CISCO EIGRP Certification

Configuring EIGR authentication for R1 and R2

1. Configure key Chain (secret key) on the respective router, define the secret key of the key string, and distinguish it by number.

Cisco EIGRP enables authentication, in the global mode, executes the command:

R1 (config) #key chain R1EIGRP

R1 (config-keychain) #key 1

R1 (Config-keychain-key) #key-string Eigrppass

A key string named R2EIGRP is defined as above, and the secret key with number 1 is r2eigrppass.

To enable authentication under the interface:

R1 (config) #int e0/0

R1 (config-if) #ip authentication Mode EIGRP MD5

R1 (config-if) #ip authentication Key-chain EIGRP r1eigrp

*mar 1 00:26:07.547:%dual-5-nbrchange:ip-eigrp (0) 100:neighbor 10.10.12.1 (ETHERNET0/1) is down:authentication mode C Hanged

Because R2 has not yet been configured for authentication, the neighbor relationship established with R2 will be down.

Configure a key string on the R2, configure the relevant number key and enable it on the relevant interface.

R2 (config) #key Chain R2eigrp //R2 on key string named R2eigrp

R2 (config-keychain) #key 1 //number can still be 1

R2 (config-keychain-key) #key-string eigrppass //content consistent for Eigrppass

R2 (Config-keychain-key) #exit

R2 (Config-keychain) #exit

R2 (config) #int E0/1

R2 (config-if) #ip authentication Mode EIGRP MD5

R2 (config-if) #ip authentication Key-chain EIGRP r2eigrp

R2 (config-if) #

*mar 1 00:28:34.299:%dual-5-nbrchange:ip-eigrp (0) 100:neighbor 10.10.12.1 (ETHERNET0/1) is up:new adjacency//neighbor relations re- Often established

The name of the key is only valid locally, the two sides do not need to be consistent, but the number and secret key content must be consistent!

This article is from the "7743530" blog, please be sure to keep this source http://7753530.blog.51cto.com/7743530/1676073

CISCO EIGRP Certification