eNSP-网络类型实验
要求:
实验拓扑及IP地址规划
安全认证
1、PAP
//R1、R5间PAP认证,R5为主认证方
[R1]interface Serial 4/0/0
被认证方
[R1-Serial4/0/0]ip address 11.1.1.2 255.255.255.0
[R1-Serial4/0/0]link-protocol PPP
[R1-Serial4/0/0]ppp pap local-user pangda password cipher w2300000
[R5]aaa
主认证方,aaa安全认证
[R5-aaa]local-user pangda password cipher w2300000
[R5-aaa]local-user service-type ppp
[R5]interface Serial 2/0/0
[R5-Serial2/0/0]link-protocol ppp
[R5-Serial2/0/0]ppp authentication-mode pap
[R5-Serial2/0/0]ip address 11.1.1.2 24
2、CHAP
//R2、R5间CHAP认证,R5主认证方
[R2]interface Serial 4/0/0
被认证方
[R2-Serial4/0/0]ip address 21.1.1.2 255.255.255.0
[R2-Serial4/0/0]link-protocol ppp
[R2-Serial4/0/0]ppp chap user pangda
[R2-Serial4/0/0]ppp chap password cipher w2300000
[R5]interface Serial 2/0/1
主认证方
[R5-Serial2/0/1]ip address 21.1.1.1 255.255.255.0
[R5-Serial2/0/1]link-protocol ppp
[R5-Serial2/0/1]ppp authentication-mode chap
3、HDLC
//R3、R5间HDLC加密
[R5]interface Serial 3/0/0
[R5-Serial3/0/0]ip address 31.1.1.1 255.255.255.0
[R5-Serial3/0/0]link-protocol hdlc
[R3]interface Serial 4/0/0
[R3-Serial4/0/0]ip address 31.1.1.2 255.255.255.0
[R3-Serial4/0/0]link-protocol hdlc
环境构建
1、GRE
//GRE R1、R4建立GRE环境
[R5]interface Serial 3/0/0
[R5-Serial3/0/0]ip address 31.1.1.1 255.255.255.0
[R5-Serial3/0/0]link-protocol hdlc
[R3]interface Serial 4/0/0
[R3-Serial4/0/0]ip address 31.1.1.2 255.255.255.0
[R3-Serial4/0/0]link-protocol hdlc
2、MGRE
//MGRE R1、R2、R3建立MGRE环境
[R1]interface Tunnel 0/0/1
[R1-Tunnel0/0/1]ip address 1.1.1.1 255.255.255.0
[R1-Tunnel0/0/1] tunnel-protocol gre p2mp
MGRE模式
[R1-Tunnel0/0/1] source 11.1.1.2
源IP地址
[R1-Tunnel0/0/1] nhrp entry multicast dynamic
本地成为nhrp中心,同时可以进行伪广播
[R1-Tunnel0/0/1] nhrp network-id 100
默认号0,该段内所有节点tunnel接口必须为相同域
[R2]interface Tunnel 0/0/0
[R2-Tunnel0/0/0] ip address 1.1.1.2 255.255.255.0
[R2-Tunnel0/0/0] tunnel-protocol gre p2mp
[R2-Tunnel0/0/0] source 21.1.1.2
[R2-Tunnel0/0/0] nhrp network-id 100
[R2-Tunnel0/0/0] nhrp entry 1.1.1.1 11.1.1.2 register
分支站点到中心站点注册
[R3]interface Tunnel 0/0/0
[R3-Tunnel0/0/0] ip address 1.1.1.3 255.255.255.0
[R3-Tunnel0/0/0] tunnel-protocol gre p2mp
[R3-Tunnel0/0/0] source 31.1.1.2
[R3-Tunnel0/0/0] nhrp network-id 100
[R3-Tunnel0/0/0] nhrp entry 1.1.1.1 11.1.1.2 register
在这里插入图片描述
网络通讯
RIP:实现网络间的通讯
NAT:私网访问公网要通过nat
实验结果
MGRE通讯:
GRE通讯:
PC4访问AR5:
PC4访问PC2: