暑假第一次作业

第一步：给R1,R2,R3,R4配IP

[R1-GigabitEthernet0/0/0]ip address 192.168.1.1 24

[R1-Serial4/0/0]ip address 15.0.0.1 24

[R2-GigabitEthernet0/0/0]ip address 192.168.2.1 24

[R2-Serial4/0/0]ip address 25.0.0.1 24

[R3-GigabitEthernet0/0/0]ip address 192.168.3.1 24

[R3-Serial4/0/0]ip address 35.0.0.1 24

[R4-GigabitEthernet0/0/0]ip address 192.168.4.1 24

第二步：认证配置

给R1和R5间使用PPP的PAP认证;

ISP设密码

[ISP-aaa]local-user huawei password cipher 123456

定义服务对象：

[ISP-aaa]local-user huawei service-type ppp

[ISP-Serial3/0/0]ppp authentication-mode pap、

重新协商链路：

[R1-Serial4/0/0]shutdown

[R1-Serial4/0/0]undo shutdown

协议层面（protocol）是down就密码和账号就建立成功了

s 40/0/0认证成功

补全认证

[R1-Serial4/0/0]ppp pap local-user huawei password cipher 12345

[R1-Serial4/0/0]shutdown

[R1-Serial4/0/0]undo shutdown

s 4/0/0 都up，认证成功。

R2与R5之间使用PPP的chap认证，R5为主认证方：

[R2-Serial4/0/0]ppp chap user huawei 创建账号

[R2-Serial4/0/0]ppp chap password cipher 123456 设密码

[R1-Serial4/0/0]shutdown

[R1-Serial4/0/0]undo shutdown 认证

都up,认证成功

R3与R5之间使用HDLC封装

[ISP-Serial4/0/0]link-protocol hdlc

第三步：构建MGRE环境

配置静态路由

[R1]ip route-static 0.0.0.0 0 15.0.0.2

[R2]ip route-static 0.0.0.0 0 25.0.0.2

[R3]ip route-static 0.0.0.0 0 35.0.0.2

[R4]ip route-static 0.0.0.0 0 45.0.0.2

建立隧道

[R1]int t0/0/0

[R1-Tunnel0/0/0]ip address 192.168.5.1 24

[R1-Tunnel0/0/0]tunnel-protocol gre p2mp

[R1-Tunnel0/0/0]shutdown

[R1-Tunnel0/0/0]source 15.0.0.1

[R1-Tunnel0/0/0]nhrp network-id 100

[R2]int t0/0/0

[R2-Tunnel0/0/0]ip address 192.168.5.2 24

[R2-Tunnel0/0/0]tunnel-protocol gre p2mp

[R2-Tunnel0/0/0]shutdown

[R2-Tunnel0/0/0]source s4/0/0

[R2-Tunnel0/0/0]nhrp network-id 100

[R2-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register

[R3]int t0/0/0

[R3-Tunnel0/0/0]ip address 192.168.5.3 24

[R3-Tunnel0/0/0]tunnel-protocol gre p2mp

[R3-Tunnel0/0/0]shutdown

[R3-Tunnel0/0/0]source s4/0/0

[R3-Tunnel0/0/0]nhrp network-id 100

[R3-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register

[R1-Tunnel0/0/0]int t0/0/1

[R1-Tunnel0/0/1]ip address 192.168.6.1 24

[R1-Tunnel0/0/1]tunnel-protocol gre

[R1-Tunnel0/0/1]shutdown

[R1-Tunnel0/0/1]source 15.0.0.1

[R1-Tunnel0/0/1]description 45.0.0.1

[R4]int t0/0/0

[R4-Tunnel0/0/0]ip address 192.168.6.2 24

[R4-Tunnel0/0/0]tunnel-protocol gre

[R4-Tunnel0/0/0]shutdown

[R4-Tunnel0/0/0]source 45.0.0.1

[R4-Tunnel0/0/0]description 15.0.0.1

第四步：rip全网可达

[R1]rip

[R1-rip-1]version 2

[R1-rip-1]ne 192.168.1.0

[R1-rip-1]ne 192.168.5.0

[R1-rip-1]ne 192.168.6.0

[R2]rip

[R2-rip-1]version 2

[R2-rip-1]network 192.168.5.0

[R2-rip-1]network 192.168.2.0

[R3]rip

[R3-rip-1]verify-source

[R3-rip-1]version 2

[R3-rip-1]network 192.168.3.0

[R3-rip-1]network 192.168.5.0

[R4]rip

[R4-rip-1]version 2

[R4-rip-1]network 192.168.4.0

[R1-Tunnel0/0/0]nhrp entry multicast dynamic

[R1-Tunnel0/0/0]undo rip split-horizon

第五步：可访问R5环回

[R1]acl 2000

[R1-acl-basic-2000]rule 5 permit source 192.168.1.0 0.0.0.255

[R1]int s4/0/0

[R1-Serial4/0/0]nat out

[R1-Serial4/0/0]nat outbound 2000