GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: RIP MD5 Authentication posted 06/05/2003
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Try adding send lifetime and accept lifetime to the key.  Make sure date &
time is lower value than your router clock

key chain ccie
 key 1
  key-string test
  accept-lifetime 00:00:00 Jan 1 1993 infinite
  send-lifetime 00:00:00 Jan 1 1993 infinite


----- Original Message ----- 
From: <Danny.Andaluz@xxxxxxxxxxxxxx>
To: <ccielab@xxxxxxxxxxxxxx>
Sent: Wednesday, June 04, 2003 8:22 PM
Subject: RIP MD5 Authentication


> Hello, Group.  I thought I learned something from my last post on EIGRP
authentication, but apparently not.  I checked for spaces and there are
none.  The key chain names on each router are the same as well as the string
between the two.  I still get the routes from R2 but R1 keeps telling me
invalid authentication from 2.  How can I get routes from 2 if the
authentication is failing????  See the output of the debug.
>
> R2#debug ip rip event
> RIP event debugging is on
> R2#
> 02:09:47: RIP: received v2 update from 1.1.1.2 on Tunnel1
> 02:09:47: RIP: Update contains 8 routes
> 02:09:47: RIP: ignored v2 packet from 1.1.1.2 (invalid authentication)
> R2#
>
> R1
>
> key chain cisco
>  key 1
>   key-string cisco
>
> interface Tunnel1
>  ip unnumbered Serial0.1
>  ip rip authentication mode md5
>  ip rip authentication key-chain cisco
>  tunnel source Serial0.1
>  tunnel destination 1.1.1.2
>
> R2
>
> key chain cisco
>  key 1
>   key-string cisco
> !
> interface Tunnel0
>  ip unnumbered Serial0
>  ip rip authentication mode md5
>  ip rip authentication key-chain cisco
>  tunnel source Serial0
>  tunnel destination 1.1.1.1
>
>
>
>
>
>
> Danny Andaluz, CCNP
> Network Engineer
> Triaton, North America
> 908-541-6522