暑假第一次作业

第一步：给R1,R2,R3,R4配IP

$R1-GigabitEthernet0/0/0\]ip address 192.168.1.1 24 \[R1-Serial4/0/0\]ip address 15.0.0.1 24 \[R2-GigabitEthernet0/0/0\]ip address 192.168.2.1 24 \[R2-Serial4/0/0\]ip address 25.0.0.1 24 \[R3-GigabitEthernet0/0/0\]ip address 192.168.3.1 24 \[R3-Serial4/0/0\]ip address 35.0.0.1 24 \[R4-GigabitEthernet0/0/0\]ip address 192.168.4.1 24$

第二步：认证配置

给R1和R5间使用PPP的PAP认证;

ISP设密码
$ISP-aaa\]local-user huawei password cipher 123456 定义服务对象： \[ISP-aaa\]local-user huawei service-type ppp \[ISP-Serial3/0/0\]ppp authentication-mode pap、重新协商链路： \[R1-Serial4/0/0\]shutdown \[R1-Serial4/0/0\]undo shutdown 协议层面（protocol）是down就密码和账号就建立成功了 ![](https://i-blog.csdnimg.cn/direct/6dfcd18897604b53afe1ced158ef23a5.png)s 40/0/0认证成功补全认证 \[R1-Serial4/0/0\]ppp pap local-user huawei password cipher 12345 \[R1-Serial4/0/0\]shutdown \[R1-Serial4/0/0\]undo shutdown ![](https://i-blog.csdnimg.cn/direct/bb984ef655504f388f239e139c39b5c8.png) s 4/0/0 都up，认证成功。 #### R2与R5之间使用PPP的chap认证，R5为主认证方： \[R2-Serial4/0/0\]ppp chap user huawei 创建账号 \[R2-Serial4/0/0\]ppp chap password cipher 123456 设密码 \[R1-Serial4/0/0\]shutdown \[R1-Serial4/0/0\]undo shutdown 认证 ![](https://i-blog.csdnimg.cn/direct/6e32b02f77d14875a50c0ae3c7de6d08.png) 都up,认证成功 #### R3与R5之间使用HDLC封装 \[ISP-Serial4/0/0\]link-protocol hdlc$

配置静态路由
$R1\]ip route-static 0.0.0.0 0 15.0.0.2 \[R2\]ip route-static 0.0.0.0 0 25.0.0.2 \[R3\]ip route-static 0.0.0.0 0 35.0.0.2 \[R4\]ip route-static 0.0.0.0 0 45.0.0.2 #### 建立隧道 \[R1\]int t0/0/0 \[R1-Tunnel0/0/0\]ip address 192.168.5.1 24 \[R1-Tunnel0/0/0\]tunnel-protocol gre p2mp \[R1-Tunnel0/0/0\]shutdown \[R1-Tunnel0/0/0\]source 15.0.0.1 \[R1-Tunnel0/0/0\]nhrp network-id 100 \[R2\]int t0/0/0 \[R2-Tunnel0/0/0\]ip address 192.168.5.2 24 \[R2-Tunnel0/0/0\]tunnel-protocol gre p2mp \[R2-Tunnel0/0/0\]shutdown \[R2-Tunnel0/0/0\]source s4/0/0 \[R2-Tunnel0/0/0\]nhrp network-id 100 \[R2-Tunnel0/0/0\]nhrp entry 192.168.5.1 15.0.0.1 register \[R3\]int t0/0/0 \[R3-Tunnel0/0/0\]ip address 192.168.5.3 24 \[R3-Tunnel0/0/0\]tunnel-protocol gre p2mp \[R3-Tunnel0/0/0\]shutdown \[R3-Tunnel0/0/0\]source s4/0/0 \[R3-Tunnel0/0/0\]nhrp network-id 100 \[R3-Tunnel0/0/0\]nhrp entry 192.168.5.1 15.0.0.1 register \[R1-Tunnel0/0/0\]int t0/0/1 \[R1-Tunnel0/0/1\]ip address 192.168.6.1 24 \[R1-Tunnel0/0/1\]tunnel-protocol gre \[R1-Tunnel0/0/1\]shutdown \[R1-Tunnel0/0/1\]source 15.0.0.1 \[R1-Tunnel0/0/1\]description 45.0.0.1 \[R4\]int t0/0/0 \[R4-Tunnel0/0/0\]ip address 192.168.6.2 24 \[R4-Tunnel0/0/0\]tunnel-protocol gre \[R4-Tunnel0/0/0\]shutdown \[R4-Tunnel0/0/0\]source 45.0.0.1 \[R4-Tunnel0/0/0\]description 15.0.0.1$

$R1\]rip \[R1-rip-1\]version 2 \[R1-rip-1\]ne 192.168.1.0 \[R1-rip-1\]ne 192.168.5.0 \[R1-rip-1\]ne 192.168.6.0 \[R2\]rip \[R2-rip-1\]version 2 \[R2-rip-1\]network 192.168.5.0 \[R2-rip-1\]network 192.168.2.0 \[R3\]rip \[R3-rip-1\]verify-source \[R3-rip-1\]version 2 \[R3-rip-1\]network 192.168.3.0 \[R3-rip-1\]network 192.168.5.0 \[R4\]rip \[R4-rip-1\]version 2 \[R4-rip-1\]network 192.168.4.0 \[R1-Tunnel0/0/0\]nhrp entry multicast dynamic \[R1-Tunnel0/0/0\]undo rip split-horizon$

第五步：可访问R5环回

$R1\]acl 2000 \[R1-acl-basic-2000\]rule 5 permit source 192.168.1.0 0.0.0.255 \[R1\]int s4/0/0 \[R1-Serial4/0/0\]nat out \[R1-Serial4/0/0\]nat outbound 2000 ![](https://i-blog.csdnimg.cn/direct/5e66b6cfd669454c827d48987d64eb44.png)$