Require:
1. R5 is an ISP and can only configure IP addresses; all its addresses are configured as public IP addresses.
2. PPP pap authentication is used between R1 and R5, and R5 is the main authenticator;
PPP chap authentication is used between R2 and R5, and R5 is the main authenticator;
HDLC packaging is used between R3 and R5.
3.R1/R2/R3 build an MGRE environment, with R1 as the central site; point-to-point GRE between R1 and R4.
4. The entire private network is reachable across the entire network based on RIP
5. All PCs are set as private source IP and can access R5 loopback
First configure the ip for the serial interface and make it reachable within the intranet by default.
[r1] [r1]int [r1]interfaces [r1]interface Serial 4/0/0 [r1-Serial4/0/0] [r1-Serial4/0/0]ip ad [r1-Serial4/0/0]ip address 15.0.0.1 24 [r1-Serial4/0/0] [r1-Serial4/0/0]qu [r1-Serial4/0/0]quit [r1] [r1]ip arrou [r1]ip arrou [r1]ipro [r1]ip route [r1]ip route-static 0.0.0.0 0 15.0.0.5
[r2] [r2]int [r2]interfaces [r2]interface Serial 4/0/0 [r2-Serial4/0/0] [r2-Serial4/0/0]ip aaad [r2-Serial4/0/0]ip ad [r2-Serial4/0/0]ip address [r2-Serial4/0/0]ip address 25.0.0.2 24 [r2-Serial4/0/0] [r2-Serial4/0/0]qu [r2-Serial4/0/0]quit [r2] [r2]ip r [r2]ipro [r2]ip route-static 0.0.0.0 0 25.0.0.5
[r3]int [r3]interfaces [r3]interface Serial [r3]interface Serial 4/0/0 [r3-Serial4/0/0] [r3-Serial4/0/0]ip add [r3-Serial4/0/0]ip address 35.0.0.3 24 [r3-Serial4/0/0] [r3-Serial4/0/0]qu [r3-Serial4/0/0]quit [r3] [r3]ip rou [r3]ip route [r3]ip route-static [r3]ip route- [r3]ip route-static 0.0.0.0 0 35.0.0.5
r4]int [r4]interfaces [r4]interface Serial 4/0/0 [r4-Serial4/0/0]qu [r4-Serial4/0/0]quit [r4] [r4]int [r4]interface g0/0/1 [r4-GigabitEthernet0/0/1]ip ad [r4-GigabitEthernet0/0/1]ip address 45.0.0.4 24 Oct 20 2023 21:46:32-08:00 r4 % IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface GigabitEthernet0/0/1 has entered the UP state. [r4-GigabitEthernet0/0/1] [r4-GigabitEthernet0/0/1]qu [r4-GigabitEthernet0/0/1]quit [r4] [r4]ip rou [r4]ip route [r4]ip route-static 0.0.0.0 0 45.0.0.5
2. Use PPP pap authentication between R1 and R5
[r5]int [r5]interfaces [r5]interface Serial [r5]interface Serial 3/0/0 [r5-Serial3/0/0] [r5-Serial3/0/0]ppp a [r5-Serial3/0/0]ppp authentication-mode pap
[r1]interface Serial 4/0/0 [r1-Serial4/0/0] [r1-Serial4/0/0]ppp pap ll [r1-Serial4/0/0]ppp pap ll [r1-Serial4/0/0]ppp pap lo [r1-Serial4/0/0]ppp pap local-user huawei pa [r1-Serial4/0/0]ppp pap local-user huawei password ci [r1-Serial4/0/0]ppp pap local-user huawei password cipher 666666
3. Use ppp chap authentication between R2 and R5
[r5-aaa]loc [r5-aaa]local-user hcip ser [r5-aaa]local-user hcip service-type ppp [r5-aaa]q [r5-aaa]quit [r5]int [r5]interfaces [r5]interface Serial 4/0/0 [r5-Serial4/0/0]ppp a [r5-Serial4/0/0]ppp authentication-mode chap
[r2]interface Serial 4/0/0 [r2-Serial4/0/0] [r2-Serial4/0/0]ppp cha [r2-Serial4/0/0]ppp chap pa [r2-Serial4/0/0]ppp chap password [r2-Serial4/0/0]ppp chap password ci [r2-Serial4/0/0]ppp chap password cipher 000000
[r5-aaa]loc [r5-aaa]local-user [r5-aaa]local-user [r5-aaa]local-user hu [r5-aaa]local-user hcip pa [r5-aaa]local-user hcip password [r5-aaa]local-user hcip password ci [r5-aaa]local-user hcip password cipher 000000
4. Use HDLC packaging between R3 and R5
[r3-Serial4/0/0] [r3-Serial4/0/0]lin [r3-Serial4/0/0]link-protocol h [r3-Serial4/0/0]link-protocol hdlc [r3-Serial4/0/0]ip ad [r3-Serial4/0/0]ip address un [r3-Serial4/0/0]ip address unnumbered int [r3-Serial4/0/0]ip address unnumbered interface l [r3-Serial4/0/0]ip address unnumbered interface LoopBack 0
HDLC successfully established
5. Configure tunnel interface
[r1]interface t [r1]Interface Tunnel 0/0/0 [r1-Tunnel0/0/0] [r1-Tunnel0/0/0]tun [r1-Tunnel0/0/0]tunnel-protocol gre [r1-Tunnel0/0/0]tunnel-protocol gre p2mp [r1-Tunnel0/0/0]sou [r1-Tunnel0/0/0]source 15.0.0.1 [r1-Tunnel0/0/0]qu [r1-Tunnel0/0/0]quit [r1] [r1]ips [r1]iprou [r1]ip route [r1]ip route-static [r1]iprou [r1]ip route-static 192.168.2.0 24 192.168.5.2 [r1]ip route-static 192.168.3.0 24 192.168.5.2 [r1]ip route-static 192.168.4.0 24 192.168.5.2
[r2]int [r2]interface t 0/0/0 [r2-Tunnel0/0/0] [r2-Tunnel0/0/0]ip add [r2-Tunnel0/0/0]ip address 192.168.5.2 24 [r2-Tunnel0/0/0]tu [r2-Tunnel0/0/0]tunnel-protocol gre p2mp [r2-Tunnel0/0/0]soc [r2-Tunnel0/0/0]sou [r2-Tunnel0/0/0]sources 4/0/0 [r2-Tunnel0/0/0]nh [r2-Tunnel0/0/0]nhrp ent [r2-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 re [r2-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register
[r3]interface t0/0/0 [r3-Tunnel0/0/0] [r3-Tunnel0/0/0]ip ad [r3-Tunnel0/0/0]ip address 192.168.5.3 24 [r3-Tunnel0/0/0]tu [r3-Tunnel0/0/0]tunnel-protocol gre [r3-Tunnel0/0/0]tunnel-protocol gre p2mp [r3-Tunnel0/0/0]soc [r3-Tunnel0/0/0]sou [r3-Tunnel0/0/0]source [r3-Tunnel0/0/0] source s 4/0/0 [r3-Tunnel0/0/0] [r3-Tunnel0/0/0]qu [r3-Tunnel0/0/0]quit [r3] [r3]int [r3]interface t0/0/0 [r3-Tunnel0/0/0] [r3-Tunnel0/0/0]n [r3-Tunnel0/0/0]nh [r3-Tunnel0/0/0]nhrp en [r3-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 re [r3-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register
[r4]int [r4]interface t0/0/0 [r4-Tunnel0/0/0] [r4-Tunnel0/0/0]ip ad [r4-Tunnel0/0/0]ip address 192.168.5.4 24 [r4-Tunnel0/0/0] [r4-Tunnel0/0/0]tu [r4-Tunnel0/0/0]tunnel-protocol gre p2mp [r4-Tunnel0/0/0]sou [r4-Tunnel0/0/0]source g0/0/1 Oct 20 2023 22:16:38-08:00 r4 % IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface Tunnel0/0/0 has entered the UP state
And configure the static configuration of each network segment:
[r2]ip rou [r2]ip route [r2]ip route-static 192.168.1.0 24 192.168.5.1 [r2]ip route-static 192.168.3.0 24 192.168.5.1 [r2]ip route-static 192.168.4.0 24 192.168.5.1
[r3]ip rou [r3]ip route [r3]ip route-static 192.168.1.0 24 192.168.5.1 [r3]ip route-static 192.168.2.0 24 192.168.5.1 [r3]ip route-static 192.168.4.0 24 192.168.5.1
[r4]ip route-static 192.168.1.0 24 192.168.5.1 [r4]ip route-static 192.168.2.0 24 192.168.5.1 [r4]ip route-static 192.168.3.0 24 192.168.5.1
Configure NAT for border routing:
R1:
[r1]acl [r1]acl 2000 [r1-acl-basic-2000] [r1-acl-basic-2000]rule p [r1-acl-basic-2000]rule permit s [r1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255 [r1-acl-basic-2000]qu [r1-acl-basic-2000]quit [r1] [r1]int [r1]interface s4/0/0 [r1-Serial4/0/0]na [r1-Serial4/0/0]nat ou [r1-Serial4/0/0]nat outbound 2000 [r1-Serial4/0/0]qu [r1-Serial4/0/0]quit
R2
?
[r2]acl 2000 [r2-acl-basic-2000] [r2-acl-basic-2000]rel [r2-acl-basic-2000]ru [r2-acl-basic-2000]rule pr [r2-acl-basic-2000]rule pe [r2-acl-basic-2000]rule permit s [r2-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255 [r2-acl-basic-2000]qu [r2-acl-basic-2000]quit [r2] [r2]int [r2]interface [r2]interface s4/0/0 [r2-Serial4/0/0] [r2-Serial4/0/0]na [r2-Serial4/0/0]nat ou [r2-Serial4/0/0]nat outbound 2000
?
R3
[r3]acl [r3]acl 2000 [r3-acl-basic-2000] [r3-acl-basic-2000]ru [r3-acl-basic-2000]rule o [r3-acl-basic-2000]rule pr [r3-acl-basic-2000]rule pe [r3-acl-basic-2000]rule permit so [r3-acl-basic-2000]rule permit source 192.168.3.0 0.0.0.255 [r3-acl-basic-2000]qu [r3-acl-basic-2000]quit [r3]int [r3]interface s4/0/0 [r3-Serial4/0/0] [r3-Serial4/0/0]nat [r3-Serial4/0/0]nat p [r3-Serial4/0/0]nat o [r3-Serial4/0/0]nat outbound 2000 [r3-Serial4/0/0]
R4
[r4]acl [r4]acl 2000 [r4-acl-basic-2000] [r4-acl-basic-2000]ru [r4-acl-basic-2000]rule per [r4-acl-basic-2000]rule permit so [r4-acl-basic-2000]rule permit source 192.168.4.0 0.0.0.255 [r4-acl-basic-2000]qu [r4-acl-basic-2000]quit [r4] [r4]nat [r4]int [r4]interface g0/0/1 [r4-GigabitEthernet0/0/1]na [r4-GigabitEthernet0/0/1]nat ou [r4-GigabitEthernet0/0/1]nat outbound 2000
Complete the IP addresses of each interface of R5:
ping results:
