需求:
1.R5为ISP,只能进行IP地址配置;其所有地址均为公有IP地址
2.R1和R5间使用PPP的PAP认证,R5为主认证方;
R2与R5之间使用PPP的chap认证,R5为主认证方;
R3与R5之间使用HDLC封装。
3.R1/R2/R3构建一个MGRE环境,R1为中心站点;R1、R4间为点到点的GRE。
4.整个私有网络基于RIP全网可达
5.所有PC设置私有IP为源IP,可以访问R5环回
一.搭建拓扑设计
二.配置路由器接口ip
略
三.配置需求2
1.R1和R5间使用PPP的PAP认证,R5为主认证方;
R5配置
[ISP]aaa---进入aaa账号密码空间
[ISP-aaa]local-user a password cipher 1---设置账号密码
[ISP-aaa]local-user a service-type ppp---定义账号的服务对象
[ISP]interface Serial 3/0/0---进入3/0/0接口
[ISP-Serial3/0/0]link-protocol ppp---修改链路层协议为ppp
[ISP-Serial3/0/0]ppp authentication-mode pap---定义ppp认证模式
R1配置
[AR1]interface Serial 4/0/0---进入4/0/0接口
[AR1-Serial4/0/0]ppp pap local-user a password cipher 1---拨号
测试
2. R2与R5之间使用PPP的chap认证,R5为主认证方
R5配置
[ISP]aaa
[ISP-aaa]local-user b password cipher 1
[ISP-aaa]local-user b service-type ppp
[ISP]interface Serial 3/0/1
[ISP-Serial3/0/1]ppp authentication-mode chap
R2配置
[r2]interface Serial 4/0/0
[r2-Serial4/0/0]ppp chap user b
[r2-Serial4/0/0]ppp chap password cipher 1
测试
3.R3与R5之间使用HDLC封装
R5配置
[ISP-Serial4/0/0]link-protocol hdlc
R3配置
[r3-Serial4/0/0]link-protocol hdlc
四.配置需求3
1.R1/R2/R3构建一个MGRE环境,R1为中心站点
R1配置
[AR1]ip route-static 0.0.0.0 0 15.0.0.2---缺省路由
[AR1]interface Tunnel 0/0/0---创建tuunnel接口
[AR1-Tunnel0/0/0]ip address 192.168.5.1 24
[AR1-Tunnel0/0/0]tunnel-protocol gre p2mp
[AR1-Tunnel0/0/0]source 15.0.0.1---自身物理接口ip地址
[AR1-Tunnel0/0/0]nhrp network-id 1
R2配置
[r2]ip route-static 0.0.0.0 0 25.0.0.2
[r2]interface Tunnel 0/0/0
[r2-Tunnel0/0/0]ip address 192.168.5.2 24
[r2-Tunnel0/0/0]tunnel-protocol gre p2mp
[r2-Tunnel0/0/0]source 25.0.0.1
[r2-Tunnel0/0/0]nhrp network-id 1
[r2-Tunnel0/0/0]nhrp entry 192.168.5.2(中心隧道ip地址) 25.0.0.1(中心隧道对应的物理接口ip地址) register
R3配置
[r3]ip route-static 0.0.0.0 0 35.0.0.2
[r3]interface Tunnel 0/0/0
[r3-Tunnel0/0/0]ip address 192.168.5.3 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp
[r3-Tunnel0/0/0]source 35.0.0.1
[r3-Tunnel0/0/0]nhrp network-id 1
[r3-Tunnel0/0/0]nhrp entry 192.168.5.3 35.0.0.1 register
2.R1、R4间为点到点的GRE
R1配置
[AR1]ip route-static 0.0.0.0 0 15.0.0.2
[AR1]interface Tunnel 0/0/1
[AR1-Tunnel0/0/1]ip address 192.168.6.1 24
[AR1-Tunnel0/0/1]tunnel-protocol gre
[AR1-Tunnel0/0/1]source 15.0.0.1---自身物理接口ip地址
[AR1-Tunnel0/0/1]description 45.0.0.1---隧道对端物理接口ip地址
R4配置
[R4]ip route-static 0.0.0.0 0 45.0.0.2
[R4]interface Tunnel 0/0/0
[R4-Tunnel0/0/0]ip address 192.168.6.2 24
[R4-Tunnel0/0/0]tunnel-protocol gre
[R4-Tunnel0/0/0]source 45.0.0.1
[R4-Tunnel0/0/0]description 15.0.0.1
四.整个私有网络基于RIP全网可达
R1配置
[AR1]rip
[AR1-rip-1]version 2
[AR1-rip-1]network 192.168.1.0---私网ip
[AR1-rip-1]network 192.168.5.0---私网ip
[AR1-rip-1]network 192.168.6.0---私网ip
[AR1-Tunnel0/0/0]nhrp entry multicast dynamic---开启中心伪广播
[AR1-Tunnel0/0/0]undo rip split-horizon---关闭水平分割
R2配置
[r2]rip
[r2-rip-1]version 2
[r2-rip-1]network 192.168.2.0
[r2-rip-1]network 192.168.5.0
R3配置
[r3]rip
[r3-rip-1]version 2
[r3-rip-1]network 192.168.3.0
[r3-rip-1]network 192.168.5.0
R4配置
[R4]rip
[R4-rip-1]version 2
[R4-rip-1]network 192.168.4.0
[R4-rip-1]network 192.168.6.0