HCIP实验（pap、chap、HDLC、MGRE、RIP）

Hhmy

已于 2024-04-20 19:39:53 修改

阅读量134

点赞数

分类专栏： HCIP 文章标签：网络 tcp/ip

于 2023-08-02 21:58:40 首次发布

本文链接：https://blog.csdn.net/m0_67441173/article/details/132069958

版权

HCIP 专栏收录该内容

12 篇文章 0 订阅

订阅专栏

题目：

1、IP分配

2、HDLC封装

[r1]int s4/0/0
[r1-Serial4/0/0]link-protocol hdlc 
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]:y

[isp]int s4/0/0	
[isp-Serial4/0/0]link-protocol hdlc 
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]:y

3、R2--R3ppp封装------pap认证，R2主认证方

主认证方：
[isp]aaa
[isp-aaa]local-user huang password cipher 2002
[isp-aaa]local-user huang service-type ppp 
[isp-aaa]int s4/0/1
[isp-Serial4/0/1]ppp authentication-mode pap
//注：如果认证时时启动状态，则最后要关闭，在启动才起作用

被认证方：
[r3]int s4/0/1

//Aug  2 2023 19:34:24-08:00 r3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol PPP
 on the interface Serial4/0/1 has entered the UP state. 
[r3-Serial4/0/1]ppp pap local-user huang 
Aug  2 2023 19:34:24-08:00 r3 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol PPP
 on the interface Serial4/0/1 has entered the DOWN state. 只认证一边的提示

[r3-Serial4/0/1]ppp pap local-user huang password cipher 2002

4、R2和R4chap认证，R2主认证方

主认证方：
[isp]aaa
[isp-aaa]local-user meng password cipher 2002
[isp-aaa]local-user meng service-type ppp 
[isp-aaa]int s3/0/0
[isp-Serial3/0/0]ppp authentication-mode chap 

被认证方：
[r4]int s4/0/0
[r4-Serial4/0/0]ppp chap user meng
[r4-Serial4/0/0]ppp chap password cipher 2002

5、构建MGRE环境，R1地址固定

5.1先将公网ping通----缺省路由

[r1]ip route-static 0.0.0.0 0 1.1.1.2
[r3]ip route-static 0.0.0.0 0 3.3.3.4
[r4]ip route-static 0.0.0.0 0 4.4.4.5

真IP互相可通

5.2虚拟IP规划图：

中心站点：
[r1]int Tunnel 0/0/0
[r1-Tunnel0/0/0]ip add 192.168.4.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r1-Tunnel0/0/0]source 1.1.1.1
[r1-Tunnel0/0/0]nhrp network-id 66

分支站点：
[r3]int Tunnel 0/0/0
[r3-Tunnel0/0/0]ip add 192.168.4.3 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r3-Tunnel0/0/0]source Serial 4/0/1
[r3-Tunnel0/0/0]nhrp entry 192.168.4.1 1.1.1.1 register 
[r3-Tunnel0/0/0]nhrp network-id 66

[r4]int Tunnel 0/0/0
[r4-Tunnel0/0/0]ip add 192.168.4.4 24
[r4-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r4-Tunnel0/0/0]source Serial 4/0/0
[r4-Tunnel0/0/0]nhrp entry 192.168.4.1 1.1.1.1 register 
[r4-Tunnel0/0/0]nhrp network-id 66

R1生成表 R3、R4生成表

虚拟IP也可以互相ping通

6、rip获取路由，pc互通可以访问R2的环回

6.1添加rip协议

[R1]rip 1
[R1-rip-1]vers 2
[R1-rip-1]network 192.168.4.0
[R1-rip-1]network 192.168.1.0
[r1-rip-1]int tu0/0/0 //rip是在虚拟接口实现的
[r1-Tunnel0/0/0]undo rip split-horizon

[r3]rip
[r3-rip-1]vers 2	
[r3-rip-1]network 192.168.4.0
[r3-rip-1]network 192.168.2.0

[r4]rip
[r4-rip-1]vers 2
[r4-rip-1]network 192.168.4.0
[r4-rip-1]network 192.168.3.0

6.2添加nat

[r1]acl 2000
[r1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r1-acl-basic-2000]int s4/0/0
[r1-Serial4/0/0]nat outbound 2000

[r3]acl 2000
[r3-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255
[r3-acl-basic-2000]int s4/0/1
[r3-Serial4/0/1]nat outbound 2000

[r4]acl 2000
[r4-acl-basic-2000]rule permit source 192.168.3.0 0.0.0.255
[r4-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r4-acl-basic-2000]int s4/0/0
[r4-Serial4/0/0]nat outbound 2000

效果：