MGRE实验

 

 

目录

 一、网络基本配置及DHCP开启

二、路由间认证

R1-R5的pap认证

R2-R5的chap认证

R3-R5的HDLC封装

三、MGRE和GRE网络搭建--R1为hub

R1、R2、R3MGRE

R2

R1、R4GRE

四、rip宣告网段实现私网互通

五、访问R5环回，配置NAT

---

 一、网络基本配置及DHCP开启

R1

R2

R3 

 R4

 ISP

 R1的配置其他同理

[r1]dhcp enable 
[r1]ip pool aa
[r1-ip-pool-aa] ip pool aa
[r1-ip-pool-aa] gateway-list 192.168.1.1 
[r1-ip-pool-aa] network 192.168.1.0 mask 255.255.255.0 
[r1-ip-pool-aa] dns-list 114.114.114.114 
[r1-GigabitEthernet0/0/0]dhcp select global 

二、路由间认证

R1-R5的pap认证

认证方R5

[ISP-aaa]local-user huawei password cipher 123456
[ISP-aaa]local-user huawei service-type ppp
[ISP-Serial4/0/0]ppp authentication-mode pap

被认证方R1

[r1-Serial4/0/0]ppp pap local-user huawei password cipher 123456

R2-R5的chap认证

认证方R5

[ISP-aaa]local-user hua password cipher 654321
[ISP-aaa]local-user hua service-type ppp
[ISP-Serial4/0/0]ppp authentication-mode chap

被认证方R2

[r2-Serial4/0/0]ppp chap password c	
[r2-Serial4/0/0]ppp chap password cipher 654321

R3-R5的HDLC封装

[r3-Serial4/0/0]link-protocol hdlc 

[ISP-Serial3/0/0]link-protocol hdlc 

三、MGRE和GRE网络搭建--R1为hub

R1、R2、R3MGRE

R1

[r1-Tunnel0/0/0] ip address 192.168.5.1 24
[r1-Tunnel0/0/0] tunnel-protocol gre p2mp
[r1-Tunnel0/0/0] source 15.0.0.1

[r1-Tunnel0/0/0] nhrp redirect --- 使能重定向报文
[r1-Tunnel0/0/0] nhrp entry multicast dynamic ---开启伪广播

[r1-Tunnel0/0/0] rip summary-address 192.168.0.0 255.255.252.0 //shortcut方式

R2

[r2-Tunnel0/0/0] ip address 192.168.5.2 24
[r2-Tunnel0/0/0] tunnel-protocol gre p2mp
[r2-Tunnel0/0/0] source Serial4/0/0
[r2-Tunnel0/0/0] nhrp entry 192.168.5.1 15.0.0.1 register


[r2-Tunnel0/0/0] nhrp shortcut --开启spoke设备的nhrp重定向功能

R3

[r3-Tunnel0/0/0] ip address 192.168.5.3 24
[r3-Tunnel0/0/0] tunnel-protocol gre p2mp
[r3-Tunnel0/0/0] source Serial4/0/0
[r3-Tunnel0/0/0] nhrp entry 192.168.5.1 15.0.0.1 register


[r3-Tunnel0/0/0] nhrp shortcut --开启spoke设备的nhrp重定向功能

R1的nhrp地址解析表

R2和R3的一样

R2ping完R3后nhrp表

 

R1、R4GRE

[r1-Tunnel0/0/1] ip address 192.168.6.1 24
[r1-Tunnel0/0/1] tunnel-protocol gre
[r1-Tunnel0/0/1] source 15.0.0.1
[r1-Tunnel0/0/1] description 45.0.0.1

[r4-Tunnel0/0/1] ip address 192.168.6.4 24
[r4-Tunnel0/0/1] tunnel-protocol gre
[r4-Tunnel0/0/1] source 45.0.0.1
[r4-Tunnel0/0/1] description 15.0.0.1

四、rip宣告网段实现私网互通

[r1-rip-1] undo summary
[r1-rip-1] version 2
[r1-rip-1] network 192.168.1.0
[r1-rip-1] network 192.168.5.0

[r2-rip-1] undo summary
[r2-rip-1] version 2
[r2-rip-1] network 192.168.2.0
[r2-rip-1] network 192.168.5.0

[r3-rip-1] undo summary
[r3-rip-1] version 2
[r3-rip-1] network 192.168.3.0
[r3-rip-1] network 192.168.5.0

[r4-rip-1] undo summary
[r4-rip-1] version 2
[r4-rip-1] network 192.168.4.0

五、访问R5环回，配置NAT

[r1-acl-basic-2000] acl number 2000  
[r1-acl-basic-2000] rule permit source 192.168.1.0 0.0.0.255 
[r1-Serial4/0/0] nat outbound 2000

[r2-acl-basic-2000] acl number 2000  
[r2-acl-basic-2000] rule permit source 192.168.2.0 0.0.0.255 
[r2-Serial4/0/0] nat outbound 2000

[r3-acl-basic-2000] acl number 2000  
[r3-acl-basic-2000] rule permit source 192.168.3.0 0.0.0.255 
[r3-Serial4/0/0] nat outbound 2000

[r4-acl-basic-2000] acl number 2000  
[r4-acl-basic-2000] rule permit source 192.168.4.0 0.0.0.255 
[r4-GigabitEthernet0/0/1] nat outbound 2000