Technology Sharing

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

first step:Assign IP addresses to R1, R2, R3, and R4

[R1-GigabitEthernet0/0/0]ip address 192.168.1.1 24

[R1-Serial4/0/0]ip address 15.0.0.1 24

[R2-GigabitEthernet0/0/0]ip address 192.168.2.1 24

[R2-Serial4/0/0]ip address 25.0.0.1 24

[R3-GigabitEthernet0/0/0]ip address 192.168.3.1 24

[R3-Serial4/0/0]ip address 35.0.0.1 24

[R4-GigabitEthernet0/0/0]ip address 192.168.4.1 24

Step 2: Authentication Configuration

Use PPP PAP authentication between R1 and R5;

ISP sets password

[ISP-aaa]local-user huawei password cipher 123456

Define the service object:

[ISP-aaa]local-user huawei service-type ppp

[ISP-Serial3/0/0]ppp authentication-mode pap、

To renegotiate a link:

[R1-Serial4/0/0]shutdown 

[R1-Serial4/0/0]undo shutdown 

If the protocol level is down, the password and account are successfully established.

s 40/0/0 Authentication successful

Completion certification

[R1-Serial4/0/0]ppp pap local-user huawei password cipher 12345

[R1-Serial4/0/0]shutdown

[R1-Serial4/0/0]undo shutdown

s 4/0/0 is up, and the authentication is successful.

PPP chap authentication is used between R2 and R5, with R5 as the primary authenticator:

[R2-Serial4/0/0]ppp chap user huawei create account

[R2-Serial4/0/0]ppp chap password cipher 123456 Set password

[R1-Serial4/0/0]shutdown

[R1-Serial4/0/0]undo shutdown authentication

All up, authentication successful

HDLC encapsulation is used between R3 and R5

[ISP-Serial4/0/0]link-protocol hdlc

 

Step 3: Build the MGRE environment

Configuring Static Routes

[R1]ip route-static 0.0.0.0 0 15.0.0.2

[R2]ip route-static 0.0.0.0 0 25.0.0.2

[R3]ip route-static 0.0.0.0 0 35.0.0.2

[R4]ip route-static 0.0.0.0 0 45.0.0.2 

Establishing a Tunnel

[R1]int t0/0/0
[R1-Tunnel0/0/0]ip address 192.168.5.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre p2mp 

[R1-Tunnel0/0/0]shutdown 

[R1-Tunnel0/0/0]source 15.0.0.1
[R1-Tunnel0/0/0]nhrp network-id 100

[R2]int t0/0/0
[R2-Tunnel0/0/0]ip address 192.168.5.2 24
[R2-Tunnel0/0/0]tunnel-protocol gre p2mp 

[R2-Tunnel0/0/0]shutdown 

[R2-Tunnel0/0/0]source s4/0/0
[R2-Tunnel0/0/0]nhrp network-id 100

[R2-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register 

[R3]int t0/0/0
[R3-Tunnel0/0/0]ip address 192.168.5.3 24
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R3-Tunnel0/0/0]shutdown 
[R3-Tunnel0/0/0]source s4/0/0
[R3-Tunnel0/0/0]nhrp network-id 100 
[R3-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register 

[R1-Tunnel0/0/0]int t0/0/1
[R1-Tunnel0/0/1]ip address 192.168.6.1 24 
[R1-Tunnel0/0/1]tunnel-protocol gre 
[R1-Tunnel0/0/1]shutdown 
[R1-Tunnel0/0/1]source 15.0.0.1
[R1-Tunnel0/0/1]description 45.0.0.1

[R4]int t0/0/0
[R4-Tunnel0/0/0]ip address 192.168.6.2 24
[R4-Tunnel0/0/0]tunnel-protocol gre 
[R4-Tunnel0/0/0]shutdown 
[R4-Tunnel0/0/0]source 45.0.0.1    
[R4-Tunnel0/0/0]description 15.0.0.1

Step 4: RIP is available on the entire network

[R1]rip
[R1-rip-1]version 2
[R1-rip-1]ne 192.168.1.0
[R1-rip-1]ne 192.168.5.0
[R1-rip-1]ne 192.168.6.0
 

[R2]rip
[R2-rip-1]version 2
[R2-rip-1]network 192.168.5.0
[R2-rip-1]network 192.168.2.0

[R3]rip 
[R3-rip-1]verify-source
[R3-rip-1]version 2
[R3-rip-1]network 192.168.3.0
[R3-rip-1]network 192.168.5.0

[R4]rip      
[R4-rip-1]version 2
[R4-rip-1]network 192.168.4.0

[R1-Tunnel0/0/0]nhrp entry multicast dynamic 
[R1-Tunnel0/0/0]undo rip split-horizon 

Step 5: Access R5 loopback

[R1]acl 2000
[R1-acl-basic-2000]rule 5 permit source 192.168.1.0 0.0.0.255

[R1]int s4/0/0
[R1-Serial4/0/0]nat out    
[R1-Serial4/0/0]nat outbound 2000