From: Alexey Tolstenok (alextols@gmail.com)
Date: Wed Jul 16 2008 - 14:38:35 ART
Hi Narbik,
Can you explain why the following doesn't work? IOS is 12.4(19)b and no RIP
routes on both sides.
RACK01-R1#sh run | be key
key chain RIP
key 1
key-string 123
key 2
key-string 321
RACK1-R3#sh run | be key
key chain RIP
key 1
key-string 321
Remaining configs are the same as yours (mode md5, etc.)
2008/7/16 Narbik Kocharians <narbikk@gmail.com>:
> ha ha ha ha Petr, i did not know that what we discuss here in reference to
> CCIE should all be *STANDARD* and *NOT OBSCURE*.
>
> BUT NO its NOT what you are saying here, this is what i was referring to,
> let's say we are doing MD5 RIPv2 authentication between R1 and R2, you
> don't
> even need to use the "lifetime" option, your assumption is incorrect, here
> we go:
>
>
>
>
> *To Verify:*
>
>
>
> R1#sh ip route rip
>
> *Note you don't see any routes because the locally configured key number is
> lower than R2, it rejects the authentication. *
>
>
>
> R2#sh ip route rip
>
> R 1.0.0.0/8 [120/1] via 10.1.12.1, 00:00:15, Serial1/0.21
>
> *R2 accepts the routes and authentication is successful because it has a
> higher key number.*
>
>
-- Alexey Tolstenok CCIEx2 (R&S, SP) #17405, JNCIE-M #313, CCSI #31737
This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:55 ART