Lessons Learned:
Between the RIP routers – I will configure clear authentication….
key chain test (name
of the key chain)
key 1 (Bound to “key 1”)
key-string cisco (password or string is “cisco”)
key 1 (Bound to “key 1”)
key-string cisco (password or string is “cisco”)
Then apply the key chain under the interface:
R1(config-if)#ip rip authentication key-chain test
-----------------------------------
Mirror the config on the other RIP routers
key chain test
key 1
key-string cisco
R2(config-if)#ip rip authentication key-chain test
key 1
key-string cisco
R2(config-if)#ip rip authentication key-chain test
Note: in RIPv2 there are two types of authentication, clear
text and MD5. When configuring clear test auth, the key numbers do not have to match. Meaning the R1 can use one
key number and R2 can use a totally different one. However, in MD5 authentication,
the key numbers must match.
Between two separate routers I will configure MD5 auth:
Clear text key-chain
key chain test
key 1
key-string cisco
key 1
key-string cisco
--------------------------------------------
MD5 auth
key chain test23
key 1
key-string cisco23
key 1
key-string cisco23
interface
FastEthernet0/1
ip address 10.2.2.2 255.255.255.0
ip rip authentication mode md5
ip rip authentication key-chain test23
ip address 10.2.2.2 255.255.255.0
ip rip authentication mode md5
ip rip authentication key-chain test23
Verify Key-chain:
R2#sh key chain test23
Key-chain test23:
key 1 -- text "cisco23"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
Key-chain test23:
key 1 -- text "cisco23"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
No comments:
Post a Comment