点到点、NBMA综合实验
题目与ip规划
ISP环回和ip配置
R2配置
[ISP]int loop0
[ISP-LoopBack0]ip add 6.6.6.6 24
[ISP-LoopBack0]q
[ISP]int S3/0/0
[ISP-Serial3/0/0]ip add 192.168.4.1 26
[ISP-Serial3/0/0]q
[ISP]int S4/0/0
[ISP-Serial4/0/0]ip add 192.168.4.65 26
[ISP-Serial4/0/0]q
[ISP]int S3/0/1
[ISP-Serial3/0/1]ip add 192.168.4.129 26
R1-R2之间的HDLC封装
R1
[R1-Serial4/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]:y
Aug 3 2023 19:12:34-08:00 R1 %%01IFNET/4/CHANGE_ENCAP(l)[1]:The user performed
the configuration that will change the encapsulation protocol of the link and then selected Y.
[R1-Serial4/0/0]
R2
[ISP]int S3/0/0
[ISP-Serial3/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]:y
Aug 3 2023 19:19:42-08:00 ISP %%01IFNET/4/CHANGE_ENCAP(l)[0]:The user performed
the configuration that will change the encapsulation protocol of the link and then selected Y.
[ISP-Serial3/0/0]
3.R2-R3之间为ppp封装,pap认证,R2为主认证方
R2
[ISP-Serial4/0/0]link-protocol ppp
[ISP]aaa.
[ISP-aaa]local-user a password cipher 123456
Info: Add a new user.
[ISP-aaa]local-user a service-type ppp
[ISP-aaa]q
[ISP]int S4/0/0
[ISP-Serial4/0/0]ppp authentication-mode pap
[ISP-Serial4/0/0]
R3
[R3-Serial4/0/0]link-protocol ppp
[R3-Serial4/0/0]q
[R3]int S4/0/0
[R3-Serial4/0/0]ppp pap local-user a password cipher 123456
[R3-Serial4/0/0]
认证通过后:Protocol由down’变为up
R2-R4之间为PPP封装,chap认证,R2为主认证方
R2
[ISP-Serial3/0/1]link-protocol ppp
[ISP-Serial3/0/1]q
[ISP]aaa.
[ISP-aaa]local-user a password cipher 123456
Info: Add a new user.
[ISP-aaa]local-user a service-type ppp
[ISP-aaa]q
[ISP]int S3/0/1
[ISP-Serial3/0/1]ppp authentication-mode chap
R4
[R4]int S4/0/0
[R4-Serial4/0/0]ppp chap user a
[R4-Serial4/0/0]ppp chap password cipher 123456
[R4-Serial4/0/0]
R1、R2、R3构建MGRE环境,仅R1 IP地址固定
R1、R3、R4的缺省路由(使各个外网访问内网)
R1
[R1]ip rout 0.0.0.0 0 192.168.4.1
R3
[R3]ip rout 0.0.0.0 0 192.168.4.65
R4
[R4]ip rout 0.0.0.0 0 192.168.4.129
构建MGRE环境
R1
[R1]int Tunnel 0/0/0
[R1-Tunnel0/0/0]ip add 192.168.5.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre p2mp
[R1-Tunnel0/0/0]source 192.168.4.2
[R1-Tunnel0/0/0]nhrp entry multicast dynamic
[R1-Tunnel0/0/0]nhrp network-id 100
[R1-Tunnel0/0/0]
R3
[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]ip add 192.168.5.2 24
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp
[R3-Tunnel0/0/0]source Serial 4/0/0
[R3-Tunnel0/0/0]nhrp entry 192.168.5.1 192.168.4.2 register
[R3-Tunnel0/0/0]nhrp network-id 100
[R3-Tunnel0/0/0]
R4
内网使用RIP获取路由,所有pc可以互相访问,并日可访问R2的环回。
R1
[R1]rip 1
[R1-rip-1]ver 2
[R1-rip-1]network 192.168.4.0
[R1-rip-1]network 192.168.1.0
[R1-rip-1]network 192.168.5.0
[R1-rip-1]
R3
[R3]rip 1
[R3-rip-1]version 2
[R3-rip-1]network 192.168.4.0
[R3-rip-1]network 192.168.2.0
[R3-rip-1]network 192.168.5.0
[R3-rip-1]
R4
[R4]rip 1
[R4-rip-1]version 2
[R4-rip-1]network 192.168.4.0
[R4-rip-1]network 192.168.3.0
[R4-rip-1]q
[R4]
NAT配置
R1
[R1]acl 2000
[R1-acl-basic-2000]rule permit source any
[R1-acl-basic-2000]int S4/0/0
[R1-Serial4/0/0]nat outbound 2000
[R1-Serial4/0/0]
R3
[R3]acl 2000
[R3-acl-basic-2000]rule permit source any
[R3-acl-basic-2000]int S4/0/0
[R3-Serial4/0/0]nat outbound 2000
[R3-Serial4/0/0]
R4
[R4]acl 2000
[R4-acl-basic-2000]rule permit source any
[R4-acl-basic-2000]int S4/0/0
[R4-Serial4/0/0]nat outbound 2000
[R4-Serial4/0/0]