From: Tighe Kuykendall (tighe@xxxxxxxxxxxxxx)
Date: Tue May 22 2001 - 02:35:54 GMT-3
I'm sitting here trying the same thing and kept getting the same debug (error)
output until I removed the auth statements from the interfaces, let everything
settle down, then put the auth statements back in. Now I'm getting
authenticated.
02:58:26: RIP: received packet with MD5 authentication
02:58:26: RIP: received v2 update from 172.16.1.2 on Serial0
r1:
key chain mychain
key 1
key-string key
interface Serial0
ip address 172.16.1.1 255.255.255.252
ip rip authentication mode md5
ip rip authentication key-chain mychain
no fair-queue
clockrate 56000
r2:
key chain mychain
key 1
key-string key
interface Serial0
ip address 172.16.1.2 255.255.255.252
ip rip authentication mode md5
ip rip authentication key-chain mychain
no fair-queue
--Tighe
"Martin, Chris" wrote:
> Post config for 10.21.1.2 i dont see it. Most likely the cause is on router
> 10.21.1.2 your key-chain password is different. They need to be the same
> password on both ends.However the key chain name can be different. Id try
> changing the key-chain name on 10.21.1.2 to see if that works. Without
> seeing the config, thats my 2 cents worth.
> -C
>
> ----- Original Message -----
> From: "Jon Carmichael" <jonc@pacbell.net>
> To: <ccielab@groupstudy.com>
> Sent: Monday, May 21, 2001 1:46 PM
> Subject: RIP2 authentication with the key-chains.
>
> > Working Lab 7.
> >
> > Trying to make RIPV2 authentication work with key-chains and MD5, --I have
> > both ends configured identically, --I have tried more than one key chain
> in
> > case I made an invisible char typo, -same result. Configs and debugs to
> > follow.
> >
> > !
> > hostname Lab7-R2
> > !
> > !
> > no ip domain-lookup
> > !
> > key chain RIPAUTH
> > key 1
> > key-string 7 fred
> > key chain SPANKY
> > key 1
> > key-string 7 fred
> > !
> > interface Ethernet0
> > ip address 10.14.0.1 255.255.255.0
> > !
> > interface Serial0
> > ip address 10.101.1.2 255.255.0.0
> > encapsulation frame-relay
> > ip ospf priority 0
> > frame-relay interface-dlci 410
> > !
> > interface Serial1
> > ip address 10.21.1.1 255.255.0.0
> > ip rip authentication mode md5
> > ip rip authentication key-chain SPANKY
> > encapsulation ppp
> > !
> > interface TokenRing0
> > ip address 192.168.3.1 255.255.255.0
> > shutdown
> > ring-speed 16
> > !
> > router ospf 1
> > redistribute rip metric 22 subnets route-map RIP2OSPF
> > network 10.101.1.2 0.0.0.0 area 0
> > network 10.14.0.1 0.0.0.0 area 2
> > default-information originate metric 200 metric-type 1
> > !
> >
> > Lab7-R2#config t
> > Enter configuration commands, one per line. End with CNTL/Z.
> > Lab7-R2(config)#debug ip rip
> > ^
> > % Invalid input detected at '^' marker.
> >
> > Lab7-R2(config)#end
> > Lab7-R2#debug ip r
> > %SYS-5-CONFIG_I: Configured from console by console
> > Lab7-R2#debug ip rip
> > RIP protocol debugging is on
> > Lab7-R2#
> > RIP: received packet with MD5 authentication
> > RIP: ignored v2 packet from 10.21.1.2 (invalid authentication)
> > RIP: sending v2 update to 224.0.0.9 via Ethernet0 (10.14.0.1)
> > 10.3.0.0/16 -> 0.0.0.0, metric 2, tag 0
> > 10.21.1.2/32 -> 0.0.0.0, metric 1, tag 0
> > 10.21.0.0/16 -> 0.0.0.0, metric 1, tag 0
> > 10.100.0.0/16 -> 0.0.0.0, metric 2, tag 0
> > 10.101.0.0/16 -> 0.0.0.0, metric 1, tag 0
> > RIP: sending v2 update to 224.0.0.9 via Serial1 (10.21.1.1)
> > **Please read:http://www.groupstudy.com/list/posting.html
> **Please read:http://www.groupstudy.com/list/posting.html
-- Tighe Kuykendall Senior Systems Engineer Tighe@Prism-Tech.Com 828.251.3204Prism Technology Resources, Inc. 223 Haywood Street Asheville, NC 28801 http://www.Prism-Tech.com -- **Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:48 GMT-3