目录
一、实验要求
二、实验解析
1)R2为ISP,故只需要在R2上配置一个环回 (6.6.6.6/24)
2)R1 - R2 为hdlc 封装,故分别进入R1 与 R2 修改接口封装为HDLC (link-protocol hdlc )
3) R2 - R3 为ppp的封装,pap的认证,R2为主认证方,故R3为被认证方(客户端)
4) R2 - R4 为ppp的封装,chap的认证,R2为主认证方,故R4为被认证方(客户端)
5)mgre 环境,R1 的源IP为固定的(12.1.1.1),R3与R4 源为出来的接口
6)可以访问R2 的环回,即我们使用nat技术
三、实验拓扑
四、配置
对R2 进行全部配置
R2:
[r2]int s4/0/0
[r2-Serial4/0/0]link-protocol hdlc[r2-Serial4/0/0]ip address 12.1.1.2 24
[r2-Serial4/0/0]int lo0
[r2-LoopBack0]ip address 6.6.6.6 24[r2]int s4/0/1
[r2-Serial4/0/1]ip address 23.1.1.2 24[r2]aaa
[r2-aaa]local-user a password cipher 123456
[r2-aaa]local-user a service-type ppp
[r2]int s4/0/1
[r2-Serial4/0/1]ppp authentication-mode pap
[r2-Serial4/0/1]q[r2]int s3/0/0
[r2-Serial3/0/0]ip address 34.1.1.1 24
[r2-Serial3/0/0]ppp authentication-mode chap
[r2-Serial3/0/0]q[r2]aaa
[r2-aaa]local-user b password cipher 654321
[r2-aaa]local-user b service-type ppp
对R1 进行IP配置以及hdlc
[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip address 192.168.1.2 24[r1]int s4/0/0
[r1-Serial4/0/0]ip address 12.1.1.1 24
[r1-Serial4/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y
对R3 进行IP配置以及pap
[Huawei]int s4/0/0
[Huawei-Serial4/0/0]undo ip address 23.1.1.1 24
[Huawei-Serial4/0/0]ppp pap local-user a password cipher 123456
对R4 进行IP配置以及chap
[Huawei-GigabitEthernet0/0/0]ip address 192.168.3.2 24
[Huawei-GigabitEthernet0/0/0]int s4/0/0
[Huawei-Serial4/0/0]ppp chap user b
[Huawei-Serial4/0/0]ppp chap password cipher 654321
[Huawei-Serial4/0/0]ip address 34.1.1.2 24
写路由
R1:
[r1]ip route-static 0.0.0.0 0 12.1.1.2
R3:
[r3]ip route-static 0.0.0.0 0 23.1.1.1
R4:
[r4]ip route-static 0.0.0.0 0 34.1.1.1
mgre 配置
R1:
[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/0]ip address 192.168.4.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre p2mp
[r1-Tunnel0/0/0]source 12.1.1.1
[r1-Tunnel0/0/0]nhrp entry multicast dynamic
[r1-Tunnel0/0/0]nhrp network-id 100R3:
[r3]interface Tunnel 0/0/0
[r3-Tunnel0/0/0]ip address 192.168.4.3 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp
[r3-Tunnel0/0/0]source Serial 4/0/0
[r3-Tunnel0/0/0]nhrp entry 192.168.4.1 12.1.1.1 register
[r3-Tunnel0/0/0]nhrp network-id 100R4:
[r4]interface Tunnel 0/0/0
[r4-Tunnel0/0/0]ip address 192.168.4.4 24
[r4-Tunnel0/0/0]tunnel-protocol gre p2mp
[r4-Tunnel0/0/0]source Serial 4/0/0
[r4-Tunnel0/0/0]nhrp entry 192.168.4.1 12.1.1.1 register
[r4-Tunnel0/0/0]nhrp network-id 100
rip 协议的配置
R1:
[r1]rip 1
[r1-rip-1]ver 2
[r1-rip-1]ne
[r1-rip-1]network 192.168.1.0
[r1-rip-1]ne
[r1-rip-1]network 192.168.4.0R3:
[r3]rip 1
[r3-rip-1]ver 2
[r3-rip-1]ne
[r3-rip-1]network 192.168.2.0
[r3-rip-1]network 192.168.4.0R4:
[r4]rip 1
[r4-rip-1]ver 2
[r4-rip-1]ne
[r4-rip-1]network 192.168.3.0
[r4-rip-1]network 192.168.4.0
访问Isp配置
R1:
[r1]acl 2000
[r1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r1-acl-basic-2000]int s4/0/0
[r1-Serial4/0/0]nat outbound 2000R2:
[r3]acl 2000
[r3-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255
[r3-acl-basic-2000]int s4/0/0
[r3-Serial4/0/0]nat outbound 2000R4:
[r4]acl 2000
[r4-acl-basic-2000]rule permit source 192.168.3.0 0.0.0.255
[r4-acl-basic-2000]int s4/0/0
[r4-Serial4/0/0]nat outbound 2000
五、实验结果
PC1->R2环回
PC2->R2环回
R1->R4
PC1->PC2
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
