EIGRP Authentication Example at CCO

From: Shanky (shankyz@gmail.com)
Date: Thu Aug 18 2005 - 10:16:08 GMT-3

• Next message: Guyler, Rik: "RE: Cisco New Announcement , Which IOS Version for the Lab ?"
• Previous message: ccie2be: "match protocol rtp audio"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_
c/ipcprt2/1cfeigrp.htm#wp1011742says
...

Router A will accept and attempt to verify the MD5 digest of any EIGRP
packet with a key equal to 1. It will also accept a packet with a key equal
to 2. All other MD5 packets will be dropped. *Router A will send all EIGRP
packets with key 2.*

*Router B will accept key 1 or key 2, and will send key 1*. In this
scenario, MD5 will authenticate.

 Why ? Both the routers are configured with keys 1 & 2 , so shouldnt they
both send/receive by using both keys ?

The Doc also says .. You can configure multiple keys with lifetimes. Only
one authentication packet is sent, regardless of how many valid keys exist.
*The software examines the key numbers in order from lowest to highest, and
uses the first valid key it encounters.*

So, both the routers should be sending Key1... ?

Will appreciate if someone could explain it a lil .

 Thanks

 Shanky

• Next message: Guyler, Rik: "RE: Cisco New Announcement , Which IOS Version for the Lab ?"
• Previous message: ccie2be: "match protocol rtp audio"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:19 GMT-3