Configuring EIGR authentication for R1 and R2
1. Configure key Chain (secret key) on the respective router, define the secret key of the key string, and distinguish it by number.
Cisco EIGRP enables authentication, in the global mode, executes the command:
R1 (config) #key chain R1EIGRP
R1 (config-keychain) #key 1
R1 (Config-keychain-key) #key-string Eigrppass
A key string named R2EIGRP is defined as above, and the secret key with number 1 is r2eigrppass.
To enable authentication under the interface:
R1 (config) #int e0/0
R1 (config-if) #ip authentication Mode EIGRP MD5
R1 (config-if) #ip authentication Key-chain EIGRP r1eigrp
*mar 1 00:26:07.547:%dual-5-nbrchange:ip-eigrp (0) 100:neighbor 10.10.12.1 (ETHERNET0/1) is down:authentication mode C Hanged
Because R2 has not yet been configured for authentication, the neighbor relationship established with R2 will be down.
Configure a key string on the R2, configure the relevant number key and enable it on the relevant interface.
R2 (config) #key Chain R2eigrp //R2 on key string named R2eigrp
R2 (config-keychain) #key 1 //number can still be 1
R2 (config-keychain-key) #key-string eigrppass //content consistent for Eigrppass
R2 (Config-keychain-key) #exit
R2 (Config-keychain) #exit
R2 (config) #int E0/1
R2 (config-if) #ip authentication Mode EIGRP MD5
R2 (config-if) #ip authentication Key-chain EIGRP r2eigrp
R2 (config-if) #
*mar 1 00:28:34.299:%dual-5-nbrchange:ip-eigrp (0) 100:neighbor 10.10.12.1 (ETHERNET0/1) is up:new adjacency//neighbor relations re- Often established
The name of the key is only valid locally, the two sides do not need to be consistent, but the number and secret key content must be consistent!
This article is from the "7743530" blog, please be sure to keep this source http://7753530.blog.51cto.com/7743530/1676073
CISCO EIGRP Certification