RandOyler846

從 女性百科
於 2013年5月3日 (五) 03:17 由 RandOyler846 (對話 | 貢獻) 所做的修訂 (新页面: Configuring RIPv2 and EIGRP authorization with key organizations can be tough initially, and the syntax isn't particularly easy to remember. But also for BSCI and CCNP examination success...)

(差異) ←上個修訂 | 最新修訂 (差異) | 下個修訂→ (差異)
跳到: 導覽搜尋

Configuring RIPv2 and EIGRP authorization with key organizations can be tough initially, and the syntax isn't particularly easy to remember. But also for BSCI and CCNP examination success, we've got to be able to accomplish this task.

In a previous training, we saw just how to configure RIPv2 packet authentication, with both clear-text and MD5 authentication systems. EIGRP authentication is much exactly the same, and has the text and MD5 authentication options as well. But EIGRP being EIGRP, the control only has to be considered a bit more detailed!

Much like RIPv2, the authentication function should be agreed upon by the EIGRP neighbors. If one router's interface is configured for MD5 authentication and the remote router's interface is configured for text authentication, the adjacency can fail even if the two interfaces in question are configured to use the same code.

We'll today arrange link validation on the adjacency over an Ethernet segment. Below, you'll observe how to change a key chain called EIGRP on both routers, use key number 1, and use the key-string BSCI. Key chain is shown by run on a router to see all key chains.

R2( config )#key sequence EIGRP

R2( config-keychain )#key 1

R2( config-keychain-key )#key-string BSCI

R2#show important chain

Key-chain EIGRP:

Critical 1 -- text "BSCI"

accept life time (always valid) - (always valid) [valid now]

send entire life (always valid) - (always valid) [valid now]

R3( config )#key sequence EIGRP

R3( config-keychain )#key 1

R3( config-keychain-key )#key-string BSCI

R3#show key cycle

Key-chain EIGRP:

Critical 1 -- text "BSCI"

Take entire life (always valid) - (always valid) [valid now]

send life time (always valid) - (always valid) [valid now]

The EIGRP command to apply the critical chain is a bit of a pain to keep in mind, because the method and AS number is determined in the center of the command, not the beginning. Also observe that two instructions are expected - anyone to name the main element sequence, the authentication mode to be defined by another being used.

R2( config )#interface ethernet0

R2( config-if )#ip authentication key-chain eigrp 100 EIGRP

R2( config-if )#ip authentication style eigrp 100 md5

5d07h: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.23.3 (Ethernet0) is down: keychain changed

R3( config )#interface ethernet0

R3( config-if )#ip authorization key-chain eigrp 100 EIGRP

R3( config-if )#ip authentication style eigrp 100 md5

5d07h: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.23.2 (Ethernet0) is up:

As with RIPv2, the existing adjacency was torn down when one side was constructed with validation. If the important thing chain is used and correctly defined on both sides, the adjacency should come backup. Always run show ip eigrp neighbor to be sure the adjacency is present. Learn the facts of EIGRP important restaurants by establishing them on your own house research equipment, and you'll be a lot more than ready for BSCI exam success! principles