From: Frank (ocsic@web.de)
Date: Fri Sep 01 2006 - 03:41:14 ART
Brian Dennis schrieb:
I could not find any errors in the config, but this is the right hint. I
have already solved
the problem, as i found out, as you also say, that you have to apply the
interface configuration
always after the key config.
Frank
> Frank,
> Did you by chance apply the interface level command before the
> key chain was configured? Or possibly did you change something with the
> key chain while the interface level command was applied?
>
> Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
> bdennis@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987
> Direct: 775-745-6404 (Outside the US and Canada)
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Frank
> Sent: Thursday, August 31, 2006 11:01 PM
> To: Victor Cappuccio; Cisco certification
> Subject: Re: Rip authentication problem
>
> Victor Cappuccio schrieb:
>
>
>
>
> I glad. This did the trick.
>
> But how could this be? Is it documented somewhere? Or maybe i better
> don't ask. Thats strange. You never see, what you have typed first. I'm
> currently trying to get a deeper understanding, but this really throws
> me off.
>
> I removed the rip authentication from the interfaces and re-applied it.
> And now
> it works. I even did not had to reboot.
>
> A really hope there are not many more things like this out there.
> But i'm guessing ... :-) Oh come one.
>
> Frank
>
>
>
>
>> 8-) Say Thanks to Brian Dennis (Excellent Instructor BTW) for that
>> hint, I learn that from one of this post
>>
>> Now try to remove the Authentication part and re-apply it, reboot your
>>
>
>
>> routers, etc...
>>
>> Victor.-
>>
>>
>>
>> -----Mensaje original-----
>> De: ocsic@web.de [mailto:ocsic@web.de] Enviado el: Viernes, 01 de
>> Septiembre de 2006 01:43 a.m.
>> Para: Victor Cappuccio
>> CC: 'Cisco certification'
>> Asunto: Re: Rip authentication problem
>>
>> Victor Cappuccio schrieb:
>>
>> Hi Victor,
>>
>> this is a great hint to check white space. I did this on my two
>>
> routers:
>
>> R6#s | in CISCO $
>> R6#s | in CISCO$
>> key-string CISCO
>> R6#
>>
>> R1#s | in CISCO $
>> R1#s | in CISCO$
>> key-string CISCO
>> neighbor 192.10.1.254 password CISCO
>> R1#
>>
>> Which reveals also a neigbor statement, but this is from a bgp
>> configurations.
>>
>> So this was great help, but now tells me, i was right with withspaces.
>> There are none. Well i really don't know where to look. I find it also
>>
>
>
>> strange, that R6 is saying it receives MD5 and R1 is not telling that.
>>
>> Frank
>>
>>
>>
>>
>>> At Router6 you have a space in the password in the key chain Try this
>>>
>
>
>>> Enter configuration commands, one per line. End with CNTL/Z.
>>> Rack3Sw2(config)#key chain RIP
>>> Rack3Sw2(config-keychain)# key 1
>>> Rack3Sw2(config-keychain-key)# key-string CISCO
>>> Rack3Sw2(config-keychain-key)#^Z Rack3Sw2#
>>> 2d01h: %SYS-5-CONFIG_I: Configured from console by console
>>> Rack3Sw2#show run | in CISCO$
>>> key-string CISCO
>>> Rack3Sw2#show run | in CISCO $
>>>
>>>
>>> Grazie
>>> Victor.-
>>>
>>>
>>>
>>> -----Mensaje original-----
>>> De: nobody@groupstudy.com [mailto:nobody@groupstudy.com] En nombre de
>>>
>>>
>> Frank
>>
>>
>>> Enviado el: Viernes, 01 de Septiembre de 2006 01:04 a.m.
>>> Para: Cisco certification
>>> Asunto: Rip authentication problem
>>>
>>> Hi,
>>>
>>> i have a strange problem, that's driving me nuts. I configured RIP
>>> authentication between
>>> two routers. And i have checked the configuration many times, i can
>>>
> see
>
>>> no error on this.
>>> Checked whitespace in the passwords. Both routers are restarted also.
>>>
>>> "debug ip rip" tells me still:
>>>
>>> R1 (c2600-ik9o3s3-mz.123-10a.bin) says:
>>> *Mar 1 00:33:25.651: RIP: ignored v2 packet from 192.10.1.6 (invalid
>>>
>
>
>>> authentication)
>>> *Mar 1 00:33:25.651: RIP: ignored v2 packet from 192.10.1.6 (invalid
>>>
>
>
>>> authentication)
>>>
>>> R6 (c2600-ik9o3s3-mz.123-10a.bin): says:
>>> *Mar 1 00:06:27.779: RIP: received packet with MD5 authentication
>>> *Mar 1 00:06:27.779: RIP: ignored v2 packet from 192.10.1.1 (invalid
>>>
>
>
>>> authentication)
>>> *Mar 1 00:06:27.779: RIP: received packet with MD5 authentication
>>> *Mar 1 00:06:27.779: RIP: ignored v2 packet from 192.10.1.1 (invalid
>>>
>
>
>>> authentication)
>>>
>>>
>>> and i can't see routes are installed.
>>>
>>> Could someone give me a hint, on how to debug this in a better way?
>>> Seems line R6 is
>>> even not sending md5 authentication. Is it an IOS bug?
>>>
>>> R1:
>>>
>>> key chain RIP
>>> key 1
>>> key-string CISCO
>>>
>>> interface FastEthernet0/0
>>> ip address 192.10.1.1 255.255.255.0
>>> ip rip authentication mode md5
>>> ip rip authentication key-chain RIP
>>>
>>> router rip
>>> version 2
>>> redistribute eigrp 200 metric 1
>>> network 192.10.1.0
>>> neighbor 192.10.1.254
>>> neighbor 192.10.1.6
>>> no auto-summary
>>>
>>> R6:
>>>
>>> key chain RIP
>>> key 1
>>> key-string CISCO
>>>
>>> interface Ethernet0/0
>>> ip address 192.10.1.6 255.255.255.0
>>> ip rip authentication mode md5
>>> ip rip authentication key-chain RIP
>>>
>>> router rip
>>> version 2
>>> network 54.0.0.0
>>> network 150.1.0.0
>>> network 162.1.0.0
>>> network 192.10.1.0
>>> neighbor 192.10.1.1
>>> neighbor 192.10.1.254
>>> no auto-summary
>>>
>>>
>>> Thank you,
>>>
>>> Frank
>>>
>>>
>>>
> _______________________________________________________________________
>
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>>
> _______________________________________________________________________
>
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Oct 01 2006 - 16:55:39 ART