From: zhutong (zhutong@xxxxxxxxxxxxxx)
Date: Sun May 13 2001 - 14:05:50 GMT-3
Delete the following two commands:
accept-lifetime 12:00:00 May 10 2001 infinite
send-lifetime 12:00:00 May 10 2001 infinite
or
use the "clock set 0:0:0 14 may 2001" command change the router's current clock
,
it will authentication successfully, i think.
----- Original Message -----
From: "Zeng Puyang" <zbridge98@yahoo.com>
To: <ccielab@groupstudy.com>
Sent: Saturday, May 12, 2001 1:17 PM
Subject: Re: authentication cia ripV2 with key-chains
> I ran into strange situation with rip auth a few month ago. I didn't remember
it clearly. I think I defined key chain after adding auth commands. It didn't
work. I deleted all the commands, and defined the key chain first, it worked.
>
> hope this is helpful.
>
> Zeng
> ----- Original Message -----
> From: "alain faure" <alainfaure@yahoo.fr>
> To: "Charles Carley" <ccarley@columbus.rr.com>; "haresh rane" <hnrane@yahoo.c
om>; "Martin, Chris" <chris@pacinter.net>; <ccielab@groupstudy.com>
> Sent: Saturday, May 12, 2001 3:36 AM
> Subject: RE: authentication cia ripV2 with key-chains
>
>
> > Hello,
> >
> > I am not sure but, is the time ok on the 2 routers ?
> > I see no NTP...
> >
> > best regards
> >
> > --- Charles Carley <ccarley@columbus.rr.com> a icrit : > My understanding i
s
> > the key chain name is only locally significant so they
> > > do not have to match between routers only the key-string must match.
> > >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> > > haresh rane
> > > Sent: Friday, May 11, 2001 6:12 AM
> > > To: Martin, Chris; ccielab@groupstudy.com
> > > Subject: Re: authentication cia ripV2 with key-chains
> > >
> > >
> > > Martin,
> > >
> > > The Key chain name on Router B is 'key chain TEST1'
> > > and on router C it is 'key chain TEST'...the 1 is
> > > mising.
> > >
> > > Hope this helps.
> > >
> > > Harish
> > >
> > > --- "Martin, Chris" <chris@pacinter.net> wrote:
> > > > Hi Gang:
> > > > Here is a simple one im sure someone
> > > > out there has been able to
> > > > figure out, except me. Configs are posted below for
> > > > router B and router C i
> > > > have key-chains setup on both routers with the SAME
> > > > password for both using
> > > > md5 authentication, yet on debug for router B its
> > > > telling me that its
> > > > receiving invalid authentication type. Anyone have
> > > > an idea? pelase let me
> > > > know, thanks in advance!
> > > >
> > > > Router B
> > > >
> > > > version 12.0
> > > > service timestamps debug uptime
> > > > service timestamps log uptime
> > > > no service password-encryption
> > > > !
> > > > hostname ROUTERB
> > > > !
> > > > !
> > > > ip subnet-zero
> > > > no ip domain-lookup
> > > > ip host A 192.1.1.1
> > > > ip host C 10.2.2.1
> > > > !
> > > > key chain TEST1
> > > > key 1
> > > > key-string chris
> > > > accept-lifetime 12:00:00 May 10 2001 infinite
> > > > send-lifetime 12:00:00 May 10 2001 infinite
> > > > !
> > > > !
> > > > !
> > > > interface Ethernet0
> > > > ip address 192.1.1.2 255.255.255.0
> > > > no ip directed-broadcast
> > > > !
> > > > interface Serial0
> > > > ip address 10.1.1.2 255.255.255.0
> > > > no ip directed-broadcast
> > > > no ip mroute-cache
> > > > no fair-queue
> > > > !
> > > > interface Serial1
> > > > ip address 10.2.2.2 255.255.255.0
> > > > no ip directed-broadcast
> > > > ip rip authentication mode md5
> > > > ip rip authentication key-chain TEST1
> > > > clockrate 64000
> > > > !
> > > > interface BRI0
> > > > no ip address
> > > > no ip directed-broadcast
> > > > shutdown
> > > > !
> > > > router rip
> > > > version 2
> > > > network 10.0.0.0
> > > > network 192.1.1.0
> > > > no auto-summary
> > > > !
> > > > ip classless
> > > > !
> > > > !
> > > > line con 0
> > > > logging synchronous
> > > > transport input none
> > > > line aux 0
> > > > line vty 0 4
> > > > password cisco
> > > > login
> > > > !
> > > > end
> > > >
> > > >
> > > > ROUTER C
> > > >
> > > > version 12.1
> > > > service timestamps debug uptime
> > > > service timestamps log uptime
> > > > no service password-encryption
> > > > !
> > > > hostname ROUTERC
> > > > !
> > > > enable secret 5 $1$sdZB$DX6HPktjQdbtIONtR61W51
> > > > !
> > > > !
> > > > !
> > > > !
> > > > !
> > > > ip subnet-zero
> > > > !
> > > > !
> > > > key chain TEST
> > > > key 1
> > > > key-string chris
> > > > accept-lifetime 12:00:00 May 10 2001 infinite
> > > > send-lifetime 12:00:00 May 10 2001 infinite
> > > > !
> > > > !
> > > > !
> > > > interface Ethernet0
> > > > ip address 192.168.3.1 255.255.255.0
> > > > no keepalive
> > > > !
> > > > interface Ethernet1
> > > > ip address 192.168.4.1 255.255.255.0
> > > > no keepalive
> > > > !
> > > > interface Serial0
> > > > ip address 10.2.2.1 255.255.255.0
> > > > ip rip authentication mode md5
> > > > ip rip authentication key-chain TEST
> > > > !
> > > > interface Serial1
> > > > no ip address
> > > > shutdown
> > > > !
> > > > router rip
> > > > version 2
> > > > network 10.0.0.0
> > > > network 192.168.3.0
> > > > network 192.168.4.0
> > > > no auto-summary
> > > > !
> > > > ip classless
> > > > no ip http server
> > > > !
> > > > !
> > > > line con 0
> > > > logging synchronous
> > > > transport input none
> > > > line aux 0
> > > > line vty 0 4
> > > > password cisco
> > > > login
> > > > !
> > > > end
> > > > **Please
> > > > read:http://www.groupstudy.com/list/posting.html
> > > >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:40 GMT-3