HomePageFavorites Lang
Enable Auxiliary Access Wide screen
Search
Hot search: dump exam
My Center
Global IT Certification»BBSDUMP CISCO Certification CCNP Learning materials GNS3 simulation of DMVPN two-stage single cloud dual ...
Return to list New
View: 819|Reply: 0

GNS3 simulation of DMVPN two-stage single cloud dual Center

[Copy link]
豆豆豆

0

Threads

0

Posts

0

Credits

Guest

Credits
0
Post time 29-10-2014 16:53:56 | Show all posts |Read mode
1、 Configuration:
HUB1:crypto isakmp policy 110
authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
crypto ipsec transform-set tfs esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile mypro
set transform-set tfs
!
interface Tunnel0
ip address 172.16.1.100 255.255.255.0
no ip redirects
ip nhrp map multicast dynamic
ip nhrp network-id 10
ip nhrp cache non-authoritative
ip ospf network broadcast
ip ospf cost 100
tunnel source 202.100.1.100
tunnel mode gre multipoint
tunnel protection ipsec profile mypro
!
interface FastEthernet0/0
ip address 202.100.1.100 255.255.255.0
!
interface FastEthernet0/1
ip address 192.168.100.100 255.255.255.0



router ospf 110
router-id 2.2.2.2
log-adjacency-changes
network 172.16.1.0 0.0.0.255 area 0
network 192.168.100.0 0.0.0.255 area 0

HUB2:
crypto isakmp policy 110
authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set tfs esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile mypro
set transform-set tfs
!
interface Tunnel0
ip address 172.16.1.101 255.255.255.0
no ip redirects
ip nhrp map multicast dynamic
ip nhrp network-id 10
ip nhrp cache non-authoritative
ip ospf network broadcast
ip ospf cost 105
tunnel source 202.100.1.101
tunnel mode gre multipoint
tunnel protection ipsec profile mypro
!
interface FastEthernet0/0
ip address 202.100.1.101 255.255.255.0
duplex full
!
interface FastEthernet1/0
ip address 192.168.100.101 255.255.255.0
duplex full
!
router ospf 110
router-id 3.3.3.3
log-adjacency-changes
network 172.16.1.0 0.0.0.255 area 0
network 192.168.100.0 0.0.0.255 area 0

SPOKE1:
crypto isakmp policy 110
authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set tfs esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile mypro
set transform-set tfs
!
interface Loopback0
ip address 192.168.1.1 255.255.255.0
!
interface Tunnel0
ip address 172.16.1.1 255.255.255.0
no ip redirects
ip nhrp map 172.16.1.100 202.100.1.100
ip nhrp map 172.16.1.101 202.100.1.101
ip nhrp map multicast 202.100.1.100
ip nhrp map multicast 202.100.1.101
ip nhrp network-id 10
ip nhrp nhs 172.16.1.100
ip nhrp nhs 172.16.1.101
ip nhrp cache non-authoritative
ip ospf network broadcast
ip ospf priority 0
tunnel source 202.100.1.1
tunnel mode gre multipoint
tunnel protection ipsec profile mypro
!
interface FastEthernet0/0
ip address 202.100.1.1 255.255.255.0
duplex full
!
router ospf 110
router-id 4.4.4.4
log-adjacency-changes
network 172.16.1.0 0.0.0.255 area 0
network 192.168.1.0 0.0.0.255 area 0

SPOKE2:
crypto isakmp policy 110
authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!crypto ipsec transform-set tfs esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile mypro
set transform-set tfs
!
interface Loopback0
ip address 192.168.2.1 255.255.255.0
!
interface Tunnel0
ip address 172.16.1.2 255.255.255.0
no ip redirects
ip nhrp map 172.16.1.100 202.100.1.100
ip nhrp map 172.16.1.101 202.100.1.101
ip nhrp map multicast 202.100.1.100
ip nhrp map multicast 202.100.1.101
ip nhrp network-id 10
ip nhrp nhs 172.16.1.100
ip nhrp nhs 172.16.1.101
ip nhrp cache non-authoritative
ip ospf network broadcast
ip ospf priority 0
tunnel source 202.100.1.2
tunnel mode gre multipoint
tunnel protection ipsec profile mypro
!
interface FastEthernet0/0
ip address 202.100.1.2 255.255.255.0
duplex full
!
router ospf 110
router-id 5.5.5.5
log-adjacency-changes
network 172.16.1.0 0.0.0.255 area 0
network 192.168.2.0 0.0.0.255 area 0


SERVER:
interface FastEthernet1/0
ip address 192.168.100.1 255.255.255.0
duplex full
!
router ospf 110
router-id 1.1.1.1
log-adjacency-changes
network 192.168.100.0 0.0.0.255 area 0

2、 Validation:

SPOKE1#traceroute 192.168.100.1 source 192.168.1.1

Type escape sequence to abort.
Tracing the route to 192.168.100.1

  1 172.16.1.101 200 msec 132 msec 180 msec
  2 192.168.100.1 144 msec *  172 msec



SPOKE1#show ip route ospf
     192.168.2.0/32 is subnetted, 1 subnets
O       192.168.2.1 [110/11112] via 172.16.1.2, 00:13:27, Tunnel0
O    192.168.100.0/24 [110/11112] via 172.16.1.101, 00:13:27, Tunnel0


SPOKE1#show ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   2WAY/DROTHER    00:00:38    172.16.1.100    Tunnel0
3.3.3.3           1   FULL/DR         00:00:33    172.16.1.101    Tunnel0


HUB1#show ip nhrp
172.16.1.1/32 via 172.16.1.1, Tunnel0 created 00:15:14, expire 01:48:59
  Type: dynamic, Flags: unique nat registered used
  NBMA address: 202.100.1.1
172.16.1.2/32 via 172.16.1.2, Tunnel0 created 00:15:09, expire 01:49:05
  Type: dynamic, Flags: unique nat registered used
  NBMA address: 202.100.1.2

SPOKE1#show ip nhrp
172.16.1.100/32 via 172.16.1.100, Tunnel0 created 00:16:02, never expire
  Type: static, Flags: nat used
  NBMA address: 202.100.1.100
172.16.1.101/32 via 172.16.1.101, Tunnel0 created 00:16:02, never expire
  Type: static, Flags: nat used
  NBMA address: 202.100.1.101

That‘s the end. Let‘s start the discussion together!!!!
1.png


Reply

Use magic Report

Return to list New
Advanced Mode
B Color Image Link Quote Code Smilies
You have to log in before you can reply Login | Register Now

Points Rules

Archiver|Mobile version|Block users| BBSDUMP

2-5-2024 10:15 GMT+8 , Processed in 0.458715 second(s), 23 queries .

Quick Reply Contact us with Skype Contact us with Whastsapp Contact us with Telegram To Top Return to the list