PAP配置步骤:<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
1、封装PPP协议
2、在主认证方启用PAP认证功能
3、在主认证方添加被认证的用户名和密码
4、配置被认证方发送认证的用户名和密码
CHAP配置步骤:
1、封装PPP协议
2、在主认证方启用CHAP认证功能
3、在主认证方添加被认证方的用户名和密码
4、在被认证方添加主认证方的用户名和密码
bj--->sh chap
bj
Router>
Router>en
Router#cont
Router#conf t
Router(config)#no ip do lo
Router(config)#lin 0
Router(config-line)#exec-t 0 0
Router(config-line)#logg sy
Router(config-line)#ho bj-7206
bj-7206(config)#int s0/0
bj-7206(config-if)#en ppp
bj-7206(config-if)#ip add 192.168.1.2 255.255.255.0
bj-7206(config-if)#no sh
bj-7206(config-if)#ppp authe chap
bj-7206(config-if)#ppp chap ho bj
bj-7206(config-if)#exi
bj-7206(config)#user sh pa 0 123
bj-7206(config)#end
bj-7206#sh int s0/0
Serial0/0 is up, line protocol is down
Hardware is M4T
Internet address is 192.168.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP REQsent, crc 16, loopback not set
bj-7206#sh run int s0/0
Building configuration...
Current configuration : 155 bytes
!
interface Serial0/0
ip address 192.168.1.2 255.255.255.0
encapsulation ppp
serial restart-delay 0
ppp authentication chap
ppp chap hostname bj
end
------------------------
SH
Router>en
Router#conf t
Router(config)#no ip do lo
Router(config)#lin 0
Router(config-line)#exec-t 0 0
Router(config-line)#logg sy
Router(config-line)#ho sh-2691
sh-2691(config)#int s0/0
sh-2691(config-if)#en ppp
sh-2691(config-if)#ip add 192.168.1.1 255.255.255.0
sh-2691(config-if)#no sh
sh-2691(config-if)#ppp chap ho sh
sh-2691(config-if)#exi
sh-2691(config)#user bj pa 0 123
sh-2691(config)#end
sh-2691#sh int s0/0
Serial0/0 is up, line protocol is up
Hardware is M4T
Internet address is 192.168.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
--------------------
bj
bj-7206#sh int s0/0
Serial0/0 is up, line protocol is up
Hardware is M4T
Internet address is 192.168.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
========================================================================
bj--->sh pap
bj
bj-7206#conf t
bj-7206(config)#int s0/1
bj-7206(config-if)#en ppp
bj-7206(config-if)#ip add 192.168.2.2 255.255.255.0
bj-7206(config-if)#no sh
bj-7206(config-if)#ppp authe pap
bj-7206(config-if)#exi
bj-7206(config)#user sz pa 0 123
bj-7206(config)#end
bj-7206#sh int s0/1
Serial0/1 is up, line protocol is down
Hardware is M4T
Internet address is 192.168.2.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Listen, crc 16, loopback not set
bj-7206#sh run int s0/1
Building configuration...
Current configuration : 132 bytes
!
interface Serial0/1
ip address 192.168.2.2 255.255.255.0
encapsulation ppp
serial restart-delay 0
ppp authentication pap
end
-----------------------
sz
Router>en
Router#conf t
Router(config)#int s0/1
Router(config-if)#en ppp
Router(config-if)#ip add 192.168.2.1 255.255.255.0
Router(config-if)#no sh
Router(config-if)#ho sz-2691
sz-2691(config-if)#exi
sz-2691(config-if)#ppp pap se sz pa 0 123
sz-2691(config-if)#end
sz-2691#sh int s0/1
Serial0/1 is up, line protocol is up
Hardware is M4T
Internet address is 192.168.2.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
sz-2691#sh run int s0/1
Building configuration...
Current configuration : 149 bytes
!
interface Serial0/1
ip address 192.168.2.1 255.255.255.0
encapsulation ppp
serial restart-delay 0
ppp pap sent-username sz password 0 123
end
=============================================================================
帐户信息
bj
bj-7206#sh run | in user
username sh password 0 123
username sz password 0 123
--------------------------------
sh
sh-2691#sh run | in user
username bj password 0 123
----------------------------------
sz
sz-2691#sh run | in user
ppp pap sent-username sz password 0 123
=========================================================
sh 和 sz 互通可以sh bj sz 上启用rip协议
router rip
net <?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" />0.0.0.0
ver 2
no auto-summary
sh-2691#ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
===========================================================
在SH BJ SZ上配置IP,连通测试:
相邻路由器端口在同网段,不配置路由协议,能通
sh-2691#sh int s0/0
Serial0/0 is up, line protocol is up
Hardware is M4T
Internet address is 192.168.1.1/24
Router#sh int s0/0
Serial0/0 is up, line protocol is up
Hardware is M4T
Internet address is 192.168.1.2/24
Router#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
相邻路由器端口在不同网段,不配置路由协议,不通
sh-2691#sh int s0/0
Serial0/0 is up, line protocol is up
Hardware is M4T
Internet address is 192.168.1.1/24
bj-7206#sh int s0/0
Serial0/0 is up, line protocol is up
Hardware is M4T
Internet address is 172.16.0.238/16
bj-7206#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.....
相邻路由器端口在不同网段,配置PPP后能互通
sh-2691#sh int s0/0
Serial0/0 is up, line protocol is up
Hardware is M4T
Internet address is 192.168.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
bj-7206#sh int s0/0
*Mar 1 00:17:17.703: %SYS-5-CONFIG_I: Configured from
Serial0/0 is up, line protocol is up
Hardware is M4T
Internet address is 172.168.0.238/16
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
sh-2691#ping 172.168.0.238
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.168.0.238, timeout is 2 seconds:
!!!!!
sh和bj路由表条目:
sh-2691#sh ip ro
172.168.0.0/32 is subnetted, 1 subnets
C 172.168.0.238 is directly connected, Serial0/0
C 192.168.1.0/24 is directly connected, Serial0/0
bj-7206#sh ip ro
C 172.168.0.0/16 is directly connected, Serial0/0
192.168.1.0/32 is subnetted, 1 subnets
C 192.168.1.1 is directly connected, Serial0/0
相邻路由器端口在不同网段,配置rip后,不能互通
转载于:https://blog.51cto.com/rong94wo/189478