要求:
1.R2为ISP,其上只能配置IP地址
2.R1-R2之间为HDLC封装
3.R2-R3之间为ppp封装,pap认证,r2为主认证方
4.R2-R4之间为ppp封装,chap认证,R2为主认证方
5.R1、R2、R3构建MGRE环境,仅R1IP地址固定
6.内网使用RIP获取路由,所有pc可以互相访问,并且可访问R2的环回。
拓扑图
pc1配置
pc2配置
pc3配置
AR1
sysname r1
aaa (HDLC Cisco封装)
local-user admin password cipher yf123
local-user admin service-type http
acl number 2000
rule 1 permit
interface Serial4/0/0
link-protocol hdlc
ip address 12.1.1.1 255.255.255.0
nat outbound 2000
interface Serial4/0/1
link-protocol ppp
interface GigabitEthernet0/0/0
ip address 192.168.1.1 255.255.255.0
interface Tunnel0/0/0
ip address 10.1.1.1 255.255.255.0
undo rip split-horizon
tunnel-protocol gre p2mp
source 12.1.1.1
nhrp entry multicast dynamic
nhrp network-id 100
rip 1
version 2
network 10.0.0.0
network 192.168.1.0
ip route-static 0.0.0.0 0.0.0.0 12.1.1.2
AR2
isp的环回接口IP:1.1.1.1
sysname ISP
aaa
local-user yf password cipher yf123
local-user yf service-type ppp
local-user admin password cipher yf123
local-user admin service-type http
interface Serial3/0/0
link-protocol ppp
ppp authentication-mode pap
ip address 12.1.2.1 255.255.255.0
interface Serial3/0/1
link-protocol ppp
ppp authentication-mode chap
ip address 12.1.3.1 255.255.255.0
interface Serial4/0/0
link-protocol hdlc
ip address 12.1.1.2 255.255.255.0
interface Serial4/0/1
link-protocol ppp
interface LoopBack0
ip address 1.1.1.1 255.255.255.0
AR3
sysname r2
aaa
local-user admin password cipher yf123
local-user admin service-type http
interface Serial4/0/0
link-protocol ppp
ppp pap local-user yf password cipher yf123
ip address 12.1.2.2 255.255.255.0
nat outbound 2000
interface Serial4/0/1
link-protocol ppp
interface GigabitEthernet0/0/0
ip address 192.168.2.1 255.255.255.0
interface Tunnel0/0/0
ip address 10.1.1.2 255.255.255.0
tunnel-protocol gre p2mp
source Serial4/0/0
nhrp network-id 100
nhrp entry 10.1.1.1 12.1.1.1 register
rip 1
version 2
network 10.0.0.0
network 192.168.2.0
ip route-static 0.0.0.0 0.0.0.0 12.1.2.1
AR4
sysname r3
aaa
local-user admin password cipher yf123
local-user admin service-type http
interface Serial4/0/0
link-protocol ppp
ppp chap user yf
ppp chap password cipher yf123
ip address 12.1.3.2 255.255.255.0
nat outbound 2000
interface Serial4/0/1
link-protocol ppp
interface GigabitEthernet0/0/0
ip address 192.168.3.1 255.255.255.0
interface Tunnel0/0/0
ip address 10.1.1.3 255.255.255.0
tunnel-protocol gre p2mp
source Serial4/0/0
nhrp network-id 100
nhrp entry 10.1.1.1 12.1.1.1 register
rip 1
version 2
network 10.0.0.0
network 192.168.3.0
ip route-static 0.0.0.0 0.0.0.0 12.1.3.1
结果(用pc1去ping ISP的环回以及主机pc2和pc3)
ping ISP的环回
ping pc2
ping pc3