- RIP & EIGRP both have the same syntax format for assigning key chain, key ID and key-string
- Apply authentication always at an interface level
- During application on the interface you have the option of choosing clear text or MD5
Method:
key chain [GIVE IT A NAME]
key [KEY ID]
key-string [THIS IS THE PASSWORD]
For RIP Authentication on the Interface:
interface [interface ID - inclusing VLAN interfaces]
ip rip authentication mode md5
ip rip authentication key-chain [KEY CHAIN]
end
For EIGRP Authentication on the Interface:
interface [interface ID - inclusing VLAN interfaces]
ip authentication mode eigrp [AS#]md5
ip authentication key-chain eigrp [AS#] [KEY CHAIN]
EXAMPLE:
key chain KEY
key 1
key-string CISCO
!
!
interface Vlan102
ip address 192.10.1.10 255.255.255.0
ip rip authentication mode md5
ip rip authentication key-chain RIP
end
Authentication Option:
Router-A(config-if)#ip rip authentication mode ?
md5 Keyed message digest
text Clear text authentication
Testing Authentication : with incorrect password
Rack1SW4#deb ip rip
RIP protocol debugging is on
01:11:38: RIP: sending v2 update to 224.0.0.9 via Vlan102 (192.10.1.10)
01:11:43: RIP: received packet with MD5 authentication
01:11:43: RIP: ignored v2 packet from 192.10.1.254 (invalid authentication)
01:12:07: RIP: sending v2 update to 224.0.0.9 via Vlan102 (192.10.1.10)
01:12:07: RIP: build update entries
Testing Authentication : with CORRECT password
Rack1SW4#deb ip rip
RIP protocol debugging is on
01:21:55: RIP: received packet with MD5 authentication
01:21:55: RIP: received v2 update from 192.10.1.254 on Vlan102
01:21:55: 205.90.31.0/24 via 0.0.0.0 in 7 hops
01:21:55: 220.20.3.0/24 via 0.0.0.0 in 7 hops
01:21:55: 222.22.2.0/24 via 0.0.0.0 in 7 hops
01:21:55: RIP: sending v2 update to 224.0.0.9 via Vlan102 (192.10.1.10)
01:21:55: RIP: build update entries
01:21:55: 54.1.1.0/24 via 0.0.0.0, metric 1, tag 0
01:21:55: 150.1.1.0/24 via 0.0.0.0, metric 1, tag 0
01:21:55: 150.
No comments:
Post a Comment