要求:
1、R5为ISP,只能进行IP地址配置,其所有地址均配为公有IP地址;
2、R1和R5间使用PPP的PAP认证,R5为主认证方
R2与R5之间使用ppp的CHAP认证,R5为主认证方;
R3与R5之间使用HDLC封装;
3、R1、R2、R3构建一个MGRE环境,R1为中心站点,R1、R4间为点到点的GRE;
4、整个私有网络基本RIP全网可达;
5、所有PC设置私有IP为源IP,可以访问R5环回。
1、配置接口IP
[R1]int g0/0/0 [R1-GigabitEthernet0/0/0]ip add 192.168.1.254 24[R1-GigabitEthernet0/0/0]int s 4/0/0 [R1-Serial4/0/0]ip add 15.1.1.1 24
配置结果:
2、公网通路
配置缺省路由:
[R1]ip route-static 0.0.0.0 0 15.1.1.5 [R2]ip route-static 0.0.0.0 0 35.1.1.5 [R3]ip route-static 0.0.0.0 0 35.1.1.5 [R4]ip route-static 0.0.0.0 0 45.1.1.5
3、配置PAP认证
主认证方:
[R5]aaa [R5-aaa]local-user lhl password cipher lhl123456 Info: Add a new user. [R5-aaa]local-user lhl service-type ppp[R5]int s 4/0/1 [R5-Serial4/0/1]ppp authentication-mode pap被认证方
[R1]int s 4/0/0 [R1-Serial4/0/0]ppp pap local-user lhl password ci lhl123456检查认证结果
4、CHAP认证
主认证方:
[R5]aaa [R5-aaa]local-user zhangdaye password cipher zdy12345 Info: Add a new user. [R5-aaa]local-user zhangdaye service-type ppp [R5-aaa]q[R5]int s3/0/1 [R5-Serial3/0/1]ppp authentication-mode chap被认证方:
[R2]int s4/0/0 [R2-Serial4/0/0]ppp chap user zhangdaye [R2-Serial4/0/0]ppp chap password cipher zdy12345检查认证结果:
5、使用HDLC封装
更改链路协议类型
[R3]int s4/0/0 [R3-Serial4/0/0]link-protocol hdlcR5与R3同理
6、构建MGRE环境
R1
[R1]int Tunnel 0/0/0 [R1-Tunnel0/0/0]ip add 10.1.2.1 24 [R1-Tunnel0/0/0]tunnel-protocol gre p2mp [R1-Tunnel0/0/0]source 15.1.1.1 Mar 30 2024 15:15:31-08:00 R1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface Tunnel0/0/0 has entered the UP state. [R1-Tunnel0/0/0]nhrp network-id 100R2
[R2]int Tunnel 0/0/0 [R2-Tunnel0/0/0]ip add 10.1.2.2 24 [R2-Tunnel0/0/0]tunnel-protocol gre p2mp [R2-Tunnel0/0/0]source Serial 4/0/0 Mar 30 2024 15:17:00-08:00 R2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface Tunnel0/0/0 has entered the UP state. [R2-Tunnel0/0/0]nhrp network-id 100R3
[R3]int t0/0/0 [R3-Tunnel0/0/0]ip ad 10.1.2.3 24 [R3-Tunnel0/0/0]tunnel-protocol gre p2mp [R3-Tunnel0/0/0]source Serial 4/0/0 Mar 30 2024 15:18:18-08:00 R3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface Tunnel0/0/0 has entered the UP state. [R3-Tunnel0/0/0]nhrp network-id 100配置R1与R4的点到点GRE隧道
R1
[R1]int t 0/0/1 [R1-Tunnel0/0/1]ip add 10.1.1.1 24 [R1-Tunnel0/0/1]tunnel-protocol gre [R1-Tunnel0/0/1]source 15.1.1.1 [R1-Tunnel0/0/1]destination 45.1.1.4 Mar 30 2024 15:20:25-08:00 R1 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP on the interface Tunnel0/0/1 has entered the UP state. [R1-Tunnel0/0/1]检查
R4
[R4]int Tunnel 0/0/1 [R4-Tunnel0/0/1]ip add 10.1.1.4 24 [R4-Tunnel0/0/1]tunnel-protocol g [R4-Tunnel0/0/1]source 45.1.1.4 [R4-Tunnel0/0/1]destination 15.1.1.1 Mar 30 2024 15:23:32-08:00 R4 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface Tunnel0/0/1 has entered the UP state. [R4-Tunnel0/0/1]检查
7、在私网配置RIP协议
R1
[R1]rip 1 [R1-rip-1]v 2 [R1-rip-1]undo summary [R1-rip-1]netw 192.168.1.0 [R1-rip-1]netw 10.0.0.0 //主类宣告R2
[R2]rip 1 [R2-rip-1]v 2 [R2-rip-1]undo summary [R2-rip-1]netw 192.168.2.0 [R2-rip-1]netw 10.0.0.0[R2]int t0/0/0 [R2-Tunnel0/0/0]nhrp entry 10.1.2.1 15.1.1.1 register //R2、R3需要注册R3
[R3]rip 1 [R3-rip-1]v 2 [R3-rip-1]undo summary [R3-rip-1]net 192.168.3.0 [R3-rip-1]ne 10.0.0.0[R2]int t0/0/0 [R2-Tunnel0/0/0]nhrp entry 10.1.3.1 25.1.1.1 registerR4
[R4]rip 1 [R4-rip-1]v 2 [R4-rip-1]undo summary [R4-rip-1]net 192.168.4.0 [R4-rip-1]net 10.0.0.0检查后,发现中心站点没有学完所有路由 --- 解决办法:
[R1]int Tunnel 0/0/0 [R1-Tunnel0/0/0]nhrp entry multicast dynamic关闭R1、R2、R3水平分割
[R1-Tunnel0/0/0]undo rip split-horizon [R2-Tunnel0/0/0]undo rip split-horizon [R3-Tunnel0/0/0]undo rip split-horizon
