Re: authentication cia ripV2 with key-chains

From: Zeng Puyang (zbridge98@xxxxxxxxx)
Date: Sat May 12 2001 - 02:17:46 GMT-3

• Next message: Mohamed Heeba: "RE: OSPF summary-address--The beat goes on..."
• Previous message: Dirar Hakeem: "Re: OSPF: area 0 authentication and the virtual-link"
• Maybe in reply to: Martin, Chris: "authentication cia ripV2 with key-chains"
• Next in thread: zhutong: "Re: authentication cia ripV2 with key-chains"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
I ran into strange situation with rip auth a few month ago. I didn't remember i
t clearly. I think I defined key chain after adding auth commands. It didn't wo
rk. I deleted all the commands, and defined the key chain first, it worked.

hope this is helpful.

Zeng
----- Original Message -----
From: "alain faure" <alainfaure@yahoo.fr>
To: "Charles Carley" <ccarley@columbus.rr.com>; "haresh rane" <hnrane@yahoo.com
>; "Martin, Chris" <chris@pacinter.net>; <ccielab@groupstudy.com>
Sent: Saturday, May 12, 2001 3:36 AM
Subject: RE: authentication cia ripV2 with key-chains

> Hello,
>
> I am not sure but, is the time ok on the 2 routers ?
> I see no NTP...
>
> best regards
>
> --- Charles Carley <ccarley@columbus.rr.com> a icrit : > My understanding is
> the key chain name is only locally significant so they
> > do not have to match between routers only the key-string must match.
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> > haresh rane
> > Sent: Friday, May 11, 2001 6:12 AM
> > To: Martin, Chris; ccielab@groupstudy.com
> > Subject: Re: authentication cia ripV2 with key-chains
> >
> >
> > Martin,
> >
> > The Key chain name on Router B is 'key chain TEST1'
> > and on router C it is 'key chain TEST'...the 1 is
> > mising.
> >
> > Hope this helps.
> >
> > Harish
> >
> > --- "Martin, Chris" <chris@pacinter.net> wrote:
> > > Hi Gang:
> > > Here is a simple one im sure someone
> > > out there has been able to
> > > figure out, except me. Configs are posted below for
> > > router B and router C i
> > > have key-chains setup on both routers with the SAME
> > > password for both using
> > > md5 authentication, yet on debug for router B its
> > > telling me that its
> > > receiving invalid authentication type. Anyone have
> > > an idea? pelase let me
> > > know, thanks in advance!
> > >
> > > Router B
> > >
> > > version 12.0
> > > service timestamps debug uptime
> > > service timestamps log uptime
> > > no service password-encryption
> > > !
> > > hostname ROUTERB
> > > !
> > > !
> > > ip subnet-zero
> > > no ip domain-lookup
> > > ip host A 192.1.1.1
> > > ip host C 10.2.2.1
> > > !
> > > key chain TEST1
> > > key 1
> > > key-string chris
> > > accept-lifetime 12:00:00 May 10 2001 infinite
> > > send-lifetime 12:00:00 May 10 2001 infinite
> > > !
> > > !
> > > !
> > > interface Ethernet0
> > > ip address 192.1.1.2 255.255.255.0
> > > no ip directed-broadcast
> > > !
> > > interface Serial0
> > > ip address 10.1.1.2 255.255.255.0
> > > no ip directed-broadcast
> > > no ip mroute-cache
> > > no fair-queue
> > > !
> > > interface Serial1
> > > ip address 10.2.2.2 255.255.255.0
> > > no ip directed-broadcast
> > > ip rip authentication mode md5
> > > ip rip authentication key-chain TEST1
> > > clockrate 64000
> > > !
> > > interface BRI0
> > > no ip address
> > > no ip directed-broadcast
> > > shutdown
> > > !
> > > router rip
> > > version 2
> > > network 10.0.0.0
> > > network 192.1.1.0
> > > no auto-summary
> > > !
> > > ip classless
> > > !
> > > !
> > > line con 0
> > > logging synchronous
> > > transport input none
> > > line aux 0
> > > line vty 0 4
> > > password cisco
> > > login
> > > !
> > > end
> > >
> > >
> > > ROUTER C
> > >
> > > version 12.1
> > > service timestamps debug uptime
> > > service timestamps log uptime
> > > no service password-encryption
> > > !
> > > hostname ROUTERC
> > > !
> > > enable secret 5 $1$sdZB$DX6HPktjQdbtIONtR61W51
> > > !
> > > !
> > > !
> > > !
> > > !
> > > ip subnet-zero
> > > !
> > > !
> > > key chain TEST
> > > key 1
> > > key-string chris
> > > accept-lifetime 12:00:00 May 10 2001 infinite
> > > send-lifetime 12:00:00 May 10 2001 infinite
> > > !
> > > !
> > > !
> > > interface Ethernet0
> > > ip address 192.168.3.1 255.255.255.0
> > > no keepalive
> > > !
> > > interface Ethernet1
> > > ip address 192.168.4.1 255.255.255.0
> > > no keepalive
> > > !
> > > interface Serial0
> > > ip address 10.2.2.1 255.255.255.0
> > > ip rip authentication mode md5
> > > ip rip authentication key-chain TEST
> > > !
> > > interface Serial1
> > > no ip address
> > > shutdown
> > > !
> > > router rip
> > > version 2
> > > network 10.0.0.0
> > > network 192.168.3.0
> > > network 192.168.4.0
> > > no auto-summary
> > > !
> > > ip classless
> > > no ip http server
> > > !
> > > !
> > > line con 0
> > > logging synchronous
> > > transport input none
> > > line aux 0
> > > line vty 0 4
> > > password cisco
> > > login
> > > !
> > > end
> > > **Please
> > > read:http://www.groupstudy.com/list/posting.html
> > >

• Next message: Mohamed Heeba: "RE: OSPF summary-address--The beat goes on..."
• Previous message: Dirar Hakeem: "Re: OSPF: area 0 authentication and the virtual-link"
• Maybe in reply to: Martin, Chris: "authentication cia ripV2 with key-chains"
• Next in thread: zhutong: "Re: authentication cia ripV2 with key-chains"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:40 GMT-3