Ripv2 Md5 Authentication (Multiple Keys) - Allied Telesis SwitchBlade x908 Series Software Reference Manual
Switchblade x908/x900 series alliedware plus operating system software reference for version 5.3.1
Hide thumbs
Also See for SwitchBlade x908 Series:
- Hardware reference manual (65 pages) ,
- Software manual (56 pages) ,
- Installation and safety manual (55 pages)
Table of Contents
Advertisement
RIPv2 md5 authentication
(multiple keys)
This example illustrates the md5 authentication of the routing information exchange process
for RIP using multiple keys. The routing devices in this example are Allied Telesis managed
Layer 3 Switches. Switch 1 and Switch 2 are running RIP and exchange routing updates. To
configure authentication on Switch 1, define a key chain, specify keys in the key chain and then
define the authentication string or passwords to be used by the keys. Then set the time period
during which it is valid to receive or send the authentication key by specifying the accept and
send lifetimes. After defining the key string, specify the key chain (or the set of keys) that will be
used for authentication on the interface and the authentication mode to be used. Configure
Switch 2 and Switch 3 to have the same key ID and key string as Switch 1 for the time that
updates need to be exchanged.
In md5 authentication, both the key ID and key string are matched for authentication. Switch 1
will receive only packets that match both the key ID and the key string in the specified key chain
(within the accept lifetime) on that interface. In the following example, Switch 2 has the same
key ID and key string as Switch 1. For additional security, the accept lifetime and send lifetime
are configured such that every fifth day the key ID and key string changes. To maintain
continuity, the accept lifetimes should be configured to overlap; however, the send lifetime
should not be overlapping.
Switch 1
awplus#configure terminal
awplus(config)#router rip
awplus(config-router)#network 10.10.10.0/24
awplus(config-router)#redistribute connected
awplus(config-router)#exit
awplus(config)#key chain SUN
awplus(config-keychain)#key 1
awplus(config-keychain-key)#key-string Secret
awplus(config-keychain-key)#accept-lifetime
12:00:00 Mar 2 2007 14:00:00 Mar 7 2007
awplus(config-keychain-key)#send-lifetime
12:00:00 Mar 2 2007 12:00:00 Mar 7 2007
C613-50007-01 REV B
port1.0.2
port1.0.1
10.10.11.10
10.10.10.10
Switch 1
Software Reference for SwitchBlade® x908, x900 and x600 Series Switches
TM
AlliedWare Plus
Operating System - Software Version 5.3.1
port1.0.2
10.10.10.50
Switch 2
Enter the Configure mode.
Define a RIP routing process and enter the Router
mode.
Associate network 10.10.10.0/24 with the RIP
process.
Enable redistributing from connected routes.
Exit the Router mode and return to the Configure
mode.
Enter the key chain management mode to add keys to
the key chain SUN.
Add authentication key ID (1) to the key chain SUN.
Specify a password (Secret) to be used by the
specified key.
Specify the time period during which authentication
key string Secret can be received. In this case, key
string Secret can be received from noon of March 2
to 2 pm March 7, 2007.
Specify the time period during which authentication
key string Secret can be send. In this case, key string
Secret can be received from noon of March 2 to
noon of March 7, 2007.
RIP Configuration
port1.0.1
10.10.12.50
rip_5
31.9
- Quick Links:
- Thrash-Limiting
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
