H3C PPP認證試驗報告(h3c網上學)

原創 chcatvaaa 2019-02-22 14:12

 

 

 

實驗環境:兩臺H3C路由器,使用串行線纜相連;

實驗目的:兩臺路由器之間實現PAP和CHAP認證,熟練掌握認證的配置;

實驗步驟:

  1. 根據實驗拓撲合理的規劃IP,並正確的對相應的接口配置IP地址;
  2. 爲了摸 擬PC,在兩臺路由器上分別啓一個迴環口,並進行IP地址的分配;
  3. 使用RIPV2實現網絡互連;且關閉自動彙總功能;
  4. 在接口上查看默認封裝的協議是HDLC還是PPP,只有PPP才支持認證;
  5. 配置PAP明文認證(單向認證和雙向認證);
  6. 配置CHAP密文認證(單向認證和雙向認證);

詳細操作請見如下截圖及相關文字說明:

R1的基本配置部分

[r1]dis cur
#
 version 5.20, Alpha 1011
#
 sysname r1
#
 password-control login-attempt 3 exceed lock-time 120
#
 undo voice vlan mac-address 00e0-bb00-0000
#
 ipsec cpu-backup enable
#
 undo cryptoengine enable
#
 domain default enable system
#
vlan 1
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
local-user rt2 
 service-type ppp
#
interface Serial0/2/0
 link-protocol hdlc
 ip address 192.168.12.1 255.255.255.0
#
interface Serial0/2/1
 link-protocol ppp
#
interface Serial0/2/2
 link-protocol ppp
#
interface NULL0
#
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255
#
interface Ethernet0/4/0
 port link-mode bridge
#
interface Ethernet0/4/1
 port link-mode bridge
#              
interface Ethernet0/4/2
 port link-mode bridge
#
interface Ethernet0/4/3
 port link-mode bridge
#
interface Ethernet0/4/4
 port link-mode bridge
#
interface Ethernet0/4/5
 port link-mode bridge
#
interface Ethernet0/4/6
 port link-mode bridge
#
interface Ethernet0/4/7
 port link-mode bridge
#
interface GigabitEthernet0/1/0
 port link-mode route
#
rip 1
 undo summary  
 version 2
 network 192.168.12.0
 network 1.0.0.0
#
 load xml-configuration
#
user-interface con 0
user-interface vty 0 4

R2的基本配置部分

r2>
%Mar  7 16:33:02:937 2011 r2 SHELL/4/LOGIN: Console login from con0
<r2>sys
System View: return to User View with Ctrl+Z.
[r2]dis cur
#
 version 5.20, Alpha 1011
#
 sysname r2
#
 password-control login-attempt 3 exceed lock-time 120
#
 undo voice vlan mac-address 00e0-bb00-0000
#
 ipsec cpu-backup enable
#
 undo cryptoengine enable
#
 domain default enable system
#
vlan 1
#
domain system
 authentication ppp local
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#              
local-user rt1 
#              
interface Ethernet0/1/0
 port link-mode route
#              
interface Serial0/2/0
 link-protocol ppp
 ip address 192.168.12.2 255.255.255.0
#              
interface Serial0/2/1
 link-protocol ppp
#              
interface Serial0/2/2
 link-protocol ppp
#              
interface Serial0/2/3
 link-protocol ppp
#              
interface NULL0
#              
interface LoopBack0
 ip address 2.2.2.2 255.255.255.255
#              
interface Ethernet0/4/0
 port link-mode bridge
#              
interface Ethernet0/4/1
 port link-mode bridge
#              
interface Ethernet0/4/2
 port link-mode bridge
#              
interface Ethernet0/4/3
 port link-mode bridge
#              
interface Ethernet0/4/4
 port link-mode bridge
#              
interface Ethernet0/4/5
 port link-mode bridge
#              
interface Ethernet0/4/6
 port link-mode bridge
#              
interface Ethernet0/4/7
 port link-mode bridge
#              
rip 1          
 undo summary  
 version 2     
 network 192.168.12.0
 network 2.0.0.0
#              
 load xml-configuration
#              
user-interface con 0
user-interface vty 0 4
#              
return         

在R1上面可以成功的PING通R2的迴環口的地址

r1]ping -a 1.1.1.1 2.2.2.2
  PING 2.2.2.2: 56  data bytes, press CTRL_C to break
    Request time out
    Reply from 2.2.2.2: bytes=56 Sequence=2 ttl=255 time=30 ms
    Reply from 2.2.2.2: bytes=56 Sequence=3 ttl=255 time=20 ms
    Reply from 2.2.2.2: bytes=56 Sequence=4 ttl=255 time=1 ms
    Reply from 2.2.2.2: bytes=56 Sequence=5 ttl=255 time=10 ms

  --- 2.2.2.2 ping statistics ---
    5 packet(s) transmitted
    4 packet(s) received
    20.00% packet loss
    round-trip min/avg/max = 1/15/30 ms

在R2 上面查看接口默認的封裝協議是PPP

在R2上面可以成功的PING通R2的迴環口的地址

r2]ping -a 2.2.2.2 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=255 time=43 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=255 time=10 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=255 time=10 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=255 time=1 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=255 time=10 ms

  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 1/14/43 ms

現將R2的S0/2/0接口的封裝協議改爲HDLC,發現接口DOWN掉,因此可以說明兩極的封裝必須一致

[r2]int s0/2/0
[r2-Serial0/2/0]link-pro
[r2-Serial0/2/0]link-protocol hdlc
%Mar  7 16:38:02:984 2011 r2 IFNET/4/UPDOWN:
 Line protocol on the interface Serial0/2/0 is DOWN
%Mar  7 16:38:02:984 2011 r2 IFNET/4/UPDOWN:
 Protocol PPP IPCP on the interface Serial0/2/0 is DOWN
[r2-Serial0/2/0]
%Mar  7 16:38:03:875 2011 r2 IFNET/4/UPDOWN:
 Line protocol on the interface Serial0/2/0 is UP

 

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

Linux基本操作命令

wbzjacky 2019-02-24 13:12:38

444句英語

wbzjacky 2019-02-24 13:12:37

真實的模擬***綜合實驗

wbzjacky 2019-02-24 13:12:37

三層交換機的HSRP、vlan、端口聚合

wbzjacky 2019-02-24 13:12:37

HSRP和二層交換機的端口聚合、vlan

wbzjacky 2019-02-24 13:12:37

路遇一個“乞討者“

楊木藝 2019-02-24 14:19:35

如果同事暗中傷害你,應該怎麼辦?

這個饅頭有餡 2019-02-24 13:59:08

職場中,抱怨越多的員工,越被領導瞧不起!

這個饅頭有餡 2019-02-24 13:59:08

老程序員被裁,應屆生卻能月薪 1.3 萬?這你能忍?

前端高達 2019-02-24 13:48:04

遇到到處蹭吃卻從不請客吃飯的主怎麼辦?

樑軍年 2019-02-24 13:26:35

高標準機房綜合配線安裝

wbzjacky 2019-02-24 13:12:38

IPsec ***實驗

wbzjacky 2019-02-24 13:12:37

網絡系統集成

wbzjacky 2019-02-24 13:12:37

CISCO路由AAA的Easy ***

wbzjacky 2019-02-24 13:12:37

CISCO訪問控制列表 企業網絡管理的必殺技

wbzjacky 2019-02-24 13:12:37