LeonelleRioux987

De BISAWiki

When you earned your CCNA, you thought you learned every thing there is to know about RIP. My family friend discovered url by browsing Bing. Close, but not quite There are some added particulars you need to have to know to pass the BSCI exam and get 1 step closer to the CCNP exam, and a single of those includes RIP update packet authentication. You happen to be familiar with some advantages of using RIPv2 more than RIPv1, support for VLSM chief amongst them. But one particular benefit that youre not introduced to in your CCNA studies is the potential to configure routing update packet authentication. You have two possibilities, clear text and MD5. Clear text is just that - a clear text password that is visible by any individual who can pick a packet off the wire. If you are going to go to the trouble of configuring update authentication, you should use MD5. The MD stands for "Message Digest", and this is the algorithm that creates the hash value for the password that will be contained in the update packets. Not only should the routers agree on the password, they have to agree on the authentication method. If one particular router sends an MD5-hashed password to yet another router that is configured for clear-text authentication, the update will not be accepted. debug ip rip is a great command for troubleshooting authenticated updates. R1, R2, and R3 are running RIP more than a frame relay cloud. Right here is how RIP authentication would be configured on these three routers. R1#conf t R1config#important chain RIP The key chain can have any name. R1config-keychain#essential 1 Key chains can have multiple keys. Number them carefully when using multiples. R1config-keychain-key#crucial-string CISCO This is the text string the key will use for authentication. R1config#int s0 R1config-if#ip rip authentication mode text The interface will use clear-text mode. R1config-if#ip rip authentication crucial-chain RIP The interface is using key chain RIP, configured earlier. R2#conf t R2config#crucial chain RIP R2config-keychain#key 1 R2config-keychain-key#important-string CISCO R2config#int s0.123 R2config-subif#ip rip authentication mode text R2config-subif#ip rip authentication important-chain RIP R3#conf t R3config#essential chain RIP R3config-keychain#essential 1 R3config-keychain-crucial#important-string CISCO R3config#int s0.31 R3config-subif#ip rip authentication mode text R3config-subif#ip rip authentication essential-chain RIP To use MD5 authentication rather than clear-text, simply replace the word "text" in the ip rip authentication mode command with md5. Heres what a successfully authentication RIPv2 packet looks like, courtesy of debug ip rip. Discover more on company web site by going to our tasteful website. Clear-text authentication is in impact and the password is "cisco". 3d04h RIP received packet with text authentication cisco 3d04h RIP received v2 update from 150.1.1.three on Ethernet0 3d04h one hundred.../eight via ... in 1 hops 3d04h 150.1.two./24 by means of ... To get one more standpoint, people are able to check out the best. in 1 hops Heres what it looks like when the remote device is set for MD5 authentication and the neighborhood router is set for clear-text. Youll also see this message if the password itself is incorrect. 3d04h RIP ignored v2 packet from 150.1.1.3 invalid authentication "Debug ip rip" may be a easy command as compared to the debugs for other protocols. To read additional info, please check-out mary morrissey professional. but its also a very potent debug. Commence employing debugs as early as possible in your Cisco scientific studies to learn how router commands genuinely work.