3.3.n Implement and troubleshoot routing protocol authentication

3.3.n Implement and troubleshoot routing protocol authentication

  • 3.3.n [i] MD5

md5 is the only authentication mode for EIGRP

R3(config-keychain-key)#do sh run | sec key
key chain CHAIN
key 1
key-string cisco

R3#sh run int f3/0 | i ip
ip address 192.168.36.3 255.255.255.0
ip authentication mode eigrp 1 md5
ip authentication key-chain eigrp 1 CHAIN

R3#debug eigrp pack hello
EIGRP Packets debugging is on
(HELLO)
R3#
*Mar  1 02:54:10.159: EIGRP: received packet with MD5 authentication, key id = 1

R6(config)#key chain CHAIN
R6(config-keychain)#key 1
R6(config-keychain-key)#key-string psycho
R6(config-keychain-key)#
*Mar  1 02:57:30.887: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 192.168.36.3 (FastEthernet0/0) is down: Auth failure

for ospf null (0) is the default

R7#debug ip ospf pack
OSPF packet debugging is on
R7#
*Mar  1 00:07:19.935: OSPF: rcv. v:2 t:1 l:48 rid:6.6.6.6
aid:0.0.0.0 chk:3871 aut:0 auk: from FastEthernet1/0

for plain text authentication (1). in router configuration mode the area configuration is optional:

R6#sh run int f1/0 | i auth
ip ospf authentication
ip ospf authentication-key cisco

R6(config-if)#
*Mar  1 03:25:38.799: OSPF: rcv. v:2 t:1 l:48 rid:7.7.7.7
aid:0.0.0.0 chk:3870 aut:1 auk: from FastEthernet1/0

md5 authentication is (2)

R6#sh run int f1/0 | i auth
ip ospf authentication message-digest
ip ospf authentication-key cisco

R6#
*Mar  1 03:30:08.759: OSPF: rcv. v:2 t:1 l:48 rid:7.7.7.7
aid:0.0.0.0 chk:0 aut:2 keyid:0 seq:0x3C7ECB35 from FastEthernet1/0

BGP wins; only md5 and the easiest of all..

R7(config-router)#do sh run | sec bgp
router bgp 1
neighbor 6.6.6.6 remote-as 1
neighbor 6.6.6.6 password cisco