MGRE、GRE,串线PAP、CHAP协议实验

 思路:
数广播域,子网划分,配置路由器接口IP地址,配置GRE,配置静态缺省路由,配置RIP,配置nat
子网划分:
192.168.1.0/24 -- R1内网网段
192.168.2.0/24 -- R2内网网段
192.168.3.0/24 -- R3内网网段
192.168.4.0/24 -- R4内网网段
192.168.5.0/24 -- MGRE/GRE中R1,R2,R3网段
192.168.6.0/24 -- GRE中R1,R4网段
15.0.0.0/8 -- R1~R5链路
25.0.0.0/8 -- R2~R5链路
35.0.0.0/8 -- R3~R5链路
45.0.0.0/8 -- R4~R5链路
5.5.5.5/8 -- R5环回
配置:
-  配IP地址  以R1为例 - int g0/0/0
- ip add 192.168.1.1 24
- int s4/0/0
- nat outbound 2000
- ip add 15.0.0.1 8
- int t0/0/0
- ip add 192.168.5.1 24
- int t0/0/1
- ip add 192.168.6.1 24
 
-  认证 - 首先配置ACL(R1-R4) 
    - acl 2000 rule permit source 192.168.1.0 0.0.0.255
- int s4/0/0
- nat outbound 2000
 
- PAP 
    - 配置PAP被认证方
- int s4/0/0
- ppp pap local-user adminpap password cipher 123456
- 配置PAP主认证
- aaa
- local-user adminpap password cipher 123456
- local-user adminpap service-type ppp
- int s3/0/0
- ppp authentication-mode pap
 
- CHAP 
    - 配置CHAP被认证方
- int s4/0/0
- ppp chap user adminchap
- ppp chap password cipher 123456
- 配置CHAP主认证
- aaa local-user adminchap password cipher 123456
- local-user adminchap service-type ppp
- int s3/0/1
- ppp authentication-mode chap
 
- HDLC 
    - int s 4/0/0
- link-protocol hdlc (R3,R5对应接口)
 
 
- 首先配置ACL(R1-R4) 
    
-  MGRE - 以R1中心设备为例
- int t0/0/0
- tunnel-protocol gre p2mp
- source 15.0.0.1
- nhrp network-id 100
- int t0/0/0
- nhrp entry multicast dynamic
- undo rip split-horizon
- 以R2为例
- int t0/0/0
- tunnel-protocol gre p2mp
- source s 4/0/0
- nhrp network-id 100
- nhrp entry 192.168.5.1 15.0.0.1 register
 
-  GRE(R1-R4点对点) - 以R1为例
- int t0/0/1
- tunnel-protocol gre
- source 15.0.0.1
- destination 45.0.0.1
 
-  RIP、静态路由 - 以R1为例
- rip 1
- v 2
- net 192.168.1.0
- net 192.168.5.0 (宣告所有接口的私网)
- net 192.168.6.0
- ip route-s 0.0.0.0 0 15.0.0.2(R1-R4写一条指向公网的缺省)
 

 
 










