» » » Lab 3.7: (1) Cấu hình GRE VPN trên Cisco Router

Lab 3.7: (1) Cấu hình GRE VPN trên Cisco Router

By , Released at 0 View
Share on Facebook Share on Tweet

Mục tiêu thực hành:
- Cấu hình GRE VPN trên Cisco Router HROffice.RT.
- Cấu hình GRE VPN trên Cisco Router Site1.RT.
- Cấu hình GRE VPN trên Cisco Router Site2.RT.
- Cấu hình định tuyến Static Route trên các Cisco Router.

Truy cập vào "Lab 3-7 - Cau hinh GRE VPN tren Cisco Router v1" tại Public Unetlab Server 24/7 để thực hành.

Cấu hình GRE VPN trên Cisco Router HROffice.RT.
HROffice-RT>enable
HROffice-RT#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
HROffice-RT(config)#interface tunnel1
*Feb 23 09:40:30.943: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to down
HROffice-RT(config-if)#ip address 172.16.0.1 255.255.255.252
HROffice-RT(config-if)#tunnel source 203.0.3.2
HROffice-RT(config-if)#tunnel destination 203.0.1.2
*Feb 23 09:41:13.860: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to up
HROffice-RT(config-if)#tunnel mode gre ip
HROffice-RT(config-if)#end
HROffice-RT#

HROffice-RT#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
HROffice-RT(config)#interface tunnel2
*Feb 23 09:42:59.938: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel2, changed state to down
HROffice-RT(config-if)#ip add 172.16.0.5 255.255.255.252 
HROffice-RT(config-if)#tunnel source 203.0.3.2
HROffice-RT(config-if)#tunnel destination 203.0.2.2
*Feb 23 09:43:29.993: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel2, changed state to up
HROffice-RT(config-if)#tunnel mode gre ip
HROffice-RT(config-if)#end
HROffice-RT#

HROffice-RT#show running-config interface tunnel 1
Building configuration...

Current configuration : 119 bytes
!
interface Tunnel1
 ip address 172.16.0.1 255.255.255.252
 tunnel source 203.0.3.2
 tunnel destination 203.0.1.2
end

HROffice-RT#

HROffice-RT#show running-config interface tunnel 2
Building configuration...

Current configuration : 119 bytes
!
interface Tunnel2
 ip address 172.16.0.5 255.255.255.252
 tunnel source 203.0.3.2
 tunnel destination 203.0.2.2
end

HROffice-RT#

Cấu hình GRE VPN trên Cisco Router Site1.RT.
Site1-RT>enable
Site1-RT#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Site1-RT(config)#interface tunnel 1
*Feb 23 09:45:59.178: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to down
Site1-RT(config-if)#ip address 172.16.0.2 255.255.255.252
Site1-RT(config-if)#tunnel source 203.0.1.2
Site1-RT(config-if)#tunnel destination 203.0.3.2
*Feb 23 09:46:26.665: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to up
Site1-RT(config-if)#tunnel mode gre ip
Site1-RT(config-if)#end 
Site1-RT#

Site1-RT#show ip interface brief 
Any interface listed with OK? value "NO" does not have a valid configuration

Interface                  IP-Address      OK? Method Status                Protocol
Ethernet0/0                unassigned      YES unset  up                    up      
Ethernet0/1                203.0.1.2       YES manual up                    up      
Ethernet0/2                unassigned      YES unset  administratively down down    
Ethernet0/3                unassigned      YES unset  administratively down down    
NVI0                       unassigned      NO  unset  up                    up      
Tunnel1                    172.16.0.2      YES manual up                    up      
Site1-RT#

Site1-RT#ping 172.16.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Site1-RT#

Cấu hình GRE VPN trên Cisco Router Site2.RT.
Site2-RT>enable
Site2-RT#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Site2-RT(config)#interface tunnel 2
*Feb 23 09:49:35.721: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel2, changed state to down
Site2-RT(config-if)#ip address 172.16.0.6 255.255.255.252
Site2-RT(config-if)#tunnel source 203.0.2.2
Site2-RT(config-if)#tunnel destination 203.0.3.2
Site2-RT(config-if)#
*Feb 23 09:50:10.508: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel2, changed state to up
Site2-RT(config-if)#tunnel mode gre ip
Site2-RT(config-if)#end
Site2-RT#

Site2-RT#show ip interface brief 
Any interface listed with OK? value "NO" does not have a valid configuration

Interface                  IP-Address      OK? Method Status                Protocol
Ethernet0/0                unassigned      YES unset  up                    up      
Ethernet0/1                203.0.2.2       YES manual up                    up      
Ethernet0/2                unassigned      YES unset  administratively down down    
Ethernet0/3                unassigned      YES unset  administratively down down    
NVI0                       unassigned      NO  unset  up                    up      
Tunnel2                    172.16.0.6      YES manual up                    up      
Site2-RT#

Site2-RT#ping 172.16.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Site2-RT#

Cấu hình định tuyến Static Route trên các Cisco Router.
HROffice-RT#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
HROffice-RT(config)#ip route 172.16.1.0 255.255.255.0 tunnel1
HROffice-RT(config)#ip route 172.16.2.0 255.255.255.0 tunnel2
HROffice-RT(config)#end
HROffice-RT#

Site1-RT#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Site1-RT(config)#ip route 10.0.0.0 255.255.255.0 tunnel1
Site1-RT(config)#end
Site1-RT#

Site2-RT#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Site2-RT(config)#ip route 10.0.0.0 255.255.255.0 tunnel2
Site2-RT(config)#end
Site2-RT#

Site2-RT#show running-config | include ip route
ip route 0.0.0.0 0.0.0.0 203.0.2.1
ip route 10.0.0.0 255.255.255.0 Tunnel2
Site2-RT#

Site2-RT#show ip route static
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is 203.0.2.1 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 203.0.2.1
      10.0.0.0/24 is subnetted, 1 subnets
S        10.0.0.0 is directly connected, Tunnel2
Site2-RT#

Site2-RT#ping 10.0.0.1 source 172.16.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.2.1 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Site2-RT#

Tham khảo các videos lý thuyết Hướng dẫn thực hành CCNA R&S để biết thêm thông tin chi tiết. 

Thực hành thêm các bài Lab cơ bản khác tại hạng mục Học Network CCNA R&S thông qua các bài thực hành.
Tags:
Share on Facebook Share on Tweet

You Might Also Like

0 comments

Subscribe to:Post Comments (Atom)