7-3. ¥ë¡Ý¥¿¤Ë¤Ä¤¤¤Æ (1) ³Æ¼ï¥ê¥â¡Ý¥È¥ë¡Ý¥¿ '96¡Á * »ÔÈÎ¥ë¡Ý¥¿´ö¤Ä¤« Cisco 2501 : 1.5 Mbps ¤Þ¤Ç¤ÎÀìÍÑÀþ¤ËÂбþ¡£¥×¥í¥È¥³¥ë¤Ï TCP/IP¤Î¤ßÂбþ¡£´ðËÜ ¥½¥Õ¥ÈÆþ¤ì¤ÆÌó£´£°Ëü±ß¡£Sync.Serial £²¥Ý¡Ý¥È¡¢ºÇÂç 2 Mbps Á´Æó ½ÅƱ´ü¥Ý¡Ý¥È¡£TA ¤ÏÊÌÅÓɬÍס£Î㤨¤Ð NEC DATA ez 128K¡¢£²£´Ëü±ß¡£ Cisco 2503 : 1.5 Mbps ¤Þ¤Ç¤ÎÀìÍÑÀþ¤È£É£Ó£Ä£ÎÂбþ¤Î¥ë¡Ý¥¿¡£64 Kbps ¤Î TAÆâ¡¡£ ÀìÍÑÀþ 128Kbps °Ê¾å¤Ï TA¤¬ÊÌÅÓɬÍס£¥Ï¡Ý¥ÉÌó£³£°Ëü±ß¡¢¥½¥Õ¥ÈÌó £²£·Ëü±ß¡£Âбþ¥×¥í¥È¥³¥ë¿§¡¹¡£Sync.Serial£²¥Ý¡Ý¥È¡¢ ºÇÂç 2Mbps Á´Æó½ÅƱ´ü¥Ý¡Ý¥È¡£ Yamaha RT100i : ¥ä¥Þ¥Ï¤Î¥ë¡Ý¥¿¡¢TA ¤ÏÆâ¡¡££É£Ó£Ä£Î¡¢ÀìÍÑÀþ 64,128 Kbps ¤ËÂбþ¡£ SNMP, CIDR, ProxyARP Âбþ¡£Ìó£²£°Ëü±ß¡£ £É¥¤¥ó¥¿¡Ý¥Õ¥§¡Ý¥¹Ä¾·ë¡¢ ÀìÍÑÀþÀܳ¤Î¾ì¹ç CSU ¤ÏɬÍפʤ¤¡£ Pipeline 25 : ºÇ¶áÏÃÂê¤Î SOHO( Small Office/Home Office ) À½ÉÊ¡£ SOHO ¤Ï̾Á° ¤À¤±¡¢µ¡Ç½Åª¤Ë¤ÏÊ̤ËÌÜ¿·¤é¤·¤¤¤â¤Î¤Ï¤Ê¤¤¡£¤³¤ÎÀ½ÉʤˤϣɣӣģΠ¥Ý¡Ý¥È£±¤Ä¤È£²¤Ä¤Î¥¢¥Ê¥í¥°¥Ý¡Ý¥È¤¬¤¢¤ë¡£¥Ç¡Ý¥¿ÄÌ¿®¤·¤Æ¤¤¤Ê¤¤»þ ¤Ï¡¢¥¢¥Ê¥í¥°¥Ý¡Ý¥È¤òÍøÍѤ·¤ÆÅÅÏää£Æ£Á£Ø¤¬»È¤¨¤ë¡££Â¥Á¥ã¥Í¥ë£² Ëܤò»È¤Ã¤¿ 128 Kbps ÄÌ¿®¤â¤Ç¤­¤ë¡£ proteon RBX 200 : ¥¤¥ó¥¿¡Ý¥Í¥Ã¥È¡¦¥Ö¥ê¥Ã¥¸¥ó¥°¥ë¡Ý¥¿¡£TA(¥¿¡Ý¥ß¥Ê¥ë¥¢¥À¥×¥¿)¤Ê¤·¡£ 298,000 ±ß¡£¥·¥ê¥¢¥ë²óÀþ¤Ï RS-232C, V.35, X.21¡£V.36/RS-449 ¤Ï ³Æ¥Ý¡Ý¥ÈºÇ¹â 2 Mbps¡£TA ¤ÏÎ㤨¤Ð Panasonic VC-141 TA¡¢16.8Ëü±ß¡¢ ÀìÍÑÀþ¤Ï 128 Kbps ¤Þ¤Ç»È¤¨¤ë¡£ Morning Star : ¥À¥¤¥¢¥ë¥¢¥Ã¥×¥ë¡Ý¥¿¤È¸Æ¤Ð¤ì¤ë¡£TA ¤Ê¤·¡£Æ±´ü®ÅÙ 64 Kbps ¤Þ¤Ç¡£ Express Router 26.8 Ëü±ß¡£¥·¥ê¥¢¥ë¥¤¥ó¥¿¡Ý¥Õ¥§¡Ý¥¹¤Ï¡¢Æ±´ü¤ÈÈóƱ´ü 2 Mbps¤Þ¤Ç¡£ Âбþ¡£RS-232C £²¥Ý¡Ý¥È¡¢ÈóƱ´ü 115.2 Kbps ¤Þ¤Ç¡¢Æ±´ü 64 Kbps¤Þ ¤Ç¡£V.35 £±¥Ý¡Ý¥È¡¢Æ±´ü 2 Mbps ¤Þ¤Ç¡£ NetBlazer : ¥À¥¤¥¢¥ë¥¢¥Ã¥×¥ë¡Ý¥¿¤È¸Æ¤Ð¤ì¤ë¡£ INS 64/1500¡¢ÀìÍÑÀþ¡¢¸ø½°²óÀþ Âбþ¡£PN ¥¿¥¤¥×¤Ï 59.8 Ëü±ß¡£PN/HUB ¥¿¥¤¥×¤Ï¥Ï¥ÖÉÕ¤­ 65.8 Ëü±ß¡£ ¥È¥ì¥¤¥ë¡¦¥Ö¥ì¥¤¥¶¡Ý¤ÎÀ½ÉÊ¡£°ì±þ¤³¤¦¤æ¤¦¤Î¤â¤¢¤Ã¤¿¤È¤¤¤¦¤³¤È¤Ç¡£ Ãí.1) ÀìÍÑÀþÂбþ¤Ç TA ¤¬Í­¤ê¤È½ñ¤«¤ì¤Æ¤¤¤ì¤Ð CSU ¤ÏɬÍפʤ¤¡£ sync.serial ¤È¤ÏƱ ´ü²óÀþ¤Î¤³¤È¤Ç¤¢¤ë¡£async ¤È¤¢¤ì¤Ð¤³¤ì¤ÏÈóƱ´ü²óÀþ¤Ç¤¢¤ë¡£¥ë¡Ý¥¿´Ö¤Ï´ðËÜŪ ¤Ë¤Ï¡¢Æ±´ü¤ÏƱ´ü¡¢ÈóƱ´ü¤ÏÈóƱ´ü¤Ç¤Ê¤¤¤ÈÀܳ¤Ç¤­¤Ê¤¤¡£ Ãí.2) ¤Þ¤À¤³¤Î»þ´ü¡¢£×£Á£ÎÍÑ¥ë¡Ý¥¿¤È¤¤¤Ã¤Æ¤â RT100i ¤òɮƬ¤Ë¡¢¤è¤¦¤ä¤¯¿È¶á¤Ë½Ð»Ï ¤á¤¿¤Ð¤«¤ê¤À¤Ã¤¿¡£¤½¤ì¤Þ¤Ç¥ë¡Ý¥¿¤È̾¤ÎÉÕ¤¯À½Éʤϡ¢£µÉ´Ëü±ß¤È¤«¤È¤ó¤Ç¤â¤Ê¤¤ ²Á³Ê¤Ç¤¢¤Ã¤¿¡£Apollo ÍѤǸ¡Æ¤¤·¤¿¥×¥í¥Æ¥ª¥ó¤Î¥«¥¿¥í¥°¤¬¼ê¸µ¤Ë»Ä¤Ã¤Æ¤¤¤ë¡£ * ¥¤¥ó¥¿¡Ý¥Í¥Ã¥ÈÀܳ¤¹¤ëºÝ¤ÎÁªÂò¤Î»Ø¿Ë ¤¿¤¯¤µ¤ó£×£Á£ÎÍÑ¥ë¡Ý¥¿¤Ï»ÔÈΤµ¤ì»Ï¤á¤Æ¤Ï¤¤¤ë¤¬¡¢¼ÂºÝ¤ÎÁªÂò»è¤Ï¶¹¤¤¡£¥¤¥ó¥¿¡Ý¥Í¥Ã ¥ÈÀܳ¤¹¤ë¾ì¹ç¤Ï¡¢¥×¥í¥Ð¥¤¥À»ØÄê¤Î¤â¤Î¤ò»È¤¦¤³¤È¤Ë¤Ê¤ë¤À¤í¤¦¡£¤³¤ì¤Ï¥ë¡Ý¥¿´Ö¤ÎÁê À­¤ÎÌäÂê¤ä¤é¡¢¥×¥í¥Ñ¥¤¥À¤Î¼è¤ê°·¤¤À½ÉʤÎÆÀ¼ê¡¢ÉÔÆÀ¼ê¤¬´Ø·¸¤·¤Æ¤¤¤ë¡£¥ë¡Ý¥¿¤Ë¤Ï¥Ç ¡Ý¥¿°µ½Ìµ¡Ç½¤ä£É£Ó£Ä£Î¤Î¾ì¹ç¤Î¥Ð¥ë¥¯Å¾Á÷¤Ê¤É¤¢¤ë¤¬¡¢¤³¤ì¤é¤ÏƱ¤¸¥ë¡Ý¥¿¤Ç¤Ê¤¤¤ÈÀè ¤ºÍ­¸ú¤ËƯ¤«¤Ê¤¤¤È¹Í¤¨¤¿Êý¤¬¤¤¤¤¡£Cisco ¤Î¥ë¡Ý¥¿¤Ï»Ô¾ìÀìͭΨ¤ÏÈó¾ï¤Ë¹â¤¤¤¬¡¢°µ½Ì µ¡Ç½¤ÏÆȼ«¤Ê¤â¤Î¤À¤·¡¢·ÐÏ©À©¸æ¥×¥í¥È¥³¥ë¤âÆȼ«¤Ê¤â¤Î¤¬¤¢¤Ã¤¿¤ê¤¹¤ë¡£ * Yamaha RT100i ¤Ë¤Ä¤¤¤Æ Yamaha RT100i ¤Ï£×£Á£ÎÀܳÍÑ¥ë¡Ý¥¿¤È¤·¤Æɾ²Á¤ËÃͤ¹¤ë¡£ftp ¥µ¡Ý¥Ó¥¹¤Ç¤Ï¼è°·ÀâÌÀ½ñ¡¢ ¥¯¥¤¥Ã¥¯¥¹¥¿¡Ý¥È¥¬¥¤¥É¡¢¥³¥Þ¥ó¥É¥ê¥Õ¥¡¥ì¥ó¥¹¤Ê¤É¤¬¼è¤ì¤ë¡£¤³¤ì¤é¤Î¥É¥­¥å¥á¥ó¥È¤Ï ´°Á´¤Ê¤â¤Î¤Ç¤¢¤ê¡¢Á´¤ÆÆüËܸì¤Ë¤è¤ë²òÀâ¤Ç¤¢¤ë¡£¥ë¡Ý¥¿¤Î£Ï£Ó(¥Õ¥¡¡Ý¥à¥¦¥§¥¢¤È¤¤¤¦) ¤ÏºÇ¿·¤Î¤ò̵½þ¤Ç¥À¥¦¥ó¥í¡Ý¥É¤Ç¤­¡¢ tftp ¥³¥Þ¥ó¥É¤Ç RT100i ¤ËÆþ¤ì¹þ¤à¤³¤È¤¬¤Ç¤­¤ë¡£ RT100i ¤Ë¤ÏɬÍפȤʤ뵡ǽ¤Ï¤¹¤Ù¤ÆÆþ¤Ã¤Æ¤¤¤ë¡£Ç§¾Úµ¡Ç½¤Ï PAP ¤â CHAP ¤â¥µ¥Ý¡Ý¥È¤· ¤Æ¤¤¤ë¤·¡¢°µ½Ìµ¡Ç½¤âɸ½àŪ¤Ê predictor ¤¬¤¢¤ë¡££¹£¶Ç¯Ëö¤Ë¤Ï NAT¡¢DHCP ¥ê¥ì¡Ý¥¨¡Ý ¥¸¥§¥ó¥È¡¢RADIUS ¤Ë¤âÂбþ¤·¤Æ¤¤¤¿¡£NAT( Network Address Translator )¤Ï£É£Ð¥¢¥É¥ì ¥¹¸Ï³é¤ËÂФ¹¤ë£É£Ð¥¢¥É¥ì¥¹ÊÑ´¹µ¡Ç½¤Ç¤¢¤ë¡£ ¤½¤Î¾¡¢RT100i ¤Îµ¤¤ÎÉÕ¤¤¤¿¤³¤È¤ò£±¤Ä µó¤²¤Æ¤ª¤¯¡£¥Ç¥Õ¥©¥ë¥È¤Î sysname ¤Ï RT100i ¤Ç¤¢¤ë¡£»²¹Í¾ðÊó¤Ï¼¡¤ò»²¾È¤µ¤ì¤¿¤¤¡£ ¥ä¥Þ¥Ï³ô¼°²ñ¼Ò : ÅŻҥǥХ¤¥¹»ö¶ÈÉô¥·¥¹¥Æ¥àµ¡´ï¿ä¿ÊÉô, info@rtpro.yamaha.co.jp ¥á¡¼¥ê¥ó¥°¥ê¥¹¥È rt100i-users@iijnet.or.jp ¤Ë²ÃÆþ¤¹¤ë¤Ë¤Ï majordomo@iijnet.or.jp ¤Ë subscribe rt100i-users ¤È¤¤¤¦°ìʸ¤À¤±¤Î¥á¡¼¥ë¤òÁ÷¤ë¡£ ftp.iij.ad.jp/pub/vendor/Yamaha/rt100i/ 4302 Feb 9 17:59 README.euc d 512 Feb 10 16:20 ckrt100i d 512 Nov 7 13:58 example d 512 Jan 3 13:22 manual << ¤³¤Î¥Þ¥Ë¥å¥¢¥ë¤Ï¡¢¼ÂºÝ¤ÎÀ½ÉÊ¥Þ¥Ë d 1024 Feb 14 13:59 relnote ¥å¥¢¥ë¤ÈÁ´¤¯Æ±¤¸¤Ç¤¢¤ë¡£ f 45639 Jan 18 19:04 faq.txt.sjis f 4975 Feb 9 18:16 rev-up.txt l 19 Feb 14 13:59 rt100i.bin -> rt100i.bin.01.04.09 f 458752 Feb 13 20:28 rt100i.bin.01.04.09 ¢¨2002/03 ²þ¤á¤Æ³Îǧ¡£¤Þ¤À¤³¤Î¥µ¥¤¥È¤¢¤ë¤Î¤«¡£Æ±¤¸¾ì½ê¤Ë¤½¤Î¤Þ¤Þ¤Á¤ã¤ó¤È¤¢¤ê¤Þ¤· ¤¿¡£¤·¤«¤âµ¡¼ï¤¬¤¹¤´¤¯Áý¤¨¤Æ¤¤¤Þ¤·¤¿¡£rt102i, rt103i, rt140, rt200i ¤Ê¤É¤Ê¤É¡£ * ºÇ¿·µ¡¼ï¤Î£×£Á£ÎÍÑ¥ë¡Ý¥¿¤Ï¤É¤ó¤Ê¤â¤Î¤« [ IIJ SEIL/neu T1 ] `22/01 Ŭ±þ²óÀþ DA1500 ¤Þ¤¿¤Ï 1.5 Mbps ÀìÍÑÀþ¡£PRI 192¡Á1536 Mbps¡£CSU µ¡Ç½Æâ¡¡££Ì£Á£Î ¥¤¥ó¥¿¡Ý¥Õ¥§¥¹ 10BASE-T/100BASE-TX(Normal/Reverse)¡£¥×¥í¥È¥³¥ë IPv4/IPv6/PPPÂбþ¡£ IEEE802.Q ½àµò¤Î VLAN¡£NAT/NAPT¡£DHCP¥µ¡Ý¥Ð/¥¯¥é¥¤¥¢¥ó¥È¡£NTP¥µ¡Ý¥Ð/¥¯¥é¥¤¥¢¥ó¥È¡£ Qos ¤Ë¤è¤ëÂÓ°èÀ©¸æ¡¢Í¥ÀèÀ©¸æ¡£IPsec(with IKE), Secure Shell ¤Ë¤è¤ë°Å¹æ²½µ¡Ç½ÅëºÜ¡£ IPv4 <-> IPv6 ¥È¥ó¥Í¥ëµ¡Ç½¡£IPv6/IPv4 ¥Ç¥å¥¢¥ë¥¹¥¿¥Ã¥¯µ¡Ç½¡£¥Õ¥¡¥¤¥¢¥¦¥©¡Ý¥ë¤È¤· ¤Æ¤Î¥Õ¥£¥ë¥¿¥ê¥ó¥°¡£SNMPv1/MIB ¦°, syslog¡£·ÐÏ©À©¸æ¤Ï static, RIP, RIP2, OSPF v2, RIPng Âбþ¡£²óÀþÆó½Å²½¤Î VRRPÂбþͽÄê¡£ÀßÄê¤Ï£×£å£â²èÌÌ, telnet, Secure Shell ¤Ç¡£ ²óÀþ»ÈÍÑΨ¡¢ÂÓ°èÀ©¸æ¾õÂÖ¡¢¥·¥¹¥Æ¥àÉé²Ù¤Ê¤É¤¬£×£å£â¤Ç¥°¥é¥Õ¤Ç¸«¤ì¤ë¡£Ìó£±£·Ëü±ß¼å¡£ 2001/10/01 ¤è¤êÈÎÇ䳫»Ï¡£http://www.seil-neu.com/¡£ [ NetScreen-5XP ] `21/02 £±£°¥æ¡Ý¥¶ 128,000 ±ß¡£È¢¤ÏƱ¤¸¤Ç̵À©¸Â¥æ¡Ý¥¶ÈǤÏÌó£²£µËü±ß¡£ ºÇÂç£Ö£Ð£Î¥È¥ó¥Í¥ë ¿ô£±£°¡¢£±ÂУ±NAT¡¢NAPT¡¢DHCP¡¢PPPoE¡¢Æ©²á/NAT/ROUTE ¥â¡Ý¥É¡£ ·ÐÏ©À©¸æ¤Ï¤É¤¦¤Ê¤Ã ¤Æ¤¤¤ë¡£ÀÅŪ¡¿Æ°Åª·ÐÏ©À©¸æ¤¬¤Ç¤­¤ë¤È¤Ï½ñ¤¤¤Æ¤Ê¤¤¤¾¡£ ADSL ²óÀþ¤À¤«¤é·ÐÏ©À©¸æ¤Ï´Ø ·¸¤Ê¤¤¤Î¤Ç¤Ê¤¤¤«¡£PPPoE Âбþ¥ë¡Ý¥¿¤È¤¤¤¦¸À¤¤Êý¤ò¤¹¤ë¡£ÉáÄ̤Υë¡Ý¥¿¤È¤Ï°ã¤¦¤ß¤¿¤¤ ¤Ç¤¢¤ë¡£NetScreen ¤Ï¥Õ¥¡¥¤¥¢¥¦¥©¡Ý¥ë¤Î¥¢¥×¥é¥¤¥¢¥ó¥¹À½ÉʤÀ¤¬¡¢PPPoE Âбþ¥ë¡Ý¥¿¤Ë ¤â¤Ê¤Ã¤Æ¤¤¤ë¡£¤³¤ó¤ÊÀ½Éʤâ½Ð¤Æ¤­¤¿¤È¤¤¤¦¤³¤È¤Ç¡£ [ Yamaha ¤Î¥ë¡Ý¥¿ ] `24/02 http://www.rtpro.yamaha.co.jp/RT/hardware/ | ADSL | FTTH |64/128|192¡Á1500|INS64 |¥Õ¥ì¡Ý¥à|MAX Mbps ---------|------|------|------|---------|------|--------|-------- RTA55i | ¡û | ¡û | | | ¡û | | 12 << ÈÎÇ佪λ¡£ RT105e | ¡û | ¡û | | | | | 16 RT105i | | | ¡û | | ¡û | ¡û | -- << ¤³¤ì¤éºÇÂç® RT105p | | | | ¡û | | ¡û | -- << Å٤ϵ­ºÜ¤Ê¤·¡£ RTX1000 | ¡û | ¡û | ¡û | | ¡û | ¡û | 1000 ´ðËÜŪ¤Ë BRI( Basic Rate Interface)¥Ý¡Ý¥È¤Ï¥Ç¥¸¥¿¥ëÀìÍÑÀþ 64 Kbps ¤È 128 Kbps ¤¬ ¤¢¤ë¡£DA64/128¡¢INS64 ¤ËÂбþ¡£PRI( Primary Rate Interface )¥Ý¡Ý¥È¤Ï¥Ç¥¸¥¿¥ëÀìÍÑ Àþ¤Î 192 Kbps¡Á1.5Mbps(1500 Kbps)¡¢DA1500¡¢INS1500 ¤ËÂбþ¤¹¤ë¡£ RT105e :£²£°£°£±Ç¯£±£²·îȯÇä £±£±Ëü±ß¡¢2003/03 ¤Î¥Ñ¥ó¥Õ¤Ç¤Ï£¶Ëü£¸Àé±ß¡£ RT105i :£²£°£°£±Ç¯£¶·îȯÇä £±£±Ëü±ß¡£DSU Æâ¡¡¢ÀÚ¤êÎ¥¤·²Ä¡£ RT105p :£²£°£°£²Ç¯£±·îȯÇä £±£¸Ëü±ß¡£TA ÉÔÍס£INS1500 ¤ÏÂбþ¤·¤Ê¤¤¡£ RTX1000:£²£°£°£²Ç¯£±£°·îȯÇä £±£±Ëü£¸Àé±ß¡£ ¥Õ¥ì¥Ã¥Ä¡¦ADSL ¤Î ADSL¥â¥Ç¥à¤ÏÊÌÅÓɬÍס£ADSL¥â¥Ç¥à¤Ï¥ì¥ó¥¿¥ë¤Ç¤¤¤¤¡¢¤É¤ó¤É¤óÀ½ÉÊ ¤¬ÊѤï¤ë¡£ADSL¥â¥Ç¥àÆâ¡¥Ö¥í¡Ý¥É¥Ð¥ó¥É¥ë¡Ý¥¿¤È¸À¤¦¤Î¤Ï¡¢´ë¶È¥æ¡Ý¥¹¤Ç¤Ï»È¤ï¤Ê¤¤Êý ¤¬¤¤¤¤¡£¤Á¤ã¤ó¤È¥ë¡Ý¥¿¤Ï¥ë¡Ý¥¿¤ÇÀßÃÖ¤·¤¿Êý¤¬°ÂÄꤷ¤Æ¤¤¤ë¤è¤¦¤Ç¤¢¤ë¡£ RT105e ¤È RTX1000 ¤Ï¹­°è¥¤¡Ý¥µ¥Í¥Ã¥ÈÌÖ¡¢IP-VPNÌÖ¤ËÂбþ¤È¥Ñ¥ó¥Õ¥ì¥Ã¥È¤Ë¤¦¤¿¤Ã¤Æ¤¤ ¤ë¤¬¡¢¤Ä¤Þ¤ê¥í¡Ý¥«¥ë¡¦¥ë¡Ý¥¿¤Ë¤â¤Ê¤ë¤è¤È¤¤¤¦¤³¤È¡£ * Cisco 2500 ¥·¥ê¡Ý¥º¤Î¸å·Ñµ¡¼ï `26/03 £²¤Ä¤·¤«¥»¥°¥á¥ó¥È¤¬¤Ê¤¤¡¢º£¸å¤â¥»¥°¥á¥ó¥È¤ÏÁý¤¨¤½¤¦¤Ë¤Ê¤¤¡£¤³¤¦¤¤¤¦¾ì¹ç¤Ï¥ì¥¤¥ä £³¥¹¥¤¥Ã¥Á¤Þ¤ÇɬÍפʤ¤¡£ºòº£¤Ï¥ë¡Ý¥¿¤È¤¤¤¦¤È£Ì£³¤Î¤³¤È¤ò»Ø¤¹Äø¡¢£Ì£³¤Ï°ìÈ̲½¤·¤Æ ¤·¤Þ¤Ã¤Æ¤¤¤ë¡£Äã²Á³Ê¤Î£Ì£³¤ÎÀèÊܤϥ¢¥é¥¤¥É¤Ç£³£°Ëü±ß¤°¤é¤¤¤À¤Ã¤¿¡£¤µ¤é¤Ë¹ñ»ºÀ½ÉÊ ¤Î¥¢¥×¥ì¥·¥¢¤Ê¤ë¤â¤Î¤â½Ð¤Æ¤­¤Æ¡¢£²£°Ëü±ßÂå¤ÇÇ㤨¤¿¤ê¤¹¤ë¡£¤·¤«¤·£Ì£³¤Ï£Ì£³¤Ç¤¢¤Ã ¤Æµ¡Ç½¤ÏË­ÉÙ¡¢Ã±¤Ê¤ë¥ë¡Ý¥¿¤È¤ÏÀßÄê¤Ï¤ä¤äÊ£»¨¤Ë¤Ê¤ë¡£Cisco 2500 ¤Î¸å·Ñµ¡¼ï¤Ï 2600 ¥·¥ê¡Ý¥º¤Ç¤¢¤ë¡£2610XM, 2611XM, 2612, 2620XM, 2621XM, 2650XM, 2651XM, 2691¤¬¤¢¤ë¡£ 2611XM, 2621XM, 2651XM, 2691 ¤¬ Ethernet 10/100Base-TX £²¥Ý¡Ý¥È¤ò»ý¤Á¡¢ ¥í¡Ý¥«¥ë ¥ë¡Ý¥¿¤Ë¤â¤Ê¤ë¡££×£Á£Î¥ë¡Ý¥¿¤Îµ¡Ç½¤È¤´¤Á¤ã¤Þ¤¼¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤Î¤Ç¡¢¤Þ¤¿¤Þ¤¿Áª¤Ö¤³¤È ¼«ÂΥΥ¦¥Ï¥¦¤¬É¬ÍפǤ¢¤ë¡£»²¹Í½ñ¤Ï¡ÖCisco ¥ë¡Ý¥¿ ´ÉÍý¼Ô¥ê¥Õ¥¡¥ì¥ó¥¹ £±£³£°¤Îµ»¡×¡£ (2) ¥ë¡Ý¥¿¤Î¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥° '96¡Á * ¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Î³µÍ× ¥ë¡Ý¥¿¤Ç¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Î¥ë¡Ý¥ë¤òÀßÄꤹ¤ë¤Ë¤Ï¡¢ºÙ¿´¤ÎÃí°Õ¤òʧ¤ï¤Ê¤±¤ì¤Ð¤Ê ¤é¤Ê¤¤¡£¥Õ¥¡¥¤¥¢¥¦¥©¡Ý¥ë¤Î¥½¥Õ¥È¤Î¤è¤¦¤Ë£Ç£Õ£É¤ÇÀßÄê¤È¤¤¤¦¤ï¤±¤Ë¤Ï¤¤¤«¤º¡¢¥³¥Þ¥ó ¥É¤Ç¥ë¡Ý¥ë¤Î½çÈÖ¤ò»ØÄꤷ¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¡£½çÈÖ¤ò´Ö°ã¤¨¤ë¤È¡¢¤È¤ó¤Ç¤â¤Ê¤¤¤³¤È¤Ë¤Ê ¤Ã¤Æ¤·¤Þ¤¦¡£¤Õ¤µ¤¤¤À¤Ä¤â¤ê¤¬Á´Éô³«¤¤¤Æ¤·¤Þ¤Ã¤¿¤ê¤È¸À¤¦¤³¤È¤¬µ¯¤­¤«¤Í¤Ê¤¤¡£ ¥ë¡Ý¥ë¤Ï¤É¤ó¤Ê¥Ñ¥±¥Ã¥È¤òÄ̤¹¤«¡¢Ä̤µ¤Ê¤¤¤«¤È¤¤¤¦¥Þ¥¹¥­¥ó¥°¤Ç¤¢¤ë¡£ Yamaha RT100i ¤Ç¤Ï¥ë¡Ý¥ë¤ò¥Þ¥¹¥¯¤¹¤ë¤Î¤Ë¡¢pass ¤È reject ¤¬¤¢¤ë¡£ ¥Õ¥£¥ë¥¿¥ê¥ó¥°¤¹¤ë¾ì½ê¤Ï¡¢¥¤ ¥ó¥¿¡Ý¥Í¥Ã¥È¦¡¢ÆâÉô¥Í¥Ã¥È¡Ý¥¯Â¦¤Î IN, OUT ¤Î£´¥õ½ê¤¬¤¢¤ë¡£ ¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Ï¥¤¥ó ¥¿¡Ý¥Í¥Ã¥È¦¤Ç¥Ñ¥±¥Ã¥È¤¬½Ð¤¿¤êÆþ¤Ã¤¿¤ê¤¹¤ë½ê¡¢PP in ¤È PP out ¤Ç¤¹¤ë¤Î¤¬Ë¾¤Þ¤·¤¤¡£ ¥Þ¥¹¥¯²Äǽ¤Ê¥Ñ¥±¥Ã¥È¤Î¾ðÊó¤È¥Õ¥£¥ë¥¿¥ê¥ó¥°¾ì½ê¤Î³¨¤ò²¼¤Ë¼¨¤¹¡£°Ê¾å¤Ï RT100i ¤ÎÏà ¤À¤¬¡¢¥ë¡Ý¥¿¤Î¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Ç¤ÏɬÍפʤ³¤È¤Ç¤¢¤ë¡£¤¿¤¤¤¬¤¤¤Î¥ë¡Ý¥¿¤ÏÂбþ ¤·¤Æ¤¤¤ë¤Ï¤º¤Ç¤¢¤ë¡£¤¤¤ä¡¢¥Õ¥£¥ë¥¿¥ê¥ó¥°¾ì½ê¤ÏÆþ¤ë¤Î¤È½Ð¤ë£²¥õ½ê¤·¤«¤Ê¤¤À½ÉʤÎÊý ¤¬Â¿¤¤¤ß¤¿¤¤¤Ç¤¢¤ë¡£Cisco ¤Î¥ë¡Ý¥¿¤â³Î¤«£²¥õ½ê¤·¤«¤Ê¤¤¤è¤¦¤Ç¤¢¤ë¡£ »ÏÅÀ£É£Ð¥¢¥É¥ì¥¹ PP out PP in ½ªÅÀ£É£Ð¥¢¥É¥ì¥¹ ¢¬ | ¢­ ¥¤¥ó¥¿¡Ý¥Í¥Ã¥È¦ TCP, UDP, ICMP ¤Î¥×¥í¥È¥³¥ë¤Î¼ïÊÌ -------------- TCP, UDP ¤Î»ÏÅÀ¥Ý¡Ý¥È¤È½ªÅÀ¥Ý¡Ý¥È | RT100i | ¥Ñ¥±¥Ã¥È¤ÎÁ÷¿®¤«¼õ¿®¤«¡£ACK ¥Õ¥é¥Ã¥° -------------- ¢¬ | ¢­ ÆâÉô¥Í¥Ã¥È¡Ý¥¯Â¦ << ¥Þ¥¹¥¯²Äǽ¾ðÊó >> Lan in Lan out [ ¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Î´ðËÜ ] ¡¦¥ë¡Ý¥¿¤Ï¥Ñ¥±¥Ã¥È½ÐÎÏÉô¤Ç¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¤¹¤ë¡£ ¡¦¥ë¡Ý¥¿¤Î¥Ñ¥±¥Ã¥ÈÆþÎÏÉô¤Ç¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¤¹¤ë¤È¥ë¡Ý¥¿¼«¿È¤ÎÊݸî¤Ë¤Ê¤ë¡£ ¡¦Source-route ¥ª¥×¥·¥ç¥ó¤¬ÉÕ¤¤¤¿£É£Ð¥Ñ¥±¥Ã¥È¤ÏÄ̤µ¤Ê¤¤¡£ ¡¦µ¶Â¤¥Ñ¥±¥Ã¥È¤ÏÄ̤µ¤Ê¤¤¡£¡Êspoofing attack ¤ÎÂкö¤ò¤¹¤ë¡Ë * ÀÚ¤ê»æ¤ÎÎã ------------- ------------- | / / | | / / | |/ / ¹õ¤¤»æ | |/ / ¹õ¤¤»æ | | / | | / | ------------- ------------- ¢­ pass ¡û ¢­ reject ¡ü ¡ûÉôʬÀÚ¤ê¼è¤ë ¡üÉôʬ¥Þ¥¹¥¯¤¹¤ë ------------- ------------- | / / | | / / | |/¡û | |/¡ü | | / | | / | ------------- ------------- ¢­ ¡û¤Î½ê¤Î¤ßÇò ¥Þ¥¹¥¯¤·¤¿½ê°Ê³°ÀÚ¤ê¼è¤ë ------------- | | | ¡ü Çò | Çò¤Ç»Ä¤Ã¤¿½ê¤¬Ä̲᤹¤ë | | ¥Ñ¥±¥Ã¥È¤Î¾ò·ïÉô¤Ë¤Ê¤ë¡£ ------------- * ñ½Æ¬¤òÇ㤦Îã ip filter 1 pass 10 ñ½Æ¬£±£°¸ÄÇ㤦 << pass ¤·¤¿¤Î¤Ï¸å ip filter 2 reject 2 ñ½Æ¬£²¸Ä¤ä¤á¤ë ¤ÇÊѹ¹¤Ç¤­¤Ê¤¤¡£ ip pp secure filter in 1 2 ¡Â £±£°¸ÄÇ㤦 ip filter 1 reject 2 ñ½Æ¬£²¸Ä¤ä¤á¤ë ip filter 2 pass 10 ñ½Æ¬£±£°¸ÄÇ㤦 ip pp secure filter in 1 2 ¡Â £¸¸ÄÇ㤦 * ¥ë¡Ý¥ë¤Î̵¸ú ------------- | / / | |/ / ¡û A | pass A | / | | | ------------- ¢­ ------------- | / ¬°¬¤¬¤¬´| |/ /¬¦¡û A¬¦| pass B | / ¬¸¬¤¬¤¬¼| | B | ¢¨ pass A ¤Ï°ÕÌ£¤¬¤Ê¤¯¤Ê¤ë¡£ ------------- * Yamaha RT100i ¤Ë¤è¤ë¥Õ¥£¥ë¥¿¥ê¥ó¥° [ ¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Î¥³¥Þ¥ó¥É ] ip filter filter_list(1..100) pass|reject src_addr/mask dest_addr/mask ³¤¯ protocol source_port destination_port ip lan|pp secure filter in|out filter_list << ¥ë¡Ý¥ë¤òŬÍѤ¹¤ë¡£ 1. src_addr/mask : ȯ¿®¸µ¤Î¥Û¥¹¥È£É£Ð¥¢¥É¥ì¥¹¤Þ¤¿¤Ï¥Í¥Ã¥È¥ï¡Ý¥¯¥¢¥É¥ì¥¹¤ò»ØÄê ¤¹¤ë¡£mask ¤Ï¾Êά¤¹¤ë¤È 0xffffffff ¤È²ò¼á¤µ¤ì¤ë¡£ ¥¯¥é¥¹£Ã ¤Î¾ì¹ç¤Ï 0xffffff00 ¤Ç¤¢¤ë¡£ 2. dest_addr/mask: ȯ¿®Àè¤Î¥Û¥¹¥È£É£Ð¥¢¥É¥ì¥¹¡£ 3. protocol : ¥Õ¥£¥ë¥¿¥ê¥ó¥°¤¹¤ë¥Ñ¥±¥Ã¥È¤Î¼ïÎà¡£1,6,17 ¤È¤« icmp,tcp,udp ¤È¤¤¤¦¤è¤¦¤Ë»ØÄꤹ¤ë¡£* ¤ÏÁ´¤Æ¤ò°ÕÌ£¤¹¤ë¡£¤³¤Î»ØÄ꤬¾Êά¤µ ¤ì¤¿»þ¤Ï * ¤È²ò¤µ¤ì¤ë¡£ established »ØÄê¤ò¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£ ¤³¤ì¤Ë¤è¤ê ACK=1 ¤Î TCP ¥Ñ¥±¥Ã¥È¤òÄ̤¹¡£ 4. source_port : ȯ¿®¸µ UDP, TCP ¤Î¥½¡Ý¥¹¥Ý¡Ý¥ÈÈֹ档20,23,25¤È¤¤¤¦¤è¤¦¤Ë»Ø Äꤹ¤ë¡£¤Þ¤¿¤Ï 20-25 ¤È¤« 20-23,25¤ÈÈϰϤǻØÄê¤Ç¤­¤ë¡£¤¢¤ë ¤¤¤Ï ftp,telnet Åù¤È¥Ë¡Ý¥â¥Ë¥Ã¥¯¤Ç¤â»ØÄê²Äǽ¡£* ¤ÏÁ´¤Æ¥Ý¡Ý ¥È¤ò°ÕÌ£¤¹¤ë¡£¾Êά»þ¤Ï * ¤È²ò¤µ¤ì¤ë¡£ 5. dest_port : destination_port¡¢È¯¿®Àè UDP, TCP ¤Î¥½¡Ý¥¹¥Ý¡Ý¥ÈÈֹ档ÆâÍÆ ¤Ï source_port ¤ÈƱ¤¸¤Ç¤¢¤ë¡£ [ ¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Î¥ë¡Ý¥ë ] ¡¦ÆâÉô¥Í¥Ã¥È¤Î¥Û¥¹¥È¤Î¤ß¥ë¡Ý¥¿¤Ë telnet ¥¢¥¯¥»¥¹¤Ç¤­¤ë¤è¤¦¤Ë¤¹¤ë¡£ MASK ¤Ï¥¯¥é¥¹£Ã¤Ç 0xffffff00 ¤È°ì±þ¤¹¤ë¡£ 1. 2. 3. 4. 5.¡Ê23¤Ç¤â¤è¤¤¡Ë ¢­ ¢­ ¢­ ¢­ ¢­ ip filter 1 pas inner_host/MASK router_host/MASK tcp * telnet ip filter 2 reject * router_host/MASK tcp * telnet ip filter 3 pass * * * * * ip pp secure filter in 2 3 << £×£Á£Î¦¤Î¥Õ¥£¥ë¥¿¥ê¥ó¥°¡£ ip lan secure filter in 1 2 3 << £Ì£Á£Î¦¤Î¥Õ¥£¥ë¥¿¥ê¥ó¥°¡£ ¡¦spoofing attack ¤Ø¤ÎÂкö¡£ PP out PP in ip filter 1 reject inner_net/MASK * * * * ¢¬ | ¢­ £×£Á£Î¦ ip filter 2 pass inner_net/MASK * * * * -------------- ip filter 3 pass * * * * * | RT100i | ip pp secure filter in 1 3 -------------- ip pp secure filter out 2 ¢¬ ¢­ £Ì£Á£Î¦ ³°¤«¤éÍè¤ë¥Ñ¥±¥Ã¥È¤Ç¡¢ÆâÉô¤Î¥¢¥É¥ì¥¹¤ò»ý¤Ä¤â¤Î¤òÄ̤µ¤Ê¤¤¡£ ÆâÉô¤«¤é¤Î¥Ñ¥±¥Ã¥È¤Ï¡¢ÆâÉô¤Î¥¢¥É¥ì¥¹¤ò»ý¤Ä¤â¤Î¤À¤±¤òÄ̤¹¡£ ¡¦Source-route ¥ª¥×¥·¥ç¥óÉÕ¤­£É£Ð¥Ñ¥±¥Ã¥È¤òÄ̤µ¤Ê¤¤¡£ ip filter source-route on ¡¦»ÏÅÀ¥¢¥É¥ì¥¹¤¬ 192.9.200.2 ¤Ç¡¢½ªÅÀ¥¢¥É¥ì¥¹¤ÏǤ°Õ¤Î¥Ñ¥±¥Ã¥È¤À¤±¼õ¿®¤¹¤ë¡£ ip filter 1 pass 192.9.200.2/MASK * * * * ip pp secure filter in 1 ¢¬ Ǥ°Õ¤Î½ªÅÀ¥¢¥É¥ì¥¹ (3) Cisco 2500 ¥·¥ê¡Ý¥º¤Î»È¤¤Êý * Cisco 2503 ¤Î³µÍ× '98/04 Cisco 2503 ¤Ë¤ÏÀìÍÑÀþ 64 Kbps ¤Î CSU(TA) ¤¬Æ⡤µ¤ì¤Æ¤¤¤ë¡££É£Ó£Ä£Î¤â INS64 ÍѤΠTA ¤¬Æ⡤µ¤ì¤Æ¤¤¤ë¡£¤³¤ì¤é¤Î£×£Á£Î¦Àܳ¤Ë¤Ï BRI( Basic Rate Interface)¥Ý¡Ý¥È¤Î RJ45 ¥â¥¸¥å¥é¡Ý¡¦¥¸¥ã¥Ã¥¯¤Î¸ý¤ò»È¤¦¡££Ì£Á£Î¦Àܳ¤Ï AUI ¥Ý¡Ý¥È¤ò»È¤¦¡£º£¤Ï¤¿¤¤¤¬ ¤¤ 10Base-T ¥±¡Ý¥Ö¥ë¤Ç RJ45 ¥â¥¸¥å¥é¡Ý¡¦¥¸¥ã¥Ã¥¯Àܳ¤¹¤ë¤Î¤¬ÉáÄ̤Ǥ¢¤ë¡£¤³¤Î¤¿¤á ¤Ë¤Ï CentreCOM 210TS¡¢12,500 ±ß¤Ê¤É¤ÎÊÑ´¹¥¢¥À¥×¥¿¤ò¤«¤Þ¤µ¤Ê¤¤¤È¤¤¤±¤Ê¤¤¡£RJ45 ¤Î ü»Ò¤¬°ìÇդĤ¤¤Æ¤¤¤ë³ä¤Ë¤Ï¡¢ÊѤʤȤ³¤í¤Ç̵¤¤¤È¤¤¤¦¤Î¤Ï¤É¤¦¤Ê¤Ã¤Æ¤¤¤ë¤Î¤«¡£¤»¤á¤Æ £Â£Î£Ã¥³¥Í¥¯¥¿¤Ë¤¹¤Ù¤­¤Ç¤¢¤ë¡£ ½é¤á¤Æ»È¤¦¾ì¹ç¤Ï¤È¤â¤«¤¯¥³¥ó¥Ô¥å¡Ý¥¿¤ÈüËöÀܳ¤·¤Æ¡¢¥ë¡Ý¥¿¤Î£É£Ð¥¢¥É¥ì¥¹Åù¤òÀßÄê ¤·¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¡£Ã¼ËöÀܳ¤¹¤ë¤Ë¤Ï CONSOLE ¥Ý¡Ý¥È¤È¥³¥ó¥Ô¥å¡Ý¥¿¤Î RS-232C ¥Ý¡Ý ¥È¤ò¡¢ÉÕ°¤Î RJ45 ¥â¥¸¥å¥é¡Ý¡¦¥¸¥ã¥Ã¥¯¤¬¤Ä¤¤¤¿¥Ú¥é¥Ú¥é¤·¤¿¹õ¤¤¥±¡Ý¥Ö¥ë¤Ç·ë¤Ö¡£¤³ ¤Î¥±¡Ý¥Ö¥ë¤Ï¥·¥ê¥¢¥ë¥Ý¡Ý¥ÈÍѤΥ¯¥í¥¹¥±¡Ý¥Ö¥ë¤Ç¤¢¤ë¡£¤¤¤Ã¤¿¤óÀßÄꤹ¤ì¤Ð¡¢¤½¤Î¸å¤Ï £Å£×£Ó¤«¤é telnet ¥¢¥¯¥»¥¹¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ë¡£Ãí°ÕÅÀ¤È¤·¤Æ¡¢ CONSOLE ¤È AUX ¤ÎÉôʬ ¤Ë¥·¡Ý¥ë¤¬Å½¤é¤ì¤Æ¤¯¤ë¡£¤³¤ì¤Ï BRI ¤Î¸ý¤È´Ö°ã¤¨¤Ê¤¤¤è¤¦¤Ë¤È¤¤¤¦ÇÛθ¤Ç¤¢¤ë¡£ Ʊ¤¸ RJ45 ¤Ê¤Î¤Ç¥×¥Ã¤Èº¹¤·¹þ¤ó¤Ç¤·¤Þ¤¦¤È¡¢¥ë¡Ý¥¿¤¬¥¯¥é¥Ã¥·¥å¤¹¤ë¾ì¹ç¤¬¤¢¤ë¡£ ---------------------------------------------------------------- Cisco 2503 | ______ _______ _______ ---- | ¤ÎÇØÌÌ | |______| |_______| |_______| ¢¢ ¢¢ ¢¢ |--| | | AUI SERIAL0 SERIAL1 BRI CONSOLE AUX ---- | ---------------------------------------------------------------- ¢¬ ¢¬ £Ì£Á£Î¦¥Í¥Ã¥È¥ï¡Ý¥¯Àܳ¸ý INS64¡¢ÀìÍÑÀþ 64 Kbps Àܳ¸ý * ¥á¥â '98/04 ¡¦»²¹Í¡£http://www.cisco.co.jp/ ¤Î"¥Þ¥Ë¥å¥¢¥ë¡¢¥É¥­¥å¥á¥ó¥È"Á´¤Æ±Ñ¸ì¡£ ¥ë¡Ý¥¿¤òÇã ¤¦¤È¤Ä¤¤¤Æ¤¯¤ë±Ñ¸ì¥Þ¥Ë¥å¥¢¥ë¤Ï¡¢´Êñ¤ÊÀßÄꤷ¤«ºÜ¤Ã¤Æ¤¤¤Ê¤¤¡£¾ÜºÙ¤Ï CD-ROM¤Ë¤¢¤ë¡¢ ¤³¤Îʬ¤¬¸«¤ì¤ë¡£¡ÖUNIX MAGAZINE¡×'95/12, P.63¡Á,"ËɲÐÊɤι½ÃÛ(2)", ¥Ñ¥±¥Ã¥È¡¦¥Õ ¥£¥ë¥¿¥ê¥ó¥°¤Ë¤Ä¤¤¤Æ¤è¤¯½ñ¤«¤ì¤Æ¤¤¤ë¡£ ¡¦ÃÍÃʤϥª¡Ý¥×¥ó¥×¥é¥¤¥¹¤Ê¤Î¤Ç¤Ï¤Ã¤­¤ê¤·¤Ê¤¤¡£ ¤À¤¤¤¿¤¤ 2503 ¤Î°ìÈְ¤¤£É£Ð¥¿¥¤¥× ¤ÇÌó£³£°Ëü±ß¤Ç¤¢¤ë¡££É£Ð¥Ñ¥±¥Ã¥È¤À¤±¤·¤«°·¤ï¤Ê¤¤¤Î¤Ê¤é¡¢¤³¤Î¥¿¥¤¥×¤Ç½½Ê¬¤Ç¤¢¤ë¡£ ¡¦AUX ¥Ý¡Ý¥È¤ÏÈóƱ´ü¥·¥ê¥¢¥ë¥Ý¡Ý¥ÈÍѤǤ¢¤ë¡£ 38.4 Kbps ¤Þ¤Ç¤Î£É£ÐÀܳ¤Ç»ÈÍѤǤ­¤ë¡£ £Î£Ô£Ô¤Î 3.4 KHz ÀìÍÑÀþ¤ä¸ø½°²óÀþ¤Ç¡¢Trail Blazer¤Ê¤ó¤«¤Ç¥â¥Ç¥àÀܳ¤¹¤ë¤Î¤Ë»È¤¦¡£ Cisco 2501 ¤Ë¤Ï BRI ¥Ý¡Ý¥È¤Ï¤Ê¤¤¡¢ÊÌÅÓTA ¤¬É¬ÍפȤʤ롣¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Î¥Ý¡Ý¥È»Ø Äê¤Ï¡¢Áê¼êÀè¤Ë¤·¤«ÀßÄê¤Ç¤­¤Ê¤¤¡£ ¡¦IOS ¤Î¼ïÎà¡£Feature Set ¤È¤¤¤Ã¤Æ¡¢°ìÈÖ´ðËܤΤòÆäË̾Á°¤Ê¤·¤« Basic ¤È¤¤¤¦¡£Plus ¤Ï Basic ¤Ë¥Ï¡Ý¥ÉÆȼ«¤Îµ¡Ç½¤òÄɲä·¤¿¤â¤Î¡£Plus 40, 56 ¤È¤¤¤¦¤Î¤Ï°Å¹æ²½¤ò²Ã¤¨¤¿ ¤â¤Î¡£°Å¹æ²½¥Ó¥Ã¥È¿ô¤¬ 40 bit¡¢56 bit ¤È¤¤¤¦¤³¤È¤Ç¤¢¤ë¡£ ¡¦2003/07/16 ¤Ë¤«¤Ê¤ê´í¸±¤Ê¥»¥­¥å¥ê¥Æ¥£¡¦¥Û¡Ý¥ë¤¬¤¢¤ë¤³¤È¤òȯɽ¤·¤¿¡£Êݼé·ÀÌó¤ËÆþ ¤Ã¤Æ¤¤¤ì¤Ð¥Ñ¥Ã¥Á¤Ï¥À¥¦¥ó¥í¡Ý¥É¤Ç¤­¤ë¡£ ¤·¤«¤·Íè¤Æ¤â¤é¤Ã¤Æ¥Ñ¥Ã¥Á¤òÅö¤Æ¤ë¤Î¤ÏÊÌÅÓ ÎÁ¶â¡£¸òÄÌÈñ¤äºî¶ÈÈñ¤Ç£±Â棲Ëü±ß°Ì¤Î¸«ÀѤê¤Ë¤Ê¤ë¤È¤«¡£ Æâ¤Ç¤Ï¥¤¥ó¥¿¡Ý¥Í¥Ã¥ÈÀܳ ÊÕ¤ê¤Ç¤Ï»È¤Ã¤Æ¤Ê¤¤¤·¡¢¤½¤â¤½¤âºÇ½é¤«¤éÊݼé¤ËÆþ¤Ã¤Æ¤Ê¤¤¤Î¤Ç¤Û¤«¤Ã¤Æ¤ª¤¯¤·¤«¤Ê¤¤¡£ * Cisco 2503 ¤Î´ðËÜŪ¤Ê¥³¥Þ¥ó¥É $ telnet 192.9.200.9 << °ìÅÙ¥ë¡Ý¥¿¤Ë£É£Ð¥¢¥É¥ì¥¹¤òÉÕ¤±¤¿¤é¡¢¸å¤Ï telnet¤Ç | ¥¢¥¯¥»¥¹¤Ç¤­¤ë¡£ User Access Verification Password: henomo << enable ¤Ï¤ª¤Þ¤¸¤Ê¤¤¡£henomo,kato ¤ÏŬÅö¡£³Æ¼«¥Ç¥Õ router1>enable ¥©¥ë¥È¤«¤éÊѤ¨¤ë¤³¤È¡£router1¤Ï¥Û¥¹¥È̾¡£¤³¤ì¤é¤Ï Password: kato üËöÀܳ¤Ç¤Î½é´üÀßÄê¤Ç·è¤á¤ë¤³¤È¤Ë¤Ê¤Ã¤Æ¤¤¤ë¡£ router1#conf term << º£¤«¤é¿§¡¹ÀßÄꤷ¤Þ¤¹¤è¡£ Enter configuration commands, one per line. End with CNTL/Z. router1(config)#int e 0 << Ethernet ¦¤Î¥¢¥É¥ì¥¹¤ò¥»¥Ã¥È¤¹¤ë¤è¡£ router1(config-if)#ip address 192.9.205.11 % Incomplete command. << ¤ª¤«¤·¤ÊÆþÎϤÏÄ·¤Í¤Æ¤¯¤ì¤ë¡£ router1(config-if)#ip address 192.9.205.11 255.255.255.0 router1(config-if)#end << int e 0 ¤ÎÀßÄ꽪¤ï¤ê¡£ router1(config)#int b 0 << £É£Ó£Ä£Î¤Î BRI ¦¤Î¥¢¥É¥ì¥¹¤ò¥»¥Ã¥È¤¹¤ë¤è¡£ router1(config-if)#end router1#show ip arp << show ip route ¤È¤«¿§¡¹¸«¤ì¤ë¡£ Protocol Address Age (min) Hardware Addr Type Interface Internet 192.9.200.3 84 0800.2010.9bff ARPA Ethernet0 Internet 192.9.200.2 3 0800.1e02.cbed ARPA Ethernet0 router1#write term << ÀßÄê¤Î³Îǧ¤Ï¤³¤Î¥ì¥Ù¥ë¤Ç¤·¤«¤Ç¤­¤Ê¤¤¡£ Building configuration... Current configuration: | router1#write mem << ¾Ã¤¨¤Ê¤¤¥á¥â¥ê¤Ë½ñ¤­¹þ¤à¡£ Building configuration... [OK] * Cisco 2503 ¤½¤Î¾¥³¥Þ¥ó¥É router1#ping 192.9.200.2 << ping ¤Î¥Æ¥¹¥È¤¬¤Ç¤­¤ë¡£ router1#conf term << ÀßÄê¥â¡Ý¥É¤ËÆþ¤ë¡£ router1(config)#router rip << ưŪ·ÐÏ©À©¸æ¤Î¥ë¡Ý¥ë¤òÀßÄꤹ¤ë¡£ router1(config-router)#no network 192.168.1.0 router1(config-router)#redistribute static router1(config-router)#exit << end ¤òÆþ¤ì¤ë¤È router1# ¤Þ¤ÇÍî¤Á¤ë¡£ router1(config)#int b 0 << interface bri 0 ¤Î¾Êά·Á¡£ router1(config-if)#ip broadcast-address router1(config-if)#ip tcp header-compression << TCP¥Ñ¥±¥Ã¥È¤Î¥Ø¥Ã¥À¡ÝÉô¤Î°µ½Ì¡£ router1(config)#end router1#write term << ¤³¤³¤Ç³Îǧ¤Ç¤­¤ë¡£ router1#show ip route << ÀßÄꤵ¤ì¤¿·ÐÏ©¾ðÊó¤ò¸«¤ë¡£ router1#conf term router1(config)#ip route ? << ? ¤òÆþ¤ì¤ë¤È»È¤¨¤ë¥³¥Þ¥ó¥É¤äÀâÌÀ¤¬½Ð¤ë¡£ A.B.C.D Destination prefix router(config)#clock ? summer-time Configure summer (daylight savings) time timezone Configure time zone router(config)#clock timezone jst -9 << ÆüËÜ»þ´Ö¤ÎÀßÄê¡£jst-9, jst - 9 ¤Ï¥À¥á¡£ router1# logout << telnet ¤«¤éÈ´¤±½Ð¤¹¡£ Connection closed by foreign host. isdn leased-line BRI0 << 64 Kbps ÀìÍÑÀþ¤ò»È¤¦¾ì¹ç¡£ description LEASED-LINE 64K * Cisco 2514 ¤Î IOS ¥Ð¡Ý¥¸¥ç¥ó¥¢¥Ã¥× `02/06 ¥Õ¥¡¥¤¥¢¥¦¥©¡Ý¥ë¤Î¥Û¥¹¥È¤¬¥À¥¦¥ó¤·¤¿¾ì¹ç¤Ë¤½¤Ê¤¨¤Æ¡¢ FireWall-1 ¤ÈƱ¤¸¤¯£É£Ð¥¢¥É ¥ì¥¹¤ÎÊÑ´¹¤¬¤Ç¤­¤ë¤â¤Î¤¬¤Ê¤¤¤«Ä´¤Ù¤Æ¤¤¤¿¡£ Cisco ¤Î£Ï£Ó¤Ç¤¢¤ë IOS ¤Î¥Ð¡Ý¥¸¥ç¥ó¤Ë ¤è¤Ã¤Æ¤Ï¤Ç¤­¤ë¤³¤È¤¬¤ï¤«¤Ã¤¿¡£¤½¤ÎNAT µ¡Ç½¤¬ IOS 12.0 ¤Ç¤Ï¥Ç¥Õ¥©¥ë¥È¤ÇÆþ¤Ã¤Æ¤¤¤ë ¤è¤¦¤À¡£IOS 11.2 ¤«¤é¤À¤È¡¢Plus ¤È¤¤¤¦¤Î¤ËÆþ¤Ã¤Æ¤¤¤ë¡£IOS ¤Ï tftp ¤ò»È¤Ã¤Æ¥À¥¦¥ó ¥í¡Ý¥É¤¹¤ë¤Î¤Ïʬ¤«¤Ã¤¿¡£Çã¤Ã¤¿»þ¤ËÆþ¤Ã¤Æ¤¤¤¿¥Ú¥é¥Ú¥é¤ÎÆüËܸì¥Þ¥Ë¥å¥¢¥ë¤Ë¤â½ñ¤¤¤Æ ¤¢¤ë¡£¤½¤ì¤Ç¤½¤Î IOS ¤Ã¤Æ¤É¤³¤Ë¤¢¤ë¤Î¤«¤Ê¡£ ¤¤¤ä¤½¤ÎÁ°¤Ë¼ê¸µ¤Ë¤¢¤ë Cisco 2514 ¤Î IOS ¤Î¥Ð¡Ý¥¸¥ç¥ó¤òÄ´¤Ù¤Æ¤ß¤ë¡£MRTG ¤ò¤ä¤Ã¤¿»þ¤Ë Cisco ¥ë¡Ý¥¿¤«¤é½Ð¤Æ¤­¤¿¾ðÊ󤬤¤ ¤¤¡£IOS 11.2.11 ¤È¤¤¤¦¤³¤È¤À¡£ Description: Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-I-L), Version 11.2(11), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1997 by cisco Systems, Inc. Compiled Mon 29-Dec-97 ... cisco1#write term ¥ë¡Ý¥¿¤Ë telnet ¥¢¥¯¥»¥¹¤·¤Æ¥³¥ó¥Õ¥£¥°¥ì¡Ý¥·¥ç¥ó¤ò½Ð version 11.2 ¤·¤¿¤È¤³¤í¤Ç¤¢¤ë¡£11.2 ¤È½Ð¤Æ¤¤¤ë¡£ ¤É¤¦¤â Plus ¤È¤¤ ¤¦¤Î¤Ç¤Ê¤¤¡£Ç㤦»þ£É£Ð¥Ñ¥±¥Ã¥È¤À¤±¡¢¤È¤ê¤¢¤¨¤ºÄ̤ì¤Ð cisco1(config)#ip nat ? ¤¤¤¤¤È¡¢°ìÈְ¤¤ IOS ¤Ë¤·¤¿¤Î¤À¤Ã¤±¡£ NAT ¤Î¥³¥Þ¥ó¥É % Unrecognized command ¤ÏÆþ¤Ã¤Æ¤Þ¤»¤ó¤Ç¤·¤¿¡£ ¤¤¤äº¤¤Ã¤¿¡£http://www.cisco.com/jp/ ¸«¤¿¤¬ IOS ¤Ê¤ó¤«¤Ê¤¤¡£¤É¤¦¤â¤¿¤À¤Ç¤Ï¤â¤é¤¨ ¤Ê¤¤¤è¤¦¤À¡£Êݼé¤ËÆþ¤Ã¤Æ IOS ¤ÎÆþ¤Ã¤¿ CD-ROM ¤òÆþ¼ê¤¹¤ë¤«¡¢ ¤½¤Î¤Ä¤ÉÇ㤤¼è¤ê¤¹¤ë ¤«¤Ê¤¤¤è¤¦¤À¡£¥á¡Ý¥«¤µ¤ó¤Ê¤ó¤« Cisco ¤Î¥Ñ¡Ý¥È¥Ê¡Ý¤À¤È¡¢ "login" ²èÌ̤«¤éÆþ¤Ã¤Æ¥À ¥¦¥ó¥í¡Ý¥É¤Ç¤­¤ë¤è¤¦¤À¡£ Çã¤Ã¤¿»þ¤ËÆþ¤Ã¤Æ¤¤¤¿ "Cisco Connection ONLINE ¤Î¥«¡Ý¥É" ¤³¤ì¤Ë¤Ò¤ç¤Ã¤È¤·¤Æ¥Ñ¥¹¥ï¡Ý¥É¤¬½ñ¤¤¤Æ¤¢¤ë¤Î¤«¤Ê¡£¤½¤ó¤Ê¤ó½ñ¤¤¤Æ¤Ê¤¤¤è¡£¤³¤Î¥«¡Ý¥É ¤¤¤Ã¤¿¤¤²¿¤ÎÌò¤ËΩ¤Ä¤Î¡©¡££²Ëç¤Î CD-ROM ¤Ï±Ñʸ¥É¥­¥å¥á¥ó¥È¤·¤«Æþ¤Ã¤Æ¤Ê¤¤¤·¡£¤É¤¦ ¤â¤è¤¦Ê¬¤«¤é¤ó¡£IOS ¤Î¤³¤È¤Ï¥¤¥á¡Ý¥¸¤È¤â¸Æ¤ó¤Ç¤¤¤ë¤ß¤¿¤¤¤À¤·¡£ Cisco 2514-8C Dual Ethernet/Dual Serial Router Ìó£³£°Ëü±ß SF25C-11.2.11 Cisco 2500 Series IOS IP Only Feature Set Ìó£²£´Ëü±ß ¾å¤Ï£¹£¸Ç¯£³·î¤Ë¹ØÆþ¤·¤¿»þ¤Î¥¹¥Ú¥Ã¥¯¤È¤À¤¤¤¿¤¤¤ÎÄê²Á¤Ç¤¢¤ë¡£ ¤É¤¦¤ä¤é IOS ¤Ï¿·µ¬ ¤ËÇ㤦¤·¤«¤Ê¤µ¤½¤¦¤À¡£·Ú¤¯£²£°Ëü±ß¤¤¤ë¤ï¤±¤À¡£¤³¤ì¤ÇÅú¤¨¤Ï½Ð¤¿¡¢¸¡Æ¤¤Ï¤ä¤á¡££²£° Ëü±ß¤â½Ð¤»¤Ð Linux ¤Î Cobalt ¤¬Ç㤨¤ë¡£¤³¤ì¤Ç¥Õ¥ê¡Ý¥½¥Õ¥È¤Î NAT ¤ò»î¤·¤¿Êý¤¬¤¤¤¤¡£ »²¹Í¤À¤¬¡¢Cisco ¥ë¡Ý¥¿¤Î NAT ÀßÄ꤬¡Ö£Ã£Ô£Ã¥Æ¥¯¥¤¥ó¥Õ¥©¡×'97/07, Vol.8, P.23¡Á28 ¤Ë¾Ü¤·¤¯½ñ¤«¤ì¤Æ¤¤¤ë¡£¤½¤ì¤È¥Ï¡Ý¥É¤È IOS ¤ÎÃÍÃʤ¬¡¢http://www.cisco.com/jp/ ¸«¤Æ ¤¤¤¯¤È´õ˾¾®Çä²Á³Ê¤È¤·¤Æ¡¢¤³¤ì¤âºÙ¤«¤¯ºÜ¤Ã¤Æ¤¤¤ë¡£tftp ¤Ë¤è¤ë IOS ¤Î¥Ð¡Ý¥¸¥ç¥ó¥¢ ¥Ã¥×¤Ï¡Ö£Ã£Ô£Ã¥Æ¥¯¥¤¥ó¥Õ¥©¡×'98/03, Vol.12, P.23¡Á ¤Ëµ­»ö¤¬¤¢¤Ã¤¿¡£ * Cisco 2514 ¤ÎÀßÄêÎã `21/06 Cobalt Qube3 ¤Ë SonicWALL ¤Ê¤É´Þ¤á¤Æ¤Î¥Æ¥¹¥È¤Ë¤Æ $ telnet 192.168.1.1 ¥Ñ¥¹¥ï¡Ý¥É¤Ê¤É½é´üÀßÄê¤Ï 2503 ¤ÈƱ¤¸ -------------- 192.168.1.0 | (Ethernet0) | .1 cisco1#write term -------- Building configuration... | | | -------- interface Ethernet0 (Ethernet1) | .1 ip address 192.168.1.1 255.255.255.0 -------------- 192.168.2.0 ¥¯¥é¥¹£Ã no cdp enable ¢­ ! 172.16.1.0 ¥¯¥é¥¹£Â interface Ethernet1 ip address 192.168.2.1 255.255.255.0 ¤¹¤Ç¤Ë°ÊÁ°ÀßÄꤵ¤ì¤¿¤Î¤ò½¤Àµ¤¹¤ë¤È¤¤ no cdp enable ¤È¤ÇÀâÌÀ¤¹¤ë¡£192.168.2.0 ¤ò¥¯¥é¥¹¤È ! ¤·¤Æ¤Ï£Â¤Î 172.16.1.0 ¤ËÊѹ¹¤¹¤ë¡£¤¿ | ¤À¤·¥Ö¥í¡Ý¥É¥­¥ã¥¹¥È¤Ê¤É¡¢¥Í¥Ã¥È¥ï¡Ý no ip classless ¥¯¤ÎÀßÄê¤Ï¥¯¥é¥¹£Ã¤Ç°·¤¦¤³¤È¤È¤¹¤ë¡£ ip route 0.0.0.0 0.0.0.0 192.168.1.2 ip route 192.168.3.0 255.255.255.0 192.168.2.2 1 | end cisco1#conf term << ÀßÄê¥â¡Ý¥É¤ËÆþ¤ë¡£ Enter configuration commands, one per line. End with CNTL/Z. cisco1(config)#no ip route 192.168.3.0 255.255.255.0 192.168.2.2 1 cisco1(config)#no ip route 0.0.0.0 0.0.0.0 192.168.1.2 cisco1(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.3 << ·ÐÏ©¤ò¾Ãµî¤·¤ÆÀßÄꤷľ¤¹¡£ cisco1(config)#int Ethernet 1 cisco1(config-if)#ip address 172.16.1.1 255.255.255.0 << ¥Í¥Ã¥È¥Þ¥¹¥¯¡¢¥Ö¥í¡Ý¥É cisco1(config-if)#ip broadcast-address 172.16.1.255 ¥­¥ã¥¹¥È¡¦¥¢¥É¥ì¥¹¤ÎÀß cisco1(config-if)#end Äê¤ËÃí°Õ¤Î¤³¤È¡£ cisco1# cisco1#write term << ÀßÄê¾õÂÖ¤òɽ¼¨¤¹¤ë¡£ Building configuration... | interface Ethernet0 ip address 192.168.1.1 255.255.255.0 no cdp enable << ¥Ö¥í¡Ý¥É¥­¥ã¥¹¥È¤ÎÃͤ¬½Ð¤Æ¤Ê¤¤¤¬¡¢255.255.255.255¤Ë¤Ê ! ¤Ã¤Æ¤¤¤ë¡£#show ip int ¤Ç°Ê²¼¤ÎÍͤˤÁ¤ã¤ó¤È³Îǧ¤Ç¤­¤ë¡£ interface Ethernet1 ip address 172.16.1.1 255.255.255.0 cisco1#show ip int ip broadcast-address 172.16.1.255 Ethernet0 is up, line protocol is up no cdp enable Internet address is 192.168.1.1/24 ! Broadcast address is 255.255.255.255 | | * ²¿¤«¤ª¤«¤·¤¤¤¾ Cisco 2514 ¤Ç ¥·¥¹¥³¤Î¥ë¡Ý¥¿¤Ï IOS ¤È¤¤¤¦£Ï£Ó¤ÇÆ°¤¤¤Æ¤ª¤ê¡¢2514 ¤â 2503 ¤âƱ¤¸¤È»×¤Ã¤Æ¤è¤¤¡£´ð ËÜŪ¤Ê¥³¥Þ¥ó¥É¤Ï¶¦Ä̤·¤Æ¤¤¤ë¡£ 2514 ¤ÏÆâÉô¥Í¥Ã¥È¥ï¡Ý¥¯ÍѤΥë¡Ý¥¿¤Ç¤¢¤ë¡£±¿ÍѤ·¤Æ ¤¤¤Æ°ì¤Äµ¤¤Ë¤Ê¤ë¤³¤È¤¬¤¢¤ë¡£ tftp ¥Ñ¥±¥Ã¥È¤¬Ìó£±£°Ê¬¤ª¤­¤Ë¥Ö¥í¡Ý¥É¥­¥ã¥¹¥È¤µ¤ì¤Æ ¤¤¤ë¤Î¤À¡£FireWall-1 ¤Î¥í¥°¤Ë¡¢¥ë¡Ý¥¿¤«¤é 255.255.255.255 ¤Ë¸þ¤±¤¿ tftp ¤¬¥¹¥È¥Ã ¥×¤µ¤ì¤Æ¤¤¤ë¤Î¤¬¸«¤¨¤ë¡£tftp ¤Î¤½¤ó¤ÊÀßÄꤷ¤¿³Ð¤¨¤Ï¤Ê¤¤¡£µ¤»ý¤Á°­¤¤¤·¡£2503 ¤Ç¤â ƱÍͤʤ³¤È¤¬µ¯¤³¤ë¤«¤âÃΤì¤Ê¤¤¡£2503 ¤Çµ¯¤³¤ë¤È¡¢ISDN ²óÀþ¤Ê¤é£±£°Ê¬Ëè¤ËÅÅÏäò¤« ¤±¤ë¤³¤È¤Ë¤Ê¤Ã¤Æ¤·¤Þ¤¦¡£ »ÄÇ°¤Ê¤¬¤é¤É¤¦¤·¤Æ tftp ¥Ñ¥±¥Ã¥È¤¬½Ð¤ë¤Î¤«¤Þ¤Àʬ¤«¤é¤Ê¤¤¡£´Ø·¸¤¢¤ê¤½¤¦¤ÊÉôʬ¤ò¤¤ ¤í¤¤¤í¤¤¤¸¤Ã¤Æ¤ß¤ë¤³¤È¤Ë¤·¤¿¡£ cisco1#ddd ¤È¤¤¤¦¤è¤¦¤ËŬÅö¤ËÆþ¤ì¤ë¤È¥Û¥¹¥È̾¤È¤ß ¤Ê¤¹¤Î¤«¡¢255.255.255.255 ¤Ë¤¢¤ë¤È²¾Äꤵ¤ì¤¿ DNS ¤ò¸«¤Ë¤¤¤¯¤è¤¦¤Ç¤¢¤ë¡£ ¤·¤Ð¤é¤¯ ¥Ç¡Ý¥â¥ó¤òõ¤·¤Æ¤¤¤ë¤è¤¦¤Ç¤¢¤ë¡£#no ip domain-lookup ¤È¤ä¤ê¡¢ DNS ¤ò¸«¤Ê¤¤¤è¤¦¤Ë ¤¹¤ë¡£¤Þ¤¿¥ë¡Ý¥¿¤¬ DNS ¤ò¸«¤ëɬÍפϤʤ¤¡£ tftp ¤ÎÌäÂê¤Ç 255.255.255.255 ¤ò¥­¡Ý¥ï ¡Ý¥É¤Ë¤·¤Æ¡¢¤³¤ÎÀßÄê¤ò¤ä¤Ã¤Æ¤ß¤¿¤¬ tftp ¤Ë¤Ï´Ø·¸¤·¤Ê¤«¤Ã¤¿¡£ cisco1#show hosts << DNS »ÈÍѤΥ¢¥É¥ì¥¹¤Ï 255.255.255.255¡£ Default domain is not set Name/address lookup uses domain service Name servers are 255.255.255.255 Host Flags Age Type Address(es) domain-server (temp, UN) 0 IP cisco1#ddd << 255.255.255.255 ¤Ë DNS ¥¢¥¯¥»¥¹¤·¤Æ¤¤¤ë¡£ Translating "ddd"...domain server (255.255.255.255) % Unknown command or computer name, or unable to find computer address cisco1#conf term cisco1(config)#no ip domain-lookup cisco1(config)#end cisco1#ddd << DNS ¤Ïõ¤µ¤Ê¤¤¡£¤¹¤° % Unknown ¤È½Ð¤ë¡£ Translating "ddd" % Unknown command or computer name, or unable to find computer address cisco1#write term << no ip domain-lookup ¤È¤Ê¤Ã¤Æ¤¤¤ë¤«³Îǧ¡£ Building configuration... | no ip domain-lookup cisco1#write mem Building configuration... [OK] (4) ¥Ø¥Æ¥í¥¸¥Ë¥¢¥¹¡¦¥Í¥Ã¥È¥ï¡Ý¥¯ °Ûµ¡¼ï´ÖÀܳ( Heterogeneous Network ) '96¡Á * Apollo ¤È Ethernet º®ºß¥Í¥Ã¥È¥ï¡Ý¥¯ ¤³¤ó¤ÊÏäⲿ¤«¤Î»²¹Í¤Ë¤Ê¤ë¤«¤âÃΤì¤Ê¤¤¡££¹£¶Ç¯Åö»þ¤Ë¸¡Æ¤¤ò¹Ô¤Ã¤¿¤³¤È¤À¤¬¡¢Î¥¤ì¤¿ £²¥õ½ê¤Î Apollo ¥³¥ó¥Ô¥å¡Ý¥¿¤Î¥Í¥Ã¥È¥ï¡Ý¥¯¤ò·ë¤Ö¤È¤¤¤¦¡£ Apollo ¤ÏÆÃÍ­¤Î¥È¡Ý¥¯¥ó ¥ê¥ó¥°¤Ë¤è¤ë¥Í¥Ã¥È¥ï¡Ý¥¯¤Ç¡¢µ÷ΥŪ¤Ë¤Ï£±¥ê¥ó¥°¤Ç¤â¿ô¥­¥í¤Ï¤¤¤±¤ë¡£¤·¤«¤·µ÷Î¥¤È¤· ¤ÆÌó£µ£°£°¥á¡Ý¥È¥ë¡¢¸øÆ»°ìÈ̤ò¤Þ¤¿¤°Àܳ¤Ï¤Ç¤­¤Ê¤¤¡£¤½¤³¤Ç INS64²óÀþ¤Ç¡¢¤½¤Îµ÷Î¥ ¤òËä¤á¤è¤¦¤È¹Í¤¨¤¿¡£²¿¤«¤¤¤¤¥Í¥Ã¥È¥ï¡Ý¥¯ÁõÃ֤Ϥʤ¤¤«¤È¡¢Cisco ¤Î¥Ñ¥ó¥Õ¥ì¥Ã¥È¤òį ¤á¤Æ¤¤¤¿¤é Apollo Domain ¤È¤¤¤¦Ê¸»ú¤¬Ìܤ˻ߤޤä¿¡£ Cisco 2503 ¤Ç IOS ¤ò°ìÈֹ⤤ ¥¿¥¤¥×¤Î¤òÇ㤨¤Ð¡¢²¿¤È¤«¼Â¸½¤Ç¤­¤½¤¦¤Ç¤¢¤ë¡£Apollo ¤Î¥Ñ¥±¥Ã¥È¤ò HDLC(X.25)¤Ç¥«¥× ¥»¥ë²½¤·¤Æ Ethernet ¤ä FDDI ¤òÄ̤¹¤³¤È¤¬¤Ç¤­¤ë¤È¤¤¤¦µ¡Ç½¤Ç¤¢¤ë¡£¶È¼Ô¤ÈÁêÃ̤·¤¿¤È ¤³¤í Apollo ¤Ï¿¨¤Ã¤¿¤³¤È¤Ê¤¤¤±¤É¡¢Â¿Ê¬¤Ç¤­¤ë¤Ç¤·¤ç¤¦¤È¤¤¤¦¡£¤½¤ì¤Ç Cisco 2503 ¤ò £²Âæ¤È£É£Ó£Ä£Î¤Î²óÀþ¥¨¥ß¥å¥ì¡Ý¥¿¤ò¼êÇÛ¤ÈÁêÀ®¤Ã¤¿Ìõ¤Ç¤¢¤ë¡£ ¢¨¥¢¥¹¥­¡ÝÀ½£É£Ó£Ä£Î²óÀþ¥¨¥ß¥å¥ì¡Ý¥¿ INE-64II:£É£Î£Ó¥Í¥Ã¥È£¶£´µ¿»÷¸ò´¹´ï¡£ÊÛÅöÈ¢ ÄøÅ٤ξ®·¿¤Î·Ú¤¤Êª¤Ç¤¢¤ë¡£398,000 ±ß¡£¼ÂºÝ¤Ë£É£Ó£Ä£Î¤ò°ú¤«¤Ê¤¯¤Æ¤â¼Â¸³¤¬¤Ç¤­¤ë¡£ £Ì£Á£Î¤Î¥×¥í¥È¥³¥ë¡¿µ¡Ç½ | IP DT EN -------------------------------------------------|----------- IP, ¥Ö¥ê¥Ã¥¸¥ó¥° LAN¥¨¥¯¥¹¥Æ¥ó¥·¥ç¥ó¤Î¥Û¥¹¥Èµ¡Ç½| ¡û ¡û ¡û IPX, AppleTalk1&2, DECnet IV | ¡ß ¡û ¡û DECnet V, OSI, XNS, Banyan Vines, Apollo Domain | ¡ß ¡ß ¡û IP: ÀìÍѵ¡Ç½¥»¥Ã¥È¡¢DT: Desktopµ¡Ç½¥»¥Ã¥È¡¢EN: Enterpriseµ¡Ç½¥»¥Ã¥È * Apollo ¤Î¥ë¡Ý¥Æ¥£¥ó¥°¤ÎÀßÄê ¶È¼Ô¤µ¤ó¤È°ì½ï¤Ë Cisco 2503 ¤ÎÀßÄê¤Ï¤ä¤ë¤³¤È¤Ë¤·¡¢ Apollo ¤Ë´Ø¤·¤Æ¤Ï¾®À¸¤¬¤¬¤ó¤Ð ¤ë¤³¤È¤Ë¤·¤¿¡£Apollo ¤Î£²¤Ä¤Î¥È¡Ý¥¯¥ó¥ê¥ó¥°¤ò·ë¤Ö¤Ë¤Ï¡¢ ¤³¤ì¤Þ¤Ç»È¤Ã¤¿¤³¤È¤¬¤Ê¤¤ ¥³¥Þ¥ó¥É¤òÍѤ¤¤ëɬÍפ¬¤¢¤Ã¤¿¡£À褺¤Ï¤½¤ì¤¾¤ì¤Î¥È¡Ý¥¯¥ó¥ê¥ó¥°¤Ë¡¢¥Í¥Ã¥È¥ï¡Ý¥¯¤ÎÈÖ ¹æ¤òÉÕ¤±¤ë¡£¤³¤ì¤Ï rtsvc ¤È¤¤¤¦¥³¥Þ¥ó¥É¤òÍѤ¤¤¿¡£ £²¤Ä¤Î¥ì¥¸¥¹¥È¥ê¤òÅý¹ç¤¹¤ë¤Î¤Ë ns_helper ¥Ç¡Ý¥â¥ó¤ò²ÔƯ¤µ¤»¡¢edns ¥³¥Þ¥ó¥É¤ÇÀßÄꤷ¤¿¡£glbd ¤âÅý¹ç¤¹¤ëɬÍפ¬¤¢¤Ã ¤¿¡£Apollo ¤òÃΤé¤Ê¤¤¿Í¤Ë¤Ï¥Á¥ó¥×¥ó¥«¥ó¥×¥ó¤À¤í¤¦¡£ Íפϥͥåȥï¡Ý¥¯¤Ë¤Ï²¿¤«ÈÖ¹æ ¤ò¿¶¤Ã¤Æ¶èÊ̤¹¤ë¤³¤È¡£¤½¤ì¤Ë NIS ¤ä¥Ñ¥¹¥ï¡Ý¥É´ÉÍý¤Ê¤É¤Î¥Ç¡Ý¥â¥ó¤¬¤¢¤ì¤Ð¡¢ ¤½¤ì¤â Á´ÂΤÇÀ°¹çÀ­¤¬¼è¤ì¤ë¤è¤¦¤Ë¤¹¤ë¤³¤È¡£¤½¤·¤Æ¡¢ÆÃÍ­¤Ê¥Ñ¥±¥Ã¥È¤òŬÅö¤Ëɸ½àŪ¤Ê¥Ñ¥±¥Ã ¥È¤Ç¤¯¤ë¤ó¤Ç¡¢²¿¤«¤·¤éÁê¼ê¥Ø¤ÎÅþã·ÐÏ©¤ò»ØÄꤷ¤Æ¤ä¤ì¤Ð¡¢Â¿Ê¬ÄÌ¿®¤Ç¤­¤ë¤¸¤ã¤Ê¤¤¤« ¤È¤¤¤¦¤³¤È¤Ç¤¢¤ë¡£Apollo ¤ò¤Þ¤ë¤ÇÃΤé¤Ê¤¤¤Î¤Ë¡¢ ÀßÄê¤Ë¤ä¤Ã¤Æ¤­¤¿¥·¥¹¥Æ¥à¡¦¥¨¥ó¥¸ ¥Ë¥¢¤µ¤ó¤Ë¶µ¤¨¤é¤ì¤¿¤³¤È¤Ç¤¢¤ë¡£ 100ÈÖ Domain Ring-1 Apollo Domain Ring-1 ¤È Domain Ring-2 ¡¿¡±¡±¡±¡±¡±¡±¡À ¤Î¥Î¡Ý¥É´Ö¤Ç¡¢Apollo ¤Î¥×¥í¥È¥³¥ë¤ÇÄÌ ¡À¡²¡²¡²¡²¡²¡²¡¿¡½¢¢ node_C ¿®¤·¤¿¤¤¡£node_C ¤«¤é node_D ¤Ø $ crp ¡Ã ¤ò¤«¤±¤ë¤È¤«¡¢node_C ¤Ç $ ld //node_D ¢¢ node_aaa ¤È¤«¤ä¤ê¤¿¤¤¡£crp ¤ä ld ¤Ï ApolloÆÃÍ­ ¡Ã.2 192.9.200.0 ¤Î¥³¥Þ¥ó¥É¤Ç¤¢¤ë¡£ ------------------------------- 101ÈÖ | .9 ¢¨ crd : create directory ------- ld : list directory router1 | 200 | ------- 192.168.1.1 ¢£ ¡§ 0987654321 (£É£Ó£Ä£ÎÈÖ¹æ) 150 ÈÖ ¡§ ¡§ 0123456789 (£É£Ó£Ä£ÎÈÖ¹æ) 102ÈÖ Domain Ring-2 ¢£ ¡¿¡±¡±¡±¡±¡±¡±¡À ------- 192.168.1.2 ¡À¡²¡²¡²¡²¡²¡²¡¿¡½¢¢ node_D router2 | 300 | ¡Ã ------- ¢¢ node_bbb | .3 192.9.203.0 .1 ¡Ã ------------------------------------------------------- 103ÈÖ [ node_aaa ¤Ç¤ÎÀßÄê ] $ rtsvc -dev ring -net 100 -route $ rtsvc -dev eth802.3_at -net 101 -route $ /etc/route add net 192.168.1 192.9.200.9 1 $ /etc/route add net 192.9.203 192.9.200.9 2 $ /etc/lcnet Network First Hop Hops ======== ========= ===== 100 -- local 101 -- local 103 200 1 150 200 1 [ node_bbb ¤Ç¤ÎÀßÄê ] $ rtsvc -dev ring -net 102 -route ¢¨ node_aaa ƱÍÍ route ÀßÄê¤â¹Ô¤¦¡£ $ rtsvc -dev eth802.3_at -net 103 -route * Cisco 2503¡¢router1 ¦¤ÎÀßÄê router1#write term << telnet ¤Ç 192.9.200.9¥¢¥¯¥»¥¹¤·¤ÆÀßÄê¡£ | router2 ¦¤â²¡¤·¤ÆÃΤë¤Ù¤·¤ÇÀßÄꤹ¤ë¡£ version 11.0 | no ip domain-lookup apollo routing 200 << router1 ¤Î 200 ¤ËÂбþ¡£ apollo maximum-paths 5 isdn switch-type ntt isdn tei-negotiation first-call ! interface Ethernet0 ip address 192.9.200.9 255.255.255.0 << £Ì£Á£Î¦¤Î£É£Ð¥¢¥É¥ì¥¹¡£ ip directed-broadcast -196609 apollo network 101 apollo update-time 30 ! interface Serial0 << Serial1 ¤È¤â¤³¤³¤Ç¤Ï´Ø·¸¤Ê¤·¡£ | interface BRI0 ip address 192.168.1.1 255.255.255.0 << £×£Á£Î¦¤Î£É£Ð¥¢¥É¥ì¥¹¡£ ip broadcast-address 192.168.1.255 ip directed-broadcast -196609 encapsulation ppp bandwidth 64 apollo network 150 apollo update-time 30 dialer idle-timeout 3000 ¢­ 012.. ¤ÏÁê¼ê¦¤ÎÅÅÏÃÈֹ档 dialer map ip 192.9.203.2 name router2 0123456789 dialer-group 1 ppp authentication chap ! router rip network 192.9.200.0 network 192.9.203.0 network 192.168.1.0 ! access-list 101 permit ip any any ! apollo route 103 150.300 << router2 ¤Î 300 ¤ËÂбþ¡£ dialer-list 1 list 101 ! line con 0 password cisco line aux 0 password cisco transport input all line vty 0 2 password cisco login line vty 3 4 login ! end (5) Yamaha RTX1000 ¡Á¤Î»È¤¤Êý `24/03 -------------------------------------------------------------------------------- ¼Â¤Ï Yamaha ¤Î¥ë¡Ý¥¿¤ò¼«Ê¬¤ÇÀßÄꤷ¤¿¤Î¤Ï¡¢¤³¤ì¤¬½é¤á¤Æ¤Ç¤¢¤ë¡£RT100i¤Ï¥×¥í¥Ð¥¤¥À ¤¬ÀßÄꤷ¤¿¤Î¤òÁ÷¤Ã¤Æ¤­¤¿¤Î¤Ç¡¢²¿¤â¤¤¤¸¤ë¤³¤È¤Ï¤Ê¤«¤Ã¤¿¡£RTX1000 ¤Ï¥í¡Ý¥«¥ë¡¦¥ë¡Ý ¥¿¤È¤·¤Æ¤â»È¤¦¤³¤È¤¬¤Ç¤­¤ë¡£À褺¤Ï¤½¤ì¤Ç¥Æ¥¹¥È¤·¤Æ¤ß¤¿¡££²Æü¤Ç»È¤¤Êý¡¢Ê¬¤«¤Ã¤¿¡£ -------------------------------------------------------------------------------- * ³µÍ× À褺¤Ï»ÅÍͤò¡£OSPF, BGP, IPv6, IPsec Âбþ¡£Í¥ÀèÀ©¸æ¤äÂÓ°èÀ©¸æ¤Ê¤É¤Î QoS ¤Î¥µ¥Ý¡Ý ¥È¡£ºÇÂç 100 Mbit/sec¥¹¥ë¡Ý¥×¥Ã¥È¡£¥ä¥Þ¥ÏÆȼ«¤Î IDS ÅëºÜ¡¢£´£±¼ïÎà¤ÎÉÔÀµ¥¢¥¯¥»¥¹ ¤ò¸¡ÃβÄǽ¤È¤¤¤¦¡£Âбþ£Ö£Ð£Î¥¯¥é¥¤¥¢¥ó¥È¡¦¥½¥Õ¥È¥¦¥§¥¢¤Ï¡¢SSH Sentinel Ver.1.3.1 ¤Ë Windows 2000/XP ¤Î Professional ¥á¥¤¥ó¥â¡Ý¥É¡£ RTX1000 ¤Ë¤Ï RS-232C ¤Î¥¯¥í¥¹¥±¡Ý¥Ö¥ë¤ÇÀܳ¤·¥¢¥¯¥»¥¹¤¹¤ë¡£RTX1000¤ÎÅŸ»¤òÆþ¤ìľ ¤µ¤Ê¤¯¤Æ¤â¥¢¥¯¥»¥¹¤Ç¤­¤ë¡£RS-232C ¥±¡Ý¥Ö¥ë¤ÏÉÕ°¤Ï¤·¤Æ¤¤¤Ê¤¤¡£telnet¤Ç¤Î¥¢¥¯¥»¥¹ ¤â¤Ç¤­¤ë¤¬¡¢£×£×£×¥¢¥¯¥»¥¹¤Ç¤ÎÀßÄê¤Ï¤Ç¤­¤Ê¤¤¡£²ÈÄí¸þ¤± NetVolante Series ¤ÎRT56v ¤ä RTA55i ¤Ï£×£×£×²èÌ̤ÇÀßÄê¤Ç¤­¤ë¤¬¡£ NetVolante ¤Ï£×£×£×²èÌ̤ǴÊñ¤ËÀßÄê¤Ç¤­¤ë¥Õ¥¡¥¤¥¢¥¦¥©¡Ý¥ëµ¡Ç½¤¬¤¢¤ë¡£ Âè°ìÃʳ¬¤Î £Î£Á£Ô¡¦£É£Ð¥Þ¥¹¥«¥ì¡Ý¥É¡¢Â³¤¤¤ÆÀÅŪ¥Õ¥£¥ë¥¿¥ê¥ó¥°¡¢Æ°Åª¥Õ¥£¥ë¥¿¥ê¥ó¥°¡¢Âè»ÍÃʳ¬ ¤ÎÉÔÀµ¥¢¥¯¥»¥¹¸¡ÃΡ£¥»¥­¥å¥ê¥Æ¥£¡¦¥ì¥Ù¥ë¤Ï£·Ãʳ¬¤¢¤Ã¤Æ£²¤«¤é£·¤Ï¡¢NetBIOS Åù¤ÎÄÌ ¿®¤ò¶Ø»ß¤¹¤ë¡¢¥Ý¡Ý¥ÈÈÖ¹æ:135,137,138,139,445 ¤òÊĤ¸¤ë¤È¤¢¤ë¡£ RTX1000 ¤Ë¤Ï RJ45¤Î¥Ý¡Ý¥È¤Ï£´¼ïÎढ¤ë¡£LAN1 £´¥Ý¡Ý¥È¡¢LAN2 £±¥Ý¡Ý¥È¡¢LAN3 £±¥Ý¡Ý ¥È¡¢¤½¤ì¤Ë ISDN S/T ü»Ò¤Ç¤¢¤ë¡£ISDNü»Ò°Ê³°¤Ï¡¢LAN1 ¤¬£Ì£Á£Î¦¡¢LAN2 ¤¬£×£Á£Î¦ ¤È¤«£Ä£Í£Ú¤È¤«¤¢¤é¤«¤¸¤á·è¤Þ¤Ã¤Æ¤¤¤ëÌõ¤Ç¤Ê¤¤¡£²¼¤Î¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Î¥Æ¥¹¥È¤Î¤È¤³¤í ¤Ç¡¢LAN1,2 ¤òÈ¿ÂФˤ·¤Æ¥Ñ¥±¥Ã¥È¤ò»ß¤á¤Æ¤¤¤ë¤«³Îǧ¤·¤¿¤ê¤·¤Æ¤ß¤¿¡£ °ì±þ LAN1 ¤ò£Ì£Á£Î¦¡¢¤Ä¤Þ¤êÆâÉô¥Í¥Ã¥È¥ï¡Ý¥¯Â¦¤ËÍѤ¤¤ë¤ÈÊØÍø¤Ç¤¢¤ë¡£¤³¤Î£±¤Ä¤Î¥Ý ¡Ý¥È¤Ë 192.168.1.1/24 ¤ÈÀßÄꤷ¤¿¤È¤¹¤ë¤È¡¢»Ä¤ê£³¤Ä¤Î¥Ý¡Ý¥È¤Ï 192.168.1.0/24 ¥Í¥Ã ¥È¥ï¡Ý¥¯¤Ç¤Î¥¹¥¤¥Ã¥Á¥ó¥°¥Ï¥Ö¤È¤·¤Æµ¡Ç½¤¹¤ë¡£Î٤ΥݡݥȤ˥ۥ¹¥È¤ò 192.168.1.2£É£Ð ¥¢¥É¥ì¥¹¤È¤·¤ÆÎ㤨¤Ð¤Ä¤Ê¤²¤Ð¤¤¤¤¡£ ¥ä¥Þ¥Ï¤Î¥µ¥¤¥È "£Ò£Ô¥·¥ê¡Ý¥º¤Î£É£Ð¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¤Ë´Ø¤¹¤ë£Æ£Á£Ñ"¡¢ ³°Éô¤Î¥Í¥Ã¥È ¥ï¡Ý¥¯¤«¤é¤Î¥¢¥¯¥»¥¹¤òÀ©¸Â¤¹¤ë¥Õ¥£¥ë¥¿¡£ËÜÂΤËƱº­¤µ¤ì¤Æ¤¤¤¿ "ÀßÄêÎ㽸" ¤è¤ê¾Ü¤· ¤¤¡£http://www.rtpro.yamaha.co.jp/RT/FAQ/IP-Filter/network-security-filter.html¡£ ¥³¥ó¥Õ¥£¥®¥å¥ì¡Ý¥·¥ç¥ó¤ò¥»¡Ý¥Ö¤¹¤ë¥Õ¥¡¥¤¥ë̾¤Ï¡¢RTX1000 ¤Ç¤Ï 0 ¤Î¤ß¡£# save 0 ¤È ¤ä¤Ã¤Æ¤â¡¢¤¿¤À # save ¤È¤ä¤Ã¤Æ¤â "Saving ... CONFIG0 Done ." ¤È½Ð¤ë¤Î¤ß¡£RTX2000 ¤À¤Ã¤¿¤é 0 ¤«¤é 9 ¤Þ¤Ç¤ò¥Õ¥¡¥¤¥ë̾¤È¤·¤Æ»ØÄê¤Ç¤­¤ë¡£¤Þ¤¢¡¢ÉáÄ̤ÏÂ礷¤¿ÀßÄê¤Ï¤·¤Ê ¤¤¤«¤éÀßÄê¥ê¥¹¥È¤ò¤È¤Ã¤Æ¤ª¤¤¤Æ¡¢¤¤¤¶¤È¤¤¤¦»þ¤Ï¼ê¤Çµ­½Ò¤¹¤ì¤Ð¤¤¤¤¤¾¡£ * À褺¥¢¥¯¥»¥¹¤·¤Æ¤ß¤ë $ tctl -line 1 -default -speed 9600 -bpc 8 -stop 1 -parity none -insync -sync $ /com/emt << £Æ£±¥­¡Ý¤ò²¡¤¹¡£Apollo ¥³¥ó¥Ô¥å¡Ý¥¿¤Ë¤Æ¡£ emt> raw -noecho emt> EMT remote mode... F1 to exit. RTX1000 BootROM Ver. 1.04 % route add net 192.168.1 192.168.2.1 1 | 192.168.2.1 ¥Ø¤ÎÀÅŪ¥ë¡Ý¥È¤òÀßÄꤹ¤ë¡£ Password: ¢¢ INDY | ¡Ã.3 > administrator -------------------- 192.168.2.0 £×£Á£Î¦ Password: |.1 # console character euc LAN2 -------- RTX1000 # ip lan1 address 192.168.1.1/24 | | # ip lan2 address 192.168.2.1/24 LAN1 -------- ¢¢ PC # save |.1 ¡Ã.2 ¥»¡¼¥ÖÃæ... CONFIG0 ½ªÎ» -------------------- 192.168.1.0 £Ì£Á£Î¦ # no ip lan2 address << ÀßÄê¤ò¼è¤ê¾Ã¤¹¡¢Â¨Í­¸ú¤Ë¤Ê¤ë¡£¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Î¥ë¡Ý¥ë ¤ò¾Ãµî¤¹¤ë¤è¤¦¤Ê¾ì¹ç¤â no ¤ò»È¤¦¡£ * £É£Ð¥Þ¥¹¥«¥ì¡Ý¥É¤ÎÀßÄê # show config # RTX1000 Rev.7.01.29 (Tue Nov 11 11:42:19 2003) # MAC Address : 00:XX:XX:XX:XX:XX, 00:YY:YY:YY:YY:YY, 00:ZZ:ZZ:ZZ:ZZ:ZZ # Memory 16Mbytes, 3LAN, 1BRI # main: RTX1000 ver=b0 serial=NXXXXXXXX MAC-Address=00:XX:XX:XX:XX:XX ... ip route default gateway 192.168.2.2 ip lan1 address 192.168.1.1/24 ip lan2 address 192.168.2.1/24 ip lan2 nat descriptor 1 ¡§ nat descriptor type 1 masquerade ¡§ ¥Õ¥¡¥¤¥¢¥¦¥©¡Ý¥ë nat descriptor address outer 1 192.168.2.1 ¢¢ GateWay ¤Þ¤¿¤Ï¥ë¡Ý¥¿ ¡Ã.2 -------------------------- 192.168.2.0 PC ¤Î 192.168.1.2 ¤ä .3 ¤«¤é |.1 ³°¤Ø¤Î¥¢¥¯¥»¥¹¤Ï¡¢£É£Ð¥¢¥É¥ì LAN2 -------- £É£Ð¥¢¥É¥ì¥¹ÊÑ´¹ ¥¹¤ÏÊÑ´¹¤µ¤ì¤Æ 192.168.2.1¤« | | ¤é¤Î¥¢¥¯¥»¥¹¤È¤Ê¤ë¡£ LAN1 -------- ¢¢ PC ¢¢ PC |.1 ¡Ã.2 ¡Ã.3 -------------------------- 192.168.1.0 * ¥Õ¥£¥ë¥¿¥ê¥ó¥°¤ò¤«¤±¤ë RT100i ¤è¤êºÙ¤«¤¤¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Î»ØÄ꤬¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¡£ ¤³¤³¤Ç¤Ï¥Ç¥Õ¥©¥ë ¥È¥²¡Ý¥È¥¦¥§¥¤¤ÏÀßÄꤷ¤Ê¤¤¡£ PC ¤È INDY ¤Ç¤Î¥Õ¥£¥ë¥¿¥ê¥ó¥°¤Î¥Æ¥¹¥È¤Ç¤¢¤ë¡£·ÐÏ©¾ð Ê󤬤ɤΤ褦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤«¤Ï # show ip route ¤È¤ä¤ì¤Ð½Ð¤ÆÍè¤ë¡£°Ê²¼¤Ï admin ¤Ç¥í ¥Ã¥°¥¤¥ó¤·¤Æ ip filter ¤¦¤ó¤Ì¤óÅù¤ÈÆþÎϤ¹¤ë¤³¤È¡£ "ip lan2 secure filter in 1 2" ¤ÇÎ㤨¤Ð£±ÈÖÌܤΥë¡Ý¥ë¤ÏÉÔÍפȤʤ俤é "ip lan2 secure filter in 2" ¤ÈÂǤƤФ¤¤¤¡£ # ip filter ÈÖ¹æ ȯ¿®¸µ¥¢¥É¥ì¥¹/netmask Áê¼êÀ襢¥É¥ì¥¹/netmask ȯ¿®¸µ¥Ý¡Ý¥ÈÈÖ¹æÎóµó Áê¼êÀè¥Ý¡Ý¥ÈÈÖ¹æÎóµó # ip filter 1 pass * * established << £×£Á£Î¦ IN¤Î¥Ñ¥±¥Ã¥È¤òÀ©¸Â¤¹¤ë¡£Æ⤫¤é³° # ip filter 2 pass * * icmp << ¤Ø½Ð¤Æ¹Ô¤Ã¤¿ TCP ¥Ñ¥±¥Ã¥È¤Î±þÅú¥Ñ¥±¥Ã¥È¤Ï # ip lan2 secure filter in 1 2 Ä̤¹¡£icmp ¤ÏÆþ¤ì¤Æ¤ª¤«¤Ê¤¤¤È£×£Á£Î¦¤«¤é £Ì£Á£Î¦¤Ø¤Î ping ¤¬Ä̤é¤Ê¤¤¡£ # ip filter 3 reject * * tcp * 80 << £×£Á£Î¦ OUT ¤«¤é³°¤Ø½Ð¤Æ¹Ô¤¯Áê¼êÀ裸£°ÈÖ # ip filter 4 pass * * << ¤Î TCP ¥Ñ¥±¥Ã¥È¤òÄ̤µ¤Ê¤¤¡££³È֤Υë¡Ý¥ë¤ò # ip lan2 secure filter out 3 4 Äɲ䷤ʤ¤¤È¾¤Î¥Ñ¥±¥Ã¥È¤âÄ̤é¤Ê¤¯¤Ê¤ë¡£ # show config ip lan1 address 192.168.1.1/24 "* * tcp * 80" ¤Ïȯ¿®¸µ¡¢ Áê¼êÀè£É£Ð¥¢¥É¥ì¥¹ ip lan2 address 192.168.2.1/24 ¤ÏǤ°Õ¤Ç¡¢¥×¥í¥È¥³¥ë¤Ï TCP ¤Ç¡¢ ȯ¿®¸µ¥Ý¡Ý¥È ip lan2 secure filter in 1 2 ÈÖ¹æ¤ÏǤ°Õ¤Ç¡¢Áê¼êÀè¥Ý¡Ý¥ÈÈÖ¹æ¤Ï£¸£°È֤ΰÕÌ£¡£ ip lan2 secure filter out 3 4 ip filter 1 pass * * established ip filter 2 reject * * tcp * www << ... tcp * 80 ¤ÈÆþ¤ì¤¿¤³¤È¤ËÃí°Õ¡£ WWW ¢¢ INDY 192.168.2.1 ¤Ø¤ÎÀÅŪ¥ë¡Ý¥È¡£ ¡Ã.3 -------------------- 192.168.2.0 £×£Á£Î¦ |.1 -------- IN/OUT | | PC ¤«¤é INDY¤Î£×£×£×¥µ¡Ý¥Ð£¸£°È֥ݡݥȤإ¢¥¯¥»¥¹ IN/OUT -------- ¢¢ PC ¤Ç¤­¤Ê¤¤¤è¤¦¤Ë¤·¤¿¡£¤¿¤À¤·¡¢Â¾¤Î¥×¥í¥È¥³¥ë¤ÏÄ̤롣 |.1 ¡Ã.2 -------------------- 192.168.1.0 £Ì£Á£Î¦ * ¥ë¡Ý¥ë¤ÎÄɲä佤Àµ # ip lan1 address 192.168.50.25/29 RTX1000 ¤Ï²ÔƯ¤µ¤»¤¿¤Þ¤Þ¤ÇRS-232C ¤ÇÀܳ # ip filter 1 pass * * established ¤¹¤ë¡£Â¨ºÂ¤ËÍ­¸ú¤Ë¤Ê¤ë¡£º¸¤ÏÀè¤Ë 1¤È2 ¤Î # ip filter 2 pass * * icmp ¥ë¡Ý¥ë¤¬¤¢¤ê 3 ¤òÄɲ乤ëÎã¤Ç¤¢¤ë¡£ # ip filter 3 pass * * tcp * 80 # pp disable 1 # pp select 1 # pp select 1 ¤³¤Î¤ä¤êÊý¤Ï¤É¤¦¤À¤Ã¤¿¤«¡©¡£ pp1# ip pp secure filter in 1 2 3 pp1# disconnect 1 pp1# pp select none pp1# ip pp intrusion detection in on # show config pp1# connect 1 # pp enable 1 pp1# pp select none # save # * °ÂÁ´Âкö # show environment << ´Ä¶­ÀßÄê¤Î¾õÂÖ¤òɽ¼¨¤¹¤ë¡£ | CPU: 1%(5sec) 1%(1min) 1%(5min) Memory: 18% used Firmware: internal Config. file: 0 Boot time: 2004/03/17 11:35:10 +09:00 Current time: 2004/03/17 14:18:28 +09:00 Elapsed time from boot: 0days 02:43:18 Security Class: 1, Type: ON, TELNET: OFF # telnet 192.168.1.3 Error: No permit to execute << ¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¡¢RTX1000 ¤«¤é¾¤Ø telent ¤Ç¤­¤Ê¤¤¡£ # security class 1 on on << ¤³¤¦¤¹¤ë¤È¡¢¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ë¡£ # security class 3 on off << ¥³¥ó¥½¡Ý¥ë¤«¤é¤·¤«¥í¥Ã¥°¥¤¥ó¤Ç¤­¤Ê¤¤¤è¤¦¤Ë¤¹¤ë¡£ # telnetd service off << RTX1000 Æâ¤Î telnetd ¥Ç¡Ý¥â¥ó¤ò»ß¤á¤ë¡£ * ¥í¥°¤ò¼è¤ë # syslog debug on ¤Ë¤¹¤ë¤ÈÂçÎ̤Υá¥Ã¥»¡Ý¥¸¤¬½Ð¤ÆÍè¤ë¡£²¿¤«¤Î¥Ç¥Ð¥Ã¥°»þ¤ä¥Ñ¥±¥Ã¥È ¤Î¥È¥ì¡Ý¥¹¤Ë»È¤¦¡£# show log ¤Ç¥í¥°¤òɽ¼¨¤¹¤ë¡£ # no syslog debug ¤Ç¥í¥°¼è¤ë¤Î¤ò »ß¤á¡£# clear log ¥¯¥ê¥¢¡£# syslog host £É£Ð¥¢¥É¥ì¥¹¤Ç¾¤Î¥Û¥¹¥È¤Ç¥í¥°¤òµ­Ï¿¤¹¤ë¡£ # syslog notice on ¤Ï¡¢¥Õ¥£¥ë¥¿¥ê¥ó¥°¤ÇÍî¤È¤·¤¿¥Ñ¥±¥Ã¥È¤Î¾ðÊó¤òµ­Ï¿¤¹¤ë¤«¤É¤¦¤«¡£ ¥Ç¥Õ¥©¥ë¥È¤Ï off ¤Çµ­Ï¿¤·¤Ê¤¤¡£ ¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¤¬¤Á¤ã¤ó¤ÈƯ¤¤¤Æ¤¤¤ë¤«³Îǧ ¤¹¤ë¤Î¤Ë»È¤¦¤³¤È¤¬¤Ç¤­¤ë¡£¤µ¤Æ¡¢¥í¥°¤Îµ­Ï¿ÍÆÎ̤¬°ìÇդˤʤ俤é¤É¤¦¤Ê¤ë¤Î¤«¤Ê¡©¡£ # ip pp intrusion detection in on [reject=on] ¤ÏÉÔÀµ¥¢¥¯¥»¥¹¤ò¸¡ÃΤ¹¤ë¡£in on ¤Þ ¤Ç¤Îµ­½Ò¤À¤È¸¡ÃΤ·¤Æ¥í¥°¤Ëµ­Ï¿¤¹¤ë¤À¤±¤À¤¬¡¢´í¸±¤Ê¥¢¥¯¥»¥¹¤Ï¥Ñ¥±¥Ã¥È¤òÇË´þ¤¹¤ë¤È ¤¤¤¦¡£ÌÀ¼¨Åª¤Ë reject=on ¤âÉÕ¤±¤ë¤È¡¢ÉÔÀµ¤Ê¥¢¥¯¥»¥¹¤ÏÁ´Éô¥Ñ¥±¥Ã¥È¤òÇË´þ¤¹¤ë¡£ * ¤ª¤Þ¤±¤ÎÄɲà Windows 7 ¥Ñ¥½¥³¥ó¤Ë¤Æ RS-232C Àܳ¤·¤Æ¤ª¤¤¤Æ¡¢TeraTerm ¤Ç¥¢¥¯¥»¥¹¤·¤¿¤È¤³¤í¡£¤¤ ¤­¤Ê¤ê¥Ñ¥¹¥ï¡Ý¥É¤òÆþ¤ì¤ë¤Î¤¬½Ð¤Æ¤­¤¿¡£administrator ¤Î¥Ñ¥¹¥ï¡Ý¥É¶¦¤Ë½é´üÀßÄê¤Ï¶õ¡£ Password: ÁõÃ֤νé´üÀßÄê¤Ï¤³¤ì¤À¤±¤ß¤¿¤¤¡£ÁõÃÖ¤ò»È RTX1200 Rev. ..... ¤ï¤Ê¤¯¤Ê¤Ã¤Æ¿ʬ¡¢¼«Ê¬¤Ç½é´üÀßÄê¤ËÌᤷ¤Æ | ¤ª¤¤¤¿¤Î¤À¤È»×¤¦¡£Á´Á³³Ð¤¨¤¬¤Ê¤¤¤±¤É¡£ > show conf ¥Õ¥ë¤Ï show config¡£ ip lan1 address 192.168.100.1/24 dhcp service server dhcp server rfc2131 comliant except remai-silent dhcp scope 1 192.168.100.2-192.168.100.191/24 > admin ¥Õ¥ë¤Ï administrator¡£ Password: # no dhcp service ¤³¤ì¤Ç DHCP ¥µ¡Ý¥Ð¤ÎÀßÄê¤Ï¾Ã¤¨¤¿¡£ # no ip lan1 address 192.168.100.1/24 ¤³¤ì¤Ç¾Ã¤¨¤¿¡£ # quit exit ¤âƱ¤¸¡£ ¿·¤·¤¤ÀßÄê¤òÊݸ¤·¤Þ¤¹¤«? (Y/N) > * ¤µ¤é¤Ë¤ª¤Þ¤±¤ÎÄɲà RTX1200 ¤Ç¥¿¥°£Ö£Ì£Á£Î¤òÀßÄꤷ¤¿ÏÃ¤Ï "22-7. £Ö£Ì£Á£Î¤È̵Àþ¤Ç£Ì£Á£Î¥é¥óÍö" ¤ÎºÇ¸å ¤Î¤È¤³¤í¤Ë½ñ¤¤¤¿¡£RTX1200 ¤Î LAN1 ¤Î£¸¸Ä¤Î¥Ý¡Ý¥È¤ò¥¿¥°£Ö£Ì£Á£Î¤Ë¤·¤¿¡£¤³¤ì¤é¥Ý¡Ý ¥È£¸¸Ä¤ÏÁ´ÉôƱ¤¸¥¿¥°£Ö£Ì£Á£Î¤Ç¡¢192.168.1.0 ¤È 192.168.2.0 ¤Ç¤¹¤è¤È¸À¤¦Íͤʤ³¤È¡£ Àè¤Ë½ñ¤¤¤¿¤Î¤Ç # pp disable 1 ¤È¤« # pp select 1 ¤È¸À¤¦¤Î¤¬¤¢¤ë¡£ £²£°£±£¶Ç¯£²·î ¤Î¤³¤È¡¢¸«¤Æ¤¤¤Æ²¿¤À¤Ã¤¿¤«Ê¬¤«¤é¤Ê¤«¤Ã¤¿¡£pp ¤Ï Point to Point Protocol ¤Î¤³¤È¤Ç ²óÀþ¦¤ÎÀܳ¤Î¤³¤È¤À¤Ã¤¿¡£ÂоݤϣΣԣԤÎÀìÍÑÀþ¡¢¥Õ¥ì¥Ã¥Ä£Á£Ä£Ó£Ì¡¢£É£Ó£Ä£Î¤È¤«¡£ ʸ»ú²½¤±¤·¤Æ¤¤¤ë¤Î¤òľ¤¹¡£TeraTerm ¤Î [ÀßÄê]->[üËö] ¤Ç "´Á»ú-¼õ¿® [SJIS ¢¦]" ¤Ë ¤¹¤ë¡£¤³¤ì¤Çʸ»ú²½¤±¤·¤Ê¤¯¤Ê¤Ã¤¿¡£¥í¥°¥¤¥ó¤·¤Æ¥»¡Ý¥Ö¤·¤è¤¦¤È > save ¥³¥Þ¥ó¥É¤ä¤Ã ¤¿¡£"¥¨¥é¡Ý: ¤³¤Î¥³¥Þ¥ó¥É¤Ï´ÉÍý¥ì¥Ù¥ë¤Ç¤Î¤ß»ÈÍѤǤ­¤Þ¤¹"¡¢¤È½Ð¤Æ²½¤±¤Æ¤¤¤¿¡£ RTX1200 ¤Ç LAN3 ¥Ý¡Ý¥È¤ÎÁ´Éô¤«¤é¡¢³°¤Ø½Ð¤Æ¤¤¤±¤Ê¤¤£É£Ð¥¢¥É¥ì¥¹¤òÈÏ°Ï»ØÄꤷ¤Æ¤ß¤ë¡£ "ip lan3 secure filter out 11 12 50¡¢ip filter 11 reject 1.1.1.1-1.1.1.2 * * * *¡¢ ip filter 12 reject 2.2.2.1-2.2.2.2 * * * *¡¢ip filter 50 pass * * * * *¡£ °ìÈÌ¥æ¡Ý¥¶¤Ç¤ÏÀßÄê¤ò¥»¡Ý¥Ö¤Ç¤­¤Ê¤¤¡£> administrator ¥³¥Þ¥ó¥É¤òÂÇ¤Ã¤Æ Password:¤ò Æþ¤ì¤ë¤³¤È¡£¤½¤·¤Æ # save ¤Ç "¥»¡Ý¥ÖÃæ... CONFIG0 ½ªÎ»" ¤È½Ð¤ë¡£¥Ñ¥½¥³¥ó¤Ë¥»¡Ý¥Ö ¤µ¤ì¤ë¤«¤È»×¤Ã¤¿¡£> show config list ¤ÇÁõÃÖÆâ¤Ë¥»¡Ý¥Ö¤µ¤ì¤Æ¤¤¤ë¤Î¤¬É½¼¨¤µ¤ì¤ë¡£ * ¤Ê¤ª¤µ¤é¤Ë¤ª¤Þ¤±¤ÎÄɲà `2h/12/s ¡ÖÆü·Ð£Î£Å£Ô£×£Ï£Ò£Ë¡×2017/12, P.72¡Á76,"¥Í¥Ã¥È¥ï¡Ý¥¯¹½Ãۥƥ¯¥Ë¥Ã¥¯(Âè»°²ó)¥ë¡Ý¥¿ ¡Ý ¥¯¥é¥¦¥É¤Ë¤Ï³ÆµòÅÀ¤«¤é¥¢¥¯¥»¥¹"¡£ºÇ¶á¤Î¥ë¡Ý¥¿¤Ë¤Ï¥Ý¥ê¥·¡Ý¥ë¡Ý¥Æ¥£¥ó¥°µ¡Ç½¤¢¤ë ¤È¤¤¤¦¤³¤È¤¬½ñ¤«¤ì¤Æ¤¤¤ë¡£Ëܼҥؤν¸Ãæ¤òÈò¤±¤ë DIA( Direct Internet Access )¹½À®¡¢ ¥¤¥ó¥¿¡Ý¥Í¥Ã¥È¥Ö¥ì¡Ý¥¯¥¢¥¦¥È¤È¤«¥í¡Ý¥«¥ë¥Ö¥ì¥¤¥¯¥¢¥¦¥È¤È¸Æ¤Ð¤ì¤ë¡£DIA ¤ò¼Â¸½¤¹¤ë µ¡Ç½¤¬ DPI( Deep Packet Inspection ) ¤È PBR( Policy-Based Routing ) ¤Ç¤¢¤ë¡£ DPI ¤Ç¥¯¥é¥¦¥É¥µ¡Ý¥Ó¥¹¤ò¼±Ê̤¹¤ë¡¢Office 365 ¤Î³¨¤¬·ÇºÜ¤µ¤ì¤Æ¤¤¤ë¡£ Google ¤Ç [ ¥ä¥Þ¥Ï PBR ] ¤È¸¡º÷¤·¤¿¤é "¥Õ¥£¥ë¥¿·¿¥ë¡Ý¥Æ¥£¥ó¥°"¤È¤¤¤¦¤Î¤¬¥Ò¥Ã¥È¤· ¤¿¡£¥ä¥Þ¥Ï¤Î¥ë¡Ý¥¿¤Îµ¡Ç½¤òÀâÌÀ¤·¤¿¥É¥­¥å¥á¥ó¥È¤Î¥µ¥¤¥È¤ÇÀΤ«¤é¤¢¤ë¡£¤Þ¤µ¤Ë¤³¤ì¤¬ PBR¡¢¥Ý¥ê¥·¡Ý¥ë¡Ý¥Æ¥£¥ó¥°µ¡Ç½¤Ç¤¢¤ë¡£ ¤½¤³¤Ë¤Ï "DNSÌ䤤¹ç¤ï¤»¤Ë±þ¤¸¤¿DNS¥µ¡Ý¥Ð¤Î ÁªÂò" ¤È¤¤¤¦ÀâÌÀ½ñ¤­¤â¤¢¤Ã¤¿¡£¥ë¡Ý¥¿¤Î£×£Á£Î¦¥Ý¡Ý¥È¤ò PORT1 ¤È PORT2 ¤ò»È¤¤¡¢¥Ñ ¥±¥Ã¥È¤ò¿¶¤êʬ¤±¤ë¡££Ä£Î£Ó¸¡º÷¤¬ PORT1 ·Ðͳ¡¢£×£×£×¥¢¥¯¥»¥¹¤¬ PORT2 ¤À¤È¡¢ PORT1 ²óÀþ¤¬¥À¥¦¥ó¤·¤¿¤ê¤¹¤ë¤È£×£×£×¥¢¥¯¥»¥¹¤â¤Ç¤­¤Ê¤¯¤Ê¤Ã¤Æ¤·¤Þ¤¦¡£¤³¤ì¤¬²óÈò¤Ç¤­¤ë¡£ [ ÀßÄêÎã ] Î㣱¥Û¥¹¥È¤Ë¤è¤Ã¤ÆÀܳÀè¤òÊѤ¨¤ë¾ì¹ç ( ÀâÌÀ½ñ¤­¤ÎÈ´¿è ) ip lan1 address 192.168.0.254/24 ip filter 1 pass 192.168.0.1 * * * * ip filter 2 pass 192.168.0.2 * * * * ip route default gateway pp 1 filter 1 gateway pp 2 filter 2 Á÷¿®¸µ¤¬ 192.168.0.1 ¤Î¥Ñ¥±¥Ã¥È¤Ï PP1 ¤Ø¡¢192.168.0.2 ¤Î¤Ï PP2 ¤ØÁ÷¿®¤¹¤ë¡£ ¥ä¥Þ¥Ï¤Î¥µ¥¤¥È¤Ë¤Ï PBR ¤ÎÀâÌÀ¤Ï¤¢¤Ã¤¿¤¬¡¢DPI ¤È¤« DIA ¤È¤«¸À¤¦Ê¸»ú¤Ï¸«Åö¤¿¤é¤Ê¤¤¡£ Cisco ¤Î¥µ¥¤¥È¤Ç¤â PBR ¤ÎÀâÌÀ¤¬¤¢¤Ã¤¿¡¢£²£°£±£²Ç¯¤ÎÆüÉÕ¤±¤¬¤¢¤Ã¤¿¡£Ã±½ã¤Ê PBR ¤Ç ¤Ï Office 365 ¤Î¥Ñ¥±¥Ã¥È¤ÏͶƳ¤Ç¤­¤Ê¤¤¡£ÀèÆü Fortinet ¼Ò¤Î¥»¥ß¥Ê¡Ý¤Ç¤âÏ䷤Ƥ¤¤¿ SD-WAN ¤Î¥¤¥ó¥¿¡Ý¥Í¥Ã¥È¥Ö¥ì¡Ý¥¯¥¢¥¦¥Èµ¡Ç½¤¬¤Ê¤±¤ì¤Ð¡£Office 365 ¤Ï£Õ£Ò£Ì¤¬ÉÑÈË¤Ë ÊѤï¤ë¤È¤¤¤¦¤³¤È¤Ç¡¢Áê¼êÀè£É£Ð¥¢¥É¥ì¥¹¤ä¥Ý¡Ý¥ÈÈÖ¹æ¤Ç¤ÏÀ©¸æ¤¬¤Ç¤­¤Ê¤¤¤Î¤Ç¤¢¤ë¡£¤É ¤¦¤â¡ÖÆü·Ð£Î£Å£Ô£×£Ï£Ò£Ë¡×¤¬ºÇ¶á¤Î¥ë¡Ý¥¿¤Ë¤Ï¤È¸À¤¦¤¬¡¢DPI ÅëºÜ¤Ã¤ÆËÜÅö¤«¤¤¤Ê¡£