Experimental requirements
1.R2 is an ISP, and only IP addresses can be configured on it.
2. HDLC encapsulation is used between R1-R2.
3. PPP encapsulation is used between R2-R3, pap authentication, and R2 is the main authenticator.
4. HDLC encapsulation is used between R2-R3. PPP encapsulation, chap authentication, R2 is the main authenticator
5. R1, R2, R3 build an MGRE environment, only R1 IP address is fixed
6. The intranet uses RTP to obtain routing, all PCs can access each other, and can access the loopback of R2.
Step One: IP Address Planning
PC address
equipment |
gateway |
address |
PC1 |
192.168.1.1 24 |
192.168.1.2 24 |
PC2 |
192.168.2.1 24 |
192.168.2.2 24 |
PC3 |
192.168.3.1 24 |
192.168.3.2 24 |
Device address
equipment |
interface |
address |
R1 |
s4/0/0 |
15.1.1.1 24 |
R3 |
S4/0/0 |
25.1.1.2 24 |
R4 |
s4/0/0 |
35.1.1.3 24 |
R2 |
s4/0/0 |
15.1.1.4 24 |
|
s4/0/1 |
25.1.1.4 24 |
|
s3/0/0 |
35.1.1.4 24 |
|
lookback |
2.2.2.2 24 |
Step 2: Configure IP address
R1 configuration
[R1]int g 0/0/0
[R1-GigabitEthernet0/0/0]ip address 192.168.1.1 24
[R1-GigabitEthernet0/0/0]int s 4/0/0
[R1-Serial4/0/0]ip address 15.1.1.1 24
R2 configuration
[R2]int s4/0/0
[R2-Serial4/0/0]ip address 15.1.1.4 24
[R2-Serial4/0/0]int s4/0/1
[R2-Serial4/0/1]ip address 25.1.1.4 24
[R2-Serial4/0/1]int s 3/0/0
[R2-Serial3/0/0]ip address 35.1.1.4 24
[R2]int lo0
[R2-LoopBack0]ip address 2.2.2.2 24
[R2-LoopBack0]
R3 configuration
[R3]int g 0/0/0
[R3-GigabitEthernet0/0/0]ip address 192.168.2.1 24
[R3-GigabitEthernet0/0/0]int s 4/0/0
[R3-Serial4/0/0]ip address 25.1.1.2 24
R4 configuration
[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip address 192.168.3.1 24
[R4-GigabitEthernet0/0/0]int s 4/0/0
[R4-Serial4/0/0]ip address 35.1.1.3 24
Step 3: Configure default route
[R1]ip route-static 0.0.0.0 0 15.1.1.4
[R3]ip route-static 0.0.0.0 0 25.1.1.4
[R4]ip route-static 0.0.0.0 0 35.1.1.4
Step 4: NAT
R1 configuration
[R1]acl 2000
[R1-acl-basic-2000]rule 1 permit source any
[R1]int s 4/0/0
[R1-Serial4/0/0]nat outbound 2000
R3 configuration
[R3]acl 2000
[R3-acl-basic-2000]rule 1 permit source any
[R3]int s 4/0/0
[R3-Serial4/0/0]nat outbound 2000
R4 configuration
[R4]acl 2000
[R4-acl-basic-2000]rule 1 permit source any
[R4]int s 4/0/0
[R4-Serial4/0/0]nat outbound 2000
Step 4: HDLC packaging
R1 configuration
[R1]int s4/0/0
[R1-Serial4/0/0]link-protocol hdlc
R4 configuration
[R4]int s4/0/0
[R4-Serial4/0/0]link-protocol hdlc
Step 4: PAP certification
There is PPP encapsulation and pap authentication between R2-R3, and R2 is the main authenticator.
Primary authenticator
[R2]aaa
[R2-aaa]local-user huawei password cipher huawei
[R2-aaa]local-user huawei service-type ppp
[R2]int s 4/0/1
[R2-Serial4/0/1]ppp authentication-mode pap
authenticated party
[R3]int s 4/0/0
[R3-Serial4/0/0]ppp pap local-user huawei password cipher huawei
Step 5: chap certification
R2-R4 is PPP encapsulated and chap authenticated, and R2 is the main authenticator.
Primary authenticator
[R2]aaa
[R2-aaa]local-user huawei password cipher huawei
[R2-aaa]local-user huawei service-type ppp
[R2]int s 3/0/0
[R2-Serial3/0/0]ppp authentication-mode chap
authenticated party
[R4]int s 3/0/0
[R4-Serial4/0/0]link-protocol ppp
[R4-Serial4/0/0]ppp chap password cipher huawei
[R4-Serial4/0/0]ppp chap user huawei
Step 6: Configure the MGRE environment
R1 configuration
[R1]interface Tunnel 0/0/0
[R1-Tunnel0/0/0]ip address 10.1.1.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre p2mp
[R1-Tunnel0/0/0]source 15.1.1.1
[R1-Tunnel0/0/0]nhrp network-id 100
R3 configuration
[R3]interface Tunnel 0/0/0
[R3-Tunnel0/0/0]ip address 10.1.1.2 24
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp
[R3-Tunnel0/0/0]source s4/0/0
[R3-Tunnel0/0/0]nhrp entry 10.1.1.1 15.1.1.1 register
[R3-Tunnel0/0/0]nhrp network-id 100
R4 configuration
[R4]interface Tunnel 0/0/0
[R4-Tunnel0/0/0]ip address 10.1.1.3 24
[R4-Tunnel0/0/0]tunnel-protocol gre p2mp
[R4-Tunnel0/0/0]source s4/0/0
[R4-Tunnel0/0/0]nhrp entry 10.1.1.1 15.1.1.1 register
[R4-Tunnel0/0/0]nhrp network-id 100
Step 7: Write RIP route
R1 configuration
[R1]rip 1
[R1-rip-1]version 2
[R1-rip-1]network 10.0.0.0
[R1-rip-1]network 192.168.1.0
R3 configuration
[R3]rip 1
[R3-rip-1]version 2
[R3-rip-1]network 192.168.2.0
[R3-rip-1]network 10.0.0.0
R4 configuration
[R4]rip 1
[R4-rip-1]version 2
[R4-rip-1]network 192.168.3.0
[R4-rip-1]network 10.0.0.0
RIP routing configuration in MGER environment
[R1]interface Tunnel 0/0/0
[R1-Tunnel0/0/0]undo rip split-horizon
[R1-Tunnel0/0/0]nhrp entry multicast dynamic