题目:
拓扑结构:
公网ip:
12.0.0.0 24
15.0.0.0 24
20.0.0.0 24
25.0.0.0 24
实验思路:
1、配置ip地址
2、根据要求进行认证,修改r3与r5的协议
3、配置MGRE环境,以r1位中心,r2 ,r3为分支
4、r1与r4配置点对点管道
5、在各个路由器上启动rip协议(公网ip地址不宣告)
6、用easy nat 是电脑能访问r5环回
配置命令:
配置各个接口ip
r1
interface Serial4/0/0
ip address 12.0.0.1 255.255.255.0
interface GigabitEthernet0/0/0
ip address 1.1.1.2 255.255.255.0
r2 r3 r4 r5依次配置
r1与r5ppp认证的pap认证(r5为主认证方)
r5
[r5]local-user hpc password cipher 123
[r5local-user changan service-type ppp
[r2-Serial3/0/0]ppp authentication-mode pap
r1
[r1-Serial4/0/0]ppp pap local-user hpc password cipher 123(要重启端口验证)
r2与r5ppp认证的chap认证(r5为主认证方)
[r2-Serial3/0/1]ppp authentication-mode chap
[r2-Serial4/0/0]ppp chap user hpc
[r2-Serial4/0/0]ppp chap password cipher 123
r3与r5采用hdlc封装(2遍的协议都要修改)
[r3-Serial4/0/0]link-protocol hdlc
[r5-Serial4/0/0]link-protocol hdlc
构建MGRE环境(r1为中心站点)
写缺省指向r5
ip route-static 0.0.0.0 0 12.0.0.2
ip route-static 0.0.0.0 0 15.0.0.2ip route-static 0.0.0.0 0 20.0.0.2
ip route-static 0.0.0.0 0 25.0.0.2建立r1与r4的管道
r1
[r1]int Tunnel 0/0/0
[r1-Tunnel0/0/0]ip address 10.1.1.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre
[r1-Tunnel0/0/0]source 12.0.0.1
[r1-Tunnel0/0/0]destination 25.0.0.1
r4
[r1]int Tunnel 0/0/0
[r1-Tunnel0/0/0]ip address 10.1.1.2 24
[r1-Tunnel0/0/0]tunnel-protocol gre
[r1-Tunnel0/0/0]source 25.0.0.1
[r1-Tunnel0/0/0]destination 12.0.0.1
建立r1与r2 r3的MGRE环境
[r1]int t 0/0/1
[r1-Tunnel0/0/1]ip address 10.1.2.1 24
[r1-Tunnel0/0/1]tunnel-protocol gre p2mp
[r1-Tunnel0/0/1]source 12.0.0.1
[r1-Tunnel0/0/1]nhrp network-id 100
[r1-Tunnel0/0/1]nhrp entry multicast dynamic
[r1-Tunnel0/0/1]undo rip split-horizon
r2
[r2]int t 0/0/0
[r2-Tunnel0/0/0]ip address 10.1.2.2 24
[r2-Tunnel0/0/0]tunnel-protocol gre p2mp
[r2-Tunnel0/0/0]source interface Serial4/0/0
[r2-Tunnel0/0/0]nhrp network-id 100
[r2-Tunnel0/0/0]nhrp entry 10.1.2.1 12.0.0.1 register
r3
[r3]int t 0/0/0
[r3-Tunnel0/0/0]ip address 10.1.2.3 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp
[r3-Tunnel0/0/0]source interface Serial4/0/0
[r3-Tunnel0/0/0]nhrp network-id 100
[r3-Tunnel0/0/0]nhrp entry 10.1.2.1 12.0.0.1 register
在r1 r2 r3 r4上启动rip
r1
rip 1
version 2
network 1.0.0.0
network 10.0.0.0
r2rip 1
version 2
network 2.0.0.0
network 10.0.0.0
r3rip 1
version 2
network 3.0.0.0
network 10.0.0.0r4
rip 1
version 2
network 10.0.0.0
network 4.0.0.0用nat使电脑能ping通r5环回
r1
acl 2000
rule 5 permit source 1.1.1.0 0.0.0.255interface Serial4/0/0
nat outbound 2000r2、r3、r4依次宣告环回并在接口调用
实验结果图:
pc1
pc:4:
pc2:
pc: