*===================================*
Authentication
*===================================*
- Only supported on RIPv2.
- Supports clear text and MD5.
- Configured using key-chains.
- RIP, unlike EIGRP does not require the same key-number on both sides.
- When configuring, order of operation is important.
- When making changes to the key-chain, first remove the config of the interface.
Steps involved
1. Define a key chain with a name.
2. Define the key or keys on the key chain.
3. Enable authentication on an interfaces and specify the key chain to be used.
4. Specify whether the interfaces will use clear text or MD5. If not specified, clear is used.
5. Optionally configure key management.
-----------
COMMANDS
-----------
Step 1: Defines a key-chain
key chain NAME
Step 2: Defines the key/s on the chain/Specifies the key-string
key 1
key-string STRING
Step 3: Enable authentication on an interfaces by using the key-chain
interface ethernet 0
ip rip authentication key-chain NAME
Step 4: Specifies whether the interfaces will use clear text or MD5
ip rip authentication mode md5
note: some version of ios you need to define accept lifetime and send lifetime. this happens when you noticed that peering is down after some time between 2 routers.
---------------------------
verification
---------------------------
show ip protocols | begin rip - Shows the key-chain in use
No comments:
Post a Comment