HCIP之PPP协议(PAP认证,CHAP认证)、GRE、MGRE综合实验

实验过程

一、IP配置

r1interface Serial 4/0/0

r1-Serial4/0/0ip ad 15.1.1.1 24

r1interface GigabitEthernet 0/0/0

r1-GigabitEthernet0/0/0ip ad 192.168.1.1 24

r2]interface Serial 4/0/0

r2-Serial4/0/0ip ad 25.1.1.2 24

r2interface GigabitEthernet 0/0/0

r2-GigabitEthernet0/0/0ip ad 192.168.2.1 24

r3interface Serial 4/0/0

r3-Serial4/0/0ip ad 35.1.1.3 24

r3interface GigabitEthernet 0/0/0

r3-GigabitEthernet0/0/0ip ad 192.168.3.1 24

r4interface GigabitEthernet 0/0/0

r4-GigabitEthernet0/0/0ip ad 45.1.1.4 24

r4interface GigabitEthernet 0/0/1

r4-GigabitEthernet0/0/1ip ad 192.168.4.1 24

r5interface Serial 4/0/1

r5-Serial4/0/1ip ad 15.1.1.5 24

r5interface Serial 3/0/1

r5-Serial3/0/1ip ad 25.1.1.5 24

r5interface Serial 4/0/0

r5-Serial4/0/0ip ad 35.1.1.5 24

r5interface GigabitEthernet 0/0/0

r5-GigabitEthernet0/0/0ip ad 45.1.1.5 24

二、缺省路由

r1ip route-static 0.0.0.0 0 15.1.1.5

r2ip route-static 0.0.0.0 0 25.1.1.5

r3ip route-static 0.0.0.0 0 35.1.1.5

r4ip route-static 0.0.0.0 0 45.1.1.5

三、R1与R5之间的PAP认证

主认证方

r5aaa

r5-aaalocal-user wangdaye password cipher wdy12345

Info: Add a new user.

r5-aaalocal-user wangdaye service-type ppp

r5interface Serial 4/0/1

r5-Serial4/0/1ppp authentication-mode pap

被认证方

r1interface Serial 4/0/0

r1-Serial4/0/0ppp pap local-user wangdaye password cipher wdy12345

r1-Serial4/0/0shutdown

r1-Serial4/0/0undo shutdown

四、R2和R5的CHAP认证

主认证方

r5interface Serial 3/0/1

r5-Serial3/0/1ppp authentication-mode chap

被认证方

r2interface Serial 4/0/0

r2-Serial4/0/0ppp chap user wangdaye

r2-Serial4/0/0ppp chap password cipher wdy12345

r2-Serial4/0/0shutdown

r2-Serial4/0/0undo shutdown

五、更改R3和R5之间的链路协议

r3interface Serial 4/0/0

r3-Serial4/0/0display th

V200R003C00

interface Serial4/0/0

link-protocol ppp

ip address 35.1.1.3 255.255.255.0

return

r3-Serial4/0/0link-protocol hdlc

r5interface Serial 4/0/0

r5-Serial4/0/0link-protocol hdlc

六、R1、R2、R3 构建一个MGRE环境

R1:

r1interface Tunnel 0/0/0

r1-Tunnel0/0/0ip ad 10.1.1.1 24

r1-Tunnel0/0/0tunnel-protocol gre p2mp

r1-Tunnel0/0/0nhrp network-id 100

R2:

r2interface Tunnel 0/0/0

r2-Tunnel0/0/0ip ad 10.1.1.2 24

r2-Tunnel0/0/0tunnel-protocol gre p2mp

r2-Tunnel0/0/0source Serial 4/0/0

r2-Tunnel0/0/0nhrp network-id 100

r2-Tunnel0/0/0nhrp entry 10.1.1.1 15.1.1.1 register

R3

r3interface Tunnel 0/0/0

r3-Tunnel0/0/0ip ad 10.1.1.3 24

r3-Tunnel0/0/0tunnel-protocol gre p2mp

r3-Tunnel0/0/0source Serial 4/0/0

r3-Tunnel0/0/0nhrp network-id 100

r3-Tunnel0/0/0nhrp entry 10.1.1.1 15.1.1.1 register

七、R1与R4GRE配置

R1

r1interface Tunnel 0/0/1

r1-Tunnel0/0/1ip ad 10.1.2.1 24

r1-Tunnel0/0/1tunnel-protocol gre

r1-Tunnel0/0/1source 15.1.1.1

r1-Tunnel0/0/1destination 45.1.1.4

R4

r4interface Tunnel 0/0/1

r4-Tunnel0/0/1ip ad 10.1.2.4 24

r4-Tunnel0/0/1tunnel-protocol gre

r4-Tunnel0/0/1source 45.1.1.4

r4-Tunnel0/0/1destination 15.1.1.1

八、RIP传递路由

r1rip

r1-rip-1v 2

r1-rip-1undo s

r1-rip-1undo summary

r1-rip-1network 192.168.1.0

r1-rip-1network 10.0.0.0

r2rip

r2-rip-1version 2

r2-rip-1undo summary

r2-rip-1network 192.168.2.0

r2-rip-1network 10.0.0.0

r3rip

r3-rip-1version 2

r3-rip-1undo su

r3-rip-1network 192.168.3.0

r3-rip-1network 10.0.0.0

r4rip

r4-rip-1v 2

r4-rip-1undo summary

r4-rip-1network 192.168.4.0

r4-rip-1network 10.0.0.0

打开伪广播关闭rip水平分割
r1interface Tunnel 0/0/0
r1-Tunnel0/0/0nhrp entry multicast dynamic
r1-Tunnel0/0/0undo rip split-horizon
r2interface tun 0/0/0
r2-Tunnel0/0/0undo rip split-horizon
r3interface t 0/0/0
r3-Tunnel0/0/0undo rip split-horizon

九、NAT配置

r1acl 2000

r1-acl-basic-2000rule permit source 192.168.1.0 0.0.0.255

r1interface Serial 4/0/0

r1-Serial4/0/0nat outbound 2000

r2acl 2000

r2-acl-basic-2000rule permit source 192.168.2.0 0.0.0.255

r2interface Serial 4/0/0

r2-Serial4/0/0nat outbound 2000

r3acl 2000

r3-acl-basic-2000rule permit source 192.168.3.0 0.0.0.255

r3interface Serial 4/0/0

r3-Serial4/0/0nat outbound 2000

r4acl 2000

r4-acl-basic-2000rule permit source 192.168.4.0 0.0.0.255

r4-acl-basic-2000q

r4interface GigabitEthernet 0/0/0

r4-GigabitEthernet0/0/0nat outbound 2000

实验结果测试

查看配置完的nhrp表

ping通测试

学习之路无终点,知识海洋无尽头,但你的努力,将照亮你的前行之路!

相关推荐
AFinalStone1 分钟前
Android 7系统网络(一)全景图与调用链路概览
android·网络·frameworks
yxl874646465 分钟前
PCTG-1015型Profinet转Ethernet/IP协议转换器
服务器·网络·物联网·网络协议·自动化·信息与通信
weixin_471383037 分钟前
Docker - 05 - Railway 部署
运维·docker·容器
你觉得脆皮鸡好吃吗8 分钟前
【THM】JWT Security & Protocols and Servers(AI)
运维·服务器·网络
江畔柳前堤18 分钟前
第15章:docker故障排查与面试题
大数据·运维·git·elasticsearch·docker·容器·eureka
洪恒远20 分钟前
Windows 配置 Gerrit SSH Key
运维·ssh
忡黑梨36 分钟前
安装 Claude Code(使用 DeepSeek API)
网络·网络安全
云飞云共享云桌面1 小时前
搭建10人SolidWorks云设计环境:云飞云在非标自动化工厂的实测方案
运维·服务器·网络·数据库·自动化·电脑
江畔柳前堤1 小时前
第07章:Docker 网络模型
运维·网络·git·elasticsearch·docker·容器·架构
深盾科技_Virbox1 小时前
Virbox Protector 从何而来:深盾科技的软件保护演进
运维·数据库·科技