设为首页收藏本站language→→ 语言切换
开启辅助访问 切换到宽版

鸿鹄论坛

 找回密码
 论坛注册

QQ登录

先注册再绑定QQ

鸿鹄论坛»鸿鹄论坛 ≡□≡思科认证≡□≡ CCNP学习资料 GNS3模拟DMVPN 二阶段 单云双center
返回列表 发新帖
查看: 1987|回复: 6
收起左侧

[原创] GNS3模拟DMVPN 二阶段 单云双center

[复制链接]
豆豆豆
发表于 2014-10-29 19:52:46 | 显示全部楼层 |阅读模式
一、配置 :
HUB1:crypto isakmp policy 110
authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
crypto ipsec transform-set tfs esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile mypro
set transform-set tfs
!
interface Tunnel0
ip address 172.16.1.100 255.255.255.0
no ip redirects
ip nhrp map multicast dynamic
ip nhrp network-id 10
ip nhrp cache non-authoritative
ip ospf network broadcast
ip ospf cost 100
tunnel source 202.100.1.100
tunnel mode gre multipoint
tunnel protection ipsec profile mypro
!
interface FastEthernet0/0
ip address 202.100.1.100 255.255.255.0
!
interface FastEthernet0/1
ip address 192.168.100.100 255.255.255.0



router ospf 110
router-id 2.2.2.2
log-adjacency-changes
network 172.16.1.0 0.0.0.255 area 0
network 192.168.100.0 0.0.0.255 area 0

HUB2:
crypto isakmp policy 110
authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set tfs esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile mypro
set transform-set tfs
!
interface Tunnel0
ip address 172.16.1.101 255.255.255.0
no ip redirects
ip nhrp map multicast dynamic
ip nhrp network-id 10
ip nhrp cache non-authoritative
ip ospf network broadcast
ip ospf cost 105
tunnel source 202.100.1.101
tunnel mode gre multipoint
tunnel protection ipsec profile mypro
!
interface FastEthernet0/0
ip address 202.100.1.101 255.255.255.0
duplex full
!
interface FastEthernet1/0
ip address 192.168.100.101 255.255.255.0
duplex full
!
router ospf 110
router-id 3.3.3.3
log-adjacency-changes
network 172.16.1.0 0.0.0.255 area 0
network 192.168.100.0 0.0.0.255 area 0

SPOKE1:
crypto isakmp policy 110
authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set tfs esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile mypro
set transform-set tfs
!
interface Loopback0
ip address 192.168.1.1 255.255.255.0
!
interface Tunnel0
ip address 172.16.1.1 255.255.255.0
no ip redirects
ip nhrp map 172.16.1.100 202.100.1.100
ip nhrp map 172.16.1.101 202.100.1.101
ip nhrp map multicast 202.100.1.100
ip nhrp map multicast 202.100.1.101
ip nhrp network-id 10
ip nhrp nhs 172.16.1.100
ip nhrp nhs 172.16.1.101
ip nhrp cache non-authoritative
ip ospf network broadcast
ip ospf priority 0
tunnel source 202.100.1.1
tunnel mode gre multipoint
tunnel protection ipsec profile mypro
!
interface FastEthernet0/0
ip address 202.100.1.1 255.255.255.0
duplex full
!
router ospf 110
router-id 4.4.4.4
log-adjacency-changes
network 172.16.1.0 0.0.0.255 area 0
network 192.168.1.0 0.0.0.255 area 0

SPOKE2:
crypto isakmp policy 110
authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!crypto ipsec transform-set tfs esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile mypro
set transform-set tfs
!
interface Loopback0
ip address 192.168.2.1 255.255.255.0
!
interface Tunnel0
ip address 172.16.1.2 255.255.255.0
no ip redirects
ip nhrp map 172.16.1.100 202.100.1.100
ip nhrp map 172.16.1.101 202.100.1.101
ip nhrp map multicast 202.100.1.100
ip nhrp map multicast 202.100.1.101
ip nhrp network-id 10
ip nhrp nhs 172.16.1.100
ip nhrp nhs 172.16.1.101
ip nhrp cache non-authoritative
ip ospf network broadcast
ip ospf priority 0
tunnel source 202.100.1.2
tunnel mode gre multipoint
tunnel protection ipsec profile mypro
!
interface FastEthernet0/0
ip address 202.100.1.2 255.255.255.0
duplex full
!
router ospf 110
router-id 5.5.5.5
log-adjacency-changes
network 172.16.1.0 0.0.0.255 area 0
network 192.168.2.0 0.0.0.255 area 0


SERVER:
interface FastEthernet1/0
ip address 192.168.100.1 255.255.255.0
duplex full
!
router ospf 110
router-id 1.1.1.1
log-adjacency-changes
network 192.168.100.0 0.0.0.255 area 0

二、验证 :

SPOKE1#traceroute 192.168.100.1 source 192.168.1.1

Type escape sequence to abort.
Tracing the route to 192.168.100.1

  1 172.16.1.101 200 msec 132 msec 180 msec
  2 192.168.100.1 144 msec *  172 msec



SPOKE1#show ip route ospf
     192.168.2.0/32 is subnetted, 1 subnets
O       192.168.2.1 [110/11112] via 172.16.1.2, 00:13:27, Tunnel0
O    192.168.100.0/24 [110/11112] via 172.16.1.101, 00:13:27, Tunnel0


SPOKE1#show ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   2WAY/DROTHER    00:00:38    172.16.1.100    Tunnel0
3.3.3.3           1   FULL/DR         00:00:33    172.16.1.101    Tunnel0


HUB1#show ip nhrp
172.16.1.1/32 via 172.16.1.1, Tunnel0 created 00:15:14, expire 01:48:59
  Type: dynamic, Flags: unique nat registered used
  NBMA address: 202.100.1.1
172.16.1.2/32 via 172.16.1.2, Tunnel0 created 00:15:09, expire 01:49:05
  Type: dynamic, Flags: unique nat registered used
  NBMA address: 202.100.1.2

SPOKE1#show ip nhrp
172.16.1.100/32 via 172.16.1.100, Tunnel0 created 00:16:02, never expire
  Type: static, Flags: nat used
  NBMA address: 202.100.1.100
172.16.1.101/32 via 172.16.1.101, Tunnel0 created 00:16:02, never expire
  Type: static, Flags: nat used
  NBMA address: 202.100.1.101

到此结束,大家一起开始讨论吧!!!!
center, interface, transport, network, address
DMVPN第二阶段单云双中心.png

相关帖子
回复

使用道具 举报

曹晖001
发表于 2014-12-2 15:34:54 | 显示全部楼层
太棒了,感谢楼主
沙发 2014-12-2 15:34:54 回复 收起回复
回复 支持 反对

使用道具 举报

relax_lml
发表于 2016-3-17 14:11:13 | 显示全部楼层
谢谢共享资料
地板 2016-3-17 14:11:13 回复 收起回复
回复 支持 反对

使用道具 举报

cciesp
发表于 2021-1-22 10:17:35 | 显示全部楼层
感谢提供的好资料
5# 2021-1-22 10:17:35 回复 收起回复
回复 支持 反对

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 论坛注册

本版积分规则

QQ|Archiver|手机版|小黑屋|sitemap|鸿鹄论坛 ( 京ICP备14027439号 )  

GMT+8, 2024-5-17 18:31 , Processed in 0.070642 second(s), 14 queries , Redis On.  

  Powered by Discuz!

  © 2001-2024 HH010.COM

快速回复 返回顶部 返回列表