HCIP之PPP协议（PAP认证，CHAP认证）、GRE、MGRE综合实验

实验过程

一、IP配置

r1\]interface Serial 4/0/0 \[r1-Serial4/0/0\]ip ad 15.1.1.1 24 \[r1\]interface GigabitEthernet 0/0/0 \[r1-GigabitEthernet0/0/0\]ip ad 192.168.1.1 24 r2\]interface Serial 4/0/0 \[r2-Serial4/0/0\]ip ad 25.1.1.2 24 \[r2\]interface GigabitEthernet 0/0/0 \[r2-GigabitEthernet0/0/0\]ip ad 192.168.2.1 24 \[r3\]interface Serial 4/0/0 \[r3-Serial4/0/0\]ip ad 35.1.1.3 24 \[r3\]interface GigabitEthernet 0/0/0 \[r3-GigabitEthernet0/0/0\]ip ad 192.168.3.1 24 \[r4\]interface GigabitEthernet 0/0/0 \[r4-GigabitEthernet0/0/0\]ip ad 45.1.1.4 24 \[r4\]interface GigabitEthernet 0/0/1 \[r4-GigabitEthernet0/0/1\]ip ad 192.168.4.1 24 \[r5\]interface Serial 4/0/1 \[r5-Serial4/0/1\]ip ad 15.1.1.5 24 \[r5\]interface Serial 3/0/1 \[r5-Serial3/0/1\]ip ad 25.1.1.5 24 \[r5\]interface Serial 4/0/0 \[r5-Serial4/0/0\]ip ad 35.1.1.5 24 \[r5\]interface GigabitEthernet 0/0/0 \[r5-GigabitEthernet0/0/0\]ip ad 45.1.1.5 24 二、缺省路由 \[r1\]ip route-static 0.0.0.0 0 15.1.1.5 \[r2\]ip route-static 0.0.0.0 0 25.1.1.5 \[r3\]ip route-static 0.0.0.0 0 35.1.1.5 \[r4\]ip route-static 0.0.0.0 0 45.1.1.5 三、R1与R5之间的PAP认证 主认证方 \[r5\]aaa \[r5-aaa\]local-user wangdaye password cipher wdy12345 Info: Add a new user. \[r5-aaa\]local-user wangdaye service-type ppp \[r5\]interface Serial 4/0/1 \[r5-Serial4/0/1\]ppp authentication-mode pap 被认证方 \[r1\]interface Serial 4/0/0 \[r1-Serial4/0/0\]ppp pap local-user wangdaye password cipher wdy12345 \[r1-Serial4/0/0\]shutdown \[r1-Serial4/0/0\]undo shutdown 四、R2和R5的CHAP认证 主认证方 \[r5\]interface Serial 3/0/1 \[r5-Serial3/0/1\]ppp authentication-mode chap 被认证方 \[r2\]interface Serial 4/0/0 \[r2-Serial4/0/0\]ppp chap user wangdaye \[r2-Serial4/0/0\]ppp chap password cipher wdy12345 \[r2-Serial4/0/0\]shutdown \[r2-Serial4/0/0\]undo shutdown 五、更改R3和R5之间的链路协议 \[r3\]interface Serial 4/0/0 \[r3-Serial4/0/0\]display th \[V200R003C00

interface Serial4/0/0

link-protocol ppp

ip address 35.1.1.3 255.255.255.0

return

r3-Serial4/0/0\]link-protocol hdlc \[r5\]interface Serial 4/0/0 \[r5-Serial4/0/0\]link-protocol hdlc 六、R1、R2、R3 构建一个MGRE环境 R1： \[r1\]interface Tunnel 0/0/0 \[r1-Tunnel0/0/0\]ip ad 10.1.1.1 24 \[r1-Tunnel0/0/0\]tunnel-protocol gre p2mp \[r1-Tunnel0/0/0\]nhrp network-id 100 R2： \[r2\]interface Tunnel 0/0/0 \[r2-Tunnel0/0/0\]ip ad 10.1.1.2 24 \[r2-Tunnel0/0/0\]tunnel-protocol gre p2mp \[r2-Tunnel0/0/0\]source Serial 4/0/0 \[r2-Tunnel0/0/0\]nhrp network-id 100 \[r2-Tunnel0/0/0\]nhrp entry 10.1.1.1 15.1.1.1 register R3 \[r3\]interface Tunnel 0/0/0 \[r3-Tunnel0/0/0\]ip ad 10.1.1.3 24 \[r3-Tunnel0/0/0\]tunnel-protocol gre p2mp \[r3-Tunnel0/0/0\]source Serial 4/0/0 \[r3-Tunnel0/0/0\]nhrp network-id 100 \[r3-Tunnel0/0/0\]nhrp entry 10.1.1.1 15.1.1.1 register 七、R1与R4GRE配置 R1 \[r1\]interface Tunnel 0/0/1 \[r1-Tunnel0/0/1\]ip ad 10.1.2.1 24 \[r1-Tunnel0/0/1\]tunnel-protocol gre \[r1-Tunnel0/0/1\]source 15.1.1.1 \[r1-Tunnel0/0/1\]destination 45.1.1.4 R4 \[r4\]interface Tunnel 0/0/1 \[r4-Tunnel0/0/1\]ip ad 10.1.2.4 24 \[r4-Tunnel0/0/1\]tunnel-protocol gre \[r4-Tunnel0/0/1\]source 45.1.1.4 \[r4-Tunnel0/0/1\]destination 15.1.1.1 八、RIP传递路由 \[r1\]rip \[r1-rip-1\]v 2 \[r1-rip-1\]undo s \[r1-rip-1\]undo summary \[r1-rip-1\]network 192.168.1.0 \[r1-rip-1\]network 10.0.0.0 \[r2\]rip \[r2-rip-1\]version 2 \[r2-rip-1\]undo summary \[r2-rip-1\]network 192.168.2.0 \[r2-rip-1\]network 10.0.0.0 \[r3\]rip \[r3-rip-1\]version 2 \[r3-rip-1\]undo su \[r3-rip-1\]network 192.168.3.0 \[r3-rip-1\]network 10.0.0.0 \[r4\]rip \[r4-rip-1\]v 2 \[r4-rip-1\]undo summary \[r4-rip-1\]network 192.168.4.0 \[r4-rip-1\]network 10.0.0.0 打开伪广播关闭rip水平分割 \[r1\]interface Tunnel 0/0/0 \[r1-Tunnel0/0/0\]nhrp entry multicast dynamic \[r1-Tunnel0/0/0\]undo rip split-horizon \[r2\]interface tun 0/0/0 \[r2-Tunnel0/0/0\]undo rip split-horizon \[r3\]interface t 0/0/0 \[r3-Tunnel0/0/0\]undo rip split-horizon 九、NAT配置 \[r1\]acl 2000 \[r1-acl-basic-2000\]rule permit source 192.168.1.0 0.0.0.255 \[r1\]interface Serial 4/0/0 \[r1-Serial4/0/0\]nat outbound 2000 \[r2\]acl 2000 \[r2-acl-basic-2000\]rule permit source 192.168.2.0 0.0.0.255 \[r2\]interface Serial 4/0/0 \[r2-Serial4/0/0\]nat outbound 2000 \[r3\]acl 2000 \[r3-acl-basic-2000\]rule permit source 192.168.3.0 0.0.0.255 \[r3\]interface Serial 4/0/0 \[r3-Serial4/0/0\]nat outbound 2000 \[r4\]acl 2000 \[r4-acl-basic-2000\]rule permit source 192.168.4.0 0.0.0.255 \[r4-acl-basic-2000\]q \[r4\]interface GigabitEthernet 0/0/0 \[r4-GigabitEthernet0/0/0\]nat outbound 2000 实验结果测试 查看配置完的nhrp表  ping通测试   **学习之路无终点，知识海洋无尽头，但你的努力，将照亮你的前行之路！**