HCIP之PPP协议(PAP认证,CHAP认证)、GRE、MGRE综合实验

实验过程

一、IP配置

[r1]interface Serial 4/0/0

[r1-Serial4/0/0]ip ad 15.1.1.1 24

[r1]interface GigabitEthernet 0/0/0

[r1-GigabitEthernet0/0/0]ip ad 192.168.1.1 24

r2]interface Serial 4/0/0

[r2-Serial4/0/0]ip ad 25.1.1.2 24

[r2]interface GigabitEthernet 0/0/0

[r2-GigabitEthernet0/0/0]ip ad 192.168.2.1 24

[r3]interface Serial 4/0/0

[r3-Serial4/0/0]ip ad 35.1.1.3 24

[r3]interface GigabitEthernet 0/0/0

[r3-GigabitEthernet0/0/0]ip ad 192.168.3.1 24

[r4]interface GigabitEthernet 0/0/0

[r4-GigabitEthernet0/0/0]ip ad 45.1.1.4 24

[r4]interface GigabitEthernet 0/0/1

[r4-GigabitEthernet0/0/1]ip ad 192.168.4.1 24

[r5]interface Serial 4/0/1

[r5-Serial4/0/1]ip ad 15.1.1.5 24

[r5]interface Serial 3/0/1

[r5-Serial3/0/1]ip ad 25.1.1.5 24

[r5]interface Serial 4/0/0

[r5-Serial4/0/0]ip ad 35.1.1.5 24

[r5]interface GigabitEthernet 0/0/0

[r5-GigabitEthernet0/0/0]ip ad 45.1.1.5 24

二、缺省路由

[r1]ip route-static 0.0.0.0 0 15.1.1.5

[r2]ip route-static 0.0.0.0 0 25.1.1.5

[r3]ip route-static 0.0.0.0 0 35.1.1.5

[r4]ip route-static 0.0.0.0 0 45.1.1.5

三、R1与R5之间的PAP认证

主认证方

[r5]aaa

[r5-aaa]local-user wangdaye password cipher wdy12345

Info: Add a new user.

[r5-aaa]local-user wangdaye service-type ppp

[r5]interface Serial 4/0/1

[r5-Serial4/0/1]ppp authentication-mode pap

被认证方

[r1]interface Serial 4/0/0

[r1-Serial4/0/0]ppp pap local-user wangdaye password cipher wdy12345

[r1-Serial4/0/0]shutdown

[r1-Serial4/0/0]undo shutdown

四、R2和R5的CHAP认证

主认证方

[r5]interface Serial 3/0/1

[r5-Serial3/0/1]ppp authentication-mode chap

被认证方

[r2]interface Serial 4/0/0

[r2-Serial4/0/0]ppp chap user wangdaye

[r2-Serial4/0/0]ppp chap password cipher wdy12345

[r2-Serial4/0/0]shutdown

[r2-Serial4/0/0]undo shutdown

五、更改R3和R5之间的链路协议

[r3]interface Serial 4/0/0

[r3-Serial4/0/0]display th

[V200R003C00]

interface Serial4/0/0

link-protocol ppp

ip address 35.1.1.3 255.255.255.0

return

[r3-Serial4/0/0]link-protocol hdlc

[r5]interface Serial 4/0/0

[r5-Serial4/0/0]link-protocol hdlc

六、R1、R2、R3 构建一个MGRE环境

R1:

[r1]interface Tunnel 0/0/0

[r1-Tunnel0/0/0]ip ad 10.1.1.1 24

[r1-Tunnel0/0/0]tunnel-protocol gre p2mp

[r1-Tunnel0/0/0]nhrp network-id 100

R2:

[r2]interface Tunnel 0/0/0

[r2-Tunnel0/0/0]ip ad 10.1.1.2 24

[r2-Tunnel0/0/0]tunnel-protocol gre p2mp

[r2-Tunnel0/0/0]source Serial 4/0/0

[r2-Tunnel0/0/0]nhrp network-id 100

[r2-Tunnel0/0/0]nhrp entry 10.1.1.1 15.1.1.1 register

R3

[r3]interface Tunnel 0/0/0

[r3-Tunnel0/0/0]ip ad 10.1.1.3 24

[r3-Tunnel0/0/0]tunnel-protocol gre p2mp

[r3-Tunnel0/0/0]source Serial 4/0/0

[r3-Tunnel0/0/0]nhrp network-id 100

[r3-Tunnel0/0/0]nhrp entry 10.1.1.1 15.1.1.1 register

七、R1与R4GRE配置

R1

[r1]interface Tunnel 0/0/1

[r1-Tunnel0/0/1]ip ad 10.1.2.1 24

[r1-Tunnel0/0/1]tunnel-protocol gre

[r1-Tunnel0/0/1]source 15.1.1.1

[r1-Tunnel0/0/1]destination 45.1.1.4

R4

[r4]interface Tunnel 0/0/1

[r4-Tunnel0/0/1]ip ad 10.1.2.4 24

[r4-Tunnel0/0/1]tunnel-protocol gre

[r4-Tunnel0/0/1]source 45.1.1.4

[r4-Tunnel0/0/1]destination 15.1.1.1

八、RIP传递路由

[r1]rip

[r1-rip-1]v 2

[r1-rip-1]undo s

[r1-rip-1]undo summary

[r1-rip-1]network 192.168.1.0

[r1-rip-1]network 10.0.0.0

[r2]rip

[r2-rip-1]version 2

[r2-rip-1]undo summary

[r2-rip-1]network 192.168.2.0

[r2-rip-1]network 10.0.0.0

[r3]rip

[r3-rip-1]version 2

[r3-rip-1]undo su

[r3-rip-1]network 192.168.3.0

[r3-rip-1]network 10.0.0.0

[r4]rip

[r4-rip-1]v 2

[r4-rip-1]undo summary

[r4-rip-1]network 192.168.4.0

[r4-rip-1]network 10.0.0.0

打开伪广播关闭rip水平分割
[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/0]nhrp entry multicast dynamic
[r1-Tunnel0/0/0]undo rip split-horizon
[r2]interface tun 0/0/0
[r2-Tunnel0/0/0]undo rip split-horizon
[r3]interface t 0/0/0
[r3-Tunnel0/0/0]undo rip split-horizon

九、NAT配置

[r1]acl 2000

[r1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255

[r1]interface Serial 4/0/0

[r1-Serial4/0/0]nat outbound 2000

[r2]acl 2000

[r2-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255

[r2]interface Serial 4/0/0

[r2-Serial4/0/0]nat outbound 2000

[r3]acl 2000

[r3-acl-basic-2000]rule permit source 192.168.3.0 0.0.0.255

[r3]interface Serial 4/0/0

[r3-Serial4/0/0]nat outbound 2000

[r4]acl 2000

[r4-acl-basic-2000]rule permit source 192.168.4.0 0.0.0.255

[r4-acl-basic-2000]q

[r4]interface GigabitEthernet 0/0/0

[r4-GigabitEthernet0/0/0]nat outbound 2000

实验结果测试

查看配置完的nhrp表

ping通测试

学习之路无终点,知识海洋无尽头,但你的努力,将照亮你的前行之路!

相关推荐
轩辰~9 分钟前
网络协议入门
linux·服务器·开发语言·网络·arm开发·c++·网络协议
燕雀安知鸿鹄之志哉.27 分钟前
攻防世界 web ics-06
网络·经验分享·安全·web安全·网络安全
wanhengidc1 小时前
短视频运营行业该如何选择服务器?
运维·服务器
雨中rain1 小时前
Linux -- 从抢票逻辑理解线程互斥
linux·运维·c++
ProcessOn官方账号1 小时前
如何绘制网络拓扑图?附详细分类解说和用户案例!
网络·职场和发展·流程图·拓扑学
-KamMinG1 小时前
Centos7.9安装openldap+phpldapadmin+grafana配置LDAP登录最详细步骤 亲测100%能行
运维·grafana
Bessssss1 小时前
centos日志管理,xiao整理
linux·运维·centos
s_yellowfish1 小时前
Linux服务器pm2 运行chatgpt-on-wechat,搭建微信群ai机器人
linux·服务器·chatgpt
豆是浪个1 小时前
Linux(Centos 7.6)yum源配置
linux·运维·centos
vvw&1 小时前
如何在 Ubuntu 22.04 上安装 Ansible 教程
linux·运维·服务器·ubuntu·开源·ansible·devops