set auth-server "Local" id 0
set auth-server "Local" server-name "Local"
set auth default auth server "Local"
set clock ntp
set clock "timezone" 0
set admin format dos
set admin name "netscreen"
set admin password nKVUM2rwMUzPcrkG5sWIHdCtqkAibn
set admin manager-ip 192.168.0.0 255.255.255.0
set admin mail alert
set admin auth timeout 10
set admin auth server "Local"
set admin auth banner telnet login "Telnet login banner"
set admin auth banner console login "Console login banner"
unset log module system level notification destination email
unset log module system level emergency destination onesecure
unset log module system level alert destination onesecure
unset log module system level critical destination onesecure
unset log module system level error destination onesecure
unset log module system level warning destination onesecure
unset log module system level notification destination onesecure
unset log module system level information destination onesecure
unset log module system level debugging destination onesecure
set vrouter trust-vr sharable
unset vrouter "trust-vr" auto-route-export
set zone "Trust" vrouter "trust-vr"
set zone "Untrust" vrouter "trust-vr"
set zone "Trust" tcp-rst 
set zone "Untrust" block 
unset zone "Untrust" tcp-rst 
set zone "MGT" block 
set zone "MGT" tcp-rst 
set zone Untrust screen tear-drop
set zone Untrust screen syn-flood
set zone Untrust screen ping-death
set zone Untrust screen ip-filter-src
set zone Untrust screen land
set zone V1-Untrust screen tear-drop
set zone V1-Untrust screen syn-flood
set zone V1-Untrust screen ping-death
set zone V1-Untrust screen ip-filter-src
set zone V1-Untrust screen land
set interface "trust" zone "Trust"
set interface "untrust" zone "Untrust"
set interface vlan1 ip 10.20.40.254/24
set interface trust ip 192.168.0.40/24
set interface trust nat
set interface untrust ip 10.20.30.254/24
set interface untrust route
unset interface vlan1 bypass-others-ipsec
unset interface vlan1 bypass-non-ip
set interface vlan1 ip manageable
set interface trust ip manageable
set interface untrust ip manageable
set interface trust dhcp server service
set interface trust dhcp server option gateway 192.168.1.1 
set interface trust dhcp server option netmask 255.255.255.0 
set interface trust dhcp server ip 192.168.1.33 to 192.168.1.126 
set flow tcp-mss
set domain titania.co.uk
set hostname netscreen1
set ntp server 158.43.128.33
set ntp interval 90
set address "Trust" "Local" 10.0.0.0 255.255.255.0
set snmp name "netscreen1"
set ike policy-checking
set ike respond-bad-spi 1
set ike id-mode subnet
set xauth lifetime 480
set xauth default auth server Local
set policy id 0 from "Trust" to "Untrust"  "Any" "Any" "ANY" Permit log 
set policy id 1 from "Untrust" to "Trust"  "Any" "Any" "ANY" Deny 
set pki authority default scep mode "auto"
set pki x509 default cert-path "partial"
set global-pro policy-manager primary outgoing-interface untrust
set global-pro policy-manager secondary outgoing-interface untrust
set ssl encrypt 3des sha-1
set dns host dns1 90.207.238.97
set dns host dns2 87.86.189.16
set dns host schedule 06:28
set vrouter "untrust-vr"
exit
set vrouter "trust-vr"
unset add-default-route
exit