EIGRP Lab5 - Configuring EIGRP Authentication
【Lab objectives】
1. Understand EIGRP authentication process
2. Learn EIGRP authentication configuration
【Lab Topology】
【Lab steps】
1. Configure IP addresses of every router, and use ping command to confirm the direct interface connectivity of every router.
2. Configure on two routers EIGRP auto system number as 50
3. Check R1 and R2 routing table
R1#show ip route
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.8/30 is directly connected, Serial1/1
D 172.16.0.0/16 is a summary, 00:00:37, Null0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.1.0/24 is directly connected, Loopback0
D 10.0.0.0/8 is a summary, 00:00:37, Null0
D 192.168.1.0/24 [90/2297856] via 172.16.1.10, 00:00:09, Serial1/1
|
R2#show ip route
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.8/30 is directly connected, Serial1/0
D 172.16.0.0/16 is a summary, 00:00:53, Null0
D 10.0.0.0/8 [90/2297856] via 172.16.1.9, 00:00:51, Serial1/0
C 192.168.1.0/24 is directly connected, Loopback0
|
4. Configure EIGRP authentication
R1#configure terminal
R1(config)#key chain Bible
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string cisco
R1(config-keychain-key)#exit
R1(config-keychain)#exit
R1(config)#
R1(config)#interface serial 1/1
R1(config-if)#ip authentication key-chain eigrp 50 Bible
R1(config-if)#ip authentication mode eigrp 50 md5
R1(config-if)#end
|
5. Both routers use clear ip route * command to refresh routing table and speed up the convergence of routing table.
6. Check the routing table of R1 and R2. Observe the changes.
R1#show ip route
C 172.16.1.8/30 is directly connected, Serial1/1
D 172.16.0.0/16 is a summary, 00:00:16, Null0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.1.0/24 is directly connected, Loopback0
D 10.0.0.0/8 is a summary, 00:00:16, Null0
|
R2#show ip route
………
C 172.16.1.8/30 is directly connected, Serial1/0
D 172.16.0.0/16 is a summary, 00:02:53, Null0
C 192.168.1.0/24 is directly connected, Loopback0
|
Now R1 and R2 cannot learn route of each other. And here is feedback of R2 system:
*Mar 14 15:35:27.343: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 50: Neighbor 172.16.1.9 (Serial1/0) is up: new adjacency
*Mar 14 15:35:29.767: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 50: Neighbor 172.16.1.9 (Serial1/0) is down: Auth failure
|
7. Check R2 routing table. If authentication failed, R1 and R2 can no longer be neighbors.
R2#show ip eigrp 50 neighbors
IP-EIGRP neighbors for process 50
R2#
|
8. Configure EIGRP authentication of R2
R2#configure terminal
R2(config)#key chain Bible
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string cisco
R2(config-keychain-key)#exit
R2(config-keychain)#exit
R2(config)#interface serial 1/0
R2(config-if)#ip authentication key-chain eigrp 50 Bible
R2(config-if)#ip authentication mode eigrp 50 md5
R2(config-if)#exit
|
9. After we finish authentication configuration on R2, the system will prompt:
*Mar 14 15:46:04.071: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 50: Neighbor 172.16.1.9 (Serial1/0) is up: new adjacency
|
Meanwhile, check R2 neighbor list, we find that R1 become neighbor of R2.
R2#show ip eigrp 50 neighbors
IP-EIGRP neighbors for process 50
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.16.1.9 Se1/0 11 00:01:17 28 200 0 8
|
10. Refresh routing table again, and observe the changes on routing table of R1 and R2.
R1#show ip route
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.8/30 is directly connected, Serial1/1
D 172.16.0.0/16 is a summary, 00:08:41, Null0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.1.0/24 is directly connected, Loopback0
D 10.0.0.0/8 is a summary, 00:08:42, Null0
D 192.168.1.0/24 [90/2297856] via 172.16.1.10, 00:02:54, Serial1/1
|
R2#show ip route
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.8/30 is directly connected, Serial1/0
D 172.16.0.0/16 is a summary, 00:08:28, Null0
D 10.0.0.0/8 [90/2297856] via 172.16.1.9, 00:03:44, Serial1/0
C 192.168.1.0/24 is directly connected, Loopback0
|
11. Lab finished.
Hope to helpful for you!
|