Copyright 2024 Fsas Technologies Inc
reference
https://www.fujitsu.com/jp/documents/products/network/router/sir/example/internet/vpn_ddns-guide.pdf

****************************************
 Si-R 1 config
****************************************
ether 1 1 vlan untag 1
ether 2 1-4 vlan untag 2
lan 0 ipv6 use on
lan 0 ipv6 address 0 auto
lan 0 ipv6 ra mode recv
lan 0 ipv6 ra recv prefix-mode routers
lan 0 ipv6 filter 0 pass acl 10 in
lan 0 ipv6 filter 1 pass acl 11 in
lan 0 ipv6 filter 2 pass acl 12 in
lan 0 ipv6 filter 3 pass acl 13 in
lan 0 ipv6 filter default spi 5m
lan 0 ipv6 dhcp service client
lan 0 ipv6 dhcp client option na off
lan 0 vlan 1
lan 1 ip address 192.168.1.1/24 3
lan 1 vlan 2
remote 0 name DDNS
remote 0 ap 0 name ping
remote 0 ap 0 datalink type overlap
remote 0 ap 0 overlap to lan 0
remote 0 ap 0 overlap nexthop6 ra
remote 0 ap 0 sessionwatch address ra@lan0 update-0123456789abcdefff.i.open.ad.jp
remote 0 ap 0 sessionwatch interval 1m 5m 15s 1s
remote 0 ipv6 use on
remote 1 name VPN
remote 1 ap 0 name sir2
remote 1 ap 0 datalink type ipsec
remote 1 ap 0 ipsec type ikev2
remote 1 ap 0 ipsec ike protocol esp
remote 1 ap 0 ipsec ike encrypt aes-cbc-256
remote 1 ap 0 ipsec ike auth hmac-sha256
remote 1 ap 0 ipsec ike pfs modp2048
remote 1 ap 0 ipsec ike lifetime 1h
remote 1 ap 0 ike local-idtype fqdn
remote 1 ap 0 ike remote-idtype fqdn
remote 1 ap 0 ike name local sample1.i.open.ad.jp
remote 1 ap 0 ike name remote sample2.i.open.ad.jp 
remote 1 ap 0 ike shared key text test
remote 1 ap 0 ike proposal 0 encrypt aes-cbc-256
remote 1 ap 0 ike proposal 0 hash hmac-sha256
remote 1 ap 0 ike proposal 0 pfs modp2048
remote 1 ap 0 ike proposal 0 prf hmac-sha256
remote 1 ap 0 ike proposal 0 lifetime 8h
remote 1 ap 0 ike initial connect
remote 1 ap 0 ike dpd use on
remote 1 ap 0 tunnel local sample1.i.open.ad.jp
remote 1 ap 0 tunnel remote sample2.i.open.ad.jp
remote 1 ap 0 sessionwatch address 192.168.1.1 192.168.2.1
remote 1 ip route 0 192.168.2.0/24 1 1
remote 1 ip msschange 1400
acl 10 description v6_dhcp
acl 10 ipv6 any any 17 any
acl 10 udp 547 546
acl 11 description v6_icmp
acl 11 ipv6 any any 58 any
acl 12 description v6_ike
acl 12 ipv6 any any 17 any
acl 12 udp 500 500
acl 13 description v6_esp
acl 13 ipv6 any any 50 any
syslog facility 23
time zone 0900
resource system vlan 4084-4094
consoleinfo autologout 8h
telnetinfo autologout 5m
terminal charset SJIS



****************************************
 Si-R 2 config
****************************************
ether 1 1 vlan untag 1
ether 2 1-4 vlan untag 2
lan 0 ipv6 use on
lan 0 ipv6 address 0 auto
lan 0 ipv6 ra mode recv
lan 0 ipv6 ra recv prefix-mode routers
lan 0 ipv6 filter 0 pass acl 10 in
lan 0 ipv6 filter 1 pass acl 11 in
lan 0 ipv6 filter 2 pass acl 12 in
lan 0 ipv6 filter 3 pass acl 13 in
lan 0 ipv6 filter default spi 5m
lan 0 ipv6 dhcp service client
lan 0 ipv6 dhcp client option na off
lan 0 vlan 1
lan 1 ip address 192.168.2.1/24 3
lan 1 vlan 2
remote 0 name DDNS
remote 0 ap 0 name ping6
remote 0 ap 0 datalink type overlap
remote 0 ap 0 overlap to lan 0
remote 0 ap 0 overlap nexthop6 ra
remote 0 ap 0 sessionwatch address ra@lan0 update-fffedcba9876543210.i.open.ad.jp
remote 0 ap 0 sessionwatch interval 1m 5m 15s 1s
remote 0 ipv6 use on
remote 1 name VPN
remote 1 ap 0 name sir1
remote 1 ap 0 datalink type ipsec
remote 1 ap 0 ipsec type ikev2
remote 1 ap 0 ipsec ike protocol esp
remote 1 ap 0 ipsec ike encrypt aes-cbc-256
remote 1 ap 0 ipsec ike auth hmac-sha256
remote 1 ap 0 ipsec ike pfs modp2048
remote 1 ap 0 ipsec ike lifetime 1h
remote 1 ap 0 ike local-idtype fqdn
remote 1 ap 0 ike remote-idtype fqdn
remote 1 ap 0 ike name local sample2.i.open.ad.jp
remote 1 ap 0 ike name remote sample1.i.open.ad.jp
remote 1 ap 0 ike shared key text test
remote 1 ap 0 ike proposal 0 encrypt aes-cbc-256
remote 1 ap 0 ike proposal 0 hash hmac-sha256
remote 1 ap 0 ike proposal 0 pfs modp2048
remote 1 ap 0 ike proposal 0 prf hmac-sha256
remote 1 ap 0 ike proposal 0 lifetime 8h
remote 1 ap 0 ike initial connect
remote 1 ap 0 ike dpd use on
remote 1 ap 0 tunnel local sample2.i.open.ad.jp
remote 1 ap 0 tunnel remote sample1.i.open.ad.jp
remote 1 ap 0 sessionwatch address 192.168.2.1 192.168.1.1
remote 1 ip route 0 192.168.1.0/24 1 1
remote 1 ip msschange 1400
acl 10 description v6_dhcp
acl 10 ipv6 any any 17 any
acl 10 udp 547 546
acl 11 description v6_icmp
acl 11 ipv6 any any 58 any
acl 12 description v6_ike
acl 12 ipv6 any any 17 any
acl 12 udp 500 500
acl 13 description v6_esp
acl 13 ipv6 any any 50 any
syslog facility 23
time zone 0900
resource system vlan 4089-4094
consoleinfo autologout 8h
telnetinfo autologout 5m
terminal charset SJIS