IP第三次作业

实验拓扑及要求如图所示: 

我连接的拓扑:

 

实验思路：

1.按图示配置设备IP地址

2.使用路由协议让私网公网全网通

3.配置pap，chap，HDLC封装

4.配置MGRE，GRE

5.配置RIP协议

6.配置NAT，使得访问内网环回

 实验开始：

1.IP配置：

R1：

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 192.168.1.1 24
Mar 30 2024 14:09:59-08:00 R1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R1-GigabitEthernet0/0/0]int s3/0/0
[R1-Serial3/0/0]ip add 15.1.1.1 24
R2:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R2
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 45.1.1.1 24
Mar 30 2024 14:13:25-08:00 R2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R2-GigabitEthernet0/0/0]int s3/0/0
[R2-Serial3/0/0]ip add 15.1.1.1 24
[R2-Serial3/0/0]
Mar 30 2024 14:13:42-08:00 R2 %%01PPP/4/SAMEIP(l)[1]:On the interface Serial3/0/
0, IPCP negotiation failed because the peer IP address was the same as local add
ress. 
[R2-Serial3/0/0]int s3/0/1
[R2-Serial3/0/1]ip add 5.5.5.1 24
[R2-Serial3/0/1]
Mar 30 2024 14:14:12-08:00 R2 %%01PPP/4/SAMEIP(l)[2]:On the interface Serial3/0/
0, IPCP negotiation failed because the peer IP address was the same as local add
ress. 
[R2-Serial3/0/1]
Mar 30 2024 14:14:12-08:00 R2 %%01PPP/4/SAMEIP(l)[3]:On the interface Serial3/0/
0, IPCP negotiation failed because the peer IP address was the same as local add
ress. 
[R2-Serial3/0/1]int s4/0/0
[R2-Serial4/0/0]ip add 35.1.1.1 24
 

R3:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 45.1.1.2 24
Mar 30 2024 14:16:08-08:00 R3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R3-GigabitEthernet0/0/0]int g0/0/1
[R3-GigabitEthernet0/0/1]ip add 192.168.4.1 24
[R3-GigabitEthernet0/0/1]
Mar 30 2024 14:16:26-08:00 R3 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R3-GigabitEthernet0/0/1]

R4:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R4
[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip add 192.168.3.1 24
Mar 30 2024 14:17:19-08:00 R4 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R4-GigabitEthernet0/0/0]int s3/0/0
[R4-Serial3/0/0]ip add 35.1.1.2 24
[R4-Serial3/0/0]
Mar 30 2024 14:17:42-08:00 R4 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol PPP
 IPCP on the interface Serial3/0/0 has entered the UP state. 
[R4-Serial3/0/0] 

R5:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R5
[R5]int g0/0/0
[R5-GigabitEthernet0/0/0]ip add 192.168.2.1 24
Mar 30 2024 14:18:24-08:00 R5 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R5-GigabitEthernet0/0/0]int s3/0/0
[R5-Serial3/0/0]ip add 25.1.1.2 24
[R5-Serial3/0/0]
Mar 30 2024 14:18:41-08:00 R5 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol PPP
 IPCP on the interface Serial3/0/0 has entered the UP state. 
[R5-Serial3/0/0] 

电脑如图配置即可(我用的PC1):

2.内网外网通:
实现外网通：
题目说R5(我图的R2）只能进行
Ip配置，在其他几个路由上配置一个缺省即可：
R1：[R1]ip route-static 0.0.0.0 0 15.1.1.2
R3：[R3]ip route-static 0.0.0.0 0 45.1.1.1
R4：[R4]ip route-static 0.0.0.0 0 35.1.1.1
R5：[R5]ip route-static 0.0.0.0 0 25.1.1.1

R1和R2间使用PPP的PAP认证，R2为主认证方

R2]aaa
[R2-aaa]lo    
[R2-aaa]local-user yuzhiwei p    
[R2-aaa]local-user yuzhiwei password c    
[R2-aaa]local-user yuzhiwei password cipher yzw12345
Info: Add a new user.
[R2-aaa]l    
[R2-aaa]local-user yuzhiwei s    
[R2-aaa]local-user yuzhiwei service-type ppp
[R2-aaa]q
[R2]int s 4/0/0
[R2-Serial4/0/0]ppp au    
[R2-Serial4/0/0]ppp authentication-mode ?
  chap  Enable CHAP authentication
  pap   Enable PAP authentication
[R2-Serial4/0/0]ppp authentication-mode pap
[R2-Serial4/0/0]

[R1-Serial4/0/0]ppp     
[R1-Serial4/0/0]ppp ?
  authentication-mode  Specify PPP authentication-mode
  chap                 Specify CHAP parameters 
  ipcp                 Specify IPCP parameters
  mp                   Multilink PPP
  pap                  Specify PAP parameters
  timer                Specify timer 
[R1-Serial4/0/0]ppp pap?
  pap  Specify PAP parameters
[R1-Serial4/0/0]ppp pap l    
[R1-Serial4/0/0]ppp pap local-user lt p    
[R1-Serial4/0/0]ppp pap local-user lt password c    
[R1-Serial4/0/0]ppp pap local-user lt password cipher 12345
[R1-Serial4/0/0]
[R1-Serial4/0/0]
[R1-Serial4/0/0]shutdown
Mar 30 2024 14:17:59-08:00 r1 %%01PPP/4/PHYSICALDOWN(l)[0]:On the interface Seri
al4/0/0, PPP link was closed because the status of the physical layer was Down. 

[R1-Serial4/0/0] IPCP on the interface Serial4/0/0 has entered the DOWN state. 
[R1-Serial4/0/0]
Mar 30 2024 16:15:59-08:00 r1 %%01RM/4/IPV4_DEFT_RT_CHG(l)[4]:IPV4 default Route
 is changed. (ChangeType=Delete, InstanceId=0, Protocol=Static, ExitIf=Unknown, 
Nexthop=15.1.1.5, Neighbour=0.0.0.0, Preference=1006632960, Label=NULL, Metric=0
) 
[R1-Serial4/0/0]undo shutdow IPCP on the interface Serial4/0/0 has entered the UP state. 
[R1-Serial4/0/0]
R2与R5之间使用ppp的CHAP认证，R5为主认证方

[R5-aaa]lo    
[R5-aaa]local-user NQ    
[R5-aaa]local-user NQ p    
[R5-aaa]local-user NQ password c    
[R5-aaa]local-user NQ password cipher 12345
Info: Add a new user.
[R5-aaa]lo    
[R5-aaa]local-user NQ s    
[R5-aaa]local-user NQ service-type ppp
[R5-aaa]q
[R5]int s 3/0/1
[R5-Serial3/0/1]ppp chap ?
  password  Specify user password 
  user      Specify user name 
[R5-Serial3/0/1]ppp au    
[R5-Serial3/0/1]ppp authentication-mode chap
[R5-Serial3/0/1]
[R5-Serial3/0/1]q
[R5]

[R2]
[R2]int s 3/0/0
[R2-Serial3/0/0]ppp c    
[R2-Serial3/0/0]ppp chap u    
[R2-Serial3/0/0]ppp chap user ln
[R2-Serial3/0/0]ppp c    
[R2-Serial3/0/0]ppp chap p    
[R2-Serial3/0/0]ppp chap password c    
[R2-Serial3/0/0]ppp chap password cipher 112345
[R2-Serial3/0/0]shutdown
[R2-Serial3/0/0]
[R2-Serial3/0/0]undo shutdown

R3与R2之间使用HDLC封装;

[R3]int s 4/0/0
[R3-Serial4/0/0]lin    
[R3-Serial4/0/0]link-protocol h    
[R3-Serial4/0/0]link-protocol hdlc 
[R3-Serial4/0/0]
[R2]int s 3/0/0
[R2-Serial3/0/0]lin    
[R2-Serial3/0/0]link-protocol h    
[R2-Serial3/0/0]link-protocol hdlc 
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y

R1、R5、R3构建一个MGRE环境，R1为中心站点，R1、R4间为点到点的GRE

[R1]int t    
[R1]int Tunnel 0/0/0
[R1-Tunnel0/0/0]t    
[R1-Tunnel0/0/0]    
[R1-Tunnel0/0/0]te    
[R1-Tunnel0/0/0]tu    
[R1-Tunnel0/0/0]tunnel-protocol gre?
  gre  Generic Routing Encapsulation
[R1-Tunnel0/0/0]tunnel-protocol gre ?
  p2mp  Point to multi-point GRE mode
  <cr>  Please press ENTER to execute command 
[R1-Tunnel0/0/0]tunnel-protocol gre p2mp
[R1-Tunnel0/0/0]
[R1-Tunnel0/0/0]
[R1-Tunnel0/0/0]s    
[R1-Tunnel0/0/0]so    
[R1-Tunnel0/0/0]sour    
[R1-Tunnel0/0/0]source s     
[R1-Tunnel0/0/0]source Serial 4/0/0
[R1-Tunnel0/0/0]
[R1-Tunnel0/0/0]n    
[R1-Tunnel0/0/0]nat
[R1-Tunnel0/0/0]nhrp n    
[R1-Tunnel0/0/0]nhrp network-id 100
[R1-Tunnel0/0/0]q
[R1]dis ip int b    
[R1]dis ip int brief 
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 3
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 3

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              192.168.1.254/24     up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
NULL0                             unassigned           up         up(s)     
Serial4/0/0                       15.1.1.1/24          up         up        
Serial4/0/1                       unassigned           down       down      
Tunnel0/0/0                       10.1.2.1/24          up         up        
[R1]

R5]int t    
[R5]int Tunnel 0/0/0
[R5-Tunnel0/0/0]ip add 10.1.2.2 24
[R5-Tunnel0/0/0]tu    
[R5-Tunnel0/0/0]tunnel-protocol gre p    
[R5-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R5-Tunnel0/0/0]
[R5-Tunnel0/0/0]q
[R5]dis ip int b    
[R5]dis ip int brief 
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 5
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 6

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              192.168.2.254/24     up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
NULL0                             unassigned           up         up(s)     
Serial3/0/0                       25.1.1.2/24          up         up        
Serial3/0/1                       unassigned           down       down      
Serial4/0/0                       unassigned           down       down      
Serial4/0/1                       unassigned           down       down      
Tunnel0/0/0                       10.1.2.2/24          up         down      
[R5]

[R3]int t    
[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]ip add 10.1.2.3 24
[R3-Tunnel0/0/0]tu    
[R3-Tunnel0/0/0]tunnel-protocol gre     
[R3-Tunnel0/0/0]tunnel-protocol gre p    
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R3-Tunnel0/0/0]
[R3-Tunnel0/0/0]
[R3-Tunnel0/0/0]q
[R3]

  Please check whether system data has been changed, and save data in time

  Configuration console time out, please press any key to log on[r3]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 3
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 4

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              192.168.3.254/24     up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
NULL0                             unassigned           up         up(s)     
Serial4/0/0                       35.1.1.3/24          up         up        
Serial4/0/1                       unassigned           down       down      
Tunnel0/0/0                       10.1.2.3/24          up         down      
[r3]int t    
[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]so    
[R3-Tunnel0/0/0]source s    
[R3-Tunnel0/0/0]source Serial 4/0/0
Mar 30 2024 14:46:53-08:00 r3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 
[R3-Tunnel0/0/0]
[R3-Tunnel0/0/0]nh    
[R3-Tunnel0/0/0]nhrp n    
[R3-Tunnel0/0/0]nhrp network-id 100

[R3]int tu    
[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]nh    
[R3-Tunnel0/0/0]nhrp en    
[R3-Tunnel0/0/0]nhrp entry 10.2.1.1 15.1.1.1 re    
[R3-Tunnel0/0/0]nhrp entry 10.2.1.1 15.1.1.1 register 
[R3-Tunnel0/0/0]
[R3-Tunnel0/0/0]q
[R3]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 3
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 3

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              192.168.3.254/24     up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
NULL0                             unassigned           up         up(s)     
Serial4/0/0                       35.1.1.3/24          up         up        
Serial4/0/1                       unassigned           down       down      
Tunnel0/0/0                       10.1.2.3/24          up         up        
[r3]

[R1]int t    
[R1]int Tunnel 0/0/1
[R1-Tunnel0/0/1]ip add 10.1.1.1 24
[R1-Tunnel0/0/1]tu    
[R1-Tunnel0/0/1]tunnel-protocol gre
[R1-Tunnel0/0/1]so    
[R1-Tunnel0/0/1]source 15.1.1.1
[R1-Tunnel0/0/1]dest    
[R1-Tunnel0/0/1]destination 45.1.1.4
Mar 30 2024 15:35:40-08:00 r1 %%01IFNET/4/LINK_STATE(l)[9]:The line protocol IP 
on the interface Tunnel0/0/1 has entered the UP state. 

[R4]int t    
[R4]int Tunnel 0/0/1
[R4-Tunnel0/0/1]ip add 10.1.1.2 24
[R4-Tunnel0/0/1]tu    
[R4-Tunnel0/0/1]tunnel-protocol gre
[R4-Tunnel0/0/1]sc    
[R4-Tunnel0/0/1]so    
[R4-Tunnel0/0/1]source 45.1.1.4
[R4-Tunnel0/0/1]dest    
[R4-Tunnel0/0/1]destination 15.1.1.1 

整个私有网络基本RIP全网可达(以R1和R5为例)

[R1]rip 1
[R1-rip-1]v 2
[R1-rip-1]undo summary
[R1-rip-1]network 10.0.0.0

[R5]rip 1
[R5-rip-1]v 2
[R5-rip-1]undo    
[R5-rip-1]undo summary 
[R5-rip-1]network 192.168.2.0
[R5-rip-1]network 10.0.0.0

配置NAT，使得访问内网环回
[R1-acl-basic-2000]rule 5 per    
[R1-acl-basic-2000]rule 5 permit s    
[R1-acl-basic-2000]rule 5 permit source 192.168.1.0 0.0.0.255
[R1-acl-basic-2000]q
[R1]int s    
[R1]int Serial 3/0/0
[R1-Serial3/0/0]n    
[R1-Serial3/0/0]nat out    
[R1-Serial3/0/0]nat outbound 2000
[R1-Serial3/0/0]

[R5]acl 2000
[R5-acl-basic-2000]ru    
[R5-acl-basic-2000]rule 5 p    
[R5-acl-basic-2000]rule 5 permit s    
[R5-acl-basic-2000]rule 5 permit source 192.168.2.0 0.0.0.255
[R5-acl-basic-2000]q
[R5]int s    
[R5]int Serial 3/0/0
[R5-Serial3/0/0]n    
[R5-Serial3/0/0]nat ou    
[R5-Serial3/0/0]nat outbound 2000

[R3]acl 2000
[R3-acl-basic-2000]
[R3-acl-basic-2000]rule 5 p    
[R3-acl-basic-2000]rule 5 permit s    
[R3-acl-basic-2000]rule 5 permit source 192.168.3.0 0.0.0.255
[R3-acl-basic-2000]q
[R3]int s    
[R3]int Serial 3/0/0
[R3-Serial3/0/0]nat    
[R3-Serial3/0/0]nat ou    
[R3-Serial3/0/0]nat outbound 2000

[R4]acl 2000
[R4-acl-basic-2000]ru    
[R4-acl-basic-2000]rule 5 pr    
[R4-acl-basic-2000]rule 5 p    
[R4-acl-basic-2000]rule 5 permit s    
[R4-acl-basic-2000]rule 5 permit source 192.168.4.0 0.0.0.255
[R4acl-basic-2000]q
[R4int g 0/0/1
[R4GigabitEthernet0/0/1]nat    
[R4-GigabitEthernet0/0/1]nat ou    
[R4-GigabitEthernet0/0/1]nat outbound 2000