MGRE实验

1.实验拓扑

2.实验要求：

    1.R2为ISP,其上只能配置IP地址。

    2.R1-R2之间为HDLC封装。

    3.R2-R3之间为PPP封装，pap认证，R2为主认证方。

    4.R2-R4之间为PPP封装，chap认证，R2为主认证方。

    5.R1，R2，R3构建MGRE环境，仅R1 IP地址固定。

    6.内网使用RIP获取路由，所有PC可以相互访问，并且可以访问R2的环回。

3.实验步骤

    ①配置IP地址：

      R1 

[Huawei]sys R1
[R1]int Serial 4/0/0
[R1-Serial4/0/0]ip ad    
[R1-Serial4/0/0]ip address 12.1.1.1 24
[R1-Serial4/0/0]
Jul 22 2023 09:57:12-08:00 R3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol PPP
 IPCP on the interface Serial4/0/0 has entered the UP state. 
[R3-Serial4/0/0]int g0/0/0
[R3-GigabitEthernet0/0/0]ip ad    
[R3-GigabitEthernet0/0/0]ip address 192.168.1.3 24
Jul 22 2023 09:58:34-08:00 R3 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 

    R2 
[Huawei]sys R2
[R2]int g    
[R2]int s    
[R2]int Serial 4/0/0
[R2-Serial4/0/0]ip ad    
[R2-Serial4/0/0]ip address 12.1.1.2 24
[R2-Serial4/0/0]
Jul 22 2023 09:57:12-08:00 R2%%01IFNET/4/LINK_STATE(l)[0]:The line protocol PPP
 IPCP on the interface Serial4/0/0 has entered the UP state. 
[R2-Serial4/0/0]int g0/0/0
[R2-Serial3/0/0]ip ad    
[R2-Serial3/0/0]ip address 24.1.1.1 24
Jul 22 2023 09:58:34-08:00 R2 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 

[R2-Serial4/0/1]ip address 23.1.1.1 24

 R3

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys R3
[R3]int Serial 4/0/0
[R3-Serial4/0/0]ip ad    
[R3-Serial4/0/0]ip address 23.1.1.2 24
[R3-Serial4/0/0]int g0/0/0   
[R3-GigabitEthernet0/0/0]ip address 192.168.2.3 24
 

R4

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys R4 
[R4]int Serial 4/0/0   
[R4-Serial4/0/0]ip address 24.1.1.2 24
[R4-Serial4/0/0]
Jul 22 2023 10:00:44-08:00 R4 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol PPP
 IPCP on the interface Serial4/0/0 has entered the UP state. 
[R4-Serial4/0/0]q
[R4]int GigabitEthernet 0/0/0
[R4-GigabitEthernet0/0/0]ip address 192.168.3.3 24
Jul 22 2023 10:01:12-08:00 R4 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R4-GigabitEthernet0/0/0]q

      ②配置hdlc

[R1]int Serial 4/0/0
[R1-Serial4/0/0]li    
[R1-Serial4/0/0]link-protocol hd    
[R1-Serial4/0/0]link-protocol hdlc 

[R2]int Serial 4/0/0
[R2-Serial4/0/0]link-protocol hdlc 

[R2-Serial4/0/0]int s    
[R2-Serial4/0/0]int s4/0/1
[R2-Serial4/0/1]link-protocol hdlc 

    ③.然后在r2-r3、r2-r4之间做认证

[R3]interface Serial 4/0/0
[R3-Serial4/0/0]ppp pa    
[R3-Serial4/0/0]ppp pap lo    
[R3-Serial4/0/0]ppp pap local-user huawei pa    
[R3-Serial4/0/0]ppp pap local-user huawei password ci    
[R3-Serial4/0/0]ppp pap local-user huawei password cipher huawei 

[R4]interface Serial 4/0/0
[R4-Serial4/0/0]ppp ch    
[R4-Serial4/0/0]ppp chap pa    
[R4-Serial4/0/0]ppp chap password ci    
[R4-Serial4/0/0]ppp chap password cipher 
[R4-Serial4/0/0]ppp chap password cipher huawei 

     ③.构建MGRE并对rip进行固定 

       R1 

[R1]acl 2000
[R1-acl-basic-2000]rule 1 permit source any 
[R1-acl-basic-2000]q   
[R1]interface Serial 4/0/0  
[R1-Serial4/0/0]nat outbound 2000
[R1-Serial4/0/0]q
[R1]rip 1
[R1-rip-1]version 2   
[R1-rip-1]network 12.0.0.0  
[R1-rip-1]network 192.168.1.0
[R1-rip-1]q 
[R1]interface Tunnel 0/0/0  
[R1-Tunnel0/0/0]undo rip split-horizon 

      R2 

[R2]acl 2000
[R2-acl-basic-2000]rule 1 permit source any 
[R2-acl-basic-2000]q 
[R2]interface Serial 4/0/0
[R2-Serial4/0/0]nat outbound 2000
[R2-Serial4/0/0]q 
[R2]rip 1
[R2-rip-1]version 2
[R2-rip-1]network 12.0.0.0
[R2-rip-1]q
[R2]interface Tunnel 0/0/0
[R2-Tunnel0/0/0]undo rip split-horizon 
[R2-Tunnel0/0/0]q

3.测试