HCIP----HDLC、PPP的PAP和chap认证、MGRE、GRE

最新推荐文章于 2024-09-14 20:30:05 发布

小姚要加油！

最新推荐文章于 2024-09-14 20:30:05 发布

阅读量914

点赞数 20

文章标签：网络计算机网络服务器

本文链接：https://blog.csdn.net/qq_74430033/article/details/140253052

版权

实验拓展图如下：

1.R3为ISP，只能进行IP地址配置，其所有地址均为公有IP地址

IP地址规划

[R1]interface Ethernet 0/0/0
[R1-Ethernet0/0/0]ip add 192.168.1.2 24
[R1-Ethernet0/0/0]int s 4/0/0
[R1-Serial4/0/0]ip add 1.1.0.1 24

[R4]interface Ethernet 0/0/0
[R4-Ethernet0/0/0]ip add 192.168.2.2 24
[R4-Ethernet0/0/0]int s 4/0/0
[R4-Serial4/0/0]ip add 2.2.0.1 24

[R5]int Ethernet 0/0/0
[R5-Ethernet0/0/0]ip add 192.168.3.2 24
[R5-Ethernet0/0/0]int s 4/0/0
[R5-Serial4/0/0]ip add 3.3.0.1 24

[R2]int Ethernet 0/0/0
[R2-Ethernet0/0/0]ip add 192.168.4.2 24
[R2-Ethernet0/0/0]int g0/0/1
[R2-Ethernet0/0/1]ip add 4.4.0.1 24

[ISP]int Ethernet 0/0/0
[ISP-Ethernet0/0/0]ip add 4.4.0.2 24
[ISP-Ethernet0/0/0]int s 3/0/0
[ISP-Serial3/0/0]ip add 1.1.0.2 24
[ISP-Serial3/0/0]int s 3/0/1
[ISP-Serial3/0/1]ip add 2.2.0.2 24
[ISP-Serial3/0/1]int s 4/0/0
[ISP-Serial4/0/0]ip add 3.3.0.2 24

[ISP]interface loopback1
[ISP-LoopBack1]ip add 5.5.5.1 24

配置缺省路由

[R1]ip route-static 0.0.0.0 0 1.1.0.2
[R2]ip route-static 0.0.0.0 0 2.2.0.2
[R3]ip route-static 0.0.0.0 0 3.3.0.2
[R4]ip route-static 0.0.0.0 0 4.4.0.2

2.R1和R3之间使用ppp的pAP认址，R3为主认证方；R4与R3之间使用ppp的chap认证，R3为主认证方；R5与R3之间使用HDLC封装。

[ISP]aaa

[ISP-aaa]local-user admin password cipher 012345

[ISP-aaa]local-user admin service-type ppp

[ISP-aaa]int s 3/0/0

[ISP-Serial3/0/0]ppp authentication-mode pap

[r1-Serial4/0/0]ppp pap local-user admin password cipher 012345

[ISP-Serial3/0/0]shutdown
[ISP-Serial3/0/0]undo shutdown
[ISP-Serial3/0/0]ping 2.2.0.2
（使用ping命令可以ping说明认证成功）

[ISP]aaa
[ISP-aaa]local-user admin password cipher 12345
[ISP-aaa]local-user admin service-type ppp
[ISP-aaa]q
[ISP]int s 3/0/1
[ISP-Serial3/0/1]ppp authentication-mode chap
[R4-Serial4/0/0]ppp chap user admin
[R4-Serial4/0/0]ppp chap password cipher 12345

[R5-Serial4/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y
[ISP-Serial4/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y

3.R1/R4/R5构建一个MGRE环境，R1为中心站点；R1、R2间为点到点的GRE。

[R1]int Tunnel 0/0/0
[R1-Tunnel0/0/0]ip add 192.168.5.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre p2mp
[R1-Tunnel0/0/0]source 1.1.0.1
[R1-Tunnel0/0/0]nhrp network-id 100
[R4]int Tunnel 0/0/0
[R4-Tunnel0/0/0]ip add 192.168.5.2 24
[R4-Tunnel0/0/0]tunnel-protocol gre p2mp
[R4-Tunnel0/0/0]nhrp network-id 100
[R4-Tunnel0/0/0]nhrp entry 192.168.5.1 1.1.0.1

R3与R1R4一样的命令操作

[r1]int Tunnel 0/0/1
[r1-Tunnel0/0/1]ip add 192.168.6.1 24
[r1-Tunnel0/0/1]tunnel-protocol gre
[r1-Tunnel0/0/1]source 1.1.0.1
[r1-Tunnel0/0/1]description 4.4.0.1

4.整个私有网络基于RIP全网可达

[R1]rip
[R1-rip-1]v 2
[R1-rip-1]network 192.168.1.0
[R1-rip-1]network 192.168.5.0
[R1-rip-1]network 192.168.6.0

R2R4R5与R1一样的命令操作

5.所有Pc设置私有Ip为源卫，可以访问R3环回

[R1]acl 2000
[R1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[R1-acl-basic-2000]q
[R1]int s 4/0/0
[R1-Serial4/0/0]nat outbound 2000
[R1-Serial4/0/0]

R5 R2与R1操作相同，就可以访问R3环回