HCIE必经之路(七)——大综合实验
📻实验拓扑
📠实验配置
********************************************************************************
* Copyright(c) 1998-2008 Huawei Technologies Co., Ltd. All rights reserved. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
********************************************************************************
<R1>
#
sysname R1
#
cpu-usage cycle 1min
#
router id 1.1.1.1
#
radius scheme system
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
interface Aux0
async mode flow
#
interface Ethernet0/0
loopback
ip address 192.168.1.1 255.255.255.0
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Serial0/0
clock DTECLK1
link-protocol ppp
ip address 10.0.0.1 255.255.255.252
#
interface NULL0
#
bgp 200
undo synchronization
group as200 internal
peer 10.0.0.2 group as200
peer 10.0.0.6 group as200
#
ospf 1
area 0.0.0.1
network 10.0.0.0 0.0.0.3
network 192.168.1.0 0.0.0.255
#
FTP server enable
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
<R1>
<R2>
#
sysname R2
#
l2tp enable
#
cpu-usage cycle 1min
#
router id 2.2.2.2
#
radius scheme system
#
domain system
ip pool 1 100.0.0.11 100.0.0.200
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
local-user h3c
password simple 123
level 3
service-type ppp
#
interface Virtual-Template1
ppp authentication-mode chap
ppp chap user h3c
ip address 100.0.0.1 255.255.255.0
remote address pool 1
#
interface Aux0
async mode flow
#
interface Ethernet0/0
pppoe-server bind Virtual-Template 1
ip address dhcp-alloc
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Serial0/0
link-protocol ppp
ip address 10.0.0.2 255.255.255.252
#
interface Serial1/0
clock DTECLK1
link-protocol ppp
ip address 10.0.0.5 255.255.255.252
#
interface Serial1/1
clock DTECLK1
link-protocol ppp
ip address dhcp-alloc
#
interface NULL0
#
bgp 200
import-route direct
undo synchronization
group R1 internal
peer 10.0.0.1 group R1
peer 10.0.0.6 group R1
#
ospf 1
import-route direct
area 0.0.0.1
network 10.0.0.0 0.0.0.3
#
area 0.0.0.0
network 10.0.0.4 0.0.0.3
#
FTP server enable
#
undo dhcp enable
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
<R2>
********************************************************************************
* Copyright(c) 1998-2008 Huawei Technologies Co., Ltd. All rights reserved. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
********************************************************************************
[R3]
#
sysname R3
#
cpu-usage cycle 1min
#
router id 3.3.3.3
#
radius scheme system
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
ike peer ike1
pre-shared-key abc
remote-address 11.11.11.2
#
ipsec proposal r1
esp authentication-algorithm sha1
esp encryption-algorithm 3des
#
ipsec policy por1 10 isakmp
security acl 3000
ike-peer ike1
proposal r1
#
acl number 3000 match-order auto
rule 1 permit ip source 192.168.3.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 2 deny ip
#
interface Aux0
async mode flow
#
interface Ethernet0/0
loopback
ip address 192.168.3.1 255.255.255.0
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Serial0/0
link-protocol ppp
ip address 10.0.0.6 255.255.255.252
#
interface Serial1/0
clock DTECLK1
link-protocol ppp
ip address 10.0.0.9 255.255.255.252
#
interface Serial1/1
clock DTECLK1
link-protocol ppp
ip address dhcp-alloc
#
interface Tunnel100
ip address 11.11.11.1 255.255.255.252
source 10.0.0.9
destination 10.0.0.10
ipsec policy por1
#
interface NULL0
#
interface LoopBack1
ip address 172.16.3.1 255.255.255.255
#
bgp 200
import-route direct
import-route ospf 1
import-route ospf-ase 1
undo synchronization
group r4 external
peer 10.0.0.10 group r4 as-number 100
group R2 internal
peer 10.0.0.5 group R2
peer 10.0.0.1 group R2
#
ospf 1
import-route direct
area 0.0.0.2
network 192.168.3.0 0.0.0.255
#
area 0.0.0.0
network 10.0.0.4 0.0.0.3
#
FTP server enable
#
ip route-static 192.168.4.0 255.255.255.0 Tunnel 100 preference 60
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
[R3]telnet 10.0.0.10
^
% Unrecognized command found at '^' position.
[R3]q
<R3>
********************************************************************************
* Copyright(c) 1998-2008 Huawei Technologies Co., Ltd. All rights reserved. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
********************************************************************************
<R4>
#
sysname R4
#
cpu-usage cycle 1min
#
router id 4.4.4.4
#
radius scheme system
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
ike peer iker3
pre-shared-key abc
remote-address 11.11.11.1
#
ipsec proposal r3
esp authentication-algorithm sha1
esp encryption-algorithm 3des
#
ipsec policy por3 10 isakmp
security acl 3000
ike-peer iker3
proposal r3
#
acl number 3000 match-order auto
rule 1 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.3.0 0.0.0.255
rule 2 deny ip
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address 192.168.4.1 255.255.255.0
rip version 2 multicast
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Serial0/0
link-protocol ppp
ip address 10.0.0.10 255.255.255.252
rip version 2 multicast
#
interface Tunnel1000
ip address 11.11.11.2 255.255.255.252
source 10.0.0.10
destination 10.0.0.9
ipsec policy por3
#
interface NULL0
#
interface LoopBack1
ip address 172.16.4.1 255.255.255.255
rip version 2 multicast
#
bgp 100
import-route direct
undo synchronization
group R external
peer 10.0.0.9 group R as-number 200
#
rip
undo summary
network 192.168.0.0
network 172.16.0.0
network 10.0.0.0
#
FTP server enable
#
ip route-static 192.168.3.0 255.255.255.0 Tunnel 1000 preference 60
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
<R4>版权说明 : 本文为转载文章, 版权归原作者所有 版权申明
原文链接 : https://blog.csdn.net/weixin_44309905/article/details/120916989
内容来源于网络,如有侵权,请联系作者删除!