision 155911)
+++ configs/odmhsas.central-office.okc.client.onenet.net	(working copy)
@@ -198,7 +198,7 @@
 #st0.21 up up
 #st0.22 up up
 #st0.23 up up
-#st0.24 up down
+#st0.24 up up
 #st0.25 up up
 #st0.26 up up
 #st0.27 up up
Index: configs/olustee-eldorado-ps.client.onenet.net
===================================================================
--- configs/olustee-eldorado-ps.client.onenet.net	(revision 155911)
+++ configs/olustee-eldorado-ps.client.onenet.net	(working copy)
@@ -1,12 +1,12 @@
 # RANCID-CONTENT-TYPE: juniper
 #
 # grnoc-mon at OLUSTEE-ELDORADO-PS-LR-005451> show system commit 
+#   2017-08-19 16:18:59 CDT by joel via cli
+#   2017-08-19 16:09:01 CDT by joel via cli
+#   2017-08-19 16:07:28 CDT by joel via cli
 #   2017-08-19 15:59:20 CDT by joel via cli
 #   2017-08-19 15:56:07 CDT by joel via cli
 #   2017-08-19 15:52:17 CDT by joel via cli commit confirmed, rollback in 5mins
-#   2017-08-19 15:18:35 CDT by joel via cli commit confirmed, rollback in 5mins
-#   2017-08-19 14:55:12 CDT by joel via cli
-#   2017-08-19 14:48:27 CDT by joel via cli commit confirmed, rollback in 5mins
 # grnoc-mon at OLUSTEE-ELDORADO-PS-LR-005451> show chassis environment 
 # Class Item                           Status     Measurement
 # Temp  Routing Engine                 OK        
@@ -136,7 +136,7 @@
 # Time Source:  NTP CLOCK 
 # System booted: 2017-08-19 12:50 CDT 
 # Protocols started: 2017-08-19 12:50 CDT 
-# Last configured: 2017-08-19 15:59 CDT  by joel
+# Last configured: 2017-08-19 16:18 CDT  by joel
 # 
 # grnoc-mon at OLUSTEE-ELDORADO-PS-LR-005451> show interface terse 
 #Interface Admin Link
@@ -194,7 +194,7 @@
 #vlan up down
 #vtep up up
 # grnoc-mon at OLUSTEE-ELDORADO-PS-LR-005451> show configuration 
-## Last commit: 2017-08-19 15:59:20 CDT by joel
+## Last commit: 2017-08-19 16:18:59 CDT by joel
 version 15.1X49-D90.7;
 groups {
     DENY-ALL-ELSE {
@@ -428,7 +428,7 @@
             rule-set TRUST-TO-UNTRUST-NAT {
                 from zone TRUST;
                 to zone UNTRUST;
-                rule NAT-DOMAIN-CONTROLLER-OUTSIDE {
+                inactive: rule NAT-DOMAIN-CONTROLLER-OUTSIDE {
                     match {
                         source-address 172.16.1.2/32;
                     }
@@ -471,20 +471,25 @@
         }
     }
     policies {
-        from-zone TEST to-zone UNTRUST {
-            policy ALLOW-ALL-OUT {
+        from-zone UNTRUST to-zone TRUST {
+            policy ALLOW-VPN-TO-DOMAIN-CONTROLLER {
+                description "Allow Microsfot L2TP/IPSEC VPN access to Domain Controller";
                 match {
                     source-address any;
-                    destination-address any;
-                    application any;
+                    destination-address DOMAIN-CONTROLLER-172.16.1.2;
+                    application MICROSOFT-IPSEC-VPN;
                 }
                 then {
                     permit;
+                    log {
+                        session-init;
+                        session-close;
+                    }
                 }
             }
         }
-        from-zone TRUST to-zone UNTRUST {
-            policy TRUST-TO-UNTRUST {
+        from-zone TRUST to-zone TRUST {
+            policy TRUST-TO-TRUST {
                 match {
                     source-address any;
                     destination-address any;
@@ -495,25 +500,20 @@
                 }
             }
         }
-        from-zone UNTRUST to-zone TRUST {
-            policy ALLOW-VPN-TO-DOMAIN-CONTROLLER {
-                description "Allow Microsfot L2TP/IPSEC VPN access to Domain Controller";
+        from-zone TRUST to-zone UNTRUST {
+            policy TRUST-TO-UNTRUST {
                 match {
                     source-address any;
-                    destination-address DOMAIN-CONTROLLER-172.16.1.2;
-                    application [ MICROSOFT-IPSEC-VPN junos-icmp-all ];
+                    destination-address any;
+                    application any;
                 }
                 then {
                     permit;
-                    log {
-                        session-init;
-                        session-close;
-                    }
                 }
             }
         }
-        from-zone TRUST to-zone TRUST {
-            policy TRUST-TO-TRUST {
+        from-zone TEST to-zone UNTRUST {
+            policy ALLOW-ALL-OUT {
                 match {
                     source-address any;
                     destination-address any;
@@ -789,8 +789,6 @@
         term tcp-50 protocol tcp destination-port 50;
         term udp-500 protocol udp destination-port 500;
         term udp-4500 protocol udp destination-port 4500;
-        term tcp-500 protocol tcp destination-port 500;
-        term tcp-4500 protocol tcp destination-port 4500;
     }
 }
 vlans {
Index: configs/stringtown-high-school.client.onenet.net
===================================================================
--- configs/stringtown-high-school.client.onenet.net	(revision 155911)
+++ configs/stringtown-high-school.client.onenet.net	(working copy)
@@ -130,8 +130,8 @@
 # total files: 1
 # 
 # grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show system uptime 
-# System booted: 2017-08-15 15:17 CDT 
-# Protocols started: 2017-08-15 15:22 CDT 
+# System booted: 2017-08-19 16:30 CDT 
+# Protocols started: 2017-08-19 16:35 CDT 
 # Last configured: 2017-07-23 12:03 CDT  by root
 # 
 # grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show interface terse 
@@ -691,7 +691,6 @@
 # OSPF instance is not running
 # 
 # grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show bfd session 
-quit
 
 0 sessions, 0 clients
 Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/swi1-swink-admin.client.onenet.net
===================================================================
--- configs/swi1-swink-admin.client.onenet.net	(revision 155909)
+++ configs/swi1-swink-admin.client.onenet.net	(working copy)
@@ -194,8 +194,8 @@
 #ge-0/0/3.0 up down
 #ge-0/0/4 up down
 #ge-0/0/4.0 up down
-#ge-0/0/5 up up
-#ge-0/0/5.0 up up
+#ge-0/0/5 up down
+#ge-0/0/5.0 up down
 #ge-0/0/6 up down
 #ge-0/0/6.0 up down
 #ge-0/0/7 up up

More information about the Nocrancid mailing list