一.实验要求
1.R2为ISP,其上只能配置IP地址
2.R1-R2之间为HDLC封装
3.R2-R3之间为PPP封装,pap认证,R2为主认证方
4.R2-R4之间为PPP封装,chap认证,R2为主认证方
5.R1、R2、R3构建MGRE环境,仅R1IP地址固定
6.内网使用RIP获取路中,所有pc可以互相访问,并且可访问R2的环回。
二.封装
默认封装为ppp,修改R1-R2的封装,认证R2
[R2]int s4/0/0
[R2-Serial4/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]:y
三.R1为主认证方,R3、4为被认证方
[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/0]ip address 192.168.4.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre p2mp
[r1-Tunnel0/0/0]source 12.1.1.1
Jan 1 2023 17:54:35-08:00 r1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
on the interface Tunnel0/0/0 has entered the UP state.
[r1-Tunnel0/0/0]nhrp entry multicast dynamic
[r1-Tunnel0/0/0]nhrp network-id 100
[r3]interface t0/0/0
[r3-Tunnel0/0/0]ip address 192.168.4.2 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp
[r3-Tunnel0/0/0]source s4/0/0
Jan 1 2023 18:27:29-08:00 r3 %%01IFNET/4/LINK_STATE(l)[2]:The line protocol IP
on the interface Tunnel0/0/0 has entered the UP state.
[r3-Tunnel0/0/0]nhrp entry 192.168.4.1 12.1.1.1 register
[r3-Tunnel0/0/0]nhrp network-id 100
四.用rip协议打通
[r1]rip 1
[r1-rip-1]version 2
[r1-rip-1]network 192.168.1.0
[r1-rip-1]network 192.168.4.0
五.明密文认证
[r2]aaa
[r2-aaa]local-user bb privilege level 15 password cipher 456
[r3]interface s4/0/0
[r3-Serial4/0/0]ppp pap local-user bb password cipher 456
[r2-aaa]local-user bb privilege level 15 password cipher 456
[r2]int
[r2]interface s3/0/0
[r2-Serial3/0/0]ppp authentication-mode chap
[r4]interface s4/0/0
[r4-Serial4/0/0]ppp chap user bb
[r4-Serial4/0/0]ppp chap password cipher 456