PC 配置:
pc1:ip 192.168.1.2 24 网关:192.168.1.1
pc2:ip 192.168.2.2 24 网关:192.168.2.1
pc3:ip 192.168.3.2 24 网关:192.168.3.1
R1:
(配置IP)
[R1]interface g0/0/1
[R1-GigbitEthernet0/0/0]ip address 192.168.1.1 24
[R1]interface s4/0/0
[R1-Serial4/0/0]ip address 12.1.1.1 24
[R1-Serial4/0/0]link-protocol hdlc(R1和R2之间HDLC封装)
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y
(构建MGRE,已知R1IP地址固定)
(nat配置)
[R1]ip route-static 0.0.0.0 0 12.1.1.1
[R1]acl 2000
[R1-acl-basic-2000]rule 1 permit source any
[R1]interface s4/0/0
[R1-Serial4/0/0]nat outbound 2000
(配置MFGRE)(中心站点)
[R1]interface Tunnel 0/0/0
[R1-Tunnel0/0/0]ip address 10.1.1.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre p2mp(模式调整)
[R1-Tunnel0/0/0]source 12.1.1.1
[R1-Tunnel0/0/0]nhrp entry multicast dynamic(开启伪广播)
[R1-Tunnel0/0/0]nhrp network-id 100
(RIP获取路由)
[R1]rip 1
[R1-rip-1]version 2
[R1-rip-1]network 10.0.0.0(隧道宣告)
[R1-rip-1]network 192.168.1.0
(关闭RIP水平分割)
[R1]interface Tunnel 0/0/0
[R1-Tunnel0/0/0]undo rip split-horizon
R2:
(配置IP)
[R2]interface s4/0/0
[R2-Serial4/0/0]ip address 12.1.1.2 24
[R2-Serial4/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y
[R2]interface s4/0/1
[R2-Serial4/0/1]ip address 23.1.1.1 24
[R2]interface 3/0/0
[R2-Serial3/0/0]ip address 24.1.1.1 24
[R2]interface LoopBack 0
[R2-LoopBack0]ip address 2.2.2.2 24(利用环回模拟公网)
(公网账号密码设置)
[R2]aaa
[R2-aaa]local-user huawei password cipher huawei
[R3-aaa]local-user huawei service-type ppp
(2和3之间pap认证)
[R2]interface s4/0/1
[R2-Serial4/0/1]ppp authentication-mode pap
(2和4之间chap认证)
[R2]interface s3/0/0
[R2-Serial3/0/0]ppp authentication-mode chap
R3:
(配置IP)
[R3]interface s4/0/0
[R3-Serial4/0/0]ip address 23.1.1.2
[R3]interface g0/0/1
[R3-GigabitEthernet0/0/1]ip address 192.168.2.1 24
(被认证方pap)
[R3]interface s4/0/0
[R3-Serial4/0/0]ppp pap local-user huawei password cipher huawei
(构建MGRE,已知R1IP地址固定)
(nat配置)
[R3]ip route-static 0.0.0.0 0 23.1.1.1
[R3]acl 2000
[R3-acl-basic-2000]rule 1 permit source any
[R3]interface s4/0/0
[R3-Serial4/0/0]nat outbound 2000
(配置MGRE)
[R3]interface Tunnel0/0/0
[R3-Tunnel0/0/0]ip address 10.1.1.2 24
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp
[R3-Tunnel0/0/0]source s4/0/0
[R3-Tunnel0/0/0]nhrp entry 10.1.1.1 12.1.1.1 register
[R3-Tunnel0/0/0]nhrp network-id 100
(RIP获取路由)
[R3]rip 1
[R3-rip-1]version 2
[R3-rip-1]network 10.0.0.0(隧道宣告)
[R3-rip-1]network 192.168.2.0
R4:
(配置IP)
[R4]interface s4/0/0
[R4-Serial4/0/0]ip address 24.1.1.2 24
[R4]interface g0/0/1
[R4-GigabitEtherner0/0/1]ip address 192.168.3.1 24
(构建MGRE,已知R1IP地址固定)
(nat配置)
[R4]ip route-static 0.0.0.0 0 24.1.1.1
[R4]acl 2000
[R4-acl-basic-2000]rule 1 permit source any
[R4]interface s4/0/0
[R4-Serial4/0/0]nat outbound 2000
(配置MGRE)
[R4]interface Tunnel0/0/0
[R4-Tunnel0/0/0]ip address 10.1.1.3 24
[R4-Tunnel0/0/0]tunnel-protocol gre p2mp
[R4-Tunnel0/0/0]source s4/0/0
[R4-Tunnel0/0/0]nhrp entry 10.1.1.1 12.1.1.1 register
[R4-Tunnel0/0/0]nhrp network-id 100
(被认证方的chap)
[R4]interface s4/0/0
[R4-Serial4/0/0]ppp chap user huawei
[R4-Serial4/0/0]ppp chap password cipher huawei
(RIP获取路由)
[R4]rip 1
[R4-rip-1]version 2
[R4-rip-1]network 10.0.0.0(隧道宣告)
[R4-rip-1]network 192.168.3.0
结束:
所有配置结束后,可以检查节点是否建立
<R1>display nhrp peer all
最后可达成PC互通,并且访问R2环回(模拟公网)
扫一扫
135
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
