广域网协议封装与验证实验.docx

资源描述

1、10级计网贺建广域网协议封装与验证实验实验背景：你是公司的网络管理员，两个分公司之间希望可以申请一条广域网专线进行连接。现有思科路由器设备，希望你了解该设备的广域网接口所支持的协议，以拟定选择哪种广域网链路。公司为了满足不断增长的业务需求，申请了专线接入，你的客户端与ISP进行链路协商时要验证身份，配置路由器保证链路建立，并考虑其安全性。实验环节：串行链路均采用PPP封装；路由器之间的链路采用CHAP验证和PAP验证；路由协议均采用动态RIP协议。l任务1：配置路由器接口网关地址，设立串行链路的时钟频率。l任务2：配置动态路由协议。l任务3：验证连通性。l任务4：配置链路之间的安全验证。任

2、务5：测试安全验证的有效性。实验拓扑：IP地址规划：设备名称端口 IP子网掩码网关R0S0/0192.168.3.1255.255.255.252Fa0/0192.168.1.1255.255.255.0R1S0/0192.168.3.2255.255.255.252S0/1192.168.3.5255.255.255.252R2S0/0192.168.3.6255.255.255.252Fa0/0192.168.2.1255.255.255.0PC0192.168.1.2255.255.255.0192.168.1.1PC1192.168.2.2255.255.255.0192.168.2

3、.1实验配置过程：1. 路由器R0、R1、R2基本配置RouterenRouter#conf tEnter configuration commands, one per line. End with CNTL/Z.Router(config)#host R0R0(config)#int f0/0R0(config-if)#ip add 192.168.1.1 255.255.255.0R0(config-if)#no shutR0(config-if)#exitR0(config)#int s0/0R0(config-if)#ip add 192.168.3.1 255.255.255.25

4、2R0(config-if)#clock rate 64000R0(config-if)#no shutR0(config-if)#exitRouterenRouter#conf tEnter configuration commands, one per line. End with CNTL/Z.Router(config)#host R1R1(config)#int s0/0R1(config-if)#ip add 192.168.3.2 255.255.255.252R1(config-if)#no shutR1(config-if)#exitR1(config)#int s0/1R1

5、(config-if)#ip add 192.168.3.5 255.255.255.252R1(config-if)#no shutR1(config-if)#exitRouterenRouter#conf tEnter configuration commands, one per line. End with CNTL/Z.Router(config)#host R2R2(config)#int s0/0R2(config-if)#ip add 192.168.3.6 255.255.255.252R2(config-if)#clock rate 64000R2(config-if)#n

6、o shutR2(config-if)#exitR2(config)#int f0/0R2(config-if)#ip add 192.168.2.1 255.255.255.0R2(config-if)#no shutR2(config-if)#exit2. 配置路由协议RIP2R0enR0#conf tR0(config)#router ripR0(config-router)#ver 2R0(config-router)#net 192.168.1.0 R0(config-router)#net 192.168.3.0R0(config-router)#exitR1(config)#ro

7、uter ripR1(config-router)#ver 2R1(config-router)#net 192.168.3.0R1(config-router)#net 192.168.3.4R1(config-router)#exitR2(config)#router ripR2(config-router)#ver 2R2(config-router)#net 192.168.3.4R2(config-router)#net 192.168.2.0R2(config-router)#exit3. 测试连通性PC0 ping PC1 成功！ok4. 配置链路安全性R0(config)#in

8、t s0/0R0(config-if)#encapsulation pppR0(config-if)#ppp authentication chap R0(config-if)#exitR0(config)#username R1 password ciscoR1(config)#int s0/0R1(config-if)#encapsulation pppR1(config-if)#ppp authentication chap R1(config-if)#exitR1(config)#username R0 password ciscoR1(config)#R1(config)#int s

9、0/1R1(config-if)#encapsulation pppR1(config-if)#ppp auth papR1(config-if)#exitR1(config)#username cisco password 123R2(config)#int s0/0R2(config-if)#encapsulation pppR2(config-if)#ppp pap sent-username cisco password 123R2(config-if)#exit5测试安全验证的有效性PC0 ping PC1 关闭路由器R1中接口s0/0之后R1#debug ppp authentic

10、ation PPP authentication debugging is onR1#conf tEnter configuration commands, one per line. End with CNTL/Z.R1(config)#int s0/0R1(config-if)#shutR1(config-if)#R1(config-if)#no shut%LINK-5-CHANGED: Interface Serial0/0, changed state to upR1(config-if)#Serial0/0 IPCP: O CONFREQ Closed id 1 len 10Seri

11、al0/0 IPCP: I CONFACK Closed id 1 len 10Serial0/0 IPCP: O CONFREQ Closed id 1 len 10%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to upR1(config-if)#exit关闭路由器R1中接口s0/1之后R1#debug ppp authPPP authentication debugging is onR1#conf tEnter configuration commands, one per line.

12、End with CNTL/Z.R1(config)#int s0/1R1(config-if)#shutR1(config-if)#no shutR1(config-if)#%LINK-5-CHANGED: Interface Serial0/1, changed state to upR1(config-if)#Serial0/1 PAP: I AUTH-REQ id 17 len 15Serial0/1 PAP: Authenticating peerSerial0/1 PAP: Phase is FORWARDING, Attempting Forward%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up到此广域网协议封装与验证实验完毕！

展开阅读全文