目录
题目:
步骤一:拓扑设计,IP地址规划
编辑
步骤二:IP 地址配置
步骤三:缺省路由配置
步骤四:HDLC封装
步骤五:PAP认证
主认证方
被认证方
步骤六:CHAP认证
主认证方:
被认证方:
步骤七:NAT配置
步骤八:R1R2R3配置MGRE
中心站点R1配置
分支站点配置
步骤九:RIP路由配置
步骤十:测试
步骤十一:抓包
R1
[R1-GigabitEthernet0/0/0]ip add 192.168.1.1 24
[R1-Serial4/0/0]ip add 15.0.0.1 24
R2
[R2-GigabitEthernet0/0/0]ip add 192.168.2.1 24
[R2-Serial4/0/0]ip add 25.0.0.1 24
R3
[R3-GigabitEthernet0/0/0]ip add 192.168.3.1 24
[R3-Serial4/0/0]ip add 35.0.0.1 24
R4
[R4-Serial4/0/0]ip add 15.0.0.2 24
[R4-Serial4/0/1]ip add 25.0.0.2 24
[R4-Serial3/0/0]ip add 35.0.0.2 24
[R1]ip route-static 0.0.0.0 0 15.0.0.2
[R2]ip route-static 0.0.0.0 0 25.0.0.2
[R3]ip route-static 0.0.0.0 0 35.0.0.2
[R1-Serial4/0/0]link-protocol hdlc
[R4-Serial4/0/0]link-protocol hdlc
[R4]aaa
[R4-aaa]local-user huawei password cipher 123456
[R4-aaa]local-user huawei service-type ppp
[R4-aaa]q
[R4]int s 4/0/0
[R4-Serial4/0/0]link-protocol ppp
[R4-Serial4/0/0]ppp authentication-mode pap
[R1]interface Serial 4/0/0
[R1-Serial4/0/0]link-protocol ppp
[R1-Serial4/0/0]ppp pap local-user huawei password cipher 123456
[R4-Serial3/0/0]link-protocol ppp
[R4-Serial3/0/0]ppp authentication-mode chap
[R3-Serial4/0/0]ppp chap user huawei
[R3-Serial4/0/0]ppp chap password cipher 123456
sy
system-view
[R1]acl 2000
[R1-acl-basic-2000]rule 1 permit source any
[R1-acl-basic-2000]INT S 4/0/0
[R1-Serial4/0/0]nat outbound 2000
[R1]int t 0/0/0
[R1-Tunnel0/0/0]ip add 10.1.1.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre p2mp
[R1-Tunnel0/0/0]source 15.0.0.1
[R1-Tunnel0/0/0]nhrp network-id 100
PC2
[R2]int t 0/0/0
[R2-Tunnel0/0/0]ip add 10.1.1.2 24
[R2-Tunnel0/0/0]tunnel-protocol gre p2mp
[R2-Tunnel0/0/0]source Serial 4/0/1
[R2-Tunnel0/0/0]nhrp entry 10.1.1.1 15.0.0.1 register
[R2-Tunnel0/0/0]nhrp network-id 100
PC3
[R3]int t0/0/0
[R3-Tunnel0/0/0]ip add 10.1.1.3 24
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp
[R3-Tunnel0/0/0]source s 4/0/0
[R3-Tunnel0/0/0]nhrp entry 10.1.1.1 15.0.0.1 register
[R3-Tunnel0/0/0]nhrp network-id 100
R1
[R1]rip 1
[R1-rip-1]version 2
[R1-rip-1]network 192.168.1.0
[R1-rip-1]network 10.0.0.0
R2
[R2]rip 1
[R2-rip-1]version 2
[R2-rip-1]network 192.168.2.0
[R2-rip-1]network 10.0.0.0
R3
[R3]rip 1
[R3-rip-1]version 2
[R3-rip-1]network 192.168.3.0
[R3-rip-1]network 10.0.0.0
用PC2分别去访问PC1和PC3
PC>ping 192.168.1.2
Ping 192.168.1.2: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 192.168.1.2: bytes=32 seq=2 ttl=126 time=16 ms
From 192.168.1.2: bytes=32 seq=3 ttl=126 time=46 ms
From 192.168.1.2: bytes=32 seq=4 ttl=126 time=16 ms
From 192.168.1.2: bytes=32 seq=5 ttl=126 time=15 ms
--- 192.168.1.2 ping statistics ---
5 packet(s) transmitted
4 packet(s) received
20.00% packet loss
round-trip min/avg/max = 0/23/46 ms
PC>ping 192.168.3.2
Ping 192.168.3.2: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 192.168.3.2: bytes=32 seq=2 ttl=125 time=31 ms
From 192.168.3.2: bytes=32 seq=3 ttl=125 time=47 ms
From 192.168.3.2: bytes=32 seq=4 ttl=125 time=31 ms
From 192.168.3.2: bytes=32 seq=5 ttl=125 time=31 ms
--- 192.168.3.2 ping statistics ---
5 packet(s) transmitted
4 packet(s) received
20.00% packet loss
round-trip min/avg/max = 0/35/47 ms
用PC2分别去访问PC1和PC3
抓包PC1
抓包PC3