MGER綜合實驗

一.拓撲

二、實驗需求
1、R5為ISP，只能進行IP地址配置，其所有地址均配為公有IP地址;
2、R1和R5間使用PPP的PAP認證，R5為主認證方;
R2與R5之間使用ppp的CHAP認證，R5為主認證方; R3與R5之間使用HDLC封裝;
3、R1、R2、R3構建一個MGRE環境，R1為中心站點，R1、R4間為點到點的GRE;
4、整個私有網絡基本RIP全網可達;
5、所有Pc設置私有IP為源IP，可以訪問R5環回。

?三.實驗配置

1.ip地址

[R1]int g0/0/0 
[R1-GigabitEthernet0/0/0]int s 4/0/0
[R1-Serial4/0/0]ip address 15.1.1.1 24

[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip address 192.168.2.2 24
[R2-GigabitEthernet0/0/0]int s 4/0/0
[R2-Serial4/0/0]ip address 25.1.1.2 24

R3?

[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip ad 192.168.3.3 24
[R3-GigabitEthernet0/0/0]int s 4/0/0
[R3-Serial4/0/0]ip address 35.1.1.3 24

[R4]int g 0/0/0
[R4-GigabitEthernet0/0/0]ip ad 192.168.4.4 24
[R4-GigabitEthernet0/0/0]int g 0/0/1
[R4-GigabitEthernet0/0/1]ip ad 45.1.1.4 24

R5?

[R5]int s 4/0/1
[R5-Serial4/0/1]ip address 15.1.1.5 24
[R5-Serial4/0/1]int s 4/0/0
[R5-Serial4/0/0]ip address 35.1.1.5 24
[R5-Serial4/0/0]int s 3/0/1
[R5-Serial3/0/1]ip address 25.1.1.5 24
[R5]int g 0/0/0
[R5-GigabitEthernet0/0/0]ip address 45.1.1.5 24
[R5]int LoopBack 0
[R5-LoopBack0]ip address 5.5.5.5 24

2.全網通

[R1]ip route-static 0.0.0.0 0 15.1.1.5
[R2]ip route-static 0.0.0.0 0 25.1.1.5
[R3]ip route-static 0.0.0.0 0 35.1.1.5
[R4]ip route-static 0.0.0.0 0 45.1.1.5

R1和R5間使用PPP的PAP認證，R5為主認證方

[R5]aaa
[R5-aaa]local-user ABC password cipher 12345
Info: Add a new user.
[R5-aaa]local-user ABC service-type ppp
[R5-aaa]int s 4/0/1
[R5-Serial4/0/1]ppp authentication-mode pap

[R1]int s 4/0/0
[R1-Serial4/0/0]ppp pap local-user ABC password cipher 12345

R2與R5之間使用ppp的CHAP認證，R5為主認證方

[R5]aaa
[R5-aaa]local-user bbb password cipher 12345
[R5-aaa]local-user aaa service-type ppp
[R5-aaa]int s3/0/1
[R5-Serial3/0/1]ppp authentication-mode chap

?R2

[R2]int s4/0/0
[R2-Serial4/0/0]ppp chap user bbb 
[R2-Serial4/0/0]ppp chap password cipher bbb12345

?R3與R5之間使用HDLC封裝

[R5]int s4/0/0
[R5-Serial4/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y

[R3]int s4/0/0
[R3-Serial4/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y

R1、R2、R3構建一個MGRE環境，R1為中心站點，R1、R4間為點到點的GRE

[R1]int Tunnel 0/0/1
[R1-Tunnel0/0/1]ip address 10.1.1.1 24
[R1-Tunnel0/0/1]tunnel-protocol gre
[R1-Tunnel0/0/1]source 15.1.1.1
[R1-Tunnel0/0/1]destination 45.1.1.4[R1]int Tunnel 0/0/0
[R1-Tunnel0/0/0]ip address 20.1.1.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre p2mp
[R1-Tunnel0/0/0]source 15.1.1.1
[R1-Tunnel0/0/0]nhrp network-id 100

?R2

[R2]int Tunnel 0/0/0
[R2-Tunnel0/0/0]ip address 20.1.1.2 24
[R2-Tunnel0/0/0]tunnel-protocol gre p2mp
[R2-Tunnel0/0/0]source Serial 4/0/0
[R2-Tunnel0/0/0]nhrp network-id 100
[R2-Tunnel0/0/0]nhrp entry 20.1.1.1 15.1.1.1 register

[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]ip address 20.1.1.3 24
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp
[R3-Tunnel0/0/0]source Serial 4/0/0
[R3-Tunnel0/0/0]nhrp network-id 100
[R3-Tunnel0/0/0]nhrp entry 20.1.1.1 15.1.1.1 register

?R4

[R4]int t0/0/1
[R4-Tunnel0/0/1]ip add 10.1.1.4 24
[R4-Tunnel0/0/1]tunnel-protocol gre
[R4-Tunnel0/0/1]source 45.1.1.4
[R4-Tunnel0/0/1]destination 15.1.1.1

配置RIP

[R1]rip 1
[R1-rip-1]version 2
[R1-rip-1]undo summary
[R1-rip-1]network 192.168.1.0
[R1-rip-1]network 20.0.0.0
[R1-rip-1]network 10.0.0.0
[R1-Tunnel0/0/1]undo rip split-horizon

[R2]rip 1
[R2-rip-1]version 2
[R2-rip-1]undo summary
[R2-rip-1]network 192.168.2.0
[R2-rip-1]network 20.0.0.2
[R2-Tunnel0/0/1]undo rip split-horizon

[R3]rip 1
[R3-rip-1]version 2
[R3-rip-1]undo summary
[R3-rip-1]network 192.168.3.0
[R3-rip-1]network 20.0.0.0
[R3-Tunnel0/0/1]undo rip split-horizon

[R4]rip 1
[R4-rip-1]version 2
[R4-rip-1]undo summary
[R4-rip-1]network 192.168.4.0
[R4-rip-1]network 10.0.0.0
[R4-Tunnel0/0/1]undo rip split-horizon

?配置NAT

[R1]acl 2000
[R1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[R1-acl-basic-2000]int s4/0/0
[R1-Serial4/0/0]nat outbound 2000

?R2

[R2]acl 2000  
[R2-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255
[R2-acl-basic-2000]int s4/0/0
[R2-Serial4/0/0]nat outbound 2000

[R3]acl 2000
[R3-acl-basic-2000]rule permit source 192.168.3.0 0.0.0.255
[R3-acl-basic-2000]int s4/0/0
[R3-Serial4/0/0]nat outbound 2000

[R4]acl 2000
[R4-acl-basic-2000]rule permit source 192.168.4.0 0.0.0.255
[R4-acl-basic-2000]int g0/0/1
[R4-GigabitEthernet0/0/0]nat outbound 2000

本文來自互聯網用戶投稿，該文觀點僅代表作者本人，不代表本站立場。本站僅提供信息存儲空間服務，不擁有所有權，不承擔相關法律責任。
如若轉載，請注明出處：http://www.pswp.cn/bicheng/91189.shtml
繁體地址，請注明出處：http://hk.pswp.cn/bicheng/91189.shtml
英文地址，請注明出處：http://en.pswp.cn/bicheng/91189.shtml

如若內容造成侵權/違法違規/事實不符，請聯系多彩編程網進行投訴反饋email:809451989@qq.com，一經查實，立即刪除！