set auth-server "Local" id 0 4[{gJ>].(}  
set auth-server "Local" server-name "Local" --orP(^ ]  
set auth default auth server "Local" CL|EeJ  
set clock "timezone" 0 ,@7Qea+!%  
set admin format dos knVy6H  
set admin name "netscreen" {e5` c{  
set admin password nKVUM2rwMUzPcrkG5sWIHdCtqkAibn Gjc62uj`  
set admin auth timeout 120 t>lv"?z)  
set admin auth server "Local" wO\qhkbt  
set vrouter trust-vr sharable |!*
yo_}  
unset vrouter "trust-vr" auto-route-export 7VCI2  
set zone "Trust" vrouter "trust-vr" a8YC^[  
set zone "Untrust" vrouter "trust-vr" $0EU 3f.  
set zone "DMZ" vrouter "trust-vr" er,7QTC+
(  
set zone "Trust" tcp-rst %4d;Rte  
set zone "Untrust" block CF(f@:P  
unset zone "Untrust" tcp-rst n?VX;lY;e  
set zone "DMZ" tcp-rst <3&Tj^N  
set zone "MGT" block ti`IlD
<Z  
set zone "MGT" tcp-rst }7#tp[?H.  
set zone Untrust screen tear-drop 9'@j^V}E  
set zone Untrust screen syn-flood {3V<hNr  
set zone Untrust screen ping-death rs6gWdr@i  
set zone Untrust screen ip-filter-src [20?CZ  
set zone Untrust screen land ^B;+vPz  
set zone V1-Untrust screen tear-drop Ni"~
1:*  
set zone V1-Untrust screen syn-flood rCQG]@ D  
set zone V1-Untrust screen ping-death eZW3 BO5  
set zone V1-Untrust screen ip-filter-src qKW8;/(m  
set zone V1-Untrust screen land .g3MF1=  
set interface "trust" zone "Trust"  cGvGcW  
set interface "DMZ" zone "DMZ" r:,t+B3oQ  
set interface "untrust" zone "Untrust" e bN\;  
set interface vlan1 ip 192.168.1.1/24 5<bq|%3Z#0  
set interface trust ip 192.168.1.1/24 `Ov{" *  
set interface trust nat &n pl{<+  
set interface DMZ ip 192.168.4.1/24 0d :|f(6$  
set interface DMZ route .WBU]Zk  
set interface untrust ip 192.168.16.195/24 _T / f;5  
set interface untrust route H;3WOG f  
unset interface vlan1 bypass-others-ipsec 9 p4Llpbo"  
unset interface vlan1 bypass-non-ip &kO0{/61  
set interface vlan1 ip manageable q++e>( <&  
set interface trust ip manageable g
* sY|M/  
set interface DMZ ip manageable 0lN026V+{  
set interface untrust ip manageable "'u?&"=  
set interface DMZ manage telnet 5M4*rK 7  
set interface DMZ manage snmp )@Q OjYC  
set interface DMZ manage ssl pgh*gf  
set interface DMZ manage web BuZk-;*  
set interface untrust manage ping 5k3dzc'  
set interface untrust manage telnet b5QpK;&"
G  
set interface untrust manage web @.)!m
[R'  
set interface "DMZ" webauth S*HIVdHYlP  
set address "Trust" "sony" 192.168.1.0 255.255.255.0 @0 H?@W&  
set address "Untrust" "192.168.3.0/24" 192.168.3.0 255.255.255.0 ]NJhMwy  
set address "Untrust" "sony1" 192.168.2.5 255.255.255.0 !h@ ggjOF  
set address "DMZ" "192.168.4.0/24" 192.168.4.0 255.255.255.0 FxP&M.jN  
set snmp name "ns100" Hf^x60'L  
set user "user01" uid 1 ;T1pT|V]  
set user "user01" ike-id u-fqdn "user01@test.com" share-limit 1 z6XE@N{13  
set user "user01" type ike U"+U<0<  
set user "user01" "enable" q>t_@
ys  
set user "user02" uid 2 p/_P=  
set user "user02" ike-id u-fqdn "user02@test.com" share-limit 1 )YD c@>J|  
set user "user02" type ike r! \JOUft  
set user "user02" "enable" nv}oB(2;&  
set user "user03" uid 3 E/k& 50   
set user "user03" ike-id u-fqdn "user03@test.com" share-limit 1 @: {>UrX  
set user "user03" type ike 9)\ux:FR  
set user "user03" "enable" QWt) sC\  
set user "user04" uid 4 ,cQOl1  
set user "user04" ike-id u-fqdn "user04@test.com" share-limit 1 >_AQuB' [  
set user "user04" type ike ,$)1u'GrP  
set user "user04" "enable" Fd. 19%  
set user-group "dialup-user" id 1 <j5@ g ~gK  
set user-group "dialup-user" user "user01" }58wFK,(*  
set user-group "dialup-user" user "user02" q=l} PKVII  
set user-group "dialup-user" user "user03" A|b|3 ht  
set user-group "dialup-user" user "user04" &rS[,x   
set ike gateway "DLVPNgateway" ip 0.0.0.0 id "test" Aggr outgoing-interface "untrust" preshare "netscreen" proposal "pre-g2-des-md5" `JvrUSbZ  
unset ike gateway "DLVPNgateway" nat-traversal A+_gGj3  
set ike gateway "sz-1" ip 0.0.0.0 id "test1" Aggr outgoing-interface "untrust" preshare "netscreen" proposal "pre-g2-des-md5" Q ^> K>  
unset ike gateway "sz-1" nat-traversal &lejR
gD  
set ike gateway "dialup-gateway" dialup "dialup-user" Aggr outgoing-interface "untrust" preshare "netscreen" proposal "pre-g2-des-md5" {:[wWeI/
  
unset ike gateway "dialup-gateway" nat-traversal (-$VVtY  
set ike policy-checking ],Gq[v
w  
set ike respond-bad-spi 1 u ]lrqz  
set vpn "sony-192.168.2.5" id 1 manual 3001 3001 gateway 1.1.1.2 outgoing-interface "untrust" esp des password netscreen auth sha-1 password netscreen #gGe#!r  
set vpn "antaivpn" id 2 manual 3002 3002 gateway 1.1.1.3 outgoing-interface "untrust" esp des password netscreen auth sha-1 password netscreen {/h3oBT<N  
set vpn "DaLian-BeiJing" id 3 gateway "DLVPNgateway" no-replay tunnel idletime 0 proposal "g2-esp-des-md5" $%xd9X
.  
set vpn "DaLian-BeiJing" monitor fN& "AbL  
set vpn "sz-2" id 5 gateway "sz-1" replay tunnel idletime 0 proposal "g2-esp-des-md5" lfakTTV  
set vpn "sz-2" monitor uxW 52NNQ  
set vpn "dialup-ike" id 7 gateway "dialup-gateway" no-replay tunnel idletime 0 proposal "g2-esp-des-md5" P7]U%-h  
set ike id-mode subnet uu1z:{]~E  
set xauth lifetime 480 /N~=v+6Z'  
set xauth default auth server Local AqBiRo}C{  
set policy id 13 from "Untrust" to "Trust" "Dial-Up VPN" "sony" "ANY" Tunnel vpn "dialup-ike" id 8 G|DG8|Dl  
set policy id 12 from "Untrust" to "Trust" "sony1" "sony" "ANY" Tunnel vpn "sz-2" id 6 pair-policy 11 ZdUFY9  
set policy id 11 from "Trust" to "Untrust" "sony" "sony1" "ANY" Tunnel vpn "sz-2" id 6 pair-policy 12 F*1_RK 6  
set policy id 10 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "ANY" Permit 1bg_4"  
set policy id 9 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "SSH" Permit AB%|;W  
set policy id 8 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "FTP" Permit UrPe:p ="7  
set policy id 7 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "HTTPS" Permit R7 {3  
set policy id 6 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "HTTP" Permit '|G
Ag  
set policy id 5 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "DNS" Permit ;-
|hg&-  
set policy id 0 from "DMZ" to "Untrust" "192.168.4.0/24" "192.168.3.0/24" "ANY" Tunnel vpn "DaLian-BeiJing" id 4 pair-policy 1 c
B`YA  
set policy id 1 from "Untrust" to "DMZ" "192.168.3.0/24" "192.168.4.0/24" "ANY" Tunnel vpn "DaLian-BeiJing" id 4 pair-policy 0 fwR"X*E  
set policy id 4 from "DMZ" to "Untrust" "Any" "Any" "ANY" Permit dy-uBJ]  
set global-pro policy-manager primary outgoing-interface untrust zX0^Bq-4s,  
set global-pro policy-manager secondary outgoing-interface untrust <z$z&68=NN  
set nsrp interface DMZ K;2*U-g0C@  
set pki authority default scep mode "auto" ~J}Mzhe~  
set pki x509 default cert-path partial FO[qX&~  
set vrouter "untrust-vr" dh3HLZ  
exit @eh\6M!  
set vrouter "trust-vr" vT3h~9  
unset add-default-route V^Ojo 1Ed  
set route 192.168.3.0/24 interface untrust gateway 192.168.16.181 +&d+<c\  
set route 0.0.0.0/0 interface untrust gateway 192.168.16.1 FIW3w(,Fe)  
exit

楼主你个懒人，这么好的东西你给他弄这么多乱码，编辑一下先。