Network World
Friday, July 4, 2008
DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Brad Reese on Cisco

Cisco Subnet
NetworkWorld.com > Community > Brad Reese on Cisco

Navigation

How to configure authentication for EIGRP, a Cisco proprietary enhanced distance vector routing protocol

Submitted by Brad Reese on Tue, 05/06/2008 - 7:32pm.

Cisco How-To Tutorials

Enhanced Interior Gateway Routing Protocol (EIGRP) is a Cisco proprietary enhanced distance vector routing protocol.

EIGRP provides benefits like fast convergence, incremental updates and support for multiple network layer protocols.

EIGRP supports Message Digest 5 (MD5) authentication to prevent malicious and incorrect routing information from being introduced into the routing table of a Cisco router.

To configure EIGRP authentication, the keys used in the authentication process have to be configured and attached to an interface along with MD5 as the mode of authentication.

To configure authentication, apart from the basic steps required for enabling EIGRP, perform these steps:

1. To configure the keys, identify a group of authentication keys by issuing the key chain name-of-chain command in global configuration mode.
2. To identify an authentication key on a key chain, issue the key key-id command in key-chain configuration mode.
3. To specify the key authentication string, issue the key-string text command in key-chain key configuration mode.
4. To enable authentication for EIGRP packets and to specify the set of keys to be used on an interface, issue the ip authentication key-chain eigrp as-number key-chain command in interface configuration mode.
5. To specify MD5 as the type of authentication to be used for EIGRP packets, issue the ip authentication mode eigrp as-number md5 command in interface configuration mode. EIGRP does not support plain text authentication.
6. Optionally, you can configure key management to automatically migrate from one authentication key to another by configuring the accept-lifetime start-time {infinite | end-time | duration seconds} and send-lifetime start-time {infinite | end-time | duration seconds} commands in key-chain key configuration mode.

For further information on configuring EIGRP authentication with an example you may wish to refer to:

Cisco Configuring EIGRP

View more Cisco How-To Tutorials

Contact Brad Reese
http://www.BradReese.Com

Brad's Top 5 Story Picks
# 1. H-1B scandal: New study unmasks that Cisco and Microsoft NOT using H-1B visas to recruit the best and brightest
# 2. Cisco skills shortage is baloney, expert says
# 3. Cisco loses $2M order to ruthless Nortel energy efficiency calculator
# 4. VoIP monitoring: The quest for call quality ubiquity
# 5. Cisco NetFlow vendor giving away Traffic Analyzer!
Story Archives Brad Reese on Cisco Story Archives

Cisco Jobs

Cisco Repair

Cisco Resumes

Cisco Power Supplies
  

About Brad Reese on Cisco

Brad Reese is research manager at BradReese.Com, advancing the careers of 1 million certified individuals in the growing Cisco Career Certification Program.

RSS feed

Contact him.

Brad's blogroll

Brad Reese on Cisco archive.

Cisco Subnet

Advertisement: