尊敬的 微信汇率:1円 ≈ 0.046166 元 支付宝汇率:1円 ≈ 0.046257元 [退出登录]
SlideShare a Scribd company logo

Route Authentication

Kishore Kumar
Kishore Kumar

Route authentication allows routers to authenticate routing updates by exchanging passwords or keys. It prevents routers without the correct authentication from participating in the routing process. There are two main types: simple password authentication uses a shared password, while MD5 authentication uses cryptographic hashes to authenticate packets without sending the key over the wire, making it more secure. The document provides sample configurations for enabling simple password authentication on RIPv2, EIGRP and OSPF routing protocols. It also explains how to configure MD5 authentication which involves additional commands to change the authentication mode.

Education
1 of 5
Download to read offline
Route Authentication By Patrick J. Conlan
Serious and potentially catastrophic problems can occur in your network if a routing protocol failure where to happen, but as bad or worse is an attack on you routing protocol. You can prevent your router from receiving fraudulent route updates by configuring neighbor router authentication. Routing Information Protocol version two (RIPv2), Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF) routing protocols all support types of neighbor authentication. Which is also called neighbor router authentication or route authentication. Route authentication can be configured so that only routers with predefined passwords can participate in the routing process. By default, no authentication is used in routing protocols. When route authentication is configured on a router, the router authenticates each routing update packet that it receives. The router does this with the exchange of an authentication key (also called a password) that is known to both the sending and the receiving router. You can configure one of two types of authentication; either a simple password authentication (often called plain-text authentication) or MD5 authentication. Simple password authentication is supported by Integrated System- Integrated System (IS-IS), Open Shortest Path First (OSPF), and Routing Information Protocol version 2 (RIPv2). MD5 authentication is supported by OSPF, RIPv2, Border Gateway Protocol (BGP), and EIGRP. For the CCNA objectives and the topics covered in this book, we are only going to cover RIPv2, EIGRP and OSPF. Simple password authentication is just that simple. A password or key must be configured on each participating neighbor router and the key must be the same. MD5 authentication is cryptographic in its operation. By cryptographic I mean a key or password and a key ID are configured on each router. The router uses an algorithm based on the routing protocol packet, the key, and the key ID to generate a digest or hash. The hash is then appended to the packet. MD5 authentication is stronger than simple authentication because the key is never sent over the wire. This method ensures that no one can listen on the line and learn the key during transmission. For the sample configurations of each of the following routing protocols, the following figure will be the network used. RouterA RouterB S0/0/0 S0/0 Lo0 Lo0 Network 10.0.0.0/24Network 10.1.1.0/24 Network 10.2.2.0/24
The following is the configuration required for simple password authentication on Router A in the sample network. This first portion of the configuration is establishing the key chain, key and key string. The key chain is basically like a container that holds the keys to be used by the authentication process. Just like your key chain that has your house and car keys on it. On that key chain you can have multiple keys, one for the car and one for the house and so on. So in the key chain you have to define your key. The key has an ID, in my configuration I used a key ID on 1. In simple text authentication the key chain number or name and the key ID do not have to be the same on both routers, but when we get to MD5 authentication the key ID must be the same as it is used in the hash. Finally, the last this to define is what the key looks like; this would be like you deciding how many teeth are going to be on your car key. For route authentication that is called the key string. RouterA(config)#key chain ccna RouterA(config-keychain)#key 1 RouterA(config-keychain-key)#key-string ccna RouterB(config)#key chain ccna RouterB(config-keychain)#key 1 RouterB(config-keychain-key)#key-string ccna This has established all the pieces required for authentication to work; now you have to tell the router to use the keys for authentication. For each of the routing protocols that looks like this: RIPv2 RouterA(config)#int s0/0/0 RouterA(config-if)#ip rip authentication key-chain ccna RouterB(config-if)#int s0/0 RouterB(config-if)#ip rip authentication key-chain ccna EIGRP RouterA(config)#int s0/0/0 RouterA(config-if)#ip authentication key-chain eigrp 1 ccna RouterB(config)#int s0/0 RouterB(config-if)#ip authentication key-chain eigrp 1 ccna
OSPF RouterA(config)#int s0/0/0 RouterA(config-if)#ip ospf authentication-key ccna RouterB(config)#int s0/0 RouterB(config-if)#ip ospf authentication-key ccna Now you have completed the configuration for simple password authentication. The nice thing is that most of the work is already done to use MD5 authentication as well. All you have to add at this point is a command to change the mode in each of the routing protocols so that it will use the upgraded process. RIPv2 In RIPv2, you need only add this command to change the mode of authentication. Everything that we have already configured will stay the same. RouterA(config)#int s0/0/0 RouterA(config-if)#ip rip authentication mode md5 RouterB(config-if)#int s0/0 RouterB(config-if)#ip rip authentication mode md5 EIGRP In EIGRP, again everything up to now will stay the same. You just have to add this command to change the mode. RouterA(config)#int s0/0/0 RouterA(config-if)#ip authentication mode eigrp 1 md5 RouterB(config)#int s0/0 RouterB(config-if)#ip authentication mode eigrp 1 md5 OSPF In OSPF, the command to enable authentication for MD5 is not just a mode change command. Rather everything is done in one command. So the previous authentication command will be replaced by the following one for MD5 authentication. RouterA(config)#int s0/0/0
RouterA(config-if)#ip ospf message-digest-key 1 md5 ccna RouterB(config)#int s0/0 RouterB(config-if)#ip ospf message-digest-key 1 md5 ccna

Recommended

Switching Types
Switching TypesSwitching Types
Switching Types
Kishore Kumar
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
Kishore Kumar
 
Dynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPFDynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPF
Atakan ATAK
 
LAYER 2 SWITCHING
LAYER 2 SWITCHINGLAYER 2 SWITCHING
LAYER 2 SWITCHING
anilinvns
 
Day 2 IP ROUTING
Day 2 IP ROUTINGDay 2 IP ROUTING
Day 2 IP ROUTING
anilinvns
 
Day 4 LAYER 2 SWITCHING
Day 4 LAYER 2 SWITCHINGDay 4 LAYER 2 SWITCHING
Day 4 LAYER 2 SWITCHING
anilinvns
 
Rip ospf and bgp
Rip ospf and bgpRip ospf and bgp
Rip ospf and bgp
Abhishek Kesharwani
 
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
anilinvns
 

Recommended

Switching Types
Switching TypesSwitching Types
Switching Types
Kishore Kumar
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
Kishore Kumar
 
Dynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPFDynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPF
Atakan ATAK
 
LAYER 2 SWITCHING
LAYER 2 SWITCHINGLAYER 2 SWITCHING
LAYER 2 SWITCHING
anilinvns
 
Day 2 IP ROUTING
Day 2 IP ROUTINGDay 2 IP ROUTING
Day 2 IP ROUTING
anilinvns
 
Day 4 LAYER 2 SWITCHING
Day 4 LAYER 2 SWITCHINGDay 4 LAYER 2 SWITCHING
Day 4 LAYER 2 SWITCHING
anilinvns
 
Rip ospf and bgp
Rip ospf and bgpRip ospf and bgp
Rip ospf and bgp
Abhishek Kesharwani
 
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
anilinvns
 
MPLS Layer 3 VPN
MPLS Layer 3 VPN MPLS Layer 3 VPN
MPLS Layer 3 VPN
NetProtocol Xpert
 
Routing Information Protocol
Routing Information ProtocolRouting Information Protocol
Routing Information Protocol
Kashif Latif
 
CCNA ppt Day 5
CCNA ppt Day 5CCNA ppt Day 5
CCNA ppt Day 5
VISHNU N
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocol
Ameer Agel
 
IP ROUTING
IP ROUTINGIP ROUTING
IP ROUTING
anilinvns
 
network convergence problem and solutions
network convergence problem and solutionsnetwork convergence problem and solutions
network convergence problem and solutions
Siddhi Viradiya
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
KHNOG
 
Routers.ppt
Routers.pptRouters.ppt
Routers.ppt
kirbadh
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)
Respa Peter
 
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgCCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
Eric Vanderburg
 
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Vishal Sharma, Ph.D.
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path First
Atakan ATAK
 
CCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and TrunkingCCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and Trunking
Rafat Khandaker
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path First
Kashif Latif
 
Switching
SwitchingSwitching
Switching
Netwax Lab
 
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
anilinvns
 
Layer 2 & layer 3 switching
Layer 2 & layer 3 switchingLayer 2 & layer 3 switching
Layer 2 & layer 3 switching
Muhd Mu'izuddin
 
RIP (routing information protocol)
RIP (routing information protocol)RIP (routing information protocol)
RIP (routing information protocol)
Netwax Lab
 
Ospf
OspfOspf
Ospf
amit khunte
 
Ospf
OspfOspf
Ospf
ankit_saluja
 
1. Introduction
1. Introduction1. Introduction
1. Introduction
Open Source Group
 
Switching Types
Switching TypesSwitching Types
Switching Types
Kishore Kumar
 

More Related Content

What's hot

MPLS Layer 3 VPN
MPLS Layer 3 VPN MPLS Layer 3 VPN
MPLS Layer 3 VPN
NetProtocol Xpert
 
Routing Information Protocol
Routing Information ProtocolRouting Information Protocol
Routing Information Protocol
Kashif Latif
 
CCNA ppt Day 5
CCNA ppt Day 5CCNA ppt Day 5
CCNA ppt Day 5
VISHNU N
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocol
Ameer Agel
 
IP ROUTING
IP ROUTINGIP ROUTING
IP ROUTING
anilinvns
 
network convergence problem and solutions
network convergence problem and solutionsnetwork convergence problem and solutions
network convergence problem and solutions
Siddhi Viradiya
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
KHNOG
 
Routers.ppt
Routers.pptRouters.ppt
Routers.ppt
kirbadh
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)
Respa Peter
 
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgCCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
Eric Vanderburg
 
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Vishal Sharma, Ph.D.
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path First
Atakan ATAK
 
CCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and TrunkingCCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and Trunking
Rafat Khandaker
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path First
Kashif Latif
 
Switching
SwitchingSwitching
Switching
Netwax Lab
 
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
anilinvns
 
Layer 2 & layer 3 switching
Layer 2 & layer 3 switchingLayer 2 & layer 3 switching
Layer 2 & layer 3 switching
Muhd Mu'izuddin
 
RIP (routing information protocol)
RIP (routing information protocol)RIP (routing information protocol)
RIP (routing information protocol)
Netwax Lab
 
Ospf
OspfOspf
Ospf
amit khunte
 
Ospf
OspfOspf
Ospf
ankit_saluja
 

What's hot (20)

MPLS Layer 3 VPN
MPLS Layer 3 VPN MPLS Layer 3 VPN
MPLS Layer 3 VPN
 
Routing Information Protocol
Routing Information ProtocolRouting Information Protocol
Routing Information Protocol
 
CCNA ppt Day 5
CCNA ppt Day 5CCNA ppt Day 5
CCNA ppt Day 5
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocol
 
IP ROUTING
IP ROUTINGIP ROUTING
IP ROUTING
 
network convergence problem and solutions
network convergence problem and solutionsnetwork convergence problem and solutions
network convergence problem and solutions
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
 
Routers.ppt
Routers.pptRouters.ppt
Routers.ppt
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)
 
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgCCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
 
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path First
 
CCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and TrunkingCCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and Trunking
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path First
 
Switching
SwitchingSwitching
Switching
 
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
 
Layer 2 & layer 3 switching
Layer 2 & layer 3 switchingLayer 2 & layer 3 switching
Layer 2 & layer 3 switching
 
RIP (routing information protocol)
RIP (routing information protocol)RIP (routing information protocol)
RIP (routing information protocol)
 
Ospf
OspfOspf
Ospf
 
Ospf
OspfOspf
Ospf
 

Viewers also liked

1. Introduction
1. Introduction1. Introduction
1. Introduction
Open Source Group
 
Switching Types
Switching TypesSwitching Types
Switching Types
Kishore Kumar
 
CCNA presentation.
CCNA presentation.CCNA presentation.
CCNA presentation.
Ajaigururaj R
 
Ccnp course details
Ccnp course detailsCcnp course details
Ccnp course details
cisco training
 
Red Hat Training
Red Hat TrainingRed Hat Training
Red Hat Training
Open Source Group
 
RIP Update Timers
RIP Update TimersRIP Update Timers
RIP Update Timers
Kishore Kumar
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threats
Kishore Kumar
 
Ccna simulation exam practice guide
Ccna simulation exam practice guideCcna simulation exam practice guide
Ccna simulation exam practice guide
Kishore Kumar
 
OSPF 3
OSPF 3OSPF 3
OSPF 3
Kishore Kumar
 
Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of Routers
Kishore Kumar
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
Kishore Kumar
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital Network
Kishore Kumar
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of Router
Kishore Kumar
 
Multi Static Routng & Default Routing
Multi Static Routng & Default RoutingMulti Static Routng & Default Routing
Multi Static Routng & Default Routing
Kishore Kumar
 
OSPF 2
OSPF 2OSPF 2
OSPF 2
Kishore Kumar
 
Ip addressing
Ip addressingIp addressing
Ip addressing
Kishore Kumar
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
Kishore Kumar
 
Dynamic Routing RIP
Dynamic Routing RIPDynamic Routing RIP
Dynamic Routing RIP
Kishore Kumar
 
Static Routing
Static RoutingStatic Routing
Static Routing
Kishore Kumar
 
Computer networking
Computer networkingComputer networking
Computer networking
Chinmoy Jena
 

Viewers also liked (20)

1. Introduction
1. Introduction1. Introduction
1. Introduction
 
Switching Types
Switching TypesSwitching Types
Switching Types
 
CCNA presentation.
CCNA presentation.CCNA presentation.
CCNA presentation.
 
Ccnp course details
Ccnp course detailsCcnp course details
Ccnp course details
 
Red Hat Training
Red Hat TrainingRed Hat Training
Red Hat Training
 
RIP Update Timers
RIP Update TimersRIP Update Timers
RIP Update Timers
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threats
 
Ccna simulation exam practice guide
Ccna simulation exam practice guideCcna simulation exam practice guide
Ccna simulation exam practice guide
 
OSPF 3
OSPF 3OSPF 3
OSPF 3
 
Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of Routers
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital Network
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of Router
 
Multi Static Routng & Default Routing
Multi Static Routng & Default RoutingMulti Static Routng & Default Routing
Multi Static Routng & Default Routing
 
OSPF 2
OSPF 2OSPF 2
OSPF 2
 
Ip addressing
Ip addressingIp addressing
Ip addressing
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
 
Dynamic Routing RIP
Dynamic Routing RIPDynamic Routing RIP
Dynamic Routing RIP
 
Static Routing
Static RoutingStatic Routing
Static Routing
 
Computer networking
Computer networkingComputer networking
Computer networking
 

Similar to Route Authentication

Cisco Router As A Vpn Server
Cisco Router As A Vpn ServerCisco Router As A Vpn Server
Cisco Router As A Vpn Server
mmoizuddin
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2
Kris Mofu
 
Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0
Saurav Pandey
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1
milkux
 
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
Salem Trabelsi
 
Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)
Netwax Lab
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccna
ernestlithur
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccna
robertoxe
 
Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations
Kelson Silva
 
Ducat
DucatDucat
Ducat
kirti pachauri
 
acit mumbai - ospf rouitng
acit mumbai - ospf rouitng acit mumbai - ospf rouitng
acit mumbai - ospf rouitng
Sleek International
 
AAA Implementation
AAA ImplementationAAA Implementation
AAA Implementation
Ahmad El Tawil
 
Ppt of routing protocols
Ppt of routing protocolsPpt of routing protocols
Ppt of routing protocols
Bhagyashri Dhoke
 
Lan Network with Redundancy
Lan Network with RedundancyLan Network with Redundancy
Lan Network with Redundancy
Santanu Mukherjee
 
Lan Network with Redundancy.ppt
Lan Network with Redundancy.pptLan Network with Redundancy.ppt
Lan Network with Redundancy.ppt
Santanu Mukhopadhyay
 
06 tk 1073 network layer
06 tk 1073 network layer06 tk 1073 network layer
06 tk 1073 network layer
Setia Juli Irzal Ismail
 
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxAll contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
galerussel59292
 
Ccnav5.org ccna 3-v50_practice_final_exam_2014
Ccnav5.org ccna 3-v50_practice_final_exam_2014Ccnav5.org ccna 3-v50_practice_final_exam_2014
Ccnav5.org ccna 3-v50_practice_final_exam_2014
Đồng Quốc Vương
 
All About Routers: Types Of Routers, Routing Table And IP Routing : Notes
All About Routers: Types Of Routers, Routing Table And IP Routing : NotesAll About Routers: Types Of Routers, Routing Table And IP Routing : Notes
All About Routers: Types Of Routers, Routing Table And IP Routing : Notes
Subhajit Sahu
 
Sc manual
Sc manualSc manual
Sc manual
MugdhaDeodhar
 

Similar to Route Authentication (20)

Cisco Router As A Vpn Server
Cisco Router As A Vpn ServerCisco Router As A Vpn Server
Cisco Router As A Vpn Server
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2
 
Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1
 
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
 
Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccna
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccna
 
Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations
 
Ducat
DucatDucat
Ducat
 
acit mumbai - ospf rouitng
acit mumbai - ospf rouitng acit mumbai - ospf rouitng
acit mumbai - ospf rouitng
 
AAA Implementation
AAA ImplementationAAA Implementation
AAA Implementation
 
Ppt of routing protocols
Ppt of routing protocolsPpt of routing protocols
Ppt of routing protocols
 
Lan Network with Redundancy
Lan Network with RedundancyLan Network with Redundancy
Lan Network with Redundancy
 
Lan Network with Redundancy.ppt
Lan Network with Redundancy.pptLan Network with Redundancy.ppt
Lan Network with Redundancy.ppt
 
06 tk 1073 network layer
06 tk 1073 network layer06 tk 1073 network layer
06 tk 1073 network layer
 
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxAll contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
 
Ccnav5.org ccna 3-v50_practice_final_exam_2014
Ccnav5.org ccna 3-v50_practice_final_exam_2014Ccnav5.org ccna 3-v50_practice_final_exam_2014
Ccnav5.org ccna 3-v50_practice_final_exam_2014
 
All About Routers: Types Of Routers, Routing Table And IP Routing : Notes
All About Routers: Types Of Routers, Routing Table And IP Routing : NotesAll About Routers: Types Of Routers, Routing Table And IP Routing : Notes
All About Routers: Types Of Routers, Routing Table And IP Routing : Notes
 
Sc manual
Sc manualSc manual
Sc manual
 

More from Kishore Kumar

OSI Layers
OSI LayersOSI Layers
OSI Layers
Kishore Kumar
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
Kishore Kumar
 
OSPF 3
OSPF 3OSPF 3
OSPF 3
Kishore Kumar
 
OSPF 2
OSPF 2OSPF 2
OSPF 2
Kishore Kumar
 
IP Addressing
IP AddressingIP Addressing
IP Addressing
Kishore Kumar
 
Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of Routers
Kishore Kumar
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital Network
Kishore Kumar
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of Router
Kishore Kumar
 
Dynamic Routing RIP
Dynamic Routing RIPDynamic Routing RIP
Dynamic Routing RIP
Kishore Kumar
 
Rip Update Timers
Rip Update TimersRip Update Timers
Rip Update Timers
Kishore Kumar
 
Wan Interface Configuration
Wan Interface ConfigurationWan Interface Configuration
Wan Interface Configuration
Kishore Kumar
 
Switching 2
Switching 2Switching 2
Switching 2
Kishore Kumar
 
Subnetting
SubnettingSubnetting
Subnetting
Kishore Kumar
 

More from Kishore Kumar (13)

OSI Layers
OSI LayersOSI Layers
OSI Layers
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
 
OSPF 3
OSPF 3OSPF 3
OSPF 3
 
OSPF 2
OSPF 2OSPF 2
OSPF 2
 
IP Addressing
IP AddressingIP Addressing
IP Addressing
 
Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of Routers
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital Network
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of Router
 
Dynamic Routing RIP
Dynamic Routing RIPDynamic Routing RIP
Dynamic Routing RIP
 
Rip Update Timers
Rip Update TimersRip Update Timers
Rip Update Timers
 
Wan Interface Configuration
Wan Interface ConfigurationWan Interface Configuration
Wan Interface Configuration
 
Switching 2
Switching 2Switching 2
Switching 2
 
Subnetting
SubnettingSubnetting
Subnetting
 

Recently uploaded

Slides Peluncuran Amalan Pemakanan Sihat.pptx
Slides Peluncuran Amalan Pemakanan Sihat.pptxSlides Peluncuran Amalan Pemakanan Sihat.pptx
Slides Peluncuran Amalan Pemakanan Sihat.pptx
shabeluno
 
220711130097 Tulip Samanta Concept of Information and Communication Technology
220711130097 Tulip Samanta Concept of Information and Communication Technology220711130097 Tulip Samanta Concept of Information and Communication Technology
220711130097 Tulip Samanta Concept of Information and Communication Technology
Kalna College
 
pol sci Election and Representation Class 11 Notes.pdf
pol sci Election and Representation Class 11 Notes.pdfpol sci Election and Representation Class 11 Notes.pdf
pol sci Election and Representation Class 11 Notes.pdf
BiplabHalder13
 
Decolonizing Universal Design for Learning
Decolonizing Universal Design for LearningDecolonizing Universal Design for Learning
Decolonizing Universal Design for Learning
Frederic Fovet
 
Non-Verbal Communication for Tech Professionals
Non-Verbal Communication for Tech ProfessionalsNon-Verbal Communication for Tech Professionals
Non-Verbal Communication for Tech Professionals
MattVassar1
 
Post init hook in the odoo 17 ERP Module
Post init hook in the odoo 17 ERP ModulePost init hook in the odoo 17 ERP Module
Post init hook in the odoo 17 ERP Module
Celine George
 
220711130095 Tanu Pandey message currency, communication speed & control EPC ...
220711130095 Tanu Pandey message currency, communication speed & control EPC ...220711130095 Tanu Pandey message currency, communication speed & control EPC ...
220711130095 Tanu Pandey message currency, communication speed & control EPC ...
Kalna College
 
managing Behaviour in early childhood education.pptx
managing Behaviour in early childhood education.pptxmanaging Behaviour in early childhood education.pptx
managing Behaviour in early childhood education.pptx
nabaegha
 
The Science of Learning: implications for modern teaching
The Science of Learning: implications for modern teachingThe Science of Learning: implications for modern teaching
The Science of Learning: implications for modern teaching
Derek Wenmoth
 
Creating Images and Videos through AI.pptx
Creating Images and Videos through AI.pptxCreating Images and Videos through AI.pptx
Creating Images and Videos through AI.pptx
Forum of Blended Learning
 
IoT (Internet of Things) introduction Notes.pdf
IoT (Internet of Things) introduction Notes.pdfIoT (Internet of Things) introduction Notes.pdf
IoT (Internet of Things) introduction Notes.pdf
roshanranjit222
 
How to Download & Install Module From the Odoo App Store in Odoo 17
How to Download & Install Module From the Odoo App Store in Odoo 17How to Download & Install Module From the Odoo App Store in Odoo 17
How to Download & Install Module From the Odoo App Store in Odoo 17
Celine George
 
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptxCapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
CapitolTechU
 
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
ShwetaGawande8
 
220711130082 Srabanti Bag Internet Resources For Natural Science
220711130082 Srabanti Bag Internet Resources For Natural Science220711130082 Srabanti Bag Internet Resources For Natural Science
220711130082 Srabanti Bag Internet Resources For Natural Science
Kalna College
 
(T.L.E.) Agriculture: "Ornamental Plants"
(T.L.E.) Agriculture: "Ornamental Plants"(T.L.E.) Agriculture: "Ornamental Plants"
(T.L.E.) Agriculture: "Ornamental Plants"
MJDuyan
 
Science-9-Lesson-1-The Bohr Model-NLC.pptx pptx
Science-9-Lesson-1-The Bohr Model-NLC.pptx pptxScience-9-Lesson-1-The Bohr Model-NLC.pptx pptx
Science-9-Lesson-1-The Bohr Model-NLC.pptx pptx
Catherine Dela Cruz
 
Diversity Quiz Finals by Quiz Club, IIT Kanpur
Diversity Quiz Finals by Quiz Club, IIT KanpurDiversity Quiz Finals by Quiz Club, IIT Kanpur
Diversity Quiz Finals by Quiz Club, IIT Kanpur
Quiz Club IIT Kanpur
 
Creativity for Innovation and Speechmaking
Creativity for Innovation and SpeechmakingCreativity for Innovation and Speechmaking
Creativity for Innovation and Speechmaking
MattVassar1
 
Ethiopia and Eritrea Eritrea's journey has been marked by resilience and dete...
Ethiopia and Eritrea Eritrea's journey has been marked by resilience and dete...Ethiopia and Eritrea Eritrea's journey has been marked by resilience and dete...
Ethiopia and Eritrea Eritrea's journey has been marked by resilience and dete...
biruktesfaye27
 

Recently uploaded (20)

Slides Peluncuran Amalan Pemakanan Sihat.pptx
Slides Peluncuran Amalan Pemakanan Sihat.pptxSlides Peluncuran Amalan Pemakanan Sihat.pptx
Slides Peluncuran Amalan Pemakanan Sihat.pptx
 
220711130097 Tulip Samanta Concept of Information and Communication Technology
220711130097 Tulip Samanta Concept of Information and Communication Technology220711130097 Tulip Samanta Concept of Information and Communication Technology
220711130097 Tulip Samanta Concept of Information and Communication Technology
 
pol sci Election and Representation Class 11 Notes.pdf
pol sci Election and Representation Class 11 Notes.pdfpol sci Election and Representation Class 11 Notes.pdf
pol sci Election and Representation Class 11 Notes.pdf
 
Decolonizing Universal Design for Learning
Decolonizing Universal Design for LearningDecolonizing Universal Design for Learning
Decolonizing Universal Design for Learning
 
Non-Verbal Communication for Tech Professionals
Non-Verbal Communication for Tech ProfessionalsNon-Verbal Communication for Tech Professionals
Non-Verbal Communication for Tech Professionals
 
Post init hook in the odoo 17 ERP Module
Post init hook in the odoo 17 ERP ModulePost init hook in the odoo 17 ERP Module
Post init hook in the odoo 17 ERP Module
 
220711130095 Tanu Pandey message currency, communication speed & control EPC ...
220711130095 Tanu Pandey message currency, communication speed & control EPC ...220711130095 Tanu Pandey message currency, communication speed & control EPC ...
220711130095 Tanu Pandey message currency, communication speed & control EPC ...
 
managing Behaviour in early childhood education.pptx
managing Behaviour in early childhood education.pptxmanaging Behaviour in early childhood education.pptx
managing Behaviour in early childhood education.pptx
 
The Science of Learning: implications for modern teaching
The Science of Learning: implications for modern teachingThe Science of Learning: implications for modern teaching
The Science of Learning: implications for modern teaching
 
Creating Images and Videos through AI.pptx
Creating Images and Videos through AI.pptxCreating Images and Videos through AI.pptx
Creating Images and Videos through AI.pptx
 
IoT (Internet of Things) introduction Notes.pdf
IoT (Internet of Things) introduction Notes.pdfIoT (Internet of Things) introduction Notes.pdf
IoT (Internet of Things) introduction Notes.pdf
 
How to Download & Install Module From the Odoo App Store in Odoo 17
How to Download & Install Module From the Odoo App Store in Odoo 17How to Download & Install Module From the Odoo App Store in Odoo 17
How to Download & Install Module From the Odoo App Store in Odoo 17
 
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptxCapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
 
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
 
220711130082 Srabanti Bag Internet Resources For Natural Science
220711130082 Srabanti Bag Internet Resources For Natural Science220711130082 Srabanti Bag Internet Resources For Natural Science
220711130082 Srabanti Bag Internet Resources For Natural Science
 
(T.L.E.) Agriculture: "Ornamental Plants"
(T.L.E.) Agriculture: "Ornamental Plants"(T.L.E.) Agriculture: "Ornamental Plants"
(T.L.E.) Agriculture: "Ornamental Plants"
 
Science-9-Lesson-1-The Bohr Model-NLC.pptx pptx
Science-9-Lesson-1-The Bohr Model-NLC.pptx pptxScience-9-Lesson-1-The Bohr Model-NLC.pptx pptx
Science-9-Lesson-1-The Bohr Model-NLC.pptx pptx
 
Diversity Quiz Finals by Quiz Club, IIT Kanpur
Diversity Quiz Finals by Quiz Club, IIT KanpurDiversity Quiz Finals by Quiz Club, IIT Kanpur
Diversity Quiz Finals by Quiz Club, IIT Kanpur
 
Creativity for Innovation and Speechmaking
Creativity for Innovation and SpeechmakingCreativity for Innovation and Speechmaking
Creativity for Innovation and Speechmaking
 
Ethiopia and Eritrea Eritrea's journey has been marked by resilience and dete...
Ethiopia and Eritrea Eritrea's journey has been marked by resilience and dete...Ethiopia and Eritrea Eritrea's journey has been marked by resilience and dete...
Ethiopia and Eritrea Eritrea's journey has been marked by resilience and dete...
 

Route Authentication

  • 2. Serious and potentially catastrophic problems can occur in your network if a routing protocol failure where to happen, but as bad or worse is an attack on you routing protocol. You can prevent your router from receiving fraudulent route updates by configuring neighbor router authentication. Routing Information Protocol version two (RIPv2), Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF) routing protocols all support types of neighbor authentication. Which is also called neighbor router authentication or route authentication. Route authentication can be configured so that only routers with predefined passwords can participate in the routing process. By default, no authentication is used in routing protocols. When route authentication is configured on a router, the router authenticates each routing update packet that it receives. The router does this with the exchange of an authentication key (also called a password) that is known to both the sending and the receiving router. You can configure one of two types of authentication; either a simple password authentication (often called plain-text authentication) or MD5 authentication. Simple password authentication is supported by Integrated System- Integrated System (IS-IS), Open Shortest Path First (OSPF), and Routing Information Protocol version 2 (RIPv2). MD5 authentication is supported by OSPF, RIPv2, Border Gateway Protocol (BGP), and EIGRP. For the CCNA objectives and the topics covered in this book, we are only going to cover RIPv2, EIGRP and OSPF. Simple password authentication is just that simple. A password or key must be configured on each participating neighbor router and the key must be the same. MD5 authentication is cryptographic in its operation. By cryptographic I mean a key or password and a key ID are configured on each router. The router uses an algorithm based on the routing protocol packet, the key, and the key ID to generate a digest or hash. The hash is then appended to the packet. MD5 authentication is stronger than simple authentication because the key is never sent over the wire. This method ensures that no one can listen on the line and learn the key during transmission. For the sample configurations of each of the following routing protocols, the following figure will be the network used. RouterA RouterB S0/0/0 S0/0 Lo0 Lo0 Network 10.0.0.0/24Network 10.1.1.0/24 Network 10.2.2.0/24
  • 3. The following is the configuration required for simple password authentication on Router A in the sample network. This first portion of the configuration is establishing the key chain, key and key string. The key chain is basically like a container that holds the keys to be used by the authentication process. Just like your key chain that has your house and car keys on it. On that key chain you can have multiple keys, one for the car and one for the house and so on. So in the key chain you have to define your key. The key has an ID, in my configuration I used a key ID on 1. In simple text authentication the key chain number or name and the key ID do not have to be the same on both routers, but when we get to MD5 authentication the key ID must be the same as it is used in the hash. Finally, the last this to define is what the key looks like; this would be like you deciding how many teeth are going to be on your car key. For route authentication that is called the key string. RouterA(config)#key chain ccna RouterA(config-keychain)#key 1 RouterA(config-keychain-key)#key-string ccna RouterB(config)#key chain ccna RouterB(config-keychain)#key 1 RouterB(config-keychain-key)#key-string ccna This has established all the pieces required for authentication to work; now you have to tell the router to use the keys for authentication. For each of the routing protocols that looks like this: RIPv2 RouterA(config)#int s0/0/0 RouterA(config-if)#ip rip authentication key-chain ccna RouterB(config-if)#int s0/0 RouterB(config-if)#ip rip authentication key-chain ccna EIGRP RouterA(config)#int s0/0/0 RouterA(config-if)#ip authentication key-chain eigrp 1 ccna RouterB(config)#int s0/0 RouterB(config-if)#ip authentication key-chain eigrp 1 ccna
  • 4. OSPF RouterA(config)#int s0/0/0 RouterA(config-if)#ip ospf authentication-key ccna RouterB(config)#int s0/0 RouterB(config-if)#ip ospf authentication-key ccna Now you have completed the configuration for simple password authentication. The nice thing is that most of the work is already done to use MD5 authentication as well. All you have to add at this point is a command to change the mode in each of the routing protocols so that it will use the upgraded process. RIPv2 In RIPv2, you need only add this command to change the mode of authentication. Everything that we have already configured will stay the same. RouterA(config)#int s0/0/0 RouterA(config-if)#ip rip authentication mode md5 RouterB(config-if)#int s0/0 RouterB(config-if)#ip rip authentication mode md5 EIGRP In EIGRP, again everything up to now will stay the same. You just have to add this command to change the mode. RouterA(config)#int s0/0/0 RouterA(config-if)#ip authentication mode eigrp 1 md5 RouterB(config)#int s0/0 RouterB(config-if)#ip authentication mode eigrp 1 md5 OSPF In OSPF, the command to enable authentication for MD5 is not just a mode change command. Rather everything is done in one command. So the previous authentication command will be replaced by the following one for MD5 authentication. RouterA(config)#int s0/0/0
  • 5. RouterA(config-if)#ip ospf message-digest-key 1 md5 ccna RouterB(config)#int s0/0 RouterB(config-if)#ip ospf message-digest-key 1 md5 ccna
  翻译: