- R1, R2, R3, R4, R5, R6, R7 all uses same IOS : c3640-ik9o3s-mz.124-10.bin. 3600 Software (C3640-IK9O3S-M), Version 12.4(10), RELEASE SOFTWARE (fc1)
- R5 is acting as Internet Router. It is only configured local interface ip address. No static and dynamic routing configured
- R1, R3 will be acted as a pair to configure GRE and IPSec Tunnel, and also configured as main link between R6 and R7
- R2, R4 will be acted as second pair to configure GRE and IPSec Tunnel. It will be set as secondly link between R6 and R7
- R5 Configuration:
R5#sh run
interface Ethernet0/0
ip address 1.1.1.2 255.255.255.0
full-duplex
!
interface Ethernet0/1
ip address 2.2.2.2 255.255.255.0
full-duplex
!
interface Ethernet0/2
ip address 3.3.3.2 255.255.255.0
full-duplex
!
interface Ethernet0/3
ip address 4.4.4.2 255.255.255.0
full-duplex
!
2. R1 Configuration:
R1#sh run
Building configuration…Current configuration : 991 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
interface Loopback0
ip address 11.11.11.11 255.255.255.0
!
interface Tunnel0
ip unnumbered Ethernet0/1
tunnel source Ethernet0/0
tunnel destination 3.3.3.1
!
interface Ethernet0/0
ip address 1.1.1.1 255.255.255.0
full-duplex
!
interface Ethernet0/1
ip address 16.16.16.16 255.255.255.0
shutdown
full-duplex
!
interface Ethernet0/2
no ip address
shutdown
full-duplex
!
interface Ethernet0/3
no ip address
shutdown
full-duplex
!
no ip http server
no ip http secure-server
!
ip route 3.3.3.0 255.255.255.0 1.1.1.2
ip route 33.33.33.0 255.255.255.0 Tunnel0
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
R3#sh run
Building configuration…Current configuration : 991 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
interface Loopback0
ip address 33.33.33.33 255.255.255.0
!
interface Tunnel0
ip unnumbered Ethernet0/1
tunnel source Ethernet0/0
tunnel destination 1.1.1.1
!
interface Ethernet0/0
ip address 3.3.3.1 255.255.255.0
full-duplex
!
interface Ethernet0/1
ip address 37.37.37.37 255.255.255.0
shutdown
full-duplex
!
interface Ethernet0/2
no ip address
shutdown
full-duplex
!
interface Ethernet0/3
no ip address
shutdown
full-duplex
!
no ip http server
no ip http secure-server
!
ip route 1.1.1.0 255.255.255.0 3.3.3.2
ip route 11.11.11.0 255.255.255.0 Tunnel0
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
R1#ping
Protocol [ip]:
Target IP address: 33.33.33.33
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 11.11.11.11
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 33.33.33.33, timeout is 2 seconds:
Packet sent with a source address of 11.11.11.11
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/39/60 ms
R1#
