GRE及MGRE应用综合实验

一、实验拓扑

二、实验需求

1、R5为ISP，只能进行IP地址配置，其所有地址均配为公有IP地址；

2、R1和R5间使用PPP的PAP认证，R5为主认证方；

R2与R5之间使用ppp的CHAP认证，R5为主认证方

R3与R5之间使用HDLc封装；

3、R1、R2、R3构建一个MGRE环境，R1为中心站点，R1、R4间为点到点的GRE；

4、整个私有网络基本RIP全网可达；

5、所有PC设置私有IP为源IP，可以访问R5环回。

三、实验思路

1.根据划分的网段，为所有PC机以及路由器接口配置IP地址；

2为R1和R5间配置PPP的PAP认证，R5为主认证方；

3.R2与R5之间配置ppp的CHAP认证，R5为主认证方；

4.配置R3与R5之间使用HDLC封装；

5.在R1~R5上配置默认路由使公网互通；

6.建立R1、R4间点到点的GRE；

7.将R1、R2、R3构建一个MGRE环境，R1为中心站点；

8..配置rip来传递私网路由。

四、实验步骤

1.为所有PC机以及路由器接口配置IP地址

（1）PC机

（2）路由器接口

R1:

$R1\]int g0/0/0 \[R1-GigabitEthernet0/0/0\]ip add 192.168.1.254 24 Jul 25 2025 22:18:48-08:00 R1 %%01IFNET/4/LINK_STATE(l)\[0\]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the UP state. \[R1-GigabitEthernet0/0/0\]int s4/0/0 \[R1-Serial4/0/0\]ip add 15.1.1.1 24$

R2:

$R2\]int g0/0/0 \[R2-GigabitEthernet0/0/0\]ip add 192.168.2.254 24 Jul 25 2025 22:24:42-08:00 R2 %%01IFNET/4/LINK_STATE(l)\[0\]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the UP state. \[R2-GigabitEthernet0/0/0\]int s4/0/0 \[R2-Serial4/0/0\]ip add 25.1.1.1 24$

R3:

$R3\]int g0/0/0 \[R3-GigabitEthernet0/0/0\]ip add 192.168.3.254 24 Jul 25 2025 22:35:19-08:00 R3 %%01IFNET/4/LINK_STATE(l)\[0\]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the UP state. \[R3-GigabitEthernet0/0/0\]int s4/0/0 \[R3-Serial4/0/0\]ip add 35.1.1.1 24$

R4:

$R4\]int g0/0/1 \[R4-GigabitEthernet0/0/1\]ip add 192.168.4.254 24 \[R4-GigabitEthernet0/0/1$
Jul 25 2025 22:37:13-08:00 R4 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP

on the interface GigabitEthernet0/0/1 has entered the UP state.
$R4-GigabitEthernet0/0/1\]int g0/0/0 \[R4-GigabitEthernet0/0/0\]ip add 45.1.1.1 24$

R5:

$R5\]int g0/0/0 \[R5-GigabitEthernet0/0/0\]ip add 45.1.1.2 24 \[R5-GigabitEthernet0/0/0$
Jul 25 2025 22:41:37-08:00 R5 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP

on the interface GigabitEthernet0/0/0 has entered the UP state.
$R5-GigabitEthernet0/0/0\]int s4/0/1 \[R5-Serial4/0/1\]ip add 15.1.1.2 24 \[R5-Serial4/0/1$
Jul 25 2025 22:42:30-08:00 R5 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol PPP

IPCP on the interface Serial4/0/1 has entered the UP state.
$R5-Serial4/0/1\]int s3/0/1 \[R5-Serial3/0/1\]ip add 25.1.1.2 24 \[R5-Serial3/0/1$
Jul 25 2025 22:44:07-08:00 R5 %%01IFNET/4/LINK_STATE(l)[2]:The line protocol PPP

IPCP on the interface Serial3/0/1 has entered the UP state.
$R5-Serial3/0/1\]int s4/0/0 \[R5-Serial4/0/0\]ip add 35.1.1.2 24$

R5环回口：

$R5\]int l0 \[R5-LoopBack0\]ip add 5.5.5.1 24$

、R1和R5间使用PPP的PAP认证，R5为主认证方

R5:

$R5\]aaa \[R5-aaa\]local-user wangdaye password cipher wdy12345 Info: Add a new user. \[R5-aaa\]local-user wangdaye service-type ppp \[R5-aaa\]q \[R5\]int s4/0/1 \[R5-Serial4/0/1\]ppp authentication-mode PAP \[R5-Serial4/0/1\]link-protocol ppp$

R1:

$R1\]int s4/0/0 \[R1-Serial4/0/0\]ppp pap local-user wangdaye password cipher wdy12345$

3.R2与R5之间使用ppp的CHAP认证，R5为主认证方

R5配置如上一步

R2:

$R2\]int s4/0/0 \[R2-Serial4/0/0\]ppp pap local-user wangdaye password cipher wdy12345$

4.配置R3与R5之间使用HDLC封装

R3:

$R3\]int s4/0/0 \[R3-Serial4/0/0\]link-protocol HDLC$

R5:

$R5\]int s4/0/0 \[R5-Serial4/0/0\]link-protocol HDLC$

在R1~R5上配置默认路由使公网互通

R1:

$R1\]ip route-static 0.0.0.0 0 15.1.1.2$

R2:

$R2\]ip route-static 0.0.0.0 0 25.1.1.2$

R3:

$R3\]ip route-static 0.0.0.0 0 35.1.1.2$

R5:

$R4\]ip route-static 0.0.0.0 0 45.1.1.2$

建立R1、R4间点到点的GRE

（1）在R1上创建Tunnel口，模式为GRE，源地址和目的地址为本端公网地址和对端公网地址

$R1\]int tunnel0/0/0 \[R1-Tunnel0/0/0\]tunnel-protocol gre \[R1-Tunnel0/0/0\]ip add 10.1.1.1 24 \[R1-Tunnel0/0/0\]source 15.1.1.1 \[R1-Tunnel0/0/0\]destination 45.1.1.1$

（2）在R4上创建Tunnel口，模式为GRE，源地址和目的地址为本端公网地址和对端公网地址

$R4\]int tunnel0/0/0 \[R4-Tunnel0/0/0\]tunnel-protocol gre \[R4-Tunnel0/0/0\]ip add 10.1.1.2 24 \[R4-Tunnel0/0/0\]source 45.1.1.1 \[R4-Tunnel0/0/0\]destination 15.1.1.1$

7.将R1、R2、R3构建一个MGRE环境，R1为中心站点

（1）配置总部与分部之间的隧道-MGRE VPN

R1:

$R1\]int tunnel0/0/1 \[R1-Tunnel0/0/1\]tunnel-protocol gre p2mp \[R1-Tunnel0/0/1\]ip add 10.1.2.1 24 \[R1-Tunnel0/0/1\]source 15.1.1.1$

R2:

$R2\]int tunnel0/0/1 \[R2-Tunnel0/0/1\]tunnel-protocol gre ? p2mp Point to multi-point GRE mode \ Please press ENTER to execute command \[R2-Tunnel0/0/1\]tunnel-protocol gre p2mp \[R2-Tunnel0/0/1\]ip add 10.1.2.2 24 \[R2-Tunnel0/0/1\]source 25.1.1.1$

R3:

$R3\]int tunnel0/0/1 \[R3-Tunnel0/0/1\]tunnel-protocol gre p2mp \[R3-Tunnel0/0/1\]ip add 10.1.2.3 24 \[R3-Tunnel0/0/1\]source 35.1.1.1$

(2)NHRP的配置

中心站点配置：

R1:

$R1\]int tunnel0/0/1 \[R1-Tunnel0/0/1\]nhrp network-id 100$

分支站点配置：

R2：

$R2\]int tunnel 0/0/1 \[R2-Tunnel0/0/1\]nhrp network-id 100 \[R2-Tunnel0/0/1\]nhrp entry 10.1.2.1 15.1.1.1 register$

R3:

$R3\]int tunnel0/0/1 \[R3-Tunnel0/0/1\]nhrp network-id 100 \[R3-Tunnel0/0/1\]nhrp entry 10.1.2.1 15.1.1.1$

8.配置rip来传递私网路由

R1:

$R1\]rip 1 \[R1-rip-1\]undo summary \[R1-rip-1\]version 2 \[R1-rip-1\]network 192.168.1.0 \[R1-rip-1\]network 10.0.0.0$

R2:

$R2\]rip 1 \[R2-rip-1\]undo summary \[R2-rip-1\]version 2 \[R2-rip-1\]network 192.168.2.0 \[R2-rip-1\]network 10.0.0.0$

R3:

$R3\]rip 1 \[R3-rip-1\]undo summary \[R3-rip-1\]version 2 \[R3-rip-1\]network 192.168.4.0 \[R3-rip-1\]network 10.0.0.0$

R4:

$R4\]rip 1 \[R4-rip-1\]undo summary \[R4-rip-1\]version 2 \[R4-rip-1\]network 192.168.4.0 \[R4-rip-1\]network 10.0.0.0$

在中心上开启伪广播：

$R1\]int tunnel0/0/1 \[R1-Tunnel0/0/1\]nhrp entry multicast dynamic$

关闭RIP的水平分割机制：

$R1-Tunnel0/0/1\]undo rip split-horizon \[R2-Tunnel0/0/1\]undo rip split-horizon \[R3-Tunnel0/0/1\]undo rip split-horizon$

五、实验结果

实验成功