#
set lcd screensaver mode model
set lcd screensaver timeout 30
set password-controls min-password-length 6
set password-controls complexity 2
set password-controls palindrome-check true
set password-controls history-checking true
set password-controls history-length 10
set password-controls password-expiration never
set password-controls expiration-warning-days 7
set password-controls expiration-lockout-days never
set password-controls force-change-when no
set password-controls deny-on-nonuse enable false
set password-controls deny-on-nonuse allowed-days 365
set password-controls deny-on-fail enable false
set password-controls deny-on-fail failures-allowed 10
set password-controls deny-on-fail allow-after 1200
add arp proxy ipv4-address 10.0.88.53 interface eth2 real-ipv4-address 10.0.88.20
add arp proxy ipv4-address 10.0.88.54 interface eth2 real-ipv4-address 10.0.88.20
add arp proxy ipv4-address 10.0.88.110 interface eth2 real-ipv4-address 10.0.88.20
add arp proxy ipv4-address 10.0.88.111 interface eth2 real-ipv4-address 10.0.88.20
add arp proxy ipv4-address 10.0.88.112 interface eth2 real-ipv4-address 10.0.88.20
set arp table cache-size 4096
set arp table validity-timeout 60
set arp announce 2
set web table-refresh-rate 15
set web session-timeout 10
set web ssl-port 4434
set web ssl3-enabled off
set web daemon-enable on
set timezone Asia / Hong_Kong 
set inactivity-timeout 10
set syslog filename /var/log/messages 
set syslog cplogs off 
set syslog mgmtauditlogs on 
set syslog auditlog permanent 
set format date dd-mmm-yyyy
set format time 24-hour
set format netmask Dotted
set ipv6-state off
add command tecli path /bin/tecli_start description "Threat Emulation Blade shell" 


set message caption off 
 
set clienv debug 0
set clienv echo-cmd off
set clienv output pretty
set clienv prompt "%M"
set clienv rows 0
set clienv syntax-check off
set snmp mode default
set snmp agent on
set snmp agent-version any
set snmp community public read-only 
set snmp agent-version v3-Only
add snmp usm user AffSec security-level authPriv auth-pass-phrase-hashed 96ba1b62ea2c32b1092832721ce5680446699f1e privacy-pass-phrase-hashed 96ba1b62ea2c32b1092832721ce5680446699f1e privacy-protocol AES authentication-protocol SHA1 
set snmp traps trap authorizationError disable 
set snmp traps trap biosFailure disable 
set snmp traps trap coldStart disable 
set snmp traps trap configurationChange disable 
set snmp traps trap configurationSave disable 
set snmp traps trap fanFailure disable 
set snmp traps trap highVoltage disable 
set snmp traps trap linkUpLinkDown disable 
set snmp traps trap lowDiskSpace disable 
set snmp traps trap lowVoltage disable 
set snmp traps trap overTemperature disable 
set snmp traps trap powerSupplyFailure disable 
set snmp traps trap raidVolumeState disable 
set snmp traps trap vrrpv2AuthFailure disable 
set snmp traps trap vrrpv2NewMaster disable 
set snmp traps trap vrrpv3NewMaster disable 
set snmp traps trap vrrpv3ProtoError disable 
set installer policy check-for-updates-period 3 
set installer policy periodically-self-update on 
set installer policy send-cpuse-data on 
set installer policy auto-compress-snapshot on 
set installer policy self-test install-policy off 
set installer policy self-test network-link-up off 
set installer policy self-test start-processes on 
add allowed-client host any-host 
set edition 64-bit
set expert-password-hash $1$YBBRBBBB$LHUhfAtHK/Ai5NmqYq/7c/
set net-access telnet off
set aaa tacacs-servers state off 
set aaa radius-servers super-user-uid 96 
set hostname hkg-gt21a-3200-01
set dns primary 210.0.128.250
set dns secondary 210.0.128.251
set dns tertiary 8.8.8.8
set core-dump enable
set core-dump total 1000
set core-dump per_process 2
set interface Mgmt link-speed 1000M/full
set interface Mgmt state on
set interface Mgmt auto-negotiation on
set interface Mgmt mtu 1500
set interface Mgmt ipv4-address 192.168.1.1 mask-length 24
set interface eth1 link-speed 100M/full
set interface eth1 state on
set interface eth1 auto-negotiation on
set interface eth1 mtu 1500
set interface eth1 ipv4-address 118.143.81.40 mask-length 28
set interface eth2 link-speed 1000M/full
set interface eth2 state on
set interface eth2 auto-negotiation on
set interface eth2 mtu 1500
set interface eth2 ipv4-address 10.0.88.20 mask-length 24
set interface eth3 state on
set interface eth3 auto-negotiation on
set interface eth3 mtu 1500
set interface eth4 state off
set interface eth5 state on
set interface eth5 auto-negotiation on
set interface eth5 mtu 1500
set interface eth5 ipv4-address 192.168.88.1 mask-length 24
set interface lo state on
set interface lo ipv4-address 127.0.0.1 mask-length 8
set management interface eth1  
set rip update-interval default
set rip expire-interval default
set rip auto-summary on
set static-route default nexthop gateway address 118.143.81.33 on
set static-route 10.0.0.0/8 nexthop gateway address 10.0.88.1 on
set static-route 100.0.0.0/8 nexthop gateway address 10.0.88.1 on
set static-route 172.16.0.0/12 nexthop gateway address 10.0.88.1 on
set static-route 172.21.88.0/24 nexthop gateway address 118.143.81.33 on
set static-route 192.168.0.0/16 nexthop gateway address 10.0.88.1 on
add cron job AffSec58 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:58 
add cron job AffSec53 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:53 
add cron job AffSec48 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:48 
add cron job AffSec43 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:43 
add cron job AffSec38 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:38 
add cron job AffSec33 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:33 
add cron job AffSec28 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:28 
add cron job AffSec23 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:23 
add cron job AffSec18 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:18 
add cron job AffSec13 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:13 
add cron job AffSec8 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:8 
add cron job AffSec3 command "/var/AffSec/bin/run.sh 1>/dev/null 2>&1" recurrence daily time *:3 
set max-path-splits 8
set tracefile maxnum 10
set tracefile size 1
set ospf area backbone on
set ntp active on 
set ntp server primary 10.20.30.50 version 1 
set ntp server secondary 10.20.30.30 version 1 
set user admin shell /bin/bash 
set user admin password hkcheckpoint 
set user monitor shell /etc/cli.sh 
set user monitor password-hash $1$ehwya3gX$kRMt96Rs9dpq3egw2P4P30 
add user tmp-admin uid 0 homedir /home/tmp-admin 
set user tmp-admin gid 100 shell /bin/bash 
set user tmp-admin password-hash $1$EdlbRYFH$zdwY8Aj3jGBatLT/Y5ij30 
add rba user tmp-admin roles adminRole