[V300R019C10SPC200]
#
 sysname R2
#
 drop illegal-mac alarm
#
authentication-profile name default_authen_profile
authentication-profile name dot1x_authen_profile
authentication-profile name dot1xmac_authen_profile
authentication-profile name mac_authen_profile
authentication-profile name multi_authen_profile
authentication-profile name portal_authen_profile
#
dhcp enable
#
radius-server template default
#
pki realm default
#
ssl policy default_policy type server
 pki-realm default
 version tls1.2
 ciphersuite rsa_aes_128_cbc_sha rsa_aes_128_sha256 rsa_aes_256_sha256 ecdhe_rsa
_aes128_gcm_sha256 ecdhe_rsa_aes256_gcm_sha384
#
acl number 3000
 rule 5 permit ip source 192.168.0.0 0.0.255.255
#
ike proposal default
 encryption-algorithm aes-256 aes-192 aes-128
 dh group14
 authentication-algorithm sha2-512 sha2-384 sha2-256
 authentication-method pre-share
 integrity-algorithm hmac-sha2-256
 prf hmac-sha2-256
#
free-rule-template name default_free_rule
#
portal-access-profile name portal_access_profile
#
aaa
 authentication-scheme default
  authentication-mode local
 authentication-scheme radius
  authentication-mode radius
 authorization-scheme default
  authorization-mode local
 accounting-scheme default
  accounting-mode none
 local-aaa-user password policy administrator
 domain default
  authentication-scheme default
  accounting-scheme default
 domain default_admin
  authentication-scheme default
  accounting-scheme default
 local-user admin password irreversible-cipher $1a$l/ee<QKJ`1$aPb2.&;1m0F.R-CHp_
};.,#v)1A_gH=rau~tev,#$
 local-user admin privilege level 15
 local-user admin service-type terminal http
#
web
#
firewall zone Local
#
interface Vlanif1
 ip address 192.168.1.1 255.255.255.0
 dhcp select interface
#
interface GigabitEthernet0/0/0
 undo portswitch
 ip address 10.0.3.1 255.255.255.252
#
interface GigabitEthernet0/0/1
 undo portswitch
 ip address 203.0.113.6 255.255.255.252
 nat outbound 3000
 ospf cost 100
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/11
 description VirtualPort
#
interface XGigabitEthernet0/0/0
#
interface NULL0
#
ospf 1 router-id 4.4.4.4
 area 0.0.0.0
  network 10.0.3.0 0.0.0.3
 area 0.0.0.1
  network 203.0.113.4 0.0.0.3
#
 snmp-agent local-engineid 800007DB03A01C8D170B1A
 snmp-agent trap enable
#
 http secure-server ssl-policy default_policy
 http secure-server enable
 http server permit interface GigabitEthernet0/0/0
#
fib regularly-refresh disable
#
user-interface con 0
 authentication-mode password
 set authentication password cipher %^%#\~EgVI'Gi9UVWMQ}8H-B75z=~<67c~A-D2I,"s&<
l,=SB8oa+Lr\,8ER+^wD%^%#
user-interface vty 0
 authentication-mode aaa
 user privilege level 15
user-interface vty 1 4
#
wlan ac
 traffic-profile name default
 security-profile name default
 security-profile name default-wds
  security wpa2 psk pass-phrase %^%#Bre)S*TVAH#I6aH8Fd98ay'KOIR|F,-DemJ:)_<H%^%#
 aes
 ssid-profile name default
 vap-profile name default
 wds-profile name default
 regulatory-domain-profile name default
 air-scan-profile name default
 rrm-profile name default
 radio-2g-profile name default
 radio-5g-profile name default
 wids-spoof-profile name default
 wids-profile name default
 ap-system-profile name default
 port-link-profile name default
 wired-port-profile name default
 ap-group name default
#
dot1x-access-profile name dot1x_access_profile
#
mac-access-profile name mac_access_profile
#
ops
#
autostart
#
secelog
#
 ms-channel

#
return