Cisco PIX 500 Series Configuration Manual page 154

Configuring RIP
To enable and configure the RIP routing process, perform the following steps:
Step 1 Start the RIP routing process by entering the following command in global configuration mode:
hostname(config): router rip
You enter router configuration mode for the RIP routing process.
Specify the interfaces that will participate in the RIP routing process. Enter the following command for
Step 2
each interface that will participate in the RIP routing process:
hostname(config-router): network network_address
If an interface belongs to a network defined by this command, the interface will participate in the RIP
routing process. If an interface does not belong to a network defined by this command, it will not send
or receive RIP updates.
(Optional) Specify the version of RIP used by the security appliance by entering the following command:
Step 3
hostname(config-router): version [1 | 2]
You can override this setting on a per-interface basis.
(Optional) To generate a default route into RIP, enter the following command:
Step 4
hostname(config-router): default-information originate
(Optional) To specify an interface to operate in passive mode, enter the following command:
Step 5
hostname(config-router): passive-interface [default | if_name ]
Using the default keyword causes all interfaces to operate in passive mode. Specifying an interface name
sets only that interface to passive RIP mode. In passive mode, RIP routing updates are accepted by but
not sent out of the specified interface. You can enter this command for each interface you want to set to
passive mode.
(Optional) Disable automatic route summarization by entering the following command:
Step 6
hostname(config-router): no auto-summarize
RIP Version 1 always uses automatic route summarization; you cannot disable it for RIP Version 1. RIP
Version 2 uses route summarization by default; you can disable it using this command.
(Optional) To filter the networks received in updates, perform the following steps:
Step 7
Create a standard access list permitting the networks you want the RIP process to allow in the
a.
routing table and denying the networks you want the RIP process to discard.
Enter the following command to apply the filter. You can specify an interface to apply the filter to
b.
only those updates received by that interface.
hostname(config-router): distribute-list acl in [interface if_name ]
You can enter this command for each interface you want to apply a filter to. If you do not specify an
interface name, the filter is applied to all RIP updates.
Step 8 (Optional) To filter the networks sent in updates, perform the following steps:
a. Create a standard access list permitting the networks you want the RIP process to advertise and
denying the networks you do not want the RIP process to advertise.
b. Enter the following command to apply the filter. You can specify an interface to apply the filter to
only those updates sent by that interface.
hostname(config-router): distribute-list acl out [interface if_name ]
Cisco Security Appliance Command Line Configuration Guide
9-20
Chapter 9 Configuring IP Routing
OL-12172-03