RIP AUthentication

Hello,

 

Just finished watching RIP Authentication, and as always i was following him on my lab. When there was example of the RIP cryptography authentication (MD5) it was stated that key # is as much important to the hash as password itself, and i agree with this as i can see the on packet capture different digest between two packets. However my RIP is not failing to authenticate with its peer? Does any one run in the the same issue? Is this some sort of bug? I have clear routing table twice on both routers, config below:

R1# sh run int et0/0.146

Building configuration...

 

Current configuration : 200 bytes

!

interface Ethernet0/0.146

 encapsulation dot1Q 146

 ip address 155.1.146.1 255.255.255.0

 ip rip authentication mode md5

 ip rip authentication key-chain RIP

 ipv6 address 2001:155:1:146::1/64



R1#sh run | s key

key chain RIP

 key 1

  key-string cisco

crypto isakmp key cisco address 0.0.0.0        

 tunnel key 150

 ip rip authentication key-chain RIP




R1#sh ip route rip | i 155.1.146.6

R        150.1.6.6 [120/1] via 155.1.146.6, 00:00:01, Ethernet0/0.146

R        150.1.7.7 [120/2] via 155.1.146.6, 00:00:01, Ethernet0/0.146

R        150.1.9.9 [120/3] via 155.1.146.6, 00:00:01, Ethernet0/0.146

R        155.1.7.0/24 [120/2] via 155.1.146.6, 00:00:01, Ethernet0/0.146

R        155.1.9.0/24 [120/3] via 155.1.146.6, 00:00:01, Ethernet0/0.146

R        155.1.67.0/24 [120/1] via 155.1.146.6, 00:00:01, Ethernet0/0.146

R        155.1.79.0/24 [120/2] via 155.1.146.6, 00:00:01, Ethernet0/0.146




     155.1.108.0/24 via 0.0.0.0 in 2 hops

RIP: received packet with MD5 authentication

RIP: received v2 update from 155.1.146.6 on Ethernet0/0.146




ON R6


I see it is invalidating the routes from R1:


R6#

RIP: ignored v2 packet from 150.1.6.6 (sourced from one of our addresses)

R6#

RIP: received packet with MD5 authentication

RIP: ignored v2 packet from 155.1.146.1 (invalid authentication)

R6#




Why authentication is failing on R6 and nor R6 did anyone has anything similar ever?


Regards,


LG

Comments

  • JoeMJoeM ✭✭✭

     

    Hi Gargolek,

    For me, the next step is to match the R6 config - md5-keychain-key#-keystring.

    Does this match?   What is the R6 config?

    EDIT:   Is the R1 IOS version the same as R6? 

    ON R1:

    interface Ethernet0/0.146
              ip rip authentication mode md5
              ip rip authentication key-chain RIP

    key chain RIP
              key 1
              key-string cisco

     

    ON R6


    I see it is invalidating the routes from R1:







    RIP: received packet with MD5 authentication



    RIP: ignored v2 packet from 155.1.146.1 (invalid authentication)








    Why authentication is failing on R6 and nor R6 did anyone has anything similar ever?

     

     

Sign In or Register to comment.