Wednesday, 31 August 2016

EIGRP - Part 5

EIGRP Security

Routing protocol use to forward our internal traffic towards of external areas, which all are going through public network. If we don't use any authentication on routing protocol than someone try to form an routing protocol adjacency with one of your router and try to mess your network.

EIGRP support MD 5 authentication, there is no plain text authentication.

What does authentication offer us?

1.) Ignore unwanted/unauthorized routing update.
2.) Your router will authenticate the source of each routing update packet that it will receive.

 In order of configure MD 5 authentication, we need to do following:

1.) Configure a Key-chain
       A.) Configure a Key ID under the Key-chain
              a.) Specify the Password for Key ID
Let's start to configure EIGRP authentication:


Configure IP address as per scenario.
Configure EIGRP routing on both router.

First Verify authentication of both router's serial interface using this command:

Router# show ip eigrp interface detail

 "Authentication mode is not set"

Now...!! Configure authentication

First create key-chain

Router(config)# key-chain india
Router(config-keychain)# key 2
Router(config-keychain-key)# key-string rajasthan
Router(config-keychain-key)# exit

Apply this key-chain on interface:

Router(config)# interface serial 1/0
Router(config-if)# ip authentication mode eigrp 2 md5  (2 is AS number)
Router(config-if)# ip authentication key-chain eigrp 2 india
Router(config-if)# exit

Now...!! again check authentication.

And verify  key-chain:

Router# show key chain | india