HCIE必经之路——大综合实验

Posted 新网工李白

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了HCIE必经之路——大综合实验相关的知识,希望对你有一定的参考价值。

📻实验拓扑

📠实验配置

********************************************************************************
*  Copyright(c) 1998-2008 Huawei Technologies Co., Ltd.  All rights reserved.  *
*  Without the owner's prior written consent,                                  *
*  no decompiling or reverse-engineering shall be allowed.                     *
********************************************************************************

<R1>
#
 sysname R1
#
 cpu-usage cycle 1min
#
 router id 1.1.1.1
#
radius scheme system
#
domain system
#
local-user admin
 password cipher .]@USE=B,53Q=^Q`MAF4<1!!
 service-type telnet terminal
 level 3
 service-type ftp
#
interface Aux0
 async mode flow
#
interface Ethernet0/0
 loopback
 ip address 192.168.1.1 255.255.255.0
#
interface Ethernet0/1
 ip address dhcp-alloc
#
interface Serial0/0
 clock DTECLK1
 link-protocol ppp
 ip address 10.0.0.1 255.255.255.252
#
interface NULL0
#
bgp 200
 undo synchronization
 group as200 internal
 peer 10.0.0.2 group as200
 peer 10.0.0.6 group as200
#
ospf 1
 area 0.0.0.1
  network 10.0.0.0 0.0.0.3
  network 192.168.1.0 0.0.0.255
#
 FTP server enable
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
 authentication-mode scheme
#
return
<R1>





<R2>
#
 sysname R2
#
 l2tp enable
#
 cpu-usage cycle 1min
#
 router id 2.2.2.2
#
radius scheme system
#
domain system
 ip pool 1 100.0.0.11 100.0.0.200
#
local-user admin
 password cipher .]@USE=B,53Q=^Q`MAF4<1!!
 service-type telnet terminal
 level 3
 service-type ftp
local-user h3c
 password simple 123
 level 3
 service-type ppp
#
interface Virtual-Template1
 ppp authentication-mode chap
 ppp chap user h3c
 ip address 100.0.0.1 255.255.255.0
 remote address pool 1
#
interface Aux0
 async mode flow
#
interface Ethernet0/0
 pppoe-server bind Virtual-Template 1
 ip address dhcp-alloc
#
interface Ethernet0/1
 ip address dhcp-alloc
#
interface Serial0/0
 link-protocol ppp
 ip address 10.0.0.2 255.255.255.252
#
interface Serial1/0
 clock DTECLK1
 link-protocol ppp
 ip address 10.0.0.5 255.255.255.252
#
interface Serial1/1
 clock DTECLK1
 link-protocol ppp
 ip address dhcp-alloc
#
interface NULL0
#
bgp 200
 import-route direct
 undo synchronization
 group R1 internal
 peer 10.0.0.1 group R1
 peer 10.0.0.6 group R1
#
ospf 1
 import-route direct
 area 0.0.0.1
  network 10.0.0.0 0.0.0.3
 #
 area 0.0.0.0
  network 10.0.0.4 0.0.0.3
#
 FTP server enable
#
 undo dhcp enable
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
 authentication-mode scheme
#
return
<R2>


********************************************************************************
*  Copyright(c) 1998-2008 Huawei Technologies Co., Ltd.  All rights reserved.  *
*  Without the owner's prior written consent,                                  *
*  no decompiling or reverse-engineering shall be allowed.                     *
********************************************************************************


[R3]
#
 sysname R3
#
 cpu-usage cycle 1min
#
 router id 3.3.3.3
#
radius scheme system
#
domain system
#
local-user admin
 password cipher .]@USE=B,53Q=^Q`MAF4<1!!
 service-type telnet terminal
 level 3
 service-type ftp
#
ike peer ike1
 pre-shared-key abc
 remote-address 11.11.11.2
#
ipsec proposal r1
 esp authentication-algorithm sha1
 esp encryption-algorithm 3des
#                                         
ipsec policy por1 10 isakmp
 security acl 3000
 ike-peer ike1
 proposal r1
#
acl number 3000 match-order auto
 rule 1 permit ip source 192.168.3.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
 rule 2 deny ip
#
interface Aux0
 async mode flow
#
interface Ethernet0/0
 loopback
 ip address 192.168.3.1 255.255.255.0
#
interface Ethernet0/1
 ip address dhcp-alloc
#
interface Serial0/0
 link-protocol ppp
 ip address 10.0.0.6 255.255.255.252
#
interface Serial1/0                       
 clock DTECLK1
 link-protocol ppp
 ip address 10.0.0.9 255.255.255.252
#
interface Serial1/1
 clock DTECLK1
 link-protocol ppp
 ip address dhcp-alloc
#
interface Tunnel100
 ip address 11.11.11.1 255.255.255.252
 source 10.0.0.9
 destination 10.0.0.10
 ipsec policy por1
#
interface NULL0
#
interface LoopBack1
 ip address 172.16.3.1 255.255.255.255
#
bgp 200
 import-route direct
 import-route ospf 1
 import-route ospf-ase 1                  
 undo synchronization
 group r4 external
 peer 10.0.0.10 group r4 as-number 100
 group R2 internal
 peer 10.0.0.5 group R2
 peer 10.0.0.1 group R2
#
ospf 1
 import-route direct
 area 0.0.0.2
  network 192.168.3.0 0.0.0.255
 #
 area 0.0.0.0
  network 10.0.0.4 0.0.0.3
#
 FTP server enable
#
 ip route-static 192.168.4.0 255.255.255.0 Tunnel 100 preference 60
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
 authentication-mode scheme
#                                         
return
[R3]telnet 10.0.0.10
           ^
 % Unrecognized command found at '^' position.
[R3]q
<R3>




********************************************************************************
*  Copyright(c) 1998-2008 Huawei Technologies Co., Ltd.  All rights reserved.  *
*  Without the owner's prior written consent,                                  *
*  no decompiling or reverse-engineering shall be allowed.                     *
********************************************************************************


<R4>
#
 sysname R4
#
 cpu-usage cycle 1min
#
 router id 4.4.4.4
#
radius scheme system
#
domain system
#
local-user admin
 password cipher .]@USE=B,53Q=^Q`MAF4<1!!
 service-type telnet terminal
 level 3
 service-type ftp
#
ike peer iker3
 pre-shared-key abc
 remote-address 11.11.11.1
#
ipsec proposal r3
 esp authentication-algorithm sha1
 esp encryption-algorithm 3des
#                                         
ipsec policy por3 10 isakmp
 security acl 3000
 ike-peer iker3
 proposal r3
#
acl number 3000 match-order auto
 rule 1 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.3.0 0.0.0.255
 rule 2 deny ip
#
interface Aux0
 async mode flow
#
interface Ethernet0/0
 ip address 192.168.4.1 255.255.255.0
 rip version 2 multicast
#
interface Ethernet0/1
 ip address dhcp-alloc
#
interface Serial0/0
 link-protocol ppp
 ip address 10.0.0.10 255.255.255.252
 rip version 2 multicast
#                                         
interface Tunnel1000
 ip address 11.11.11.2 255.255.255.252
 source 10.0.0.10
 destination 10.0.0.9
 ipsec policy por3
#
interface NULL0
#
interface LoopBack1
 ip address 172.16.4.1 255.255.255.255
 rip version 以上是关于HCIE必经之路——大综合实验的主要内容,如果未能解决你的问题,请参考以下文章

HCIE必经之路——VRRP+DHCP+RSTP综合实验

HCIE必经之路——IPSec Over GRE综合实验

HCIE大师之路——QOS综合实验

HCIE大师之路——BGP路由综合实验

HCIE大师之路——QOS综合实验

HCIE大师之路——BGP路由综合实验