枕元に転がってた中古のRTX1100@約4000円で遊んだ。
シリアルコンソールなんてもってないので、
手元にあったUSB-LANアダプタで頑張った。
RTX1100のIP設定
RARPでIPv4アドレスを設定する場合
以下を仮定。
- RTX1100に設定するIPアドレス:
192.168.11.10/24
- RTX1100の底面に書いてあるMACアドレス:
xx:xx:xx:xx:xx:xx
- USB-LANアダプタに設定するIPアドレス:
192.168.11.11/24
- USB-LANのインタフェース名:
en3
- MacとRTX1100(LAN1)を接続
- OS Xのネットワーク環境設定画面でUSB-LANアダプタの設定変更
- (例)
IPv4設定:手入力、IPアドレス:192.168.11.11、サブネットマスク:255.255.255.0
- (例)
# ln -s /private/tftpboot/ /tftpboot
- RTX1100に設定するIPアドレスの16進数表記を調べる
- IP Address to Hex Converterなど
-
192.168.11.10
=>0xC0A80B0A
- ↑の16進数表記IPをもとに、ディレクトリorファイルを
/tftpboot
内に作成:
# mkdir -p /tftpboot/C0A80B0A
`- これやらないとrarpdでIP設定できない
# echo xx:xx:xx:xx:xx:xx rtx1100 >> /etc/ethers
# echo "192.168.11.10 rtx1100" >> /etc/hosts
- RTX1100を起動する
# rarpd -d en3
- RTX1100を再起動する
- ターミナルに
rarpd: got a packet
が一回だけ出たらIP設定完了
- ターミナルに
# telnet 192.168.11.10
IPv6アドレスを用いる場合
以下を仮定。
- USB-LANのインタフェース名:
en3
- MacとRTX1100(LAN1)を接続
# ping6 -I en3 ff02::2
- (応答があったアドレスがRTX1100のIPv6アドレスなはずなので、そこにtelnet)
設定書き込み
無駄にL2TP/IPsecを有効化した。ほぼ YAMAHAサイト記載の設定 コピペ。
# RTX1100 Rev.8.03.94
# If you want to clear ALL configuration to default,
# remove `#' of next line.
clear configuration
#
# System configuration
#
administrator password encrypted {{encrypted_password}}
security class 2 off off
timezone +09:00
console character ascii
login timer 600
#
# IP configuration
#
ip route default gateway pp 1
ip filter source-route on
ip filter directed-broadcast on
#
# IPv6 configuration
#
#
# LAN configuration
#
ip lan1 address 192.168.1.1/24
ip lan1 proxyarp on
#
# ISDN configuration
#
### BRI 1 ###
#
# PP configuration
#
pp disable all
### PP 1 ###
# インターネッツ
pp select 1
pp always-on on
pppoe use lan2
pp auth accept pap chap
pp auth myname {{username}} {{password}}
ppp lcp mru on 1454
ppp ipcp ipaddress on
ppp ipcp msext on
ip pp mtu 1454
ip pp secure filter in 1020 1030 1040 1041 1042 1043 2000
ip pp secure filter out 1010 1011 1012 1013 1014 1015 3000 dynamic 100 101 102 103 104 105 106
ip pp intrusion detection in on reject=on
ip pp intrusion detection out on reject=on
ip pp nat descriptor 1
pp enable 1
### PP anonymous ###
# L2TPトンネル
pp select anonymous
pp bind tunnel1
pp auth request chap-pap
pp auth username {{username}} {{password}}
ppp ipcp ipaddress on
ppp ipcp msext on
ip pp remote address pool dhcp
ip pp mtu 1258
pp enable anonymous
#
# TUNNEL configuration
#
no tunnel enable all
### TUNNEL 1 ###
tunnel select 1
tunnel encapsulation l2tp
ipsec tunnel 1
ipsec sa policy 1 1 esp aes-cbc sha-hmac
ipsec ike keepalive use 1 off
ipsec ike local address 1 192.168.1.1
ipsec ike nat-traversal 1 on
ipsec ike pre-shared-key 1 text {{pre-shared-key}}
ipsec ike remote address 1 any
l2tp tunnel disconnect time off
l2tp keepalive use on 10 3
l2tp keepalive log on
l2tp syslog on
ip tunnel tcp mss limit auto
tunnel enable 1
#
# LOOPBACK/NULL configuration
#
#
# IP filter configuration
#
ip filter 1010 reject * * udp,tcp 135 *
ip filter 1011 reject * * udp,tcp * 135
ip filter 1012 reject * * udp,tcp netbios_ns-netbios_ssn *
ip filter 1013 reject * * udp,tcp * netbios_ns-netbios_ssn
ip filter 1014 reject * * udp,tcp 445 *
ip filter 1015 reject * * udp,tcp * 445
ip filter 1020 reject 192.168.1.0/24 *
ip filter 1030 pass * 192.168.1.0/24 icmp
ip filter 1040 pass * 192.168.1.1 esp
ip filter 1041 pass * 192.168.1.1 udp * 500
ip filter 1042 pass * 192.168.1.1 udp * 4500
ip filter 1043 pass * 192.168.1.1 udp * 1701
ip filter 2000 reject * *
ip filter 3000 pass * *
#
# IP dynamic filter configuration
#
ip filter dynamic 100 * * ftp
ip filter dynamic 101 * * www
ip filter dynamic 102 * * domain
ip filter dynamic 103 * * smtp
ip filter dynamic 104 * * pop3
ip filter dynamic 105 * * tcp
ip filter dynamic 106 * * udp
#
# IP forward filter configuration
#
#
# NAT Descriptor configuration
#
nat descriptor type 1 masquerade
nat descriptor address outer 1 ipcp
nat descriptor masquerade static 1 1 192.168.1.1 udp 500
nat descriptor masquerade static 1 2 192.168.1.1 udp 4500
nat descriptor masquerade static 1 3 192.168.1.1 esp
#
# IPSEC configuration
#
ipsec auto refresh on
ipsec transport 1 1 udp 1701
#
# IPv6 filter configuration
#
#
# IPv6 dynamic filter configuration
#
#
# Cooperation configuration
#
#
# Queueing configuration
#
#
# URL filter configuration
#
#
# SYSLOG configuration
#
syslog notice on
#
# TFTP configuration
#
#
# TELNETD configuration
#
#
# DHCP configuration
#
dhcp service server
dhcp server rfc2131 compliant except remain-silent
dhcp scope 1 192.168.1.2-192.168.1.192/24
#
# DHCPC configuration
#
#
# DNS configuration
#
dns server pp 1
dns private address spoof on
#
# WINS configuration
#
#
# SNMP configuration
#
#
# Schedule configuration
#
schedule at 1 */* *:00 * ntpdate ntp.nict.jp syslog
#
# TCP configuration
#
#
# L2TP configuration
#
l2tp service on
#
# HTTPD configuration
#
#
# Netvolante DNS configuration
#
#
# UPnP configuration
#
#
# HTTP Revision Up configuration
#
#
# Status Notify configuration
#
#
# SSHD configuration
#
#
# SFTPD configuration
#
#
# AUTH-USER configuration
#
#
# Heartbeat configuration
#
#
# NTP configuration
#
#
# SNTPD configuration
#
# If you want to save configuration to Nonvolatile memory,
# remove `#' of next line.
save
RTX1100(100BASE-TX)の配下に、AirMac TimeCapsule(ギガビット対応)をAPモードでぶら下げた...