在本实验中,为了使路由器支持ssl ***需要上传并安装SSL-×××-Client到路由器。由此为前提来模拟ssl ***的安全技术。ssl ***配置下节实验做介绍。

 

在上传安装ssl-***-client之前,先搭建tftp服务器,本次试验用的是cisco tftp server 1.1。测试路由器和tftp server的连通性

R1#ping 192.168.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/17/36 ms
R1#

路由器和tftp服务器成功通信,下面我来上传ssl-***-client

  • 释放disk0空间用作存储上传文件
    R1#format disk0:
    Format operation may take a while. Continue? [confirm]
    Format operation will destroy all data in "disk0:".  Continue? [confirm]
    Format: Drive communication & 1st Sector Write OK...
    Writing Monlib sectors.
    .....................................................................................................................................................
    Monlib write complete

          Format: All system sectors written. OK...

          Format: Total sectors in formatted partition: 130883
          Format: Total bytes in formatted partition: 67012096
          Format: Operation completed successfully.

          Format of disk0 comple

  • 上传ssl-***-client

      R1#copy tftp: disk0:
     Address or name of remote host []? 192.168.1.2
     Source filename []? sslclient.pkg
     Destination filename [sslclient.pkg]?
    Accessing tftp://192.168.1.2/sslclient.pkg...
    Loading sslclient.pkg from 192.168.1.2 (via FastEthernet1/0): !!!!!!!!!
    [OK - 2208871 bytes]

    2208871 bytes copied in 56.880 secs (38834 bytes/sec)

  • 安装ssl-***-client

     R1#conf t
     Enter configuration commands, one per line.  End with CNTL/Z.
     R1(config)#web*** install svc disk0:/sslclient.pkg
     SSL××× Package SSL-×××-Client : installed successfully

     R1(config)#

成功上传并安装了ssl-***-client,这台路由器支持ssl ***了。