一、拓撲及IP配置
二、配置清單
R1#show run
Building configuration...
Current configuration : 1449 bytes
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
no ipv6 cef
!
multilink bundle-name authenticated
!
memory-size iomem 0
archive
log config
hidekeys
!
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
lifetime 5000
crypto isakmp key cisco123 address 192.168.2.2
!
!
crypto ipsec transform-set set1 ah-sha-hmac esp-3des esp-md5-hmac
!
crypto map map1 11 ipsec-isakmp
set peer 192.168.2.2
set transform-set set1
match address 111
!
interface Tunnel0
ip address 192.168.100.1 255.255.255.0
tunnel source 192.168.2.1
tunnel destination 192.168.2.2
crypto map map1
!
interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
duplex full
crypto map map1
!
interface FastEthernet1/0
ip address 192.168.1.1 255.255.255.0
duplex full
!
router rip
network 192.168.1.0
network 192.168.2.0
network 192.168.100.0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
access-list 111 permit gre host 192.168.2.1 host 192.168.2.2
access-list 111 permit ip any any
!
control-plane
!
mgcp fax t38 ecm
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
R1#
-----------------------------------------------------------------
R2#show run
Building configuration...
Current configuration : 1539 bytes
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
memory-size iomem 0
archive
log config
hidekeys
!
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
lifetime 5000
crypto isakmp key cisco123 address 192.168.2.1
!
!
crypto ipsec transform-set set1 ah-sha-hmac esp-3des esp-md5-hmac
!
crypto map map1 11 ipsec-isakmp
set peer 192.168.2.1
set transform-set set1
match address 111
!
interface Tunnel0
ip address 192.168.100.2 255.255.255.0
tunnel source 192.168.2.2
tunnel destination 192.168.2.1
crypto map map1
!
interface FastEthernet0/0
ip address 192.168.2.2 255.255.255.0
duplex full
speed auto
crypto map map1
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.3.1 255.255.255.0
duplex full
!
router rip
network 192.168.2.0
network 192.168.3.0
network 192.168.100.0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
access-list 111 permit gre host 192.168.2.2 host 192.168.2.1
access-list 111 permit ip any any
!
control-plane
mgcp fax t38 ecm
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
R2#
--------------------------------------------------------
R5#show run
Building configuration...
Current configuration : 586 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R5
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
no ip routing
!
!
no ip cef
!
interface FastEthernet0/0
ip address 192.168.1.2 255.255.255.0
no ip route-cache
speed auto
full-duplex
!
ip default-gateway 192.168.1.1
ip http server
no ip http secure-server
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login
!
!
end
R5#
----------------------------------------------------
R6#show run
Building configuration...
Current configuration : 586 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R6
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
no ip routing
!
!
no ip cef
!
interface FastEthernet0/0
ip address 192.168.3.2 255.255.255.0
no ip route-cache
speed auto
full-duplex
!
ip default-gateway 192.168.3.1
ip http server
no ip http secure-server
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login
!
!
end
R6#
-------------------------------------