如图所示:
首先为网段进行划分如下:
192.168.1.0/24
192.168.1.0/27
192.168.1.32/27` R1 192.168.1.32/28 192.168.1.48/28
192.168.1.64/27 R2 192.168.1.64/28 192.168.1.80/28
192.168.1.96/27 R3
192.168.1.128/27 R4 192.168.1.128/26 192.168.1.144/26
192.168.1.160/27 R5
192.168.1.192/27
192.168.1.224/27
一、启动并为所有路由配置ip
system-view
int g0/0/0
ip add 192.168.1.1 30
...
为R3开启dhcp服务
[r3]ip pool a
Info: It's successful to create an IP address pool.
[r3-ip-pool-a]network 192.168.1.96 mask 27
[r3-ip-pool-a]gateway-list 192.168.1.97
[r3-ip-pool-a]dns-list 114.114.114.114 8.8.8.8
进入0/0/2口
[r3-GigabitEthernet0/0/2]dhcp select global
二、配置换回
int loopback0
ip add 192.168.1.33 28
三、缺省路由
R1同时指向R2以及R3,R2指向R4,R3指向R4,R4指向R5,R5指向R6
ip route-static 0.0.0.0 0 192.168.1.2
ip route-static 0.0.0.0 0 192.168.1.6
...
再配置每台路由器上用缺省到不了的路由
四、内网可以访问外网
[r5]acl 2000
[r5-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r5]int g 0/0/2
[r5-GigabitEthernet0/0/2]nat outbound 2000
五、避免出环
在配置了环回的路由器加上空接口
六、配置telnet
[r1]aaa
[r1-aaa]local-user byx privilege level 15 password cipher 123123
[r1]user-interface vty 0
[r1-ui-vty0]authentication-mode aaa
配置映射
r5-GigabitEthernet0/0/2]nat server protocol tcp global current-interface 23 inside 192.168.1.1 23
Warning:The port 23 is well-known port. If you continue it may cause function failure.
Are you sure to continue?[Y/N]:y
