RIP Version 2 Authentication

From: Clifton Stewart (cliftonlstewart@xxxxxxxx)
Date: Mon Jan 15 2001 - 05:11:58 GMT-3

• Next message: Stanford Wong - SPAWAR: "RE: RIP Version 2 Authentication"
• Previous message: Thounda Craig Jr.: "Re: need lil advise for the lab prep"
• Next in thread: John Dill: "RE: RIP Version 2 Authentication"
• Maybe reply: John Dill: "RE: RIP Version 2 Authentication"
• Maybe reply: Devender Singh: "RE: RIP Version 2 Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Standford,

It appears you need to let RIP know when to begin authenticating as well as
when to stop. Your config instructed RIP to take no action, which is why we
were getting the error. Take a look at the config below, I've also enclosed a
URL from CCO.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np1_r/1r
prt1/1rindep.htm#21966
<--

-Cliff

R2503#sh run
Building configuration...

Current configuration:
!
! Last configuration change at 12:03:12 UTC Sun Jan 14 2001
! NVRAM config last updated at 12:03:23 UTC Sun Jan 14 2001
!
version 11.2
no service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname R2503
!
enable password cisco
!
ip subnet-zero
!
key chain turkey
 key 1
  key-string password1
  accept-lifetime 00:00:00 Jan 14 2001 infinite
  send-lifetime 00:30:00 Jan 14 2001 infinite
!
interface Loopback0
 ip address 4.4.4.4 255.255.255.0
!
interface Ethernet0
 ip address 10.0.0.2 255.255.255.0
 ip rip authentication key-chain turkey
 no cdp enable
!
interface Serial0
 no ip address
 shutdown
 no fair-queue
!
interface Serial1
 no ip address
 shutdown
!
interface BRI0
 no ip address
 shutdown
!
router rip
 version 2
 passive-interface Loopback0
 network 4.0.0.0
 network 10.0.0.0
!
ip classless
!
!
line con 0
line aux 0
line vty 0 4
 login
!
end

R2503#sh cloc
R2503#sh clock
12:09:37.303 UTC Sun Jan 14 2001
R2503#
<========================================>

R2513#sh run
Building configuration...

Current configuration:
!
! Last configuration change at 12:04:23 UTC Sun Jan 14 2001
! NVRAM config last updated at 12:04:24 UTC Sun Jan 14 2001
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R2513
!
enable password cisco
!
ip subnet-zero
!
key chain turkey
 key 1
  key-string password1
  accept-lifetime 00:00:00 Jan 14 2001 infinite
  send-lifetime 00:30:00 Jan 14 2001 infinite
!
!
!
!
!
interface Loopback0
 ip address 3.3.3.3 255.255.255.0
 no ip directed-broadcast
!
interface Ethernet0
 ip address 10.0.0.1 255.255.255.0
 no ip directed-broadcast
 ip rip authentication key-chain turkey
 no cdp enable
!
interface Serial0
 no ip address
 no ip directed-broadcast
 no ip mroute-cache
 shutdown
 no fair-queue
!
interface Serial1
 no ip address
 no ip directed-broadcast
 shutdown
!
interface TokenRing0
 no ip address
 no ip directed-broadcast
 shutdown
!
router rip
 version 2
 passive-interface Loopback0
 network 3.0.0.0
 network 10.0.0.0
!
ip classless
!
!
!
line con 0
 transport input none
line aux 0
line vty 0 4
 login
!
end

R2513#sh clock
12:11:07.935 UTC Sun Jan 14 2001
R2513#

Stanford Wong - CNS wrote:

> Has anybody out there got RIP authentication working?
>
> I have been working on this for a couple of days it doesn't seem to work.
>
> The connection is two routers connected directly to each other via a
> fastethernet connection.
>
> When I do a debug ip rip events all I get is -
> 00:08:04: RIP: ignored v2 packet from 10.0.0.1 (invalid authentication)
>
> here are the two configs -
>
> ---------------------Router D-------------------------
> hostname rd
> !
> key chain turkey
> key 1
> key-string password1
> accept-lifetime 00:00:00 Jan 14 2001 infinite
> send-lifetime 00:00:00 Jan 14 2001 infinite
> !
> interface Loopback0
> ip address 4.4.4.4 255.255.255.0
> !
> interface FastEthernet0
> ip address 10.0.0.2 255.255.255.0
> ip rip authentication key-chain turkey
> speed auto
> no cdp enable
> !
> router rip
> version 2
> passive-interface Loopback0
> network 4.0.0.0
> network 10.0.0.0
> !
> ip classless
> -------------------------Router C-------------------------
>
> hostname rc
> !
> key chain turkey
> key 1
> key-string password1
> accept-lifetime 00:00:00 Jan 14 2001 infinite
> send-lifetime 00:00:00 Jan 14 2001 infinite
> !
> interface Loopback0
> ip address 3.3.3.3 255.255.255.0
> !
> interface FastEthernet0
> ip address 10.0.0.1 255.255.255.0
> ip rip authentication key-chain turkey
> speed auto
> no cdp enable
> !
> router rip
> version 2
> passive-interface Loopback0
> network 3.0.0.0
> network 10.0.0.0
> !
> ip classless
> ------------------------------------------------------------
>
> Here is the version of IOS that I am using....
> IOS (tm) C1700 Software (C1700-SY-M), Version 12.1(1), RELEASE SOFTWARE
> (fc1)
>
> Am I missing something or does this thing not even work? Getting a little
> frustrated because this should be a no brainer, but it doesn't work.
>
> Thanks in advance for any insight/suggestions.
>
> stanford
>

• Next message: Stanford Wong - SPAWAR: "RE: RIP Version 2 Authentication"
• Previous message: Thounda Craig Jr.: "Re: need lil advise for the lab prep"
• Next in thread: John Dill: "RE: RIP Version 2 Authentication"
• Maybe reply: John Dill: "RE: RIP Version 2 Authentication"
• Maybe reply: Devender Singh: "RE: RIP Version 2 Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:29 GMT-3