题目
认证
R5与R1的ppp认证
[r5]aaa
[r5-aaa]local-user ppx password cipher 123456
[r5-aaa]local-user ppx service-type ppp
[r5]int s 4/0/0
[r5-Serial4/0/0]ppp authentication-mode pap
[r1]int s 4/0/0
[r1-Serial4/0/0]ppp pap local-user ppx password cipher 123456
R5与R2的chap
[R5]int s 4/0/1
[R5-Serial4/0/1]ppp authentication-mode chap
[R2]int s 4/0/0
[R2-Serial4/0/0]ppp chap user ppx
[R2-Serial4/0/0]ppp chap password cipher 123456
R5与R3的hdlc
[R5]int s 3/0/0
[R5-Serial3/0/0]link-protocol hdlc
[R3]int Serial 4/0/0
[R3-Serial4/0/0]link-protocol hdlc
MGRE的配置
[R1]int Tunnel 0/0/0
[R1-Tunnel0/0/0]ip address 192.168.5.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre p2mp
[R1-Tunnel0/0/0]source 15.0.0.1
[R1-Tunnel0/0/0]nhrp network-id 100
[R2]interface Tunnel 0/0/0
[R2-Tunnel0/0/0]ip address 192.168.5.2 24
[R2-Tunnel0/0/0]tunnel-protocol gre p2mp
[R2-Tunnel0/0/0]source Serial 4/0/0
[R2-Tunnel0/0/0]nhrp network-id 100
[R2-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register
[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]ip add 192.168.5.3 24
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp
[R3-Tunnel0/0/0]source Serial 4/0/0
[R3-Tunnel0/0/0]nhrp network-id 100
[R3-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register
RIP的配置
[r1]rip 1
[r1-rip-1]version 2
[r1-rip-1]network 192.168.1.0
[r1-rip-1]network 192.168.5.0
[r2]rip 1
[r2-rip-1]version 2
[r2-rip-1]network 192.168.2.0
[r2-rip-1]network 192.168.5.0
[r3]rip 1
[r3-rip-1]version 2
[r3-rip-1]network 192.168.3.0
[r3-rip-1]network 192.168.5.0
开启伪广播并且关闭RIP的水平分割
[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/0]nhrp entry multicast dynamic
[r1-Tunnel0/0/0]undo rip split-horizon
所有PC设置私有IP为源IP,可以访问R5环回。
[R1]acl 2000
[R1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[R1]interface Serial 4/0/0
[R1-Serial4/0/0]nat outbound 2000
[R2]acl 2000
[R2-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255
[R2]interface Serial 4/0/0
[R2-Serial4/0/0]nat outbound 2000
[R3]acl 2000
[R3-acl-basic-2000]rule permit source 192.168.3.0 0.0.0.255
[R3]interface Serial 4/0/0
[R3-Serial4/0/0]nat outbound 2000
[R4]acl 2000
[R4-acl-basic-2000]rule permit source 192.168.4.0 0.0.0.255
[R4]interface GigabitEthernet 0/0/1
[R4-GigabitEthernet0/0/1]nat outbound 2000