S2(config-if)#ip add 192.168.14.2 255.255.255.0 S2(config-if)#no sh
5.2、单区域ospf配置
R2
R2(config)#router ospf 100
R2(config-router)#network 192.168.13.0 0.0.0.255 area 0 R2(config-router)#network 192.168.14.0 0.0.0.255 area 0
S1
S1(config)#router ospf 100
S1(config-router)#network 192.168.10.0 0.0.0.255 area 0 S1(config-router)#network 192.168.13.0 0.0.0.255 area 0 S1(config-router)#network 192.168.1.0 0.0.0.255 area 0 S2(config)#router ospf 100
S2(config-router)#network 192.168.20.0 0.0.0.255 area 0 S2(config-router)#network 192.168.14.0 0.0.0.255 area 0
5.3、网关冗余及md5认证
S1
S1(config)# int vlan 10
S1(config-if)# ip add 192.168.10.254 255.255.255.0 S1(config-if)#standby 1 priority 200 S1(config-if)# standby 1 preempt
S1(config-if)#standby 1 ip 192.168.10.1
S1(config)# standby 1 authensication md5 key-string cisco S1(config)#standby 2 priority 150
S1(config)# standby 2 ip 192.168.10.253
S1(config)#standby 2 authensication md5 key-string cisco S1(config)#S1(config)# int vlan 20
S1(config-if)# ip add 192.168.20.254 255.255.255.0 S1(config-if)# standby 1 priority 200 S1(config-if)#standby 1 preempt
S1(config-if)# standby 1 ip 192.168.20.1
S1(config)# standby 1 authensication md5 key-string cisco
9
武汉软件工程职业学院
S1(config)# standby 2 priority 150
S1(config)# standby 2 ip 192.168.20.253
S1(config)# standby 2 authensication md5 key-string cisco
S2
S2(config)# int vlan 10
S2(config-if)# ip add 192.168.10.253 255.255.255.0 S2(config-if)# standby 1 priority 150
S2(config-if)#standby 1 ip 192.168.10.253
S2(config)# standby 1 authensication md5 key-string cisco S2(config)# standby 2 priority 200 S2(config)# standby 2 preempt
S2(config)# standby 2 ip 192.168.10.1
S2(config)# standby 2 authensication md5 key-string cisco S2(config)# int vlan 20
S2(config-if)# ip add 192.168.20.253 255.255.255.0 S2(config-if)# standby 1 priority 200 S2(config-if)# standby 1 preempt
S2(config-if)# standby 1 ip 192.168.20.253
S2(config)# standby 1 authensication md5 key-string cisco S2(config)# standby 2 priority 150 S2(config)# standby 2 ip 192.168.20.1
S2(config)# standby 2 authensication md5 key-string cisco
5.4、VPN的配置
R1
R1(config)#ip route 0.0.0.0 0.0.0.0 200.0.30.2 R1(config)#crypto isakmp policy 1 R1(config-isakmp)#encryption 3des R1(config-isakmp)#hash sha
R1(config-isakmp)#authentication pre-share R1(config-isakmp)#group 2
10
武汉软件工程职业学院
R1(config-isakmp)#lifetime 10000 R1(config-isakmp)#exit
R1(config)#crypto isakmp key 0 benet address 200.0.20.1
R1(config)#crypto ipsec transform-set benet-set esp-des ah-sha-hmac R1(config)#crypto ipsec security-association lifetime seconds 1800 R1(config)#crypto map mymap 1 ipsec-isakmp R1(config-crypto-map)#set peer 200.0.20.1
R1(config-crypto-map)#set transform-set benet-set R1(config-crypto-map)#match address 100 R1(config)#int s0/1
R1(config-if)#crypto map mymap
R2
R2(config)#ip route 0.0.0.0 0.0.0.0 200.0.20.2 R2(config)#crypto isakmp policy 1 R2(config-isakmp)#encryption 3des R2(config-isakmp)#hash sha
R2(config-isakmp)#authentication pre-share R2(config-isakmp)#group 2 R2(config-isakmp)#lifetime 10000 R2(config-isakmp)#exit
R2(config)#crypto isakmp key 0 benet address 200.0.30.1
11
武汉软件工程职业学院
R2(config)#crypto ipsec transform-set benet-set esp-des ah-sha-hmac R2(config)#crypto ipsec security-association lifetime seconds 1800 R2(config)#crypto map mymap 1 ipsec-isakmp R2(config-crypto-map)#set peer 200.0.30.1
R2(config-crypto-map)#set transform-set benet-set R2(config-crypto-map)#match address 100 R2(config-crypto-map)#exit R2(config)#int s0/1
R2(config-if)#crypto map mymap
5.5链路聚合
S1
S1(config)#int port-channel 1 S1(config)#int f0/2
S1(config)#channel-group 1 mode on S1(config)#int f0/8
S1(config)#channel-group 1 mode on
S2
S2(config)#int port-channel 1 S2(config)#int f0/2
S2(config)#channel-group 1 mode on S2(config)#int f0/8
12
武汉软件工程职业学院
相关推荐:
loading