HCIP-Day2(MGRE实验)
作者:互联网
HCIP-Day2(MGRE实验)
实验要求具体如下:
1、R5为lSP,只能进行ip地址配置;其所有接口配置为公有ip地址
2、R1与R5间使用PPP的PAP认证,R5为主认证方;R2与R5间使用PPP的chap认证,R5为主认证方;R3与R5间使用HDLC封装
3、R1/2/3构建一个MGRE环境,R1为中心站点;R1/4间为点到点GRE
4、整个私有网络基于RIP全网可达
5、所有路由骤真干不同私有地址为源ip时,可以正常访问R5环回
一、拓扑搭建
二、配置IP
采用DHCP自动获取IP
以下以R1为例
[r1]dhcp enable
[r1]ip pool r1
[r1-ip-pool-r1]gateway-list 192.168.1.254
[r1-ip-pool-r1]network 192.168.1.0 mask 255.255.255.0
[r1-ip-pool-r1]dns-list 6.6.6.6
[r1-ip-pool-r1]int e0/0/0
[r1-Ethernet0/0/0]dhcp select global
[r1-Ethernet0/0/0]ip address 192.168.1.2 24
按以上方法配置完R2,R3,R4
三、配置R1与R5间使用PPP的PAP认证,R5为主认证方
1、于R5上创建一个用户,用于PPP认证
[r5-aaa]local-user hhh password cipher 0615
[r5-aaa]local-user hhh service-type ppp
[r5-aaa]int s0/0/0
[r5-Serial0/0/0]ppp authentication-mode pap
2、在R1上发送请求
[r1]int s0/0/0
[r1-Serial0/0/0]ppp pap local-user hhh password cipher 0615
四、R2与R5间使用PPP的chap认证,R5为主认证方
R5
[r5-Serial0/0/1]ppp authentication-mode chap
在R2上进行请求
[r2-Serial0/0/0]ppp chap password cipher 0615
五、R3与R5间使用HDLC封装
只需要修改接口封装类型
R5
[r5]int s0/0/3
[r5-Serial0/0/3]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed.
Continue? [Y/N]:y
R3
[r3]int s0/0/0
[r3-Serial0/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed.
Continue? [Y/N]:y
六、缺省路由配置
[r1]ip route-static 0.0.0.0 0 14.1.1.1
[r2]ip route-static 0.0.0.0 0 24.1.1.2
[r3]ip route-static 0.0.0.0 0 34.1.1.2
[r4]ip route-static 0.0.0.0 0 44.1.1.2
七、NAT配置
R1
[r1]ACL 2000
[r1-acl-basic-2000]rule 5 permit source 192.168.1.0 0.0.0.255
[r1]int s0/0/0
[r1-Serial0/0/0]nat outbound 2000
[r1-Serial0/0/0]dis nat out
R2
[r2]ACL 2000
[r2-acl-basic-2000]rule 5 permit source 192.168.2.0 0.0.0.255
[r2]INT s0/0/0
[r2-Serial0/0/0]nat outbound 2000
[r2-Serial0/0/0]dis nat out
R3
[r3]acl 2000
[r3-acl-basic-2000]rule 5 permit source 192.168.3.0 0.0.0.255
[r3]int s0/0/0
[r3-Serial0/0/0]nat outbound 2000
[r3-Serial0/0/0]dis nat out
R4
[r4]acl 2000
[r4-acl-basic-2000]rule 5 permit source 192.168.4.0 0.0.0.255
[r4]int s0/0/0
[r4-Serial0/0/0]nat outbound 2000
[r4-Serial0/0/0]dis nat out
八、R1/R2/R3构建一个MGRE环境,R1为中心站点
R1
[r1-Tunnel0/0/0]ip add 10.1.1.1 255.255.255.0
[r1-Tunnel0/0/0]tunnel-protocol gre p2mp
[r1-Tunnel0/0/0]source 14.1.1.1
[r1-Tunnel0/0/0]nhrp entry multicast dynamic
[r1-Tunnel0/0/0]nhrp network-id 100
[r1-Tunnel0/0/0]dis nhrp peer all
R2
[r2]int t0/0/0
[r2-Tunnel0/0/0]ip add 10.1.1.2 255.255.255.0
[r2-Tunnel0/0/0]tunnel-protocol gre p2mp
[r2-Tunnel0/0/0]source s0/0/0
[r2-Tunnel0/0/0]nhrp entry 10.1.1.1 14.1.1.1 re
R3
[r3]interface Tunnel0/0/0
[r3-Tunnel0/0/0]ip address 10.1.1.3 255.255.255.0
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp
[r3-Tunnel0/0/0]source Serial0/0/0
[r3-Tunnel0/0/0]nhrp entry 10.1.1.1 14.1.1.1 reg
九、R1/R4间为点到点GRE
R1
[r1]int Tunnel 0/0/1
[r1-Tunnel0/0/1]ip address 10.2.2.1 24
[r1-Tunnel0/0/1]tunnel-protocol gre
[r1-Tunnel0/0/1]source 14.1.1.1
[r1-Tunnel0/0/1]destination 44.1.1.2
R4
[r4]int Tunnel 0/0/1
[r4-Tunnel0/0/1]ip address 10.2.2.2 24
[r4-Tunnel0/0/1]tunnel-protocol gre
[r4-Tunnel0/0/1]source 44.1.1.2
[r4-Tunnel0/0/1]destination 14.1.1.1
十、整个私有网络基于RIP全网可达
R1
[r1]rip 1
[r1-rip-1]ver 2
[r1-rip-1]net 192.168.1.0
[r1-rip-1]net 10.0.0.0
R2
[r2]rip 1
[r2-rip-1]version 2
[r2-rip-1]network 192.168.2.0
[r2-rip-1]network 10.0.0.0
R3
[r3]rip 1
[r3-rip-1]version 2
[r3-rip-1]network 192.168.3.0
[r3-rip-1]network 10.0.0.0
R4
[r4]rip 1
[r4-rip-1]version 2
[r4-rip-1]network 192.168.4.0
[r4-rip-1]network 10.0.0.0
十一、水平分割
[r1-Tunnel0/0/0]undo rip split-horizon
标签:r1,r2,r3,ip,Day2,rip,MGRE,HCIP,Tunnel0 来源: https://blog.csdn.net/m0_48095749/article/details/118550107