Re: RIP Authentication

From: Teck PhrEAk!! (phreakinphunk@hotmail.com)
Date: Mon Apr 21 2003 - 10:53:02 GMT-3

• Next message: Kash: "RE: ospf over nbma- neighbor statements necessary on which"
• Previous message: Ian Stong: "RE: RIP Authentication"
• Maybe in reply to: Jimmy Doukas: "RIP Authentication"
• Next in thread: Tony Schaffran: "Re: RIP Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

hey,

In the config below you are using the key chain "keychain".....then for what
purpose have you created the key chain "RIP_Auth"?? take that outta the
config ....its not required.....

this how yr configs should look like for simple MD5 authentication....

R2
>~~~~~~~~
>!
>key chain keychain
> key 1<<<<<<<<<<<<<<<change key 2 to key 1
> key-string cisco
>!
>interface Serial1
> ip address 10.21.1.1 255.255.0.0
> ip rip send version 2
> ip rip receive version 2
> ip rip authentication mode md5
> ip rip authentication key-chain keychain
> clockrate 125000
>!
>
>~~~~~~~~~~
>R1
>~~~~~~~~~~
>!
>key chain keychain
> key 1<<<<<<<<<<<same here!!!
> key-string cisco
>!
>!
>interface Serial0
> ip address 10.21.1.2 255.255.0.0
> ip directed-broadcast
> ip rip send version 2
> ip rip receive version 2
> ip rip authentication mode md5
> ip rip authentication key-chain keychain
> logging event subif-link-status
> fair-queue

cheers,

sumit.

>From: "Jimmy Doukas" <jdoukas@octa4.net.au>
>Reply-To: "Jimmy Doukas" <jdoukas@octa4.net.au>
>To: <ccielab@groupstudy.com>
>Subject: RIP Authentication
>Date: Mon, 21 Apr 2003 21:17:40 +1000
>
>Hi All,
>
>I have a simple question (hopefully) re. RIP authentication.
>
>I have two routers directly connected via serial interfaces
>
>R2 S1 <----------> S0 R1 Encap is HDLC (very simple config)
>
>I'm trying to configure simple RIP authentication between the two - no
>luck.
>Here are the relevant configs from both
>
>~~~~~~~~
>R2
>~~~~~~~~
>!
>key chain RIP_Auth
> key 1
> key-string cisco
> accept-lifetime 13:27:00 Apr 1 2003 infinite
> send-lifetime 13:27:00 Apr 1 2003 infinite
> key 2
> key-string cisco
>key chain keychain
> key 2
> key-string cisco
>!
>interface Serial1
> ip address 10.21.1.1 255.255.0.0
> ip rip send version 2
> ip rip receive version 2
> ip rip authentication mode md5
> ip rip authentication key-chain keychain
> clockrate 125000
>!
>
>~~~~~~~~~~
>R1
>~~~~~~~~~~
>!
>key chain RIP_Auth
> key 1
> key-string cisco
> accept-lifetime 13:27:00 Apr 1 2003 infinite
> send-lifetime 13:27:00 Apr 1 2003 infinite
> key 2
> key-string cisco
>key chain keychain
> key 2
> key-string cisco
>!
>!
>interface Serial0
> ip address 10.21.1.2 255.255.0.0
> ip directed-broadcast
> ip rip send version 2
> ip rip receive version 2
> ip rip authentication mode md5
> ip rip authentication key-chain keychain
> logging event subif-link-status
> fair-queue
>
>a debug of ip rip shows:
>00:29:43: RIP: ignored v2 packet from 10.21.1.1 (invalid authentication)
>
>I've tried clear authentication and still nothing.
>
>If anyone can enlighten me that would be great.
>
>Thanks in advance,
>Jim
>
>Ps. Clock are synchronised.

• Next message: Kash: "RE: ospf over nbma- neighbor statements necessary on which"
• Previous message: Ian Stong: "RE: RIP Authentication"
• Maybe in reply to: Jimmy Doukas: "RIP Authentication"
• Next in thread: Tony Schaffran: "Re: RIP Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu May 01 2003 - 13:35:59 GMT-3