Project name: ccna-vpn-gre-0003-gre-over-ipsec-1-n
Project name:
ccna-vpn-dmvpn-0001-mgre+nhrp
configure terminal ! interface GigabitEthernet 0/1 no ip address pppoe enable group global pppoe-client dial-pool-number 10 exit ! interface GigabitEthernet 0/0 ip tcp adjust-mss 1356 exit ! interface Loopback 1 ip address 100.0.0.1 255.255.255.255 exit ! interface Dialer 1 ip unnumbered Loopback 1 ip mtu 1454 encapsulation ppp dialer pool 10 dialer-group 20 ppp authentication chap callin ppp chap hostname ccie@example.com ppp chap password cc13 no shutdown exit ! ip route 0.0.0.0 0.0.0.0 Dialer 1 ! dialer-list 20 protocol ip permit ! end
configure terminal ! interface GigabitEthernet 0/1 no ip address pppoe enable group global pppoe-client dial-pool-number 10 exit ! interface GigabitEthernet 0/0 ip tcp adjust-mss 1356 exit ! interface Loopback 1 ip address 200.0.0.2 255.255.255.255 exit ! interface Dialer 1 ip unnumbered Loopback 1 ip mtu 1454 encapsulation ppp dialer pool 10 dialer-group 20 ppp authentication chap callin ppp chap hostname ccie@example.com ppp chap password cc13 no shutdown exit ! ip route 0.0.0.0 0.0.0.0 Dialer 1 ! dialer-list 20 protocol ip permit ! end
configure terminal ! interface GigabitEthernet 0/1 no ip address pppoe enable group global pppoe-client dial-pool-number 10 exit ! interface GigabitEthernet 0/0 ip tcp adjust-mss 1356 exit ! interface Loopback 1 ip address 106.0.0.6 255.255.255.255 exit ! interface Dialer 1 ip unnumbered Loopback 1 ip mtu 1454 encapsulation ppp dialer pool 10 dialer-group 20 ppp authentication chap callin ppp chap hostname ccie@isp3.pg1x.net ppp chap password cc13 no shutdown exit ! ip route 0.0.0.0 0.0.0.0 Dialer 1 ! dialer-list 20 protocol ip permit ! end
configure terminal ! interface tunnel0 ip address 172.16.0.1 255.255.255.0 tunnel source 100.0.0.1 tunnel mode gre multipoint ! ip nhrp network-id 100 ip nhrp map multicast dyanmic ! ip ospf network broadcast exit ! router ospf 1 network 172.16.0.1 0.0.0.0 area 0 network 10.100.0.1 0.0.0.0 area 0 exit ! end
configure terminal ! interface tunnel0 ip address 172.16.0.2 255.255.255.0 tunnel source 200.0.0.2 tunnel mode gre multipoint ! ip nhrp network-id 100 ip nhrp nhs 172.16.0.1 ip nhrp map 172.16.0.1 100.0.0.1 ip nhrp map multicast 100.0.0.1 ! ip ospf network broadcast ip ospf priority 0 exit ! router ospf 1 network 172.16.0.2 0.0.0.0 area 0 network 10.200.0.2 0.0.0.0 area 0 exit ! end
configure terminal ! interface tunnel0 ip address 172.16.0.6 255.255.255.0 tunnel source 106.0.0.6 tunnel mode gre multipoint ! ip nhrp network-id 100 ip nhrp nhs 172.16.0.1 ip nhrp map 172.16.0.1 100.0.0.1 ip nhrp map multicast 100.0.0.1 ! ip ospf network broadcast ip ospf priority 0 exit ! router ospf 1 network 172.16.0.6 0.0.0.0 area 0 network 10.6.0.6 0.0.0.0 area 0 exit ! end
Project name: ccna-vpn-gre-0003-gre-over-ipsec-1-n
Project name:
ccna-vpn-dmvpn-0001-mgre+nhrp
configure terminal ! interface GigabitEthernet 0/1 no ip address pppoe enable group global pppoe-client dial-pool-number 10 exit ! interface GigabitEthernet 0/0 ip tcp adjust-mss 1356 exit ! interface Loopback 1 ip address 100.0.0.1 255.255.255.255 exit ! interface Dialer 1 ip unnumbered Loopback 1 ip mtu 1454 encapsulation ppp dialer pool 10 dialer-group 20 ppp authentication chap callin ppp chap hostname ccie@example.com ppp chap password cc13 no shutdown exit ! ip route 0.0.0.0 0.0.0.0 Dialer 1 ! dialer-list 20 protocol ip permit ! end
configure terminal ! interface GigabitEthernet 0/1 no ip address pppoe enable group global pppoe-client dial-pool-number 10 exit ! interface GigabitEthernet 0/0 ip tcp adjust-mss 1356 exit ! interface Loopback 1 ip address 200.0.0.2 255.255.255.255 exit ! interface Dialer 1 ip unnumbered Loopback 1 ip mtu 1454 encapsulation ppp dialer pool 10 dialer-group 20 ppp authentication chap callin ppp chap hostname ccie@example.com ppp chap password cc13 no shutdown exit ! ip route 0.0.0.0 0.0.0.0 Dialer 1 ! dialer-list 20 protocol ip permit ! end
configure terminal ! interface GigabitEthernet 0/1 no ip address pppoe enable group global pppoe-client dial-pool-number 10 exit ! interface GigabitEthernet 0/0 ip tcp adjust-mss 1356 exit ! interface Loopback 1 ip address 106.0.0.6 255.255.255.255 exit ! interface Dialer 1 ip unnumbered Loopback 1 ip mtu 1454 encapsulation ppp dialer pool 10 dialer-group 20 ppp authentication chap callin ppp chap hostname ccie@isp3.pg1x.net ppp chap password cc13 no shutdown exit ! ip route 0.0.0.0 0.0.0.0 Dialer 1 ! dialer-list 20 protocol ip permit ! end
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#cry R1(config)#crypto isakm R1(config)#crypto isakmp po R1(config)#crypto isakmp policy 1 R1(config-isakmp)#er R1(config-isakmp)#enc R1(config-isakmp)#encryption 3de R1(config-isakmp)#encryption 3des *Apr 30 05:20:01.738: %PLATFORM-5-SIGNATURE_VERIFIED: Image 'flash0:/vios-adventerprisek9-m' passed code signing verification R1(config-isakmp)#encryption 3des R1(config-isakmp)#ha R1(config-isakmp)#hash md R1(config-isakmp)#hash md5 R1(config-isakmp)#auth R1(config-isakmp)#authentication pre R1(config-isakmp)#authentication pre-share R1(config-isakmp)#gr R1(config-isakmp)#group 2 R1(config-isakmp)#cr R1(config-isakmp)#cry R1(config-isakmp)#cryp R1(config-isakmp)#exit R1(config)#cry R1(config)#crypto isak R1(config)#crypto isakmp ke R1(config)#crypto isakmp kecis R1(config)#crypto isakmp key R1(config)#crypto isakmp key cis R1(config)#crypto isakmp key cisco address 0.0.0.0 R1(config)#cry R1(config)#crypto isakm R1(config)#crypto isakmp kee R1(config)#crypto isakmp keepalive 30 R1(config)#cry R1(config)#crypto ipse R1(config)#crypto ipsec trans R1(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp R1(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md R1(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md5-hmac R1(cfg-crypto-trans)#mod R1(cfg-crypto-trans)#mode trans R1(cfg-crypto-trans)#mode transport R1(cfg-crypto-trans)#exit R1(config)#cry R1(config)#crypto ip R1(config)#crypto ipsec pro R1(config)#crypto ipsec profile PRO-DMVPN1 R1(ipsec-profile)#set tra R1(ipsec-profile)#set transform-set TS-IPSEC1 R1(ipsec-profile)#exit R1(config)#int tun0 R1(config-if)# *Apr 30 05:21:41.298: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down R1(config-if)#exit R1(config)#interface GigabitEthernet 0/1 R1(config-if)#no ip address R1(config-if)#pppoe enable group global R1(config-if)#pppoe-client dial-pool-number 10 R1(config-if)#exit R1(config)#! R1(config)#interface GigabitEthernet 0/0 R1(config-if)#ip tcp adjust-mss 1356 R1(config-if)#exit R1(config)#! R1(config)#interface Loopback 1 R1(config-if)#ip address 100.0.0.1 255.255.255.255 R1(config-if)#exit R1(config)# *Apr 30 05:22:19.367: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up! R1(config)#interface Dialer 1 R1(config-if)#ip unnumbered Loopback 1 R1(config-if)#ip mtu 1454 R1(config-if)#encapsulation ppp R1(config-if)#dialer pool 10 R1(config-if)#dialer-group 20 R1(config-if)#ppp authentication chap callin R1(config-if)#ppp chap hostname ccie@example.com R1(config-if)#ppp chap password cc13 R1(config-if)#no shutdown R1(config-if)#exit R1(config)#! R1(config)#ip route 0.0.0.0 0.0.0.0 Dialer 1 R1(config)#! R1(config)#dialer-list 20 protocol ip permit R1(config)# *Apr 30 05:22:19.374: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up R1(config)# *Apr 30 05:22:20.608: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up R1(config)# *Apr 30 05:22:23.907: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 *Apr 30 05:22:23.913: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up R1(config)# *Apr 30 05:22:27.578: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up R1(config)#int tun0 R1(config-if)#ip add R1(config-if)#ip address 172.16.0.1 255.255.255.0 R1(config-if)#tunn R1(config-if)#tunnel sou R1(config-if)#tunnel source 100.0.0.1 R1(config-if)#tunn R1(config-if)#tunnel mo R1(config-if)#tunnel mode gr R1(config-if)#tunnel mode gre mu R1(config-if)#tunnel mode gre multipoint R1(config-if)# *Apr 30 05:23:40.321: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up R1(config-if)#tunn R1(config-if)#tunnel ke R1(config-if)#tunnel key ? <0-4294967295> key R1(config-if)#tunnel key 10 R1(config-if)#tunn R1(config-if)#tunnel p R1(config-if)#tunnel pr R1(config-if)#tunnel protection ? ipsec Use ipsec to protect this tunnel interface R1(config-if)#tunnel protection ipse R1(config-if)#tunnel protection ipsec pro R1(config-if)#tunnel protection ipsec profile PRO-DMVPN1 R1(config-if)#ip *Apr 30 05:24:06.952: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON R1(config-if)#ip nhr R1(config-if)#ip nhrp netwo R1(config-if)#ip nhrp network-id 100 R1(config-if)#ip nhr R1(config-if)#ip nhrp ma R1(config-if)#ip nhrp map mul R1(config-if)#ip nhrp map multicast dyn R1(config-if)#ip nhrp map multicast dynamic R1(config-if)#ip os R1(config-if)#ip ospf net R1(config-if)#ip ospf network bro R1(config-if)#ip ospf network broadcast R1(config-if)#router ospf 1 R1(config-router)#netwo R1(config-router)#network 172.16.0.1 0.0.0.0 area 0 R1(config-router)#netow R1(config-router)#netwo R1(config-router)#network 10.100.0.1 0.0.0.0 area 0.0.0.0 R1(config-router)# *Apr 30 05:29:36.515: %OSPF-5-ADJCHG: Process 1, Nbr 200.0.0.2 on Tunnel0 from LOADING to FULL, Loading Done R1(config-router)# *Apr 30 05:36:53.851: %OSPF-5-ADJCHG: Process 1, Nbr 106.0.0.6 on Tunnel0 from LOADING to FULL, Loading Done R1(config-router)# *Apr 30 05:37:23.294: %OSPF-5-ADJCHG: Process 1, Nbr 106.0.0.6 on Tunnel0 from LOADING to FULL, Loading Done
R2#conf t Enter configuration commands, one per line. End with CNTL/Z. R2(config)# *Apr 30 05:20:02.197: %PLATFORM-5-SIGNATURE_VERIFIED: Image 'flash0:/vios-adventerprisek9-m' passed code signing verification R2(config)#interface GigabitEthernet 0/1 R2(config-if)#no ip address R2(config-if)#pppoe enable group global R2(config-if)#pppoe-client dial-pool-number 10 R2(config-if)#exit R2(config)#! R2(config)#interface GigabitEthernet 0/0 R2(config-if)#ip tcp adjust-mss 1356 R2(config-if)#exit R2(config)#! R2(config)#interface Loopback 1 R2(config-if)#ip address 200.0.0.2 255.255.255.255 *Apr 30 05:22:31.533: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up R2(config-if)#exit R2(config)#! R2(config)#interface Dialer 1 R2(config-if)#ip unnumbered Loopback 1 R2(config-if)#ip mtu 1454 R2(config-if)#encapsulation ppp R2(config-if)#dialer pool 10 R2(config-if)#dialer-group 20 R2(config-if)#ppp authentication chap callin R2(config-if)#ppp chap hostname ccie@example.com R2(config-if)#ppp chap password cc13 R2(config-if)#no shutdown R2(config-if)#exit R2(config)#! R2(config)#ip route 0.0.0.0 0.0.0.0 Dialer 1 R2(config)#! R2(config)#dialer-list 20 protocol ip permit R2(config)# *Apr 30 05:22:31.540: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up R2(config)# *Apr 30 05:22:32.746: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up R2(config)# *Apr 30 05:22:35.920: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 *Apr 30 05:22:35.925: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up R2(config)# *Apr 30 05:22:39.598: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up R2(config)#cry R2(config)#crypto isakm R2(config)#crypto isakmp po R2(config)#crypto isakmp policy 1 R2(config-isakmp)#enc R2(config-isakmp)#encryption 3des R2(config-isakmp)#has R2(config-isakmp)#hash md R2(config-isakmp)#hash md5 R2(config-isakmp)#aut R2(config-isakmp)#authentication pre R2(config-isakmp)#authentication pre-share R2(config-isakmp)#gor R2(config-isakmp)#gr R2(config-isakmp)#group 2 R2(config-isakmp)#exit R2(config)#cry R2(config)#crypto isakm R2(config)#crypto isakmp key R2(config)#crypto isakmp key cisco address 0.0.0.0 R2(config)#cry R2(config)#crypto isakm R2(config)#crypto isakmp kee R2(config)#crypto isakmp keepalive 30 R2(config)#cry R2(config)#crypto ipse R2(config)#crypto ipsec trans R2(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md5-hmac R2(cfg-crypto-trans)#mode R2(cfg-crypto-trans)#mode tra R2(cfg-crypto-trans)#mode transport R2(cfg-crypto-trans)#exit R2(config)#cry R2(config)#crypto ipse R2(config)#crypto ipsec pro R2(config)#crypto ipsec profile PRO-DMVPN1 R2(ipsec-profile)#set tran R2(ipsec-profile)#set transform-set TS-IPSEC1 R2(ipsec-profile)#int tun0 R2(config-if)#ip ad *Apr 30 05:27:32.893: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down R2(config-if)#ip add R2(config-if)#ip address 172.16.0.2 255.255.255.0 R2(config-if)#tun R2(config-if)#tunnel so R2(config-if)#tunnel source 200.0.0.2 R2(config-if)#tunn R2(config-if)#tunnel mo R2(config-if)#tunnel mode gr R2(config-if)#tunnel mode gre mu R2(config-if)#tunnel mode gre multipoint R2(config-if)#tunn R2(config-if)#tunnel ke R2(config-if)#tunnel key 10 R2(config-if)#tunn R2(config-if)#tunnel p R2(config-if)#tunnel pr R2(config-if)#tunnel protection *Apr 30 05:28:01.916: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up R2(config-if)#tunnel protection ipse R2(config-if)#tunnel protection ipsec pro R2(config-if)#tunnel protection ipsec profile PRO-DMVPN1 R2(config-if)# *Apr 30 05:28:15.230: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON R2(config-if)#ip nhrp netwo R2(config-if)#ip nhrp network-id 100 R2(config-if)#ip nhr R2(config-if)#ip nhrp nhs 172.16.0.1 R2(config-if)#ip nhr R2(config-if)#ip nhrp map 172.16.0.1 100.0.0.1 R2(config-if)#ip nh R2(config-if)#ip nhrp ma R2(config-if)#ip nhrp map R2(config-if)#ip nhrp map mut R2(config-if)#ip nhrp map mul, R2(config-if)#ip nhrp map mul R2(config-if)#ip nhrp map multicast 100.0.0.1 R2(config-if)#ip os R2(config-if)#ip ospf netwo R2(config-if)#ip ospf network bro R2(config-if)#ip ospf network broadcast R2(config-if)#ip osp R2(config-if)#ip ospf pri R2(config-if)#ip ospf priority 0 R2(config-if)#router ospf 1 R2(config-router)#netw R2(config-router)#network 172.16.0.2 0.0.0.0 area 0.0.0.0 R2(config-router)#netow *Apr 30 05:29:38.381: %OSPF-5-ADJCHG: Process 1, Nbr 100.0.0.1 on Tunnel0 from LOADING to FULL, Loading Done R2(config-router)#netwo R2(config-router)#network 10.200.0.2 0.0.0.0 area 0 R2(config-router)#^Z R2#sh ip ro *Apr 30 05:30:05.235: %SYS-5-CONFIG_I: Configured from console by console R2#sh ip ro ospf Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 0.0.0.0 to network 0.0.0.0 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks O 10.100.0.0/24 [110/1001] via 172.16.0.1, 00:00:25, Tunnel0 R2#ping 10.100.0.101 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.100.0.101, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 13/15/21 ms
R6# R6#conf t Enter configuration commands, one per line. End with CNTL/Z. R6(config)# *Apr 30 05:20:04.198: %PLATFORM-5-SIGNATURE_VERIFIED: Image 'flash0:/vios-adventerprisek9-m' passed code signing verification R6(config)#interface GigabitEthernet 0/1 R6(config-if)#no ip address R6(config-if)#pppoe enable group global R6(config-if)#pppoe-client dial-pool-number 10 R6(config-if)#exit R6(config)#! R6(config)#interface GigabitEthernet 0/0 R6(config-if)#ip tcp adjust-m *Apr 30 05:22:45.571: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to upss 1356 R6(config-if)#exit R6(config)#! R6(config)#interface Loopback 1 R6(config-if)#ip address 106.0.0.6 255.255.255.255 R6(config-if)#exit R6(config)#! R6(config)#interface Dialer 1 R6(config-if)#ip unnumbered Loopback 1 R6(config-if)#ip mtu 1454 R6(config-if)#encapsulation ppp R6(config-if)#dialer pool 10 R6(config-if)#dialer-group 20 R6(config-if)#ppp authentication chap callin R6(config-if)#ppp chap hostname ccie@isp3.pg1x.net R6(config-if)#ppp chap password cc13 R6(config-if)#no shutdown R6(config-if)#exit R6(config)#! R6(config)#ip route 0.0.0.0 0.0.0.0 Dialer 1 R6(config)#! R6(config)#dialer-list 20 protocol ip permit R6(config)# *Apr 30 05:22:45.578: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up R6(config)# *Apr 30 05:22:46.852: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up R6(config)# *Apr 30 05:22:50.065: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 *Apr 30 05:22:50.071: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up R6(config)# *Apr 30 05:22:54.135: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up R6(config)#cry R6(config)#crypto i R6(config)#crypto isa R6(config)#crypto isakmp poli R6(config)#crypto isakmp policy 1 R6(config-isakmp)#ecn R6(config-isakmp)#enc R6(config-isakmp)#en R6(config-isakmp)#e R6(config-isakmp)#e R6(config-isakmp)#e R6(config-isakmp)#e R6(config-isakmp)#en R6(config-isakmp)#encryption 3de R6(config-isakmp)#encryption 3des R6(config-isakmp)#ha R6(config-isakmp)#hash md R6(config-isakmp)#hash md5 R6(config-isakmp)#aut R6(config-isakmp)#authentication pre R6(config-isakmp)#authentication pre-share R6(config-isakmp)#gro R6(config-isakmp)#group 2 R6(config-isakmp)#cry R6(config-isakmp)#exit R6(config)#cry R6(config)#crypto isak R6(config)#crypto isakmp ke R6(config)#crypto isakmp key R6(config)#crypto isakmp key cis R6(config)#crypto isakmp key cisc R6(config)#crypto isakmp key cisco addre R6(config)#crypto isakmp key cisco address ? A.B.C.D Peer IP address ipv6 define shared key with IPv6 address R6(config)#crypto isakmp key cisco address 0.0.0.0 R6(config)#cry R6(config)#crypto i R6(config)#crypto isa R6(config)#crypto isakmp kee R6(config)#crypto isakmp keepalive 30 R6(config)#cry R6(config)#crypto ipse R6(config)#crypto ipsec tra R6(config)#crypto ipsec transform-set TS-IPSEC1 es R6(config)#crypto ipsec transform-set TS-IPSEC1 esp-3 R6(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des es R6(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md R6(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md5-hmac R6(cfg-crypto-trans)#mod R6(cfg-crypto-trans)#mode tra R6(cfg-crypto-trans)#mode transport R6(cfg-crypto-trans)#exit R6(config)#cry R6(config)#crypto ip R6(config)#crypto ipsec pro R6(config)#crypto ipsec profile PRO-DMVPN1 R6(ipsec-profile)#set tra R6(ipsec-profile)#set transform-set TS-IPSEC1 R6(ipsec-profile)#int tun0 R6(config-if)#ip add R6(config-if)#ip address *Apr 30 05:32:56.786: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down R6(config-if)#ip address 172.16.0.6 255.255.255.0 R6(config-if)#tunn R6(config-if)#tunnel so R6(config-if)#tunnel source 106.0.0.6 R6(config-if)#tunn R6(config-if)#tunnel m R6(config-if)#tunnel mo R6(config-if)#tunnel mode gr R6(config-if)#tunnel mode gre mu R6(config-if)#tunnel mode gre multipoint R6(config-if)#tunn R6(config-if)#tunnel ke R6(config-if)#tunnel key 10 R6(config-if)#tunn R6(config-if)#tunnel pro R6(config-if)#tunnel protection *Apr 30 05:35:45.806: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up R6(config-if)#tunnel protection ipse R6(config-if)#tunnel protection ipsec pro R6(config-if)#tunnel protection ipsec profile PRO-DMVPN1 R6(config-if)#ip nh R6(config-if)#ip nhrp *Apr 30 05:35:54.517: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON R6(config-if)#ip nhrp netwo R6(config-if)#ip nhrp network-id 100 R6(config-if)#ip nh R6(config-if)#ip nhrp nhs 172.16.0.1 R6(config-if)#ip nhr R6(config-if)#ip nhrp map 172.16.0.1 100.0.0.1 R6(config-if)#ip nh R6(config-if)#ip nhrp map R6(config-if)#ip nhrp map mul R6(config-if)#ip nhrp map multicast 100.0.0.1 R6(config-if)#ip os R6(config-if)#ip ospf pri R6(config-if)#ip ospf priority 0 R6(config-if)#rou R6(config-if)#router ospf 1 R6(config-router)#netwo R6(config-router)#network 172.16.0.6 0.0.0.0 area 0 R6(config-router)#net *Apr 30 05:36:55.188: %OSPF-4-NET_TYPE_MISMATCH: Received Hello from 100.0.0.1 on Tunnel0 indicating a potential network type mismatch R6(config-router)#netwo R6(config-router)#network *Apr 30 05:36:55.267: %OSPF-5-ADJCHG: Process 1, Nbr 100.0.0.1 on Tunnel0 from LOADING to FULL, Loading Done R6(config-router)#int tun0 R6(config-if)#ip os R6(config-if)#ip ospf netwo R6(config-if)#ip ospf network bro R6(config-if)#ip ospf network broadcast R6(config-if)# *Apr 30 05:37:24.595: %OSPF-5-ADJCHG: Process 1, Nbr 100.0.0.1 on Tunnel0 from FULL to DOWN, Neighbor Down: Interface down or detached *Apr 30 05:37:24.689: %OSPF-5-ADJCHG: Process 1, Nbr 100.0.0.1 on Tunnel0 from LOADING to FULL, Loading Done R6(config-if)#router ospf 1 R6(config-router)#netwo R6(config-router)#knetwonetwork 172.16.0.6 R6(config-router)#netwo R6(config-router)#network 10.6.0.6 0.0.0.0 area R6(config-router)#network 10.6.0.6 0.0.0.0 area 0 R6(config-router)#^Z R6#sh ip *Apr 30 05:38:09.275: %SYS-5-CONFIG_I: Configured from console by console R6#sh ip ro ospf Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 0.0.0.0 to network 0.0.0.0 10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks O 10.100.0.0/24 [110/1001] via 172.16.0.1, 00:00:43, Tunnel0 O 10.200.0.0/24 [110/1001] via 172.16.0.2, 00:00:43, Tunnel0 R6#ping 172.16.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/19 ms R6#ping 172.16.0.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 40/54/79 ms R6#ping 10.100.0.101 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.100.0.101, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 13/262/1010 ms R6#ping 10.100.0.101 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.100.0.101, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/17/23 ms R6#ping 10.200.0.202 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.200.0.202, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/16/24 ms
Project name: ccna-vpn-gre-0003-gre-over-ipsec-1-n
Project name:
ccna-vpn-dmvpn-0001-mgre+nhrp
configure terminal ! interface GigabitEthernet 0/1 no ip address pppoe enable group global pppoe-client dial-pool-number 10 exit ! interface GigabitEthernet 0/0 ip tcp adjust-mss 1356 exit ! interface Loopback 1 ip address 100.0.0.1 255.255.255.255 exit ! interface Dialer 1 ip unnumbered Loopback 1 ip mtu 1454 encapsulation ppp dialer pool 10 dialer-group 20 ppp authentication chap callin ppp chap hostname ccie@example.com ppp chap password cc13 no shutdown exit ! ip route 0.0.0.0 0.0.0.0 Dialer 1 ! dialer-list 20 protocol ip permit ! end
configure terminal ! interface GigabitEthernet 0/1 no ip address pppoe enable group global pppoe-client dial-pool-number 10 exit ! interface GigabitEthernet 0/0 ip tcp adjust-mss 1356 exit ! interface Loopback 1 ip address 200.0.0.2 255.255.255.255 exit ! interface Dialer 1 ip unnumbered Loopback 1 ip mtu 1454 encapsulation ppp dialer pool 10 dialer-group 20 ppp authentication chap callin ppp chap hostname ccie@example.com ppp chap password cc13 no shutdown exit ! ip route 0.0.0.0 0.0.0.0 Dialer 1 ! dialer-list 20 protocol ip permit ! end
configure terminal ! interface GigabitEthernet 0/1 no ip address pppoe enable group global pppoe-client dial-pool-number 10 exit ! interface GigabitEthernet 0/0 ip tcp adjust-mss 1356 exit ! interface Loopback 1 ip address 106.0.0.6 255.255.255.255 exit ! interface Dialer 1 ip unnumbered Loopback 1 ip mtu 1454 encapsulation ppp dialer pool 10 dialer-group 20 ppp authentication chap callin ppp chap hostname ccie@isp3.pg1x.net ppp chap password cc13 no shutdown exit ! ip route 0.0.0.0 0.0.0.0 Dialer 1 ! dialer-list 20 protocol ip permit ! end
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#cry R1(config)#crypto iksa R1(config)#crypto iksak R1(config)#cryp R1(config)#crypto isakm R1(config)#crypto isakmp poli R1(config)#crypto isakmp policy 1 R1(config-isakmp)#ecn R1(config-isakmp)#en R1(config-isakmp)#encryption 3de R1(config-isakmp)#encryption 3des R1(config-isakmp)#ha R1(config-isakmp)#hash md R1(config-isakmp)#hash md5 atu R1(config-isakmp)#hash md5 R1(config-isakmp)#auth R1(config-isakmp)#authentication pre R1(config-isakmp)#authentication pre-share R1(config-isakmp)#gro R1(config-isakmp)#group 2 R1(config-isakmp)#exit R1(config)#crypto R1(config)#crypto isakm R1(config)#crypto isakmp key cisco address 0.0.0.0 R1(config)#crypto isakm R1(config)#crypto isakmp kee R1(config)#crypto isakmp keepalive 30 R1(config)#cryp R1(config)#crypto isakm R1(config)#cryp R1(config)#crypto ipse R1(config)#crypto ipsec trans R1(config)#crypto ipsec transform-set TS-IPSEC1 esp-3de R1(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md R1(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md5-hmac R1(cfg-crypto-trans)#mod R1(cfg-crypto-trans)#mode tran R1(cfg-crypto-trans)#mode transport R1(cfg-crypto-trans)#exit R1(config)#cry R1(config)#crypto ipse R1(config)#crypto ipsec pro R1(config)#crypto ipsec profile PRO-DMVPN1 R1(ipsec-profile)#set tra R1(ipsec-profile)#set transform-set TS-IPSEC1 R1(ipsec-profile)#int tun0 R1(config-if)#ip *Apr 30 06:38:51.897: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down R1(config-if)#ip addre R1(config-if)#ip address 172.16.0.1 255.255.255.0 R1(config-if)#ip mt R1(config-if)#ip mtu 1368 R1(config-if)#tunn R1(config-if)#tunnel sou R1(config-if)#tunnel source Di R1(config-if)#tunnel source Dialer 1 R1(config-if)#tunn R1(config-if)#tunnel mo R1(config-if)#tunnel mode gr R1(config-if)#tunnel mode gre mu R1(config-if)#tunnel mode gre multipoint R1(config-if)#tunn R1(config-if)#tunnel ke R1(config-if)#tunnel key 10 R1(config-if)#tunn R1(config-if)#tunnel p R1(config-if)#tunnel pr R1(config-if)#tunnel protection ipse R1(config-if)#tunnel protection ipsec pro R1(config-if)#tunnel protection ipsec profile PRO-DMVPN1 R1(config-if)#ip nh R1(config-if)#ip nhrp netwo R1(config-if)#ip nhrp network-id 100 R1(config-if)#ip nh R1(config-if)#ip nhrp map mul R1(config-if)#ip nhrp map multicast ? A.B.C.D IP NBMA address X:X:X:X::X IPv6 NBMA address dynamic Dynamically learn destinations from client registrations on hub R1(config-if)#ip nhrp map multicast dyn R1(config-if)#ip nhrp map multicast dynamic R1(config-if)#ip os R1(config-if)#ip ospf netwo R1(config-if)#ip ospf network bro R1(config-if)#ip ospf network broadcast R1(config-if)#router R1(config-if)#router osp R1(config-if)#router ospf 1 R1(config-router)#netwo R1(config-router)#network 172.16.0.1 0.0.0.0 area 0 R1(config-router)#netwo R1(config-router)#network 10.100.0.1 0.0.0.0 area R1(config-router)#network 10.100.0.1 0.0.0.0 area 0 R1(config-router)#int lo0 R1(config-if)#ip add R1(config-if)#ip address 1 *Apr 30 06:40:48.694: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up R1(config-if)#ip address 100.0.0.1 % Incomplete command. R1(config-if)#ip address 100.0.0.1 255.255.255.255 R1(config-if)#int gig0/1 R1(config-if)#no ip add R1(config-if)#no ip address R1(config-if)#pppoe R1(config-if)#pppoe en R1(config-if)#pppoe enable R1(config-if)#ppp *Apr 30 06:41:34.894: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up R1(config-if)#pppoe *Apr 30 06:41:34.898: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up R1(config-if)#pppoe R1(config-if)#pppoe-cli R1(config-if)#pppoe-client di R1(config-if)#pppoe-client dial-pool-number 1 R1(config-if)#int gig0/0 R1(config-if)#ip add R1(config-if)#ip address 10.100.0.1 255.255.255.0 R1(config-if)#ip tc R1(config-if)#ip tcp ad R1(config-if)#ip tcp adjust-mss 1328 R1(config-if)#no shut R1(config-if)#int gig0/1 R1(config-if)#no shut R1(config-if)#int di R1(config-if)#int dia1 R1(config-if)#ip unnu R1(config-if)#ip unnumbered Loo R1(config-if)#ip unnumbered Loopback 0 R1(config-if)# *Apr 30 06:42:36.551: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up R1(config-if)# *Apr 30 06:42:36.608: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON R1(config-if)#ip mt R1(config-if)#ip mtu 1454 R1(config-if)#enca R1(config-if)#encapsulation ppp R1(config-if)#dia R1(config-if)#dialerpo R1(config-if)#dialer pooo R1(config-if)#dialer poo R1(config-if)#dialer pool 1 R1(config-if)#dia R1(config-if)#dialer-g R1(config-if)#dialer-group r R1(config-if)#dialer-group r *Apr 30 06:43:04.833: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 *Apr 30 06:43:04.837: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Apr 30 06:43:06.896: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1 R1(config-if)#dialer-group *Apr 30 06:43:06.914: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down R1(config-if)#dialer-group 1 R1(config-if)#ppp auth R1(config-if)#ppp authe R1(config-if)#ppp authentication chap calli R1(config-if)#ppp authentication chap callin R1(config-if)#ppp chap hostna R1(config-if)#ppp chap hostname ccie@example.com *Apr 30 06:43:29.144: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 *Apr 30 06:43:29.148: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Apr 30 06:43:29.261: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1 R1(config-if)#ppp chap hostname ccie@example.com *Apr 30 06:43:29.278: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down R1(config-if)#ppp chap pass R1(config-if)#ppp chap password cc13 R1(config-if)#exit R1(config)#ip route 0.0.0.0 0.0.0.0 D *Apr 30 06:43:51.470: %DIALER-6-BIND: Interface Vi2 bound to profile Di1ia R1(config)#ip route 0.0.0.0 0.0.0.0 Dialer 1 *Apr 30 06:43:51.475: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Apr 30 06:43:52.012: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up R1(config)#ip route 0.0.0.0 0.0.0.0 Dialer 1 R1(config)#dia R1(config)#dialer-li R1(config)#dialer-list 1 pro R1(config)#dialer-list 1 protocol ip per R1(config)#dialer-list 1 protocol ip permit R1(config)#^Z R1# *Apr 30 06:44:09.301: %SYS-5-CONFIG_I: Configured from console by console R1#ping 100.1.3.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 100.1.3.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 3/4/8 ms R1#ping 35.0.0.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 35.0.0.5, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/7/11 ms R1# *Apr 30 06:55:40.644: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.2 on Tunnel0 from EXSTART to DOWN, Neighbor Down: Too many retransmissions R1# *Apr 30 06:56:40.645: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.2 on Tunnel0 from DOWN to DOWN, Neighbor Down: Ignore timer expired R1#ping 172.16.0.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 15/17/20 ms R1#sh run int tun0 Building configuration... Current configuration : 284 bytes ! interface Tunnel0 ip address 172.16.0.1 255.255.255.0 no ip redirects ip mtu 1368 ip nhrp map multicast dynamic ip nhrp network-id 100 ip ospf network broadcast tunnel source Dialer1 tunnel mode gre multipoint tunnel key 10 tunnel protection ipsec profile PRO-DMVPN1 end R1# *Apr 30 06:58:46.830: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.2 on Tunnel0 from EXSTART to DOWN, Neighbor Down: Too many retransmissions R1#sh ip proto *** IP Routing is NSF aware *** Routing Protocol is "application" Sending updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Maximum path: 32 Routing for Networks: Routing Information Sources: Gateway Distance Last Update Distance: (default is 4) Routing Protocol is "nhrp" Maximum path: 32 Routing Information Sources: Gateway Distance Last Update Distance: (default is 250) Routing Protocol is "ospf 1" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 172.16.0.1 Number of areas in this router is 1. 1 normal 0 stub 0 nssa Maximum path: 4 Routing for Networks: 10.100.0.1 0.0.0.0 area 0 172.16.0.1 0.0.0.0 area 0 Routing Information Sources: Gateway Distance Last Update Distance: (default is 110) R1# *Apr 30 06:59:46.831: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.2 on Tunnel0 from DOWN to DOWN, Neighbor Down: Ignore timer expired R1#sh ip int tun0 | i Internet Internet address is 172.16.0.1/24 R1# *Apr 30 07:01:57.996: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.2 on Tunnel0 from EXSTART to DOWN, Neighbor Down: Too many retransmissions R1#sh ip int tun0 | i MTU MTU is 1368 bytes R1#sh ip ospf neigh detail Neighbor 172.16.0.2, interface address 172.16.0.2 In the area 0 via interface Tunnel0 Neighbor priority is 0, State is DOWN, 4 state changes Neighbor ignored, reenable in 00:00:15 DR is 0.0.0.0 BDR is 0.0.0.0 Options is 0x12 in Hello (E-bit, L-bit) LLS Options is 0x1 (LR) Index 0/0/0, retransmission queue length 0, number of retransmission 0 First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0) Last retransmission scan length is 0, maximum is 0 Last retransmission scan time is 0 msec, maximum is 0 msec R1# *Apr 30 07:02:57.997: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.2 on Tunnel0 from DOWN to DOWN, Neighbor Down: Ignore timer expired R1# *Apr 30 07:05:06.765: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.2 on Tunnel0 from EXSTART to DOWN, Neighbor Down: Too many retransmissions R1# *Apr 30 07:06:06.766: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.2 on Tunnel0 from DOWN to DOWN, Neighbor Down: Ignore timer expired *Apr 30 07:06:07.011: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.2 on Tunnel0 from LOADING to FULL, Loading Done R1# *Apr 30 07:54:09.586: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.6 on Tunnel0 from LOADING to FULL, Loading Done R1#
R2#conf t Enter configuration commands, one per line. End with CNTL/Z. R2(config)#cry R2(config)#crypto isak R2(config)#crypto isakmp po R2(config)#crypto isakmp policy 1 R2(config-isakmp)#enc R2(config-isakmp)#encryption 3de R2(config-isakmp)#encryption 3des R2(config-isakmp)#ha R2(config-isakmp)#hash md R2(config-isakmp)#hash md5 R2(config-isakmp)#auth R2(config-isakmp)#authentication pre R2(config-isakmp)#authentication pre-share R2(config-isakmp)#gr R2(config-isakmp)#group 2 R2(config-isakmp)#cry R2(config-isakmp)#cryp R2(config-isakmp)#exit R2(config)#cry R2(config)#crypto isak R2(config)#crypto isakmp ke R2(config)#crypto isakmp key R2(config)#crypto isakmp key cisco address 0.0.0.0 R2(config)#cry R2(config)#crypto isak R2(config)#crypto isakmp kee R2(config)#crypto isakmp keepalive 30 R2(config)#cry R2(config)#crypto ipse R2(config)#crypto ipsec tran R2(config)#crypto ipsec transform-set TS-IPSEC1 esp R2(config)#crypto ipsec transform-set TS-IPSEC1 esp-3de R2(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des es R2(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md R2(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md5-hmac h R2(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md5-hmac R2(cfg-crypto-trans)#mod R2(cfg-crypto-trans)#mode tra R2(cfg-crypto-trans)#mode transport R2(cfg-crypto-trans)#exit R2(config)#cry R2(config)#crypto ipse R2(config)#crypto ipsec pro R2(config)#crypto ipsec profile PRO-DMVPN1 R2(ipsec-profile)#set tra R2(ipsec-profile)#set transform-set TS-IPSEC1 R2(ipsec-profile)#int tun0 R2(config-if)#ip *Apr 30 06:46:40.154: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down R2(config-if)#ip add R2(config-if)#ip address 172.16.0.2 255.255.255.0 R2(config-if)#tunn R2(config-if)#tunnel saou R2(config-if)#tunnel sou R2(config-if)#tunnel source Dia R2(config-if)#tunnel source Dialer 1 R2(config-if)#tunn R2(config-if)#tunnel mo R2(config-if)#tunnel mode gr R2(config-if)#tunnel mode gre mul R2(config-if)#tunnel mode gre multipoint R2(config-if)#tunn R2(config-if)#tunnel ke R2(config-if)#tunnel key 10 R2(config-if)#tunn R2(config-if)#tunnel pro R2(config-if)#tunnel protection ip R2(config-if)#tunnel protection ipsec pro R2(config-if)#tunnel protection ipsec profile PRO-DMVPN1 R2(config-if)#ip nh R2(config-if)#ip nhrp netow R2(config-if)#ip nh R2(config-if)#ip nhrp netwo R2(config-if)#ip nhrp network-id 100 R2(config-if)#ip nh R2(config-if)#ip nhrp nhs 172.16.0.1 R2(config-if)#ip nh R2(config-if)#ip nhrp map 172.16.0.1 100.0.0.1 R2(config-if)#ip nhr R2(config-if)#ip nhrp ma R2(config-if)#ip nhrp map R2(config-if)#ip nhrp map mul R2(config-if)#ip nhrp map multicast 100.0.0.1 R2(config-if)#ip os R2(config-if)#ip ospf netwo R2(config-if)#ip ospf network bro R2(config-if)#ip ospf network broadcast R2(config-if)#ip os R2(config-if)#ip ospf pri R2(config-if)#ip ospf priority 0 R2(config-if)#router ospf 1 R2(config-router)#netwo R2(config-router)#network 172.16.0.2 0.0.0.0 area 0 R2(config-router)#netwo R2(config-router)#network 10.200.0.2 0.0.0.0 area 0 R2(config-router)#int lo0 R2(config-if)#ip add R2(config-if)#ip address 1 *Apr 30 06:50:22.469: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up R2(config-if)#ip address 200.0.0.2 255.255.255.255 R2(config-if)#int gig0/1 R2(config-if)#no ip addre R2(config-if)#no ip address R2(config-if)#pppoe ena R2(config-if)#pppoe enable R2(config-if)#pp *Apr 30 06:50:54.101: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up R2(config-if)#pppoe- *Apr 30 06:50:54.104: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up R2(config-if)#pppoe-clie R2(config-if)#pppoe-client dial R2(config-if)#pppoe-client dial-pool-number 1 R2(config-if)#int gig0/0 R2(config-if)#ip add R2(config-if)#ip address 10.200.0.2 255.255.255.0 R2(config-if)#ip tc R2(config-if)#ip tcp ad R2(config-if)#ip tcp adjust-mss 1328 R2(config-if)#int dia1 R2(config-if)#ip unnu R2(config-if)#ip unnumbered lo0 R2(config-if)# *Apr 30 06:52:25.082: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up R2(config-if)#ip *Apr 30 06:52:25.141: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON R2(config-if)#ip mt R2(config-if)#ip mtu 1454 R2(config-if)#enca R2(config-if)#encapsulation ppp R2(config-if)#dia R2(config-if)#dialer po R2(config-if)#dialer pool 1 R2(config-if)#dia R2(config-if)#dialer-gr R2(config-if)#dialer-group *Apr 30 06:52:44.791: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 *Apr 30 06:52:44.795: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Apr 30 06:52:46.591: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1 R2(config-if)#dialer-group *Apr 30 06:52:46.605: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down R2(config-if)#dialer-group 1 R2(config-if)#ppp auth R2(config-if)#ppp authe R2(config-if)#ppp authentication chap calli R2(config-if)#ppp authentication chap callin R2(config-if)#ppp chap hostname ccie@example.com R2(config-if)# *Apr 30 06:53:08.836: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 *Apr 30 06:53:08.839: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Apr 30 06:53:08.945: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1 R2(config-if)# *Apr 30 06:53:08.965: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down R2(config-if)#ppp chap pass R2(config-if)#ppp chap password cc13 R2(config-if)#exit R2(config)#ip route 0.0.0.0 0.0.0.0 Dia R2(config)#ip route 0.0.0.0 0.0.0.0 Dialer 1 R2(config)# *Apr 30 06:53:31.117: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 R2(config)#diale *Apr 30 06:53:31.121: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Apr 30 06:53:31.686: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up R2(config)#dialer R2(config)#dialer-li R2(config)#dialer-list 1 pro R2(config)#dialer-list 1 protocol ip per R2(config)#dialer-list 1 protocol ip permit R2(config)#^Z R2#sh i *Apr 30 06:53:41.892: %SYS-5-CONFIG_I: Configured from console by console R2#sh ip ro ospf Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 0.0.0.0 to network 0.0.0.0 R2#ping 200.2.4.4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 200.2.4.4, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 3/6/16 ms R2#ping 100.0.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 100.0.0.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 7/8/10 ms R2#sh ip ro Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 0.0.0.0 to network 0.0.0.0 S* 0.0.0.0/0 is directly connected, Dialer1 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.200.0.0/24 is directly connected, GigabitEthernet0/0 L 10.200.0.2/32 is directly connected, GigabitEthernet0/0 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks C 172.16.0.0/24 is directly connected, Tunnel0 L 172.16.0.2/32 is directly connected, Tunnel0 200.0.0.0/32 is subnetted, 1 subnets C 200.0.0.2 is directly connected, Loopback0 200.2.4.0/32 is subnetted, 1 subnets C 200.2.4.4 is directly connected, Dialer1 R2#sh ip ro ospf Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 0.0.0.0 to network 0.0.0.0 R2#sh ip ospf neigh R2#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 EXSTART/DR 00:00:37 172.16.0.1 Tunnel0 R2#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 EXSTART/DR 00:00:35 172.16.0.1 Tunnel0 R2#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 EXSTART/DR 00:00:39 172.16.0.1 Tunnel0 R2#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 EXSTART/DR 00:00:39 172.16.0.1 Tunnel0 R2#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 EXSTART/DR 00:00:38 172.16.0.1 Tunnel0 R2#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 EXSTART/DR 00:00:37 172.16.0.1 Tunnel0 R2#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 EXSTART/DR 00:00:36 172.16.0.1 Tunnel0 R2#sh ipse R2#sh ip i *Apr 30 06:55:42.979: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.1 on Tunnel0 from EXSTART to DOWN, Neighbor Down: Too many retransmissions R2#sh ip ipse R2#sh ip ipsec R2#sh ipse R2#sh ipse R2#sh ipse R2#sh cry R2#sh crypto ip R2#sh crypto ipsec sa interface: Tunnel0 Crypto map tag: Tunnel0-head-0, local addr 200.0.0.2 protected vrf: (none) local ident (addr/mask/prot/port): (200.0.0.2/255.255.255.255/47/0) remote ident (addr/mask/prot/port): (100.0.0.1/255.255.255.255/47/0) current_peer 100.0.0.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 45, #pkts encrypt: 45, #pkts digest: 45 #pkts decaps: 44, #pkts decrypt: 44, #pkts verify: 44 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 200.0.0.2, remote crypto endpt.: 100.0.0.1 plaintext mtu 1442, path mtu 1472, ip mtu 1472, ip mtu idb Tunnel0 current outbound spi: 0xCD11C1FD(3440493053) PFS (Y/N): N, DH group: none inbound esp sas: spi: 0x8D00840B(2365621259) transform: esp-3des esp-md5-hmac , in use settings ={Transport, } conn id: 1, flow_id: SW:1, sibling_flags 80004000, crypto map: Tunnel0-head-0 sa timing: remaining key lifetime (k/sec): (4608000/3449) IV size: 8 bytes replay detection support: Y Status: ACTIVE(ACTIVE) spi: 0x2F470E3D(793185853) transform: esp-3des esp-md5-hmac , in use settings ={Transport, } conn id: 3, flow_id: SW:3, sibling_flags 80000000, crypto map: Tunnel0-head-0 sa timing: remaining key lifetime (k/sec): (4193753/3449) IV size: 8 bytes replay detection support: Y Status: ACTIVE(ACTIVE) inbound ah sas: inbound pcp sas: outbound esp sas: spi: 0x43219BBB(1126276027) transform: esp-3des esp-md5-hmac , in use settings ={Transport, } conn id: 2, flow_id: SW:2, sibling_flags 80004000, crypto map: Tunnel0-head-0 sa timing: remaining key lifetime (k/sec): (4608000/3449) IV size: 8 bytes replay detection support: Y Status: ACTIVE(ACTIVE) spi: 0xCD11C1FD(3440493053) transform: esp-3des esp-md5-hmac , in use settings ={Transport, } conn id: 4, flow_id: SW:4, sibling_flags 80000000, crypto map: Tunnel0-head-0 sa timing: remaining key lifetime (k/sec): (4193753/3449) IV size: 8 bytes replay detection support: Y Status: ACTIVE(ACTIVE) outbound ah sas: outbound pcp sas: R2# *Apr 30 06:56:42.979: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.1 on Tunnel0 from DOWN to DOWN, Neighbor Down: Ignore timer expired R2#sh crypto ipsec sa interface: Tunnel0 Crypto map tag: Tunnel0-head-0, local addr 200.0.0.2 protected vrf: (none) local ident (addr/mask/prot/port): (200.0.0.2/255.255.255.255/47/0) remote ident (addr/mask/prot/port): (100.0.0.1/255.255.255.255/47/0) current_peer 100.0.0.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 56, #pkts encrypt: 56, #pkts digest: 56 #pkts decaps: 54, #pkts decrypt: 54, #pkts verify: 54 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 200.0.0.2, remote crypto endpt.: 100.0.0.1 plaintext mtu 1442, path mtu 1472, ip mtu 1472, ip mtu idb Tunnel0 current outbound spi: 0xCD11C1FD(3440493053) PFS (Y/N): N, DH group: none inbound esp sas: spi: 0x8D00840B(2365621259) R2#ping 172.16.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/18/27 ms R2#sh run | s tun0 R2#sh run tun0 ^ % Invalid input detected at '^' marker. R2#sh run int tun0 Building configuration... Current configuration : 351 bytes ! interface Tunnel0 ip address 172.16.0.2 255.255.255.0 no ip redirects ip nhrp map 172.16.0.1 100.0.0.1 ip nhrp map multicast 100.0.0.1 ip nhrp network-id 100 ip nhrp nhs 172.16.0.1 ip ospf network broadcast ip ospf priority 0 tunnel source Dialer1 tunnel mode gre multipoint tunnel key 10 tunnel protection ipsec profile PRO-DMVPN1 end R2#sh ip proto *** IP Routing is NSF aware *** Routing Protocol is "application" Sending updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Maximum path: 32 Routing for Networks: Routing Information Sources: Gateway Distance Last Update Distance: (default is 4) Routing Protocol is "nhrp" Maximum path: 32 Routing Information Sources: Gateway Distance Last Update Distance: (default is 250) Routing Protocol is "ospf 1" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 172.16.0.2 Number of areas in this router is 1. 1 normal 0 stub 0 nssa Maximum path: 4 Routing for Networks: 10.200.0.2 0.0.0.0 area 0 172.16.0.2 0.0.0.0 area 0 Routing Information Sources: Gateway Distance Last Update Distance: (default is 110) R2#sh ip int brief Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 10.200.0.2 YES NVRAM up up GigabitEthernet0/1 unassigned YES NVRAM up up GigabitEthernet0/2 unassigned YES NVRAM administratively down down GigabitEthernet0/3 unassigned YES NVRAM administratively down down Dialer1 200.0.0.2 YES TFTP up up Loopback0 200.0.0.2 YES manual up up Tunnel0 172.16.0.2 YES manual up up Virtual-Access1 unassigned YES unset up up Virtual-Access2 unassigned YES unset up up R2#sh ip int tun0 | i Internet Internet address is 172.16.0.2/24 R2#sh ip int tun0 | i M *Apr 30 07:02:01.972: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.1 on Tunnel0 from EXSTART to DOWN, Neighbor Down: Too many retransmissions R2#sh ip int tun0 | i MTU MTU is 1472 bytes R2#sh ip ospf neigh detai R2#sh ip ospf neigh detail Neighbor 172.16.0.1, interface address 172.16.0.1 In the area 0 via interface Tunnel0 Neighbor priority is 1, State is DOWN, 7 state changes Neighbor ignored, reenable in 00:00:24 DR is 0.0.0.0 BDR is 0.0.0.0 Options is 0x12 in Hello (E-bit, L-bit) LLS Options is 0x1 (LR) Index 0/0/0, retransmission queue length 0, number of retransmission 0 First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0) Last retransmission scan length is 0, maximum is 0 Last retransmission scan time is 0 msec, maximum is 0 msec R2# *Apr 30 07:03:01.973: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.1 on Tunnel0 from DOWN to DOWN, Neighbor Down: Ignore timer expired R2#cofn t ^ % Invalid input detected at '^' marker. R2#conf t Enter configuration commands, one per line. End with CNTL/Z. R2(config)#int tun0 R2(config-if)#ip mt R2(config-if)#ip mtu 1368 *Apr 30 07:05:09.284: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.1 on Tunnel0 from EXSTART to DOWN, Neighbor Down: Too many retransmissions R2(config-if)#ip mtu 1368 R2(config-if)#do sh ip ospf neigh Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 DOWN/DROTHER - 172.16.0.1 Tunnel0 R2(config-if)#do sh ip ospf neigh Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 DOWN/DROTHER - 172.16.0.1 Tunnel0 R2(config-if)#do sh ip ospf neigh Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 DOWN/DROTHER - 172.16.0.1 Tunnel0 R2(config-if)#do sh ip ospf neigh Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 DOWN/DROTHER - 172.16.0.1 Tunnel0 R2(config-if)#do sh ip int | i MTU MTU is 1500 bytes MTU is 1454 bytes MTU is 1514 bytes MTU is 1368 bytes R2(config-if)#do sh ip int tun0 | i MTU MTU is 1368 bytes R2(config-if)# *Apr 30 07:06:09.284: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.1 on Tunnel0 from DOWN to DOWN, Neighbor Down: Ignore timer expired *Apr 30 07:06:09.676: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.1 on Tunnel0 from LOADING to FULL, Loading Done R2(config-if)#^Z R2#sh ip *Apr 30 07:06:13.859: %SYS-5-CONFIG_I: Configured from console by console R2#sh ip ro ospf Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 0.0.0.0 to network 0.0.0.0 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks O 10.100.0.0/24 [110/1001] via 172.16.0.1, 00:00:02, Tunnel0 R2#ping 10.100.0.101 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.100.0.101, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/23 ms R2#
R6#conf t Enter configuration commands, one per line. End with CNTL/Z. R6(config)#cry R6(config)#crypto isak R6(config)#crypto isakmp po R6(config)#crypto isakmp policy 1 R6(config-isakmp)#enc R6(config-isakmp)#encryption 3de R6(config-isakmp)#encryption 3des R6(config-isakmp)#ha R6(config-isakmp)#hash md R6(config-isakmp)#hash md5 R6(config-isakmp)#auth R6(config-isakmp)#authentication pre R6(config-isakmp)#authentication pre-share R6(config-isakmp)#gr R6(config-isakmp)#group 2 R6(config-isakmp)#cry R6(config-isakmp)#exit R6(config)#crypto R6(config)#crypto isak R6(config)#crypto isakmp ke R6(config)#crypto isakmp key cisco add R6(config)#crypto isakmp key cisco address 0.0.0.0 R6(config)#crypto R6(config)#crypto isakm R6(config)#crypto isakmp kee R6(config)#crypto isakmp keepalive 30 R6(config)#crypt R6(config)#crypto ipse R6(config)#crypto ipsec tran R6(config)#crypto ipsec transform-set TS-IPSEC1 esp R6(config)#crypto ipsec transform-set TS-IPSEC1 esp-3de R6(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md R6(config)#crypto ipsec transform-set TS-IPSEC1 esp-3des esp-md5-hmac R6(cfg-crypto-trans)#mod R6(cfg-crypto-trans)#mode tra R6(cfg-crypto-trans)#mode transport R6(cfg-crypto-trans)#cry R6(cfg-crypto-trans)#cryp R6(cfg-crypto-trans)#exit R6(config)#cryp R6(config)#crypto ipse R6(config)#crypto ipsec pro R6(config)#crypto ipsec profile PRO-DMVPN1 R6(ipsec-profile)#set tra R6(ipsec-profile)#set transform-set TS-IPSEC1 R6(ipsec-profile)#int tun0 R6(config-if)# *Apr 30 07:32:49.891: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down R6(config-if)#ip add R6(config-if)#ip address 172.16.0.6 255.255.255.0 R6(config-if)#tunn R6(config-if)#tunnel sour R6(config-if)#tunnel source Dia R6(config-if)#tunnel source Dialer 1 R6(config-if)#tunn R6(config-if)#tunnel mod R6(config-if)#tunnel mode gr R6(config-if)#tunnel mode gre mu R6(config-if)#tunnel mode gre multipoint R6(config-if)#tunn R6(config-if)#tunnel ke R6(config-if)#tunnel key 10 R6(config-if)#tunn R6(config-if)#tunnel p R6(config-if)#tunnel pro R6(config-if)#tunnel protection ipse R6(config-if)#tunnel protection ipsec pro R6(config-if)#tunnel protection ipsec profile PRO-DMVPN1 R6(config-if)#ip nh R6(config-if)#ip nhrp netwo R6(config-if)#ip nhrp network-id 100 R6(config-if)#ip nh R6(config-if)#ip nhrp nhs 172.16.0.1 R6(config-if)#ip nh R6(config-if)#ip nhrp map 172.16.0.1 100.0.0.1 R6(config-if)#ip nhrp map mul R6(config-if)#ip nhrp map multicast 100.0.0.1 R6(config-if)#ip osp R6(config-if)#ip ospf netwo R6(config-if)#ip ospf network bro R6(config-if)#ip ospf network broadcast R6(config-if)#ip os R6(config-if)#ip ospf pri R6(config-if)#ip ospf priority o R6(config-if)#ip ospf priority 0 R6(config-if)#router ospf 1 R6(config-router)#netwo R6(config-router)#network 172.16.0.6 0.0.0.0 area 0 R6(config-router)#net R6(config-router)#network 10.6.0.6 0.0.0.0 area 0 R6(config-router)#int lo0 R6(config-if)#ip *Apr 30 07:48:55.542: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to upa R6(config-if)#ip add R6(config-if)#ip address 106.0.0.6 255.255.255.255 R6(config-if)#int gig0/1 R6(config-if)#no ip add R6(config-if)#no ip address R6(config-if)#pppoe enabl R6(config-if)#pppoe enable R6(config-if)#pppoe *Apr 30 07:50:22.401: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up R6(config-if)#pppoe- *Apr 30 07:50:22.404: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up R6(config-if)#pppoe-clie R6(config-if)#pppoe-client dia R6(config-if)#pppoe-client dial-pool-number 1 R6(config-if)#int gig0/0 R6(config-if)#ip addre R6(config-if)#ip address 10.6.0.6 255.255.255.0 R6(config-if)#ip tcp ad R6(config-if)#ip tcp adjust-mss 1328 R6(config-if)#int tun0 R6(config-if)#ip mt R6(config-if)#ip mtu 1368 R6(config-if)#int gig0/0 R6(config-if)#int dia 1 R6(config-if)#ip unnu R6(config-if)#ip unnumbered Lo R6(config-if)#ip unnumbered Loo R6(config-if)#ip unnumbered Loopback 0 R6(config-if)#ip *Apr 30 07:53:12.605: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up R6(config-if)#ip mt R6(config-if)#ip mtu *Apr 30 07:53:12.668: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON R6(config-if)#ip mtu 1454 R6(config-if)#enca R6(config-if)#encapsulation ppp R6(config-if)#dial R6(config-if)#dialer po R6(config-if)#dialer pool 1 R6(config-if)#dia R6(config-if)#dialer-g R6(config-if)#dialer-group *Apr 30 07:53:26.348: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 *Apr 30 07:53:26.353: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Apr 30 07:53:28.231: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1 R6(config-if)#dialer-group *Apr 30 07:53:28.247: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down R6(config-if)#dialer-group 1 R6(config-if)#ppp auth R6(config-if)#ppp authe R6(config-if)#ppp authentication chap calli R6(config-if)#ppp authentication chap callin R6(config-if)#ppp chap hostnae R6(config-if)#ppp chap hostna R6(config-if)#ppp chap hostname ccie@ *Apr 30 07:53:50.543: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 *Apr 30 07:53:50.547: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Apr 30 07:53:50.640: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1 R6(config-if)#ppp chap hostname ccie@isp3 *Apr 30 07:53:50.655: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down R6(config-if)#ppp chap hostname ccie@isp3.pg1x.net R6(config-if)#ppp chap R6(config-if)#ppp chap pass R6(config-if)#ppp chap password cc13 R6(config-if)#exit R6(config)#ip route 0.0.0.0 0.0.0.0 *Apr 30 07:54:12.886: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 D R6(config)#ip route 0.0.0.0 0.0.0.0 Dia R6(config)#ip route 0.0.0.0 0.0.0.0 Dialer *Apr 30 07:54:12.889: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Apr 30 07:54:13.434: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up R6(config)#ip route 0.0.0.0 0.0.0.0 Dialer 1 R6(config)#dia R6(config)#dialer-li R6(config)#dialer-list 1 *Apr 30 07:54:19.670: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.0.1 on Tunnel0 from LOADING to FULL, Loading Done R6(config)#dialer-list 1 pro R6(config)#dialer-list 1 protocol ip R6(config)#dialer-list 1 protocol ip per R6(config)#dialer-list 1 protocol ip permit R6(config)#^Z R6#sh ip *Apr 30 07:54:25.651: %SYS-5-CONFIG_I: Configured from console by console R6#sh ip ro ospf Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 0.0.0.0 to network 0.0.0.0 10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks O 10.100.0.0/24 [110/1001] via 172.16.0.1, 00:00:04, Tunnel0 O 10.200.0.0/24 [110/1001] via 172.16.0.2, 00:00:04, Tunnel0 R6#ping 172.16.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 14/17/24 ms R6#ping 172.16.0.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/36/53 ms R6#ping 10.100.0.101 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.100.0.101, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 7/258/1005 ms R6#ping 10.100.0.101 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.100.0.101, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 13/16/22 ms R6#ping 10.200.0.202 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.200.0.202, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/20 ms R6#sh ip ospf neigh Neighbor ID Pri State Dead Time Address Interface 172.16.0.1 1 FULL/DR 00:00:39 172.16.0.1 Tunnel0
R6#ping 10.200.0.202 repeat 10000 Type escape sequence to abort. Sending 10000, 100-byte ICMP Echos to 10.200.0.202, timeout is 2 seconds: .!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!. Success rate is 99 percent (622/624), round-trip min/avg/max = 7/16/1018 ms R6#