RE: PIX RIP authentication MD5

From: mmj (groupstudy@users.hotpop.com)
Date: Fri Dec 31 2004 - 17:54:50 GMT-3

• Next message: joshua lauer: "Re: Training CCSP"
• Previous message: Cecil Jackson: "Training CCSP"
• Maybe in reply to: Michael Wong: "PIX RIP authentication MD5"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Michael,

I see from cco that syntax is the same.

[no] rip if_name default | passive [version [1 | 2]] [authentication [text |
md5 key (key_id)]]
Ensure that the key and key_id values are the same as in use on any other
device in your network that makes RIP Version 2 updates.

Could you do a sho rip from the pixel and deb rip upd from the router an d
tell us what is happening?
Rtr show key chain
Rtr deb rip upd

From cco:
Only Intel 10/100 and Gigabit interfaces support multicasting.
When RIP Version 2 is configured in passive mode with PIX Firewall software
Version 5.3 and higher, the PIX Firewall accepts RIP Version 2 multicast
updates with an IP destination of 224.0.0.9. For RIP Version 2 default mode,
the PIX Firewall will transmit default route updates using an IP destination
of 224.0.0.9. Configuring RIP Version 2 registers the multicast address
224.0.0.9 on the respective interface to be able to accept multicast RIP
Version 2 updates.

Also you want to go beyond PIXOS 6.2.1

Open PixOS 6.3.4

CSCeb39437 rip inside default v2 broken when management-access inside
CSCef15146 RIP may put the routes with bigger metric into the routing
table

Resolved PixOS 6.3.4
CSCec24103 traceback in riprx/1 when enabling rip default inside
CSCed83464 RIP routes disappear from route table following RIPv2

Resolved PixOS 6.2.1
CSCdw27548 PIX is sending wrong authentication type with RIP v2

-----Oorspronkelijk bericht-----
Van: nobody@groupstudy.com [mailto:nobody@groupstudy.com] Namens Michael
Wong
Verzonden: dinsdag 28 december 2004 6:24
Aan: ccielab@groupstudy.com
Onderwerp: PIX RIP authentication MD5

Hi,
 
I am not able to get PIX RIP authentication running using MD5. Without MD5,
the routing is fine, when I turned on MD5 using the following, PIX no longer
gets RIP routes, could you spot anything I am missing? thanks.
 
on PIX:
 
rip outside passive version 2 authentication md5 cisco 1
 
on Router:
!
key chain r3
 key 1
  key-string cisco
!
interface Ethernet0/0
 ip address 10.50.31.1 255.255.255.0
 ip rip authentication mode md5
 ip rip authentication key-chain r3
 half-duplex
!
 
thanks,
Michael

                
---------------------------------
Do you Yahoo!?
 Yahoo! Mail - now with 250MB free storage. Learn more.

• Next message: joshua lauer: "Re: Training CCSP"
• Previous message: Cecil Jackson: "Training CCSP"
• Maybe in reply to: Michael Wong: "PIX RIP authentication MD5"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jan 03 2005 - 10:31:33 GMT-3