Managing Authentication Keys - Cisco 3845 - Security Bundle Router Software Manual
Software configuration guide
Hide thumbs
Also See for 3845 - Security Bundle Router:
- Manual (94 pages) ,
- Quick start manual (38 pages) ,
- Hardware installation manual (418 pages)
Table of Contents
Advertisement
Chapter 29
Configuring IP Unicast Routing
To remove a distance definition, use the no distance router configuration command.
Managing Authentication Keys
Key management is a method of controlling authentication keys used by routing protocols. Not all
protocols can use key management. Authentication keys are available for EIGRP and RIP Version 2.
Before you manage authentication keys, you must enable authentication. See the appropriate protocol
section to see how to enable authentication for that protocol. To manage authentication keys, define a
key chain, identify the keys that belong to the key chain, and specify how long each key is valid. Each
key has its own key identifier (specified with the key number key chain configuration command), which
is stored locally. The combination of the key identifier and the interface associated with the message
uniquely identifies the authentication algorithm and Message Digest 5 (MD5) authentication key in use.
You can configure multiple keys with life times. Only one authentication packet is sent, regardless of
how many valid keys exist. The software examines the key numbers in order from lowest to highest, and
uses the first valid key it encounters. The lifetimes allow for overlap during key changes. Note that the
router must know these lifetimes.
Beginning in privileged EXEC mode, follow these steps to manage authentication keys:
Command
Step 1
configure terminal
Step 2
key chain name-of-chain
Step 3
key number
Step 4
key-string text
Step 5
accept-lifetime start-time {infinite | end-time | duration
seconds}
Step 6
send-lifetime start-time {infinite | end-time | duration
seconds}
Step 7
end
Step 8
show key chain
Step 9
copy running-config startup-config
To remove the key chain, use the no key chain name-of-chain global configuration command.
OL-23400-01
Purpose
Enter global configuration mode.
Identify a key chain, and enter key chain configuration
mode.
Identify the key number. The range is 0 to 2147483647.
Identify the key string. The string can contain from 1 to
80 uppercase and lowercase alphanumeric characters,
but the first character cannot be a number.
(Optional) Specify the time period during which the key
can be received.
The start-time and end-time syntax can be either
hh:mm:ss Month date year or hh:mm:ss date Month
year. The default is forever with the default start-time
and the earliest acceptable date as January 1, 1993. The
default end-time and duration is infinite.
(Optional) Specify the time period during which the key
can be sent.
The start-time and end-time syntax can be either
hh:mm:ss Month date year or hh:mm:ss date Month
year. The default is forever with the default start-time
and the earliest acceptable date as January 1, 1993. The
default end-time and duration is infinite.
Return to privileged EXEC mode.
Display authentication key information.
(Optional) Save your entries in the configuration file.
Cisco ME 3800X and 3600X Switch Software Configuration Guide
Configuring Protocol-Independent Features
29-103
- Quick Links:
- Vlan Features
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
