aboutsummaryrefslogtreecommitdiff
path: root/tools/conf-examples/isp-sec.conf
diff options
context:
space:
mode:
Diffstat (limited to 'tools/conf-examples/isp-sec.conf')
-rw-r--r--tools/conf-examples/isp-sec.conf189
1 files changed, 189 insertions, 0 deletions
diff --git a/tools/conf-examples/isp-sec.conf b/tools/conf-examples/isp-sec.conf
new file mode 100644
index 0000000..33a35a6
--- /dev/null
+++ b/tools/conf-examples/isp-sec.conf
@@ -0,0 +1,189 @@
+eth 110 0Mbps cpe11 ar1
+eth 120 0Mbps cpe12 ar1
+eth 130 0Mbps cpe13 ar1
+eth 210 0Mbps cpe21 ar2
+eth 220 0Mbps cpe22 ar2
+eth 230 0Mbps cpe23 ar2
+eth 310 0Mbps cpe31 ar3
+eth 320 0Mbps cpe32 ar3
+eth 330 0Mbps cpe33 ar3
+eth 100 0Mbps ar1 manpe1
+eth 200 0Mbps ar2 manpe1
+eth 300 0Mbps ar3 manpe2
+eth 410 0Mbps manpe1 manpe2
+eth 411 0Mbps manpe1 manpe3
+eth 412 0Mbps manpe1 manpe4
+eth 420 0Mbps manpe2 manpe3
+eth 421 0Mbps manpe2 manpe4
+eth 430 0Mbps manpe3 manpe4
+eth 510 0Mbps manpe3 ser1
+eth 520 0Mbps manpe4 ser2
+eth 600 0Mbps ser1 core1
+eth 610 0Mbps ser1 core2
+eth 620 0Mbps ser2 core1
+eth 630 0Mbps ser2 core2
+eth 700 0Mbps core1 core2
+eth 710 0Mbps core1 core3
+eth 720 0Mbps core2 core4
+eth 730 0Mbps core3 core4
+eth 640 0Mbps core3 edge1
+eth 650 0Mbps core4 edge1
+eth 660 0Mbps core3 edge2
+eth 670 0Mbps core4 edge2
+eth 800 0Mbps edge1 isp2
+eth 810 0Mbps edge1 isp3
+eth 820 0Mbps edge2 isp4
+eth 830 0Mbps edge2 isp5
+
+# DIF core
+dif core ser1 600 610
+dif core ser2 620 630
+dif core core1 600 620 700 710
+dif core core2 610 630 700 720
+dif core core3 640 660 710 730
+dif core core4 650 670 720 730
+dif core edge1 640 650
+dif core edge2 660 670
+
+# DIF access
+dif access ar1 100
+dif access ar2 200
+dif access ar3 300
+dif access manpe1 100 200 410 411 412
+dif access manpe2 300 410 420 421
+dif access manpe3 411 420 430 510
+dif access manpe4 412 421 430 520
+dif access ser1 510
+dif access ser2 520
+
+# DIF service
+dif service ar1 access
+dif service ar2 access
+dif service ar3 access
+dif service ser1 access core
+dif service ser2 access core
+dif service edge1 core
+dif service edge2 core
+
+# DIF emall1
+dif emall1 cpe11 110
+dif emall1 cpe12 120
+dif emall1 cpe21 210
+dif emall1 cpe22 220
+dif emall1 cpe31 310
+dif emall1 ar1 110 120 service
+dif emall1 ar2 210 220 service
+dif emall1 ar3 310 service
+dif emall1 edge1 service 800
+dif emall1 edge2 service 820
+dif emall1 isp2 800
+dif emall1 isp4 820
+
+# DIF emall2
+dif emall2 cpe13 130
+dif emall2 cpe23 230
+dif emall2 cpe32 320
+dif emall2 cpe33 330
+dif emall2 ar1 130 service
+dif emall2 ar2 230 service
+dif emall2 ar3 320 330 service
+dif emall2 edge1 service 810
+dif emall2 edge2 service 830
+dif emall2 isp3 810
+dif emall2 isp5 830
+
+#policies
+policy emall1 * security-manager.auth.default PSOC_authentication-ssh2 keyExchangeAlg=EDH keystore=/creds/ssh2 keystorePass=test
+policy emall1 * security-manager.encrypt.default default encryptAlg=AES128 macAlg=SHA256 compressAlg=deflate
+policy emall1 ar1,ar2,ar3,edge1,edge2 security-manager.auth.service PSOC_authentication-none
+policy emall2 * security-manager.auth.default PSOC_authentication-ssh2 keyExchangeAlg=EDH keystore=/creds/ssh2 keystorePass=test
+policy emall2 * security-manager.encrypt.default default encryptAlg=AES128 macAlg=SHA256 compressAlg=deflate
+policy emall2 ar1,ar2,ar3,edge1,edge2 security-manager.auth.service PSOC_authentication-none
+
+#Enrollments
+enroll access ar1 manpe1 100
+enroll access ar2 manpe1 200
+enroll access ar3 manpe2 300
+enroll access ser1 manpe3 510
+enroll access ser2 manpe4 520
+enroll access manpe1 manpe2 410
+enroll access manpe1 manpe3 411
+enroll access manpe1 manpe4 412
+enroll access manpe2 manpe3 420
+enroll access manpe2 manpe4 421
+enroll access manpe3 manpe4 430
+
+enroll core core1 core2 700
+enroll core core1 core3 710
+enroll core core2 core4 720
+enroll core core3 core4 730
+enroll core ser1 core1 600
+enroll core ser1 core2 610
+enroll core ser2 core1 620
+enroll core ser2 core2 630
+enroll core edge1 core3 640
+enroll core edge1 core4 650
+enroll core edge2 core3 660
+enroll core edge2 core4 670
+
+enroll service edge1 edge2 core
+enroll service edge1 ser1 core
+enroll service edge1 ser2 core
+enroll service edge2 ser1 core
+enroll service edge2 ser2 core
+enroll service ser1 ser2 core
+enroll service ar1 ser1 access
+enroll service ar1 ser2 access
+enroll service ar2 ser1 access
+enroll service ar2 ser2 access
+enroll service ar3 ser1 access
+enroll service ar3 ser2 access
+
+enroll emall1 cpe11 ar1 110
+enroll emall1 cpe12 ar1 120
+enroll emall1 cpe21 ar2 210
+enroll emall1 cpe22 ar2 220
+enroll emall1 cpe31 ar3 310
+enroll emall1 ar1 edge1 service
+enroll emall1 ar1 edge2 service
+enroll emall1 ar2 edge1 service
+enroll emall1 ar2 edge2 service
+enroll emall1 ar3 edge1 service
+enroll emall1 ar3 edge2 service
+enroll emall1 edge1 edge2 service
+enroll emall1 isp2 edge1 800
+enroll emall1 isp4 edge2 820
+
+enroll emall2 cpe13 ar1 130
+enroll emall2 cpe23 ar2 230
+enroll emall2 cpe32 ar3 320
+enroll emall2 cpe33 ar3 330
+enroll emall2 ar1 edge1 service
+enroll emall2 ar1 edge2 service
+enroll emall2 ar2 edge1 service
+enroll emall2 ar2 edge2 service
+enroll emall2 ar3 edge1 service
+enroll emall2 ar3 edge2 service
+enroll emall2 edge1 edge2 service
+enroll emall2 isp3 edge1 810
+enroll emall2 isp5 edge2 830
+
+#Overlays
+overlay ar1 overlays/ispsec/ar1
+overlay ar2 overlays/ispsec/ar2
+overlay ar3 overlays/ispsec/ar3
+overlay cpe11 overlays/ispsec/cpe11
+overlay cpe12 overlays/ispsec/cpe12
+overlay cpe13 overlays/ispsec/cpe13
+overlay cpe21 overlays/ispsec/cpe21
+overlay cpe22 overlays/ispsec/cpe22
+overlay cpe23 overlays/ispsec/cpe23
+overlay cpe31 overlays/ispsec/cpe31
+overlay cpe32 overlays/ispsec/cpe32
+overlay cpe33 overlays/ispsec/cpe33
+overlay edge1 overlays/ispsec/edge1
+overlay edge2 overlays/ispsec/edge2
+overlay isp2 overlays/ispsec/isp2
+overlay isp3 overlays/ispsec/isp3
+overlay isp4 overlays/ispsec/isp4
+overlay isp5 overlays/ispsec/isp5