Friday, 10 May 2013

OSPF Authentication

OSPF Authenticatoin


Objectives


  • Configure interfaces
  • Configure OSPF
  • Configure MD5 authentication
  • Verfiy configuration

Topology

 

 


Configure MD5 authentication


I did this the wrong way round and configured R2 first instead of R1, so when i went to configure R2 i recived this message;





Which confused me unil i realised I configured R2 already instead of R1. This is why you will see the OSPF adjacency messages below in the wrong order.

I configured R2 which broke the adjacency, which was then reestablished once i configured R1to match the md5 key.

R1


The MD5 key has been set to 'md5key'.





R2



 

Verify configuration

 

The adjacency messages above give a good indiction that the authenticaion has worked. However you can use the following commands to check.

R1

To verify the configuration you can view the interface;

  


You can also use the 'show ip ospf neighbor' command, if the authentication were to fail the two routers will not form an adjacency.


 

 

Complete 

Thursday, 9 May 2013

EIGRP Authentication

EIGRP Authentication

Objectives;

  • Configure interfaces
  • Configure EIGRP
  • Configure MD5 authentication
  • Verify configuration

Topology

 

Confgiure MD5 authentication

 

I will configure one key chain with two keys, this allows you to stop using a key after a period of time and start using the next one.

R1 

 

So i've setup one key chain 'keychain1' and two keys 'Hades' amd 'Gaia', which both expire at their set periods. The keychains between the routers do not need to match, but the two keys will have to match.


I've just noticed that the command has been cut off, so heres the full version.




Once you setup the authentication on the interface neighbor adjacency will be lost, until the other side has been configured;




If the time on your router is incorrect you can set it manualy with the following command;




However, in production network date and time should be managed by NTP.

R2

 

You may see a number of DUAL messages while configuring the router.

 

Verifying configuration

 

If the authentication fails EIGRP neighbor adjacency will fail. You can check to make sure that authentcation has worked by checking the neighbors table.

 

 

 

 

If your authentcation fails check your config on the routers using show run or use the debug ip eigrp packets command.

 

Complete