From: kasturi cisco (kasturi_cisco@hotmail.com)
Date: Thu Jan 29 2004 - 23:58:31 GMT-3
Hi,
I think it works as follows:
Multiple keys are used for roll over so that if first key is invalid with
time (defined by accept and send-lifetime) then the second key in list
going to be used.
The routing protcols have the interface associated with the key-chain
only with both RIP and EIGRP. The key-id is locally significant but the
routing protocol uses or starts the auth process with the loewst key # or
key id. Then based on this it uses the corresponding key-string to
authenticate. The key-strings should match for successful authentication.
So when u have a key chain with keys like u have defined what would
happen is key 1 will be used at both ends and assuming both are valid the
key-strings configured would be sent/expected from other end. Since they
dont match it will fail.
Good Luck,
Kasturi.
------------------------------------------------------------------------
Easiest Money Transfer to India. Send Money To 6000 Indian Towns.
This archive was generated by hypermail 2.1.4 : Mon Feb 02 2004 - 09:07:52 GMT-3