Помогите с сетевой адрессацией циско

Isp
Nano /etc/hostname
ISP
Nano /etc/network/interfaces
Auto ens256
Iface ens256 inet static
Address 3.3.3.1
Netmask 255.255.255.0

Auto ens192
Iface ens192 inet static
Address 4.4.4.1
Netmask 255.255.255.0

Auto ens224
Iface ens224 inet static
Address 5.5.5.1
Netmask 255.255.255.0

Nano /etc/sysctl.conf
Forwarding
Sysctl –p
Reboot

RTR-L
Int g1
Ip add 4.4.4.100 255.255.255.0
No sh
Int g2
Ip add 192.168.100.254 255.255.255.0
No sh
Ex
Ip route 0.0.0.0 0.0.0.0 4.4.4.1


RTR-R
Int g1
Ip add 5.5.5.100 255.255.255.0
No sh
Int g2
Ip add 172.16.100.254 255.255.255.0
No sh
Ex
Ip route 0.0.0.0 0.0.0.0 5.5.5.1

WEB-L
Nano /etc/hostname
WEB-L
Nano /etc/network/interfaces
Auto ens192
Iface ens192 inet static
Address 192.168.100.100
Netmask 255.255.255.0
Gateway 192.168.100.254

WEB-R
Nano /etc/hostname
WEB-R
Nano /etc/network/interfaces
Auto ens192
Iface ens192 inet static
Address 172.16.100.100
Netmask 255.255.255.0
Gateway 172.16.100.254

RTR-L
Int g1
Ip nat outside
Ex
Int g2
Ip nat inside
Ex
Access-list 1 permit 192.168.100.0 0.0.0.255
Ip nat inside source list 1 interface g1 overload

RTR-R
Int g1
Ip nat outside
Ex
Int g2
Ip nat inside
Ex
Access-list 1 permit 172.16.100.0 0.0.0.255
Ip nat inside source list 1 interface g1 overload

RTR-L
Int tunnel 1
Ip add 172.16.1.1 255.255.255.0
Tunnel mode gre ip
Tunnel source 4.4.4.100
Tunnel destination 5.5.5.100
Ex
Router iegrp 6500
Network 192.168.100.0 0.0.0.255
Network 172.16.1.0 0.0.0.255

RTR-R
Int tunnel 1
Ip add 172.16.1.2 255.255.255.0
Tunnel mode gre ip
Tunnel source 5.5.5.100
Tunnel destination 4.4.4.100
Ex
Router iegrp 6500
Network 172.16.100.0 0.0.0.255
Network 172.16.1.0 0.0.0.255

чел тебе гугл отключил?

RTR-L
crypto isakmp policy 1
encr aes
authentication pre-share
hash sha256
group 14
!
crypto isakmp key TheSecretMustBeAtLeast13bytes address 5.5.5.100
crypto isakmp nat keepalive 5
!
crypto ipsec transform-set TSET esp-aes 256 esp-sha256-hmac
mode tunnel
!
crypto ipsec profile VTI
set transform-set TSET
interface Tunnel1
tunnel mode ipsec ipv4
tunnel protection ipsec profile VTI

RTR-R
conf t

crypto isakmp policy 1
encr aes
authentication pre-share
hash sha256
group 14
!
crypto isakmp key TheSecretMustBeAtLeast13bytes address 4.4.4.100
crypto isakmp nat keepalive 5
!
crypto ipsec transform-set TSET esp-aes 256 esp-sha256-hmac
mode tunnel
!
crypto ipsec profile VTI
set transform-set TSET
interface Tunnel1
tunnel mode ipsec ipv4
tunnel protection ipsec profile VTI

RTR-L ACL
ip access-list extended Lnew
permit tcp any any established
permit udp host 4.4.4.100 eq 53 any
permit udp host 5.5.5.1 eq 123 any
permit tcp any host 4.4.4.100 eq 80
permit tcp any host 4.4.4.100 eq 443
permit tcp any host 4.4.4.100 eq 2222
permit udp host 5.5.5.100 host 4.4.4.100 eq 500
permit esp any any
permit icmp any any
int gi 1
ip access-group Lnew in

RTR-R ACL
ip access-list extended Rnew
permit tcp any any established
permit tcp any host 5.5.5.100 eq 80
permit tcp any host 5.5.5.100 eq 443
permit tcp any host 5.5.5.100 eq 2244
permit udp host 4.4.4.100 host 5.5.5.100 eq 500
permit esp any any
permit icmp any any
int gi 1
ip access-group Rnew in