Knowledge Base

Design & Configure

EIGRP: 2. How to enable EIGRP authentication

Technology: Routing
Area: IGP
Vendor: Cisco
Software: 12.X , 15.X, IP Base, IP Services
Platform: Catalyst 3560, 3750, 3850, 4500, 6500, ISR Routers

EIGRP authentication supports MD5. If enabled, routers authenticates the source of each routing update packet that they receive. Following configuration prevents intruder from establishing fake EIGRP adjacency. The consequence of fake adjacency can be for example CPU over utilization or routing table poisoning.

Define Key chain:

Router(config)#key chain KEY_CHAIN
Router(config-keychain)#key 1
Router(config-keychain-key)#key-string KEY_STRING

Enable authentication on interface level:


Router(config)#interface fastEthernet 0/1
Router(config-if)#ip authentication mode eigrp 100 md5
Router(config-if)#ip authentication key-chain eigrp 100 KEY_CHAIN

Author: Marcin Bialy
 
PreviousNext
 

Newsletter